conforme-secure.confirmation-session.gq Open in urlscan Pro
37.187.89.161 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://conforme-secure.confirmation-session.gq/
Effective URL:
https://conforme-secure.confirmation-session.gq/
Submission: On January 01 via automatic, source openphish (January 1st 2021, 1:06:44 am UTC)

Summary HTTP 234 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 16 domains to perform 234 HTTP transactions. The main IP is 37.187.89.161, located in France and belongs to OVH, FR. The main domain is conforme-secure.confirmation-session.gq.
TLS certificate: Issued by R3 on December 31st 2020. Valid for: 3 months.

This is the only time conforme-secure.confirmation-session.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Societe Generale (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 127	37.187.89.161 37.187.89.161	16276 (OVH) (OVH)
2	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	52.18.166.88 52.18.166.88	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	3.122.173.68 3.122.173.68	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2 5	184.31.90.174 184.31.90.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	109.232.197.56 109.232.197.56	50234 (EULERIAN-AS) (EULERIAN-AS)
1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2 4	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
15	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
9	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
4	52.16.216.253 52.16.216.253	16509 (AMAZON-02) (AMAZON-02)
2	80.252.91.53 80.252.91.53	15830 (EQUINIX-C...) (EQUINIX-CONNECT-EMEA)
1	18.184.108.250 18.184.108.250	16509 (AMAZON-02) (AMAZON-02)
234	21

127 37.187.89.161 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3368800.ip-37-187-89.eu

conforme-secure.confirmation-session.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

actorssl-5637.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.166.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-166-88.eu-west-1.compute.amazonaws.com

logs128.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.173.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-173-68.eu-central-1.compute.amazonaws.com

scriptsp.par.societegenerale.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.31.90.174 (Netherlands) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-90-174.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 109.232.197.56 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: sg.eulerian.net

1bva.societegenerale.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.208.38 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f38.1e100.net

10354013.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.16.216.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-216-253.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.252.91.53 (Netherlands)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.108.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-108-250.eu-central-1.compute.amazonaws.com

aweucn1.advanced-web-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
127	confirmation-session.gq 1 redirects conforme-secure.confirmation-session.gq	2 MB
24	google.com www.google.com	2 KB
17	doubleclick.net 2 redirects 10354013.fls.doubleclick.net googleads.g.doubleclick.net	16 KB
13	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	169 KB
11	google.de www.google.de	1 KB
11	google.fr www.google.fr	2 KB
7	serving-sys.com 2 redirects secure-ds.serving-sys.com bs.serving-sys.com	19 KB
6	facebook.net connect.facebook.net	62 KB
4	societegenerale.fr scriptsp.par.societegenerale.fr 1bva.societegenerale.fr	39 KB
3	googleadservices.com www.googleadservices.com	36 KB
3	bing.com bat.bing.com	9 KB
3	googletagmanager.com www.googletagmanager.com	115 KB
2	facebook.com www.facebook.com	405 B
2	xiti.com logs128.xiti.com	263 B
2	kxcdn.com actorssl-5637.kxcdn.com
1	advanced-web-analytics.com aweucn1.advanced-web-analytics.com
234	16

	Domain	Requested by
127	conforme-secure.confirmation-session.gq	1 redirects conforme-secure.confirmation-session.gq scriptsp.par.societegenerale.fr
24	www.google.com	conforme-secure.confirmation-session.gq
13	googleads.g.doubleclick.net	www.googleadservices.com conforme-secure.confirmation-session.gq
11	www.google.de	conforme-secure.confirmation-session.gq
11	www.google.fr	conforme-secure.confirmation-session.gq
6	connect.facebook.net	conforme-secure.confirmation-session.gq connect.facebook.net
5	cdn.krxd.net	conforme-secure.confirmation-session.gq cdn.krxd.net
5	secure-ds.serving-sys.com	2 redirects conforme-secure.confirmation-session.gq
4	beacon.krxd.net	cdn.krxd.net
4	consumer.krxd.net	cdn.krxd.net
4	10354013.fls.doubleclick.net	2 redirects conforme-secure.confirmation-session.gq
3	www.googleadservices.com	conforme-secure.confirmation-session.gq cdn.krxd.net
3	1bva.societegenerale.fr	conforme-secure.confirmation-session.gq 1bva.societegenerale.fr
3	bat.bing.com	conforme-secure.confirmation-session.gq
3	www.googletagmanager.com	conforme-secure.confirmation-session.gq
2	bs.serving-sys.com	secure-ds.serving-sys.com
2	www.facebook.com	conforme-secure.confirmation-session.gq
2	logs128.xiti.com	conforme-secure.confirmation-session.gq
2	actorssl-5637.kxcdn.com	conforme-secure.confirmation-session.gq
1	aweucn1.advanced-web-analytics.com	conforme-secure.confirmation-session.gq
1	scriptsp.par.societegenerale.fr	conforme-secure.confirmation-session.gq
234	21

This site contains links to these domains. Also see Links.

Domain
agences.societegenerale.fr
particuliers.societegenerale.fr
www.privatebanking.societegenerale.fr
professionnels.societegenerale.fr
entreprises.societegenerale.fr
associations.societegenerale.fr
www.societegenerale.com
careers.societegenerale.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
conforme-secure.confirmation-session.gq R3	`2020-12-31` - `2021-03-31`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2019-07-04` - `2021-09-01`	2 years	crt.sh
*.xiti.com Thawte RSA CA 2018	`2020-02-27` - `2022-05-22`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.fr GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
scriptsp.par.societegenerale.fr QuoVadis Global SSL ICA G3	`2019-07-19` - `2021-07-19`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
1bva.societegenerale.fr Sectigo RSA Domain Validation Secure Server CA	`2019-08-21` - `2021-08-20`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
*.advanced-web-analytics.com GeoTrust TLS RSA CA G1	`2020-05-31` - `2022-06-30`	2 years	crt.sh

This page contains 11 frames:

Primary Page: https://conforme-secure.confirmation-session.gq/
Frame ID: 58313D523D5543D129678A0117759477
Requests: 180 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/activityi.html
Frame ID: 1C2ADB114C0EAD894E1C1D29CAD7D356
Requests: 2 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/activityi(1).html
Frame ID: 29C2BD93C76983D7B00AC930B8594B9E
Requests: 2 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Frame ID: E8A3B74D055F2081CD90D3601C36BD0B
Requests: 27 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/saved_resource.html
Frame ID: F865BB7D1481D0AB17CB00A71A3E63AA
Requests: 1 HTTP requests in this frame

Frame: https://10354013.fls.doubleclick.net/activityi;dc_pre=CL6Fh83F-e0CFbEViwodUcIILQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=8446737055102;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Frame ID: 648EF3D8D59D94A723C60C837B4D8ABF
Requests: 1 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: DEA065072CA338BB2F7C5F5E17B50807
Requests: 17 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 9E54FFD338B1271B9AEEF151ACFAACD3
Requests: 1 HTTP requests in this frame

Frame: https://10354013.fls.doubleclick.net/activityi;dc_pre=COCBtM3F-e0CFWOSdwodQi8Hkg;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=5681441810474;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Frame ID: 67A610B3720CAE14CB5D5C0A2C771E0B
Requests: 1 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/OKrh.html?si=0&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=xframe&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&icid=160946318928918783
Frame ID: 6D6472090D8DAC95A895C7442F62A2E0
Requests: 1 HTTP requests in this frame

Frame: https://aweucn1.advanced-web-analytics.com/init/pric.html?e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&es=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&icid=160946318936190107
Frame ID: E0B13848E07413C366888032FB6970E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://conforme-secure.confirmation-session.gq/ HTTP 301
https://conforme-secure.confirmation-session.gq/ Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

234
Requests

99 %
HTTPS

45 %
IPv6

16
Domains

21
Subdomains

21
IPs

6
Countries

2553 kB
Transfer

6761 kB
Size

16
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://agences.societegenerale.fr/banque-assurance/
Title: Agences

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/icd/rvd_rva/aides_contacts/index-public.html#/home
Title: Aide et contacts

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/
Title:

Search URL Search Domain Scan URL

URL: https://www.privatebanking.societegenerale.fr/
Title: Banque privée

Search URL Search Domain Scan URL

URL: https://professionnels.societegenerale.fr/
Title: Professionnels

Search URL Search Domain Scan URL

URL: https://entreprises.societegenerale.fr/
Title: Entreprises

Search URL Search Domain Scan URL

URL: https://associations.societegenerale.fr/
Title: Associations

Search URL Search Domain Scan URL

URL: https://www.societegenerale.com/fr/accueil
Title: Groupe Société Générale

Search URL Search Domain Scan URL

URL: https://careers.societegenerale.com/
Title: Offres d’emploi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/societegenerale.france/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/sg_etvous
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/societegenerale/?hl=fr
Title:

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/tous-nos-tarifs
Title: Tarifs

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/engagements
Title: Nos engagements

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/informations-mentions-legales
Title: Informations légales

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/charte-cookies-societe-generale
Title: Charte Cookies

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/securite
Title: Sécurité

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/engagements/gestion-donnees-personnelles-rgpd
Title: Données personnelles

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://conforme-secure.confirmation-session.gq/ HTTP 301
https://conforme-secure.confirmation-session.gq/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119

https://10354013.fls.doubleclick.net/activityi;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=8446737055102;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F HTTP 302
https://10354013.fls.doubleclick.net/activityi;dc_pre=CL6Fh83F-e0CFbEViwodUcIILQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=8446737055102;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F

Request Chain 129

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/2/4932 HTTP 302
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

Request Chain 201

https://10354013.fls.doubleclick.net/activityi;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=5681441810474;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F HTTP 302
https://10354013.fls.doubleclick.net/activityi;dc_pre=COCBtM3F-e0CFWOSdwodQi8Hkg;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=5681441810474;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F

Request Chain 205

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/2/4932 HTTP 302
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

234 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
conforme-secure.confirmation-session.gq/
Redirect Chain

http://conforme-secure.confirmation-session.gq/
https://conforme-secure.confirmation-session.gq/

398 KB
117 KB

139ms
44ms

Document
text/html

37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1ea54042cfb95f54f71f67d27cda8109e03edaaae121ce49a49ee95ab1da9323

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Server: Apache/2.4.10 (Debian)
Location: https://conforme-secure.confirmation-session.gq/
Content-Length: 361
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK awt-front-BDDF.css
conforme-secure.confirmation-session.gq/init/ 97 KB
12 KB 86ms
37ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 2334cc5892b03355d16b2ffcd360aca9ff2919e4a0b4d62639dac3408b0ffdcd

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "18482-5b7c19f78dacf-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12280

GET
H/1.1 200
OK bat.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 27 KB
9 KB 317ms
31ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/bat.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "6d92-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 8474

GET
H/1.1 200
OK action Show response
conforme-secure.confirmation-session.gq/init/ 209 KB
209 KB 37ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/action
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 02ef3ae0ca1178acafd3207951db6c3481be901748416a9fd2e15f7fecfbbf6a

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3425b-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 213595

GET
H/1.1 200
OK f.txt Show response
conforme-secure.confirmation-session.gq/init/ 30 KB
12 KB 39ms
32ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f.txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "7964-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 12174

GET
H/1.1 200
OK js Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 38ms
31ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 193ff02576d65ded44a2c940a4c79a325bd987d348a638c9ef3e57a7d2fe44bd

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f96-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 98198

GET
H/1.1 200
OK js(1) Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 37ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js(1)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: f184a41e83fe0fa7657e501e40874b3e2468e3be8130be2340d4694b896c993f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f97-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 98199

GET
H/1.1 200
OK js(2) Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 31ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js(2)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 50cb9b6a0426f8ea0e044c329ec2827ae666ab88f2c6c3de461aee71eeedc858

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f95-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 98197

GET
H/1.1 200
OK js(3) Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 31ms
31ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js(3)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 21c5befb758cb3e51d21840bcdb0b4d35cf335a336b20fbca8bb16b49396766b

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f97-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 98199

GET
H/1.1 200
OK js(4) Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 32ms
32ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js(4)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0aba1ffff4efe790a910a3576c2e8b397d201fc49c5af544cccb391fd3340a2a

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f98-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 98200

GET
H/1.1 200
OK fbevents.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 89 KB
23 KB 36ms
35ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/fbevents.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "16595-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 23387

GET
H/1.1 200
OK n2g_secu.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 74 B
428 B 92ms
30ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/n2g_secu.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: cacb3216bac8abc454ab954967d6ce67cd8969def976cb47b459261efdea3bc2

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "4a-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 80

GET
H/1.1 200
OK init-configs_20201126162313.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 4 KB
1 KB 116ms
30ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/init-configs_20201126162313.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: e9b1bf49a47050d8c8b2e5798cdbb0be796e55ee6b6fc058450d891f1c81ef5f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "107e-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1157

GET
H/1.1 200
OK dca_portail_global_20201127132605.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 3 KB
2 KB 121ms
30ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/dca_portail_global_20201127132605.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0f0c9a0d3315908b1f7c15f96957b4c61b59963d5137b40c130ab6e10f8eba83

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "d62-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1200

GET
H/1.1 200
OK public-dca.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 4 KB
2 KB 123ms
30ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/public-dca.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 069f96cb554d5cf9afb0b9ad7edb382f789da3d7bd909e0e47a1c6f142841213

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "110b-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1782

GET
H/1.1 200
OK vendor_20201013181530.min.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 109 KB
38 KB 131ms
39ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/vendor_20201013181530.min.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: ea0c84249c6d3fb9c7ab3e12357104a9316a62515e0192725333f5a5d3d5c89e

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "1b455-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 39033

GET
H/1.1 200
OK gda.public.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 5 KB
2 KB 148ms
31ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/gda.public.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: deda47873b970f3f30793723271f158aa8bf0a8383016a41c5623cc63b8719ad

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "126f-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1673

GET
H/1.1 200
OK interact-lanceur.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 21 KB
7 KB 110ms
31ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/interact-lanceur.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: ebc5899ef97f2613c1f52d762fab2fae3597d86dfae1f1f51901a7d978475970

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "52f4-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7222

GET
H/1.1 200
OK index_20201013183946.min.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 251 KB
60 KB 123ms
40ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/index_20201013183946.min.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: a64d86f1fafd180096bd451dd066d77ed4a3715420e1af7f82573b6d16813218

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3ebac-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK tc_SocieteGenerale_20_20201126172020.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 173 KB
43 KB 122ms
39ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_20_20201126172020.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 36b9944367a227d50e80b8e6498f351e4c7ab4290360ae624dbb3eda9b972ab9

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2b20b-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 43377

GET
H/1.1 200
OK dmp_bridge.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 18 KB
7 KB 31ms
31ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 7432ce2d9558cdfad9fa922065edd4b052ce9d69366ccfcd08fd28cee4944f61

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "469a-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 6338

GET
H/1.1 200
OK tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 109 KB
23 KB 35ms
34ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1cd2e879a2bc431ce6bdd03338ab6d5b2be54646231a01d8b883f1ed06d643b7

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "1b576-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 23232

GET
H/1.1 200
OK index_pri_20201013141424.min.css
conforme-secure.confirmation-session.gq/init/ 217 KB
33 KB 61ms
41ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/index_pri_20201013141424.min.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: ffb0158cdc267512932acd22b13aa4f0df1652290faa987148d69f923b6cb797

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3655e-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33603

GET
H/1.1 200
OK spec56_btn_gsm_all_gcd_20201013141424.min.css
conforme-secure.confirmation-session.gq/init/ 711 B
628 B 50ms
31ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/spec56_btn_gsm_all_gcd_20201013141424.min.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0a2a772760a16e07b99ff6f6061b4d9b8c99bde4152bd0dde426d013987ef097

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2c7-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 292

GET
H/1.1 200
OK head-section_fix-gb9_16008653000000.css
conforme-secure.confirmation-session.gq/init/ 124 B
449 B 52ms
31ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/head-section_fix-gb9_16008653000000.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0d0c477e9849e1b674c4070ef22e282fe52c08b7d54018b3844a999ae8ca5c79

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "7c-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 114

GET
H/1.1 200
OK swm.main.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 762 KB
199 KB 126ms
42ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 6b3508e84845b497fe7de7c95b5565613fa4256341af4a1e96d614118f4ac5e9

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "be6cf-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK doctrans.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 55 KB
22 KB 34ms
34ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/doctrans.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1b859a247d2fec3895b0aec64bcd35fcdff5c75635a514f4818a14d0a27bb4f9

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "ddf2-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 21682

GET
H/1.1 200
OK awt-frameworks.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 196 KB
62 KB 145ms
41ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/awt-frameworks.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: fe6f751edcdcdef2f2fa677ebfeb50632396b12abd1b428c19a6f19b930ed5a4

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "30f8c-5b7c19f78dacf-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK awt-interact.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 747 KB
186 KB 145ms
40ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/awt-interact.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: cd3e2f420e0578b6dfc49e0a087eebe7c34fb44c412d71ae28d6bdbe71482c64

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "bad47-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK rootCheck.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 49 KB
18 KB 33ms
33ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/rootCheck.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 3d7e7086a0286cfca8aa269c77c12dc07dd9cb5fdedf911727d15189462e7fe1

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "c511-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 17677

GET
H/1.1 200
OK f(1).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 144ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(1).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 56aa5a35b12bc48ed6064ec1a2e38118a48017e00882bde53c8e2ed4f55b67fc

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9ce-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1090

GET
H/1.1 200
OK f(2).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 175ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(2).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: f8ab70f3116e708b14a1307483065aaf86d561c46de9ee19c188d029b52f97b0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9cc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1090

GET
H/1.1 200
OK f(3).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 180ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(3).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: d7c1b7ebef4e6c996d839f9032ada4a16056fc48d75218c0ff68b9975a47f833

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9cc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1090

GET
H/1.1 200
OK f(4).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 183ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(4).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 364bbad7da5c0db0c149ac68ff9b9248aae062459a93af8fa5e1b233131adda1

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9ce-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1091

GET
H/1.1 200
OK f(5).txt Show response
conforme-secure.confirmation-session.gq/init/ 3 KB
2 KB 193ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(5).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 19965187fdbb3f1593722e61fb1e3f26171e4bf10ac466a8af1ed6d3492afe29

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "ca0-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1243

GET
H/1.1 200
OK f(6).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 206ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(6).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 921dac444f4d12a6ad6a4d973e13655173978720e539b8a51d517545d074e03b

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9ce-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1091

GET
H/1.1 200
OK f(7).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 210ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(7).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1e94db35d45912e8b2125e47ba78c4e775c4af9357e9a498f68f845f17b0485d

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9cc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1091

GET
H/1.1 200
OK f(8).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 212ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(8).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b748e93de92cb578e0785b70bcc07d8bab67907bf0f089645b28dde03c5cffed

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9ce-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1090

GET
H/1.1 200
OK f(9).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 214ms
31ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(9).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 048bec5fa4b6a8d6955d8b8b698730e946620c2d2cc0bd0503847021301c8c77

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9cc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1090

GET
H/1.1 200
OK f(10).txt Show response
conforme-secure.confirmation-session.gq/init/ 3 KB
2 KB 224ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(10).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 43ffec558cae11ca5ecdb80cfaff480509d7bf6b9c679f2740185115596d8e6f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "cde-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1259

GET
H/1.1 200
OK skys.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 46 KB
18 KB 235ms
34ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/skys.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 87ee987122090b081ec5309f61798c116b24929f9cb42ed070e20b25649b3197

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "b8c4-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 17684

GET
H/1.1 200
OK tactic.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 52 KB
19 KB 236ms
34ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/tactic.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9f58ce64b74dd78a12a96ab8a3baab42d15e82131c988b8e78a0666b9b1198b1

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "ce0b-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 19587

GET
H/1.1 200
OK statm.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 46 KB
18 KB 239ms
33ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/statm.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b7535f97c5a636c26669922844a25c061c8bbde4b18655308b70356430b60a18

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "b7a1-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 17596

GET
H/1.1 200
OK pic2Util.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 59 KB
21 KB 243ms
33ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/pic2Util.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0aafb22b992d46be72036702e842c00f9a0ba34d1780d8426289fb21bf01fab9

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "ead2-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 21105

GET
H/1.1 200
OK protocol.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 65 KB
24 KB 246ms
34ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/protocol.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 6cc2bc8e380d3fd79e62e1b745e955c698de1456eb5f224c1b79c8c313b32401

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "10530-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24465

GET
H/1.1 200
OK random.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 54 KB
20 KB 247ms
33ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/random.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 8916863b5a9fb434907fb0e3354c12524f3e6a2c6fe12acff239df7bb9c7188c

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "d7e8-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 20360

GET
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 31ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 121

GET
H/1.1 200
OK hpeWk Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 31ms
31ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 121

GET
H/1.1 200
OK hpeWk(1) Show response
conforme-secure.confirmation-session.gq/init/ 122 B
380 B 31ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk(1)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 718a77b5368bc1aabdd38d82773c971788cbc930508eb949f1664bc813a5bbbb

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "7a-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 122

GET
H/1.1 200
OK hpeWk(2) Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 30ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk(2)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b5a5f5511c2dd368384aa82113ce950e5f455b51716631b9a7bd78388f46d64c

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 121

GET
H/1.1 200
OK hpeWk(3) Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 33ms
31ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk(3)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: dff42fc27824c65800c2671729e90622d40b31202a4c273b0039b31556f8fa65

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 121

GET
H/1.1 200
OK style.css
conforme-secure.confirmation-session.gq/init/ 166 KB
25 KB 50ms
37ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/style.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 25b86a63b1711e0badb83772b958f5dce6c81ec3148cc2114c4534a15b34cf3e

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "29788-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 25687

GET
H/1.1 200
OK loader.gif
conforme-secure.confirmation-session.gq/init/ 1 KB
2 KB 33ms
31ms Image
image/gif 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/loader.gif
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 31bf10d91090efb0932a4560d50ce0ed40e9d961374175331b008be7865142d6

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "563-5b7c19f78ea6f"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 1379

GET
H/1.1 200
OK eo2680-style.css
conforme-secure.confirmation-session.gq/init/ 2 KB
894 B 31ms
30ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/eo2680-style.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 42d1dc709aae2bded3fab89a75b78ac71ac56a5bc9938e213bb95dd47fb87fae

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "777-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 559

GET
H/1.1 200
OK securite-renforcee.png
conforme-secure.confirmation-session.gq/init/ 3 KB
4 KB 33ms
32ms Image
image/png 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/securite-renforcee.png
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0fb87a360659fde9b149b2036db331efa88b0d3d06ab319c0510480243c2bb8a

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "d84-5b7c19f78ea6f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 3460

GET
H/1.1 200
OK s-curit-renforc-e-2.png
conforme-secure.confirmation-session.gq/init/ 4 KB
4 KB 33ms
32ms Image
image/png 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/s-curit-renforc-e-2.png
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 12ad8a6fe4c03864191066da21747429eb42250696a30943f165b6bbc19ae162

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "ece-5b7c19f78ea6f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 3790

GET
H/1.1 200
OK logo-sg-seul.svg
conforme-secure.confirmation-session.gq/init/ 3 KB
3 KB 31ms
31ms Image
image/svg+xml 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/logo-sg-seul.svg
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "be2-5b7c19f78ea6f"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 3042

GET
H/1.1 200
OK js(5) Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 38ms
31ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js(5)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 6196e79a6beea903c5daccf483eae9f1052b0647cb165a9ffa0010392dc5e562

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f82-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 98178

GET
H/1.1 200
OK 0
conforme-secure.confirmation-session.gq/init/ 0
255 B 31ms
30ms Image
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/0
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "0-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 0

GET
H/1.1 200
OK 0(1)
conforme-secure.confirmation-session.gq/init/ 0
255 B 31ms
30ms Image
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/0(1)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "0-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 0

GET
H/1.1 404
Not Found dcaweb-main.js Show response
conforme-secure.confirmation-session.gq/icd/static/dcaweb-front/2.0.6/ 348 B
564 B 176ms
30ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/icd/static/dcaweb-front/2.0.6/dcaweb-main.js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/public-dca.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: a6bf99527ad5b9f3a33c9bc75ca43ae21dd804f0eec2554ae118fd708fb21e00

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 348
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found gda.js Show response
conforme-secure.confirmation-session.gq/icd/static/swm/resources/version/19.49.9/gda/sas_lgn/static/js/ 373 B
589 B 40ms
30ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/icd/static/swm/resources/version/19.49.9/gda/sas_lgn/static/js/gda.js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/gda.public.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 01ea1a63072bcb09f85ce6b7812b325703301751cfb5ab4ef2ece6a95449d8be

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 373
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found config.json Show response
conforme-secure.confirmation-session.gq/pri/static/dcaweb/ 333 B
549 B 86ms
30ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/pri/static/dcaweb/config.json?_=20210101000000
Requested by: Host:
URL: /icd/static/dcaweb-front/2.0.6/dcaweb-main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: df2309303b0a8eac62a9a55ef2823e5692caaba0accd4751b2f716a062d450d4

Request headers

Accept: application/json, text/plain, */*
Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found swm.main.js
conforme-secure.confirmation-session.gq/icd/static/swm/resources/version/19.49.9/js/ 0
0 33ms
31ms Script
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/icd/static/swm/resources/version/19.49.9/js/swm.main.js
Requested by: Host:
URL: /icd/static/swm/resources/version/19.49.9/gda/sas_lgn/static/js/gda.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=89
Content-Length: 359
Content-Type: text/html; charset=iso-8859-1

GET
H2 400 action
actorssl-5637.kxcdn.com/actor/a7a30ba0aebbae114c740a1b35adb8c7-/ 0
0 124ms
104ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://actorssl-5637.kxcdn.com/actor/a7a30ba0aebbae114c740a1b35adb8c7-/action
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_20_20201126172020.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
server: keycdn-engine
x-edge-location: defr
vary: Accept-encoding
content-type: application/javascript

GET
H2 200 hit.xiti
logs128.xiti.com/ 35 B
132 B 119ms
33ms Image
image/gif 52.18.166.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs128.xiti.com/hit.xiti?s=594119&idclient=b7a53b99-3728-420b-a95d-5d7ef678a185&ts=1609463187960&vtag=5.22.0&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=2x6x27&lng=en-US&idp=0206273634986&jv=0&at=&p=&s2=&vrn=1&x1=true&x10=/&x11=page_vue_chargee&x13=1609463187938_21850&stc=%7B%22globVars%22%3A%7B%22date_datehour%22%3A%222021-01-01_02%3A06%3A27%22%2C%22page_technicalURL%22%3A%22~%22%7D%7D&ref=

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.166.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-166-88.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:28 GMT
content-length: 35
strict-transport-security: max-age=7776000
content-type: image/gif

GET
H/1.1 200
OK print_20201013141424.min.css
conforme-secure.confirmation-session.gq/init/ 3 KB
1 KB 53ms
30ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/print_20201013141424.min.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: cbf2f9788fa5b22dd4c4428843fdd3ea68595db536cf347517da7d048d3bedcf

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "bfb-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 874

GET
H2 200 /
www.google.com/pagead/1p-user-list/1025892926/ 42 B
154 B 24ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1607019693347&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=1393713664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1025892926/ 42 B
552 B 45ms
19ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1025892926/?random=1607019693347&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=1393713664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/786705886/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786705886/?random=1607019693349&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2164052255&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/786705886/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/786705886/?random=1607019693349&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2164052255&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/958350073/ 42 B
66 B 54ms
38ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958350073/?random=1607019693351&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3927815603&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/958350073/ 42 B
108 B 25ms
23ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/958350073/?random=1607019693351&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3927815603&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 52ms
36ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1607019693352&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3949691358&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1004456575/ 42 B
108 B 23ms
20ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1004456575/?random=1607019693352&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3949691358&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 54ms
37ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1607019693354&cv=9&fst=1607018400000&num=1&userId=21c3ce817050af0fea148692f6e5ea35&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3Dparticuliers%3Bpage_name%3Duser_login_page%3Bpage_type%3DHomePage%3Bpage_theme%3DHomepage%3Bpage_category_1%3Dloginpage%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=1551197706&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1004456575/ 42 B
108 B 24ms
22ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1004456575/?random=1607019693354&cv=9&fst=1607018400000&num=1&userId=21c3ce817050af0fea148692f6e5ea35&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3Dparticuliers%3Bpage_name%3Duser_login_page%3Bpage_type%3DHomePage%3Bpage_theme%3DHomepage%3Bpage_category_1%3Dloginpage%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=1551197706&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ 42 B
530 B 50ms
34ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1607019695098&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2527754176&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1025892926/ 42 B
108 B 23ms
21ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1025892926/?random=1607019695098&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2527754176&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/786705886/ 42 B
66 B 51ms
35ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786705886/?random=1607019695102&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3590229882&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/786705886/ 42 B
108 B 24ms
22ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/786705886/?random=1607019695102&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3590229882&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 54ms
38ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1607019695109&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2634078578&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1004456575/ 42 B
108 B 22ms
20ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1004456575/?random=1607019695109&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2634078578&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 doctrans.js Show response
scriptsp.par.societegenerale.fr/978517/ 59 KB
26 KB 103ms
26ms Script
application/x-javascript 3.122.173.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scriptsp.par.societegenerale.fr/978517/doctrans.js?r=0.41642089822575845

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.173.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-122-173-68.eu-central-1.compute.amazonaws.com

Software

haile /

Resource Hash

70598d3b3a26ff9f2509808d9d4270127ffde997b476c95ecc1bd0ce50b7bc28

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
server: haile
strict-transport-security: max-age=86400
access-control-allow-methods: GET, OPTIONS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/x-javascript
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/958350073/ 42 B
66 B 52ms
36ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958350073/?random=1607019695113&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=4205784836&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/958350073/ 42 B
108 B 21ms
19ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/958350073/?random=1607019695113&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=4205784836&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 55ms
39ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1607019695118&cv=9&fst=1607018400000&num=1&userId=21c3ce817050af0fea148692f6e5ea35&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3Dparticuliers%3Bpage_name%3DMon_Profil%3A%3AConnexion%3A%3AEcran_Connexion%3Bpage_type%3DHomePage%3Bpage_theme%3DHomepage%3Bpage_category_1%3Dloginpage%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2138579787&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1004456575/ 42 B
108 B 23ms
21ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1004456575/?random=1607019695118&cv=9&fst=1607018400000&num=1&userId=21c3ce817050af0fea148692f6e5ea35&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3Dparticuliers%3Bpage_name%3DMon_Profil%3A%3AConnexion%3A%3AEcran_Connexion%3Bpage_type%3DHomePage%3Bpage_theme%3DHomepage%3Bpage_category_1%3Dloginpage%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2138579787&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found pictos-fonctionnels_20200629183129.svg
conforme-secure.confirmation-session.gq/static/Resources/img/ 0
0 32ms
30ms Other
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/static/Resources/img/pictos-fonctionnels_20200629183129.svg
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=89
Content-Length: 363
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-semibold.woff
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 32ms
32ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-semibold.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 365
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold.woff
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 44ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-bold.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:00 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 361
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-regular.woff
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 45ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-regular.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-semibold.woff2
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 31ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-semibold.woff2
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 366
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold.woff2
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 30ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-bold.woff2
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 362
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-regular.woff2
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 33ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-regular.woff2
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 365
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found new_sprite.png
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/img/ 350 B
350 B 31ms
30ms Image
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/img/new_sprite.png
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: f10f3e1f39253c9d4ee4374649f49bbdb22858f0332055c4e4de5259b624e109

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 350
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found spriteV4.png
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/img/ 348 B
348 B 33ms
31ms Image
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/img/spriteV4.png
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 3d2989ae22ced8b16ed95a8b7fa3063627d90277302b6b58c65e44b64b69684c

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 348
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-italic.otf
conforme-secure.confirmation-session.gq/fonts/ 0
0 30ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-italic.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/index_pri_20201013141424.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/index_pri_20201013141424.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found getauthinfo.json Show response
conforme-secure.confirmation-session.gq/sec/ 324 B
540 B 30ms
30ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/sec/getauthinfo.json?niv_authent=300
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: f3cbfb0993936c56d926cdae8e9896452da8f7015991704a70817816fc4702e0

Request headers

Accept: */*
Referer: https://conforme-secure.confirmation-session.gq/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 324
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found pictos-fonctionnels.svg
conforme-secure.confirmation-session.gq/static/Resources/img/ 0
0 33ms
31ms Other
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/static/Resources/img/pictos-fonctionnels.svg
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 348
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-semibold.otf
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 31ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-semibold.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold.otf
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 41ms
31ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-bold.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=89
Content-Length: 360
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-regular.otf
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 53ms
31ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-regular.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=90
Content-Length: 363
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-italic.woff
conforme-secure.confirmation-session.gq/fonts/ 0
0 49ms
31ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-italic.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/index_pri_20201013141424.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/index_pri_20201013141424.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 335
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 1f2b078702ea31bf56ae40d080459b2c.svg
conforme-secure.confirmation-session.gq/icd/static/interact-front/5.0.7//dist/ 0
0 65ms
30ms Other
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/icd/static/interact-front/5.0.7//dist/1f2b078702ea31bf56ae40d080459b2c.svg
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 378
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found swm-sign.html Show response
conforme-secure.confirmation-session.gq/swm/ 321 B
537 B 32ms
30ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/swm/swm-sign.html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1ffc4dc89ed1aa8b2a8097f2bffd3dfe37d0b80c824290db2920cba8d0408101

Request headers

Accept: */*
Referer: https://conforme-secure.confirmation-session.gq/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=90
Content-Length: 321
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found swm-log.json Show response
conforme-secure.confirmation-session.gq/swm/ 320 B
536 B 32ms
30ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/swm/swm-log.json?an_niveau=error&cl_msg=+..00%20Requ%C3%AAte%20%2Fsec%2Fgetauthinfo.json%3Fniv_authent%3D300%20rejet%C3%A9e%20avec%20erreur%20Not%20Found
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 18900ff5bb5dd79d4fc387ab09c9c55eebd75b6fa96b6b172cd844ac5557b56e

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Content-Length: 320
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK activityi.html Show response
conforme-secure.confirmation-session.gq/init/ Frame 1C2A 607 B
794 B 33ms
32ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/activityi.html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 6d2bd4fa4a43c078a03101debe04fe33fd850dd2b1af2f2293a790b549911a6e

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAyLTM1MDcyMjMzNzAiLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V120211126270.8509044079697037; AB_Test_Privacy=B; N_Testing_Privacy=10; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiN2E1M2I5OS0zNzI4LTQyMGItYTk1ZC01ZDdlZjY3OGExODUiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDE6MDY6MjcuOTUzWiIsInBhdGgiOiIvIn19; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjk3NjE0MTI2NDg5NTIzMjZ9fQ%3D%3D; _MFB_=fHwyfHx8W118fDE2MDk0NjY3ODgzMzZ8fA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
ETag: "25f-5b7c19f78dacf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 458
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK activityi(1).html Show response
conforme-secure.confirmation-session.gq/init/ Frame 29C2 607 B
794 B 32ms
31ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/activityi(1).html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b0cd10ba39008b79c2b5372a1c3bebf78ea9d6abee46e002bcb1d2a787d6068e

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAyLTM1MDcyMjMzNzAiLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V120211126270.8509044079697037; AB_Test_Privacy=B; N_Testing_Privacy=10; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiN2E1M2I5OS0zNzI4LTQyMGItYTk1ZC01ZDdlZjY3OGExODUiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDE6MDY6MjcuOTUzWiIsInBhdGgiOiIvIn19; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjk3NjE0MTI2NDg5NTIzMjZ9fQ%3D%3D; _MFB_=fHwyfHx8W118fDE2MDk0NjY3ODgzMzZ8fA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
ETag: "25f-5b7c19f78dacf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 458
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK dmp_bridge.html Show response
conforme-secure.confirmation-session.gq/init/ Frame E8A3 37 KB
11 KB 41ms
32ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: a6c006153cf157bcd6f53f1f80a27f0b28987a86a5be166c6b53953799e18f66

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAyLTM1MDcyMjMzNzAiLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V120211126270.8509044079697037; AB_Test_Privacy=B; N_Testing_Privacy=10; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiN2E1M2I5OS0zNzI4LTQyMGItYTk1ZC01ZDdlZjY3OGExODUiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDE6MDY6MjcuOTUzWiIsInBhdGgiOiIvIn19; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjk3NjE0MTI2NDg5NTIzMjZ9fQ%3D%3D; _MFB_=fHwyfHx8W118fDE2MDk0NjY3ODgzMzZ8fA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
ETag: "95ce-5b7c19f78ea6f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10949
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK saved_resource.html Show response
conforme-secure.confirmation-session.gq/init/ Frame F865 187 B
501 B 60ms
30ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/saved_resource.html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 19e4a6a12289dba1a13b23131f4dc85ad68836d08cffca540b91d654de9b492f

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAyLTM1MDcyMjMzNzAiLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V120211126270.8509044079697037; AB_Test_Privacy=B; N_Testing_Privacy=10; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiN2E1M2I5OS0zNzI4LTQyMGItYTk1ZC01ZDdlZjY3OGExODUiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDE6MDY6MjcuOTUzWiIsInBhdGgiOiIvIn19; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjk3NjE0MTI2NDg5NTIzMjZ9fQ%3D%3D; _MFB_=fHwyfHx8W118fDE2MDk0NjY3ODgzMzZ8fA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
ETag: "bb-5b7c19f78ea6f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 166
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1004456575

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58d5cea0a1910c305f8196581ff7cba7a42d78e978100e08eb5ab4200e6b6395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38977
x-xss-protection: 0
last-modified: Fri, 01 Jan 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 2021 01:06:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1025892926&l=dataLayer&cx=c

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e80f3d36e361a203127a8e75bbae947798cdea30de31eae0486ac153548c27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39040
x-xss-protection: 0
last-modified: Fri, 01 Jan 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 2021 01:06:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 22ms
19ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-786705886&l=dataLayer&cx=c

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14190b95d2c64835a3a813ef53c1791e34b26d39932d1b8f5907c739ee5af04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38986
x-xss-protection: 0
last-modified: Fri, 01 Jan 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 2021 01:06:28 GMT

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 71ms
22ms Script
application/javascript 184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=757
accept-ranges: bytes
content-length: 15848

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 47ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 5DE8796CE8E04C1E8DD2BD147F9E3F27 Ref B: FRAEDGE1212 Ref C: 2021-01-01T01:06:28Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 93 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e3d667300d887a2e5a37802c0507531c5b2beb6de7ac143b6ecfee9025c0cae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23963
x-fb-rlafr: 0
pragma: public
x-fb-debug: FeAdTPYL8e4eogArA+aCRFP1lKoyHMeWIu3Uyv066PyP1wypMq/5Dk6h3hFd3nFfzO5VXoGq4SpduLqeTDmuxQ==
x-fb-trip-id: 436667874
x-frame-options: DENY
date: Fri, 01 Jan 2021 01:06:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ngqbv313.js Show response
1bva.societegenerale.fr/ 35 KB
12 KB 188ms
35ms Script
application/javascript 109.232.197.56
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1bva.societegenerale.fr/ngqbv313.js

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.197.56 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

sg.eulerian.net

Software

EWS /

Resource Hash

b348d7a8f3d2aef69a2b98d8627a16b031dd53491d2b90af3bf6499ce1097800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:06:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: EWS
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3600, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Keep-Alive: timeout=4
Content-Length: 12354
X-XSS-Protection: 0
Expires: Fri, 01 Jan 2021 02:06:28 GMT

GET
H2 200 873080639448770 Show response
connect.facebook.net/signals/config/ 25 KB
8 KB 71ms
70ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/873080639448770?v=2.9.29&r=stable

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/fbevents.js.t%C3%A9l%C3%A9chargement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4c3e1320a0696f8173bd2eada9b860560d9756316ac82249b3924ebe5a21f5b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Ed1LDwv16KHDv3PujhePhwXXYffcccbvLrQ421VhGaZ3Q3ppDgKOmZItgLwBAKKtpEu4BbdPzDbI0+hEmWHpDA==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 01 Jan 2021 01:06:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 706893505
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 83ms
31ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/js(4)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Jan 2021 01:06:28 GMT

GET
H3-Q050

200

activityi;dc_pre=CL6Fh83F-e0CFbEViwodUcIILQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=8446737055102;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-sess...
10354013.fls.doubleclick.net/ Frame 648E
Redirect Chain

https://10354013.fls.doubleclick.net/activityi;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=8446737055102;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-s...
https://10354013.fls.doubleclick.net/activityi;dc_pre=CL6Fh83F-e0CFbEViwodUcIILQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=8446737055102;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2...

0
0

74ms
45ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10354013.fls.doubleclick.net/activityi;dc_pre=CL6Fh83F-e0CFbEViwodUcIILQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=8446737055102;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10354013.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CL6Fh83F-e0CFbEViwodUcIILQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=8446737055102;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://conforme-secure.confirmation-session.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jan 2021 01:06:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 403
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 01-Jan-2021 01:21:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jan 2021 01:06:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10354013.fls.doubleclick.net/activityi;dc_pre=CL6Fh83F-e0CFbEViwodUcIILQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=8446737055102;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 404
Not Found sourcesanspro-semibold.woff
conforme-secure.confirmation-session.gq/fonts/ 0
0 31ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-semibold.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold.woff
conforme-secure.confirmation-session.gq/fonts/ 0
0 33ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-bold.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found swm-log.json Show response
conforme-secure.confirmation-session.gq/swm/ 320 B
536 B 31ms
31ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/swm/swm-log.json?an_niveau=error&cl_msg=!/.00%20Requ%C3%AAte%20%2Fswm%2Fswm-sign.html%20rejet%C3%A9e%20avec%20erreur%20Not%20Found
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 18900ff5bb5dd79d4fc387ab09c9c55eebd75b6fa96b6b172cd844ac5557b56e

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Content-Length: 320
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found awtConfig.js Show response
conforme-secure.confirmation-session.gq/icd/interact/ 329 B
545 B 30ms
30ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/icd/interact/awtConfig.js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/interact-lanceur.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 5f39c97a5d41431187cf6f8d3c1c6cab7c46fbd2ee20febedd470e56043f3d41

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-regular.woff
conforme-secure.confirmation-session.gq/fonts/ 0
0 30ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-regular.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=85
Content-Length: 336
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-it.woff
conforme-secure.confirmation-session.gq/fonts/ 0
0 31ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-it.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 331
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-semibold.otf
conforme-secure.confirmation-session.gq/fonts/ 0
0 30ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-semibold.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=90
Content-Length: 336
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold.otf
conforme-secure.confirmation-session.gq/fonts/ 0
0 31ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-bold.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 332
Content-Type: text/html; charset=iso-8859-1

GET
H2 204 0
bat.bing.com/action/ 0
147 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5500232&Ver=2&mid=4ef5b6d4-cdd3-4020-a9d6-3f22984e0023&sid=93dab7404bcd11eb98c6fb8a1de151ea&vid=93dad5504bcd11ebba254b6743902f6e&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&p=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&r=&lt=962&evt=pageLoad&msclkid=N&sv=1&rn=537337
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: AA6FB01735064C32BFB76E9AC168985D Ref B: FRAEDGE1212 Ref C: 2021-01-01T01:06:28Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

OneTagDefaultConfig.json Show response
secure-ds.serving-sys.com/BurstingCachedScripts/
Redirect Chain

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/2/4932
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

11 B
199 B

23ms
23ms

XHR
application/json

184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/3.0
Resource Hash: 9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
last-modified: Tue, 19 Dec 2017 08:44:56 GMT
server: Microsoft-IIS/8.5
x-powered-by: ARR/3.0
etag: "5a9573a5a578d31:0"
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11
expires: Mon, 31 Dec 2035 00:00:00 GMT

Redirect headers

location: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
date: Fri, 01 Jan 2021 01:06:29 GMT
server: AkamaiGHost
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0

GET
H2 200 error
connect.facebook.net//log/ 0
0 50ms
49ms Image
text/html 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=next&e=Error%3A%20cookie%20not%20stored%20properly&s=Error%3A%20cookie%20not%20stored%20properly%0A%20%20%20%20at%20C%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F873080639448770%3Fv%3D2.9.29%26r%3Dstable%3A21%3A5431)%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F873080639448770%3Fv%3D2.9.29%26r%3Dstable%3A21%3A5786)%0A%20%20%20%20at%20H%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F873080639448770%3Fv%3D2.9.29%26r%3Dstable%3A21%3A6228)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F873080639448770%3Fv%3D2.9.29%26r%3Dstable%3A21%3A6905)%0A%20%20%20%20at%20https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ffbevents.js.t%25C3%25A9l%25C3%25A9chargement%3A23%3A6282%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ffbevents.js.t%25C3%25A9l%25C3%25A9chargement%3A23%3A63306)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ffbevents.js.t%25C3%25A9l%25C3%25A9chargement%3A23%3A6209)%0A%20%20%20%20at%20pa%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ffbevents.js.t%25C3%25A9l%25C3%25A9chargement%3A26%3A9347)%0A%20%20%20%20at%20%24%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ffbevents.js.t%25C3%25A9l%25C3%25A9chargement%3A26%3A9985)%0A%20%20%20%20at%20Function.Z%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ffbevents.js.t%25C3%25A9l%25C3%25A9chargement%3A26%3A8768)&ue=0&rs=canary&rqm=FGET
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=873080639448770&ev=PageView&dl=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&rl=&if=false&ts=1609463188608&cd[content_category]=tagco&cd[dmp_id_tag]=Kw6K3cJw&cd[dmp_id_segment]=&cd[env_market]=&cd[page_name]=&cd[page_type]=&cd[page_category_1]=&cd[page_category_2]=&cd[page_category_3]=&cd[product_name_trade]=&cd[product_category_1]=&cd[product_category_2]=&cd[product_category_3]=&sw=1600&sh=1200&v=next&r=canary&ec=0&o=28&ttf=1084.1649969816208&tts=1060.8349976837635&ttse=1082.2599990069866&fbp=fb.1.1609463188606.489393883&it=1609463188429&coo=false&rqm=GET

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 01 Jan 2021 01:06:28 GMT

GET
H/1.1 404
Not Found sourcesanspro-regular.otf
conforme-secure.confirmation-session.gq/fonts/ 0
0 31ms
31ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-regular.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=85
Content-Length: 335
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/ 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/?random=1609463188611&cv=9&fst=1609463188611&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2d5b8c288c9a04f0b641a139ac2176b90378aacf0f8ac9c4dbbe19dfe2b7855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dc_pre=CM_-ifG2su0CFX0NBgAdR4EN2Q
conforme-secure.confirmation-session.gq/init/ Frame 29C2 42 B
299 B 31ms
30ms Image
image/gif 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/dc_pre=CM_-ifG2su0CFX0NBgAdR4EN2Q
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/activityi(1).html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/activityi(1).html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2a-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 42

GET
H/1.1 200
OK dc_pre=CPXWm_C2su0CFWwWBgAdbTAHCw
conforme-secure.confirmation-session.gq/init/ Frame 1C2A 42 B
299 B 31ms
30ms Image
image/gif 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/dc_pre=CPXWm_C2su0CFWwWBgAdbTAHCw
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/activityi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/activityi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2a-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 42

GET
H/1.1 200
OK fbevents.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ Frame E8A3 89 KB
23 KB 82ms
36ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/fbevents.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "16595-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 23387

GET
H/1.1 200
OK 38802cd4-fc8e-4cc2-8ee8-42750d852201 Show response
conforme-secure.confirmation-session.gq/init/ Frame E8A3 225 B
483 B 45ms
42ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/38802cd4-fc8e-4cc2-8ee8-42750d852201
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 2f4d67d216cb9eb9add56b0a9931fda4c46d7c3f79481ef2fecaabfac91f9ffe

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "e1-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 225

GET
H/1.1 200
OK 38802cd4-fc8e-4cc2-8ee8-42750d852201(1) Show response
conforme-secure.confirmation-session.gq/init/ Frame E8A3 225 B
483 B 45ms
42ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/38802cd4-fc8e-4cc2-8ee8-42750d852201(1)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: e30e57a42d27bcee51206f5ab291f5a51f579d4e5992f2acece00062db35dcf8

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "e1-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 225

GET
H/1.1 200
OK get Show response
conforme-secure.confirmation-session.gq/init/ Frame E8A3 253 B
511 B 44ms
41ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/get
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 848f658b2bf78c8fe2335b2d53678639932f7838abbb7ab2d5916edc867c62af

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "fd-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 253

GET
H/1.1 200
OK 38802cd4-fc8e-4cc2-8ee8-42750d852201(2) Show response
conforme-secure.confirmation-session.gq/init/ Frame E8A3 225 B
483 B 58ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/38802cd4-fc8e-4cc2-8ee8-42750d852201(2)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c7437d1039eb9cef6f2b48233ad3f46fd216ae6b81e4b63390e0a9bb10cd1b74

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "e1-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 225

GET
H/1.1 200
OK optout_check Show response
conforme-secure.confirmation-session.gq/init/ Frame E8A3 83 B
340 B 60ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/optout_check
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: eea9224712ace0e0753af1fc6db610143551bfa7227d8e4b6e2e3e5941c9b4a8

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "53-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 83

GET
H/1.1 200
OK controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
conforme-secure.confirmation-session.gq/init/ Frame E8A3 259 KB
82 KB 42ms
41ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "40cfc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87

GET
H/1.1 200
OK Kw6K3cJw.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ Frame E8A3 26 KB
7 KB 33ms
32ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/Kw6K3cJw.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 345d608a01842c47b698da2449e244db26c8fc34f23062aa4e5c15a8409e1613

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "6919-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 7065

GET
H/1.1 200
OK f(11).txt Show response
conforme-secure.confirmation-session.gq/init/ Frame E8A3 30 KB
12 KB 62ms
32ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(11).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "7679-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 11865

GET
H/1.1 200
OK f(12).txt Show response
conforme-secure.confirmation-session.gq/init/ Frame E8A3 2 KB
1 KB 76ms
31ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(12).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9ab7a60a4a1240934bba8f69b945c8f4d7cfc912907362f2760cd3f16bb3d344

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "959-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 1100

GET
H/1.1 404
Not Found sourcesanspro-it.otf
conforme-secure.confirmation-session.gq/fonts/ 0
0 31ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-it.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 330
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/786705886/ 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786705886/?random=1609463188621&cv=9&fst=1609463188621&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c18d9d61c43824add438820a22d49c45219bd41ede26b749d9a040b132bd4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/?random=1609463188622&cv=9&fst=1609463188622&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3600a157ff0cfee66b9880d8e8bece7ea1d20ea276e1c4adb816e7630f7cff8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/ 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/?random=1609463188623&cv=9&fst=1609463188623&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3D%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

039f95a1cd011149fb2eb4079e8b4152eadb9c4b4e420fbf6e9ef78168f3d8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1146
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/958350073/ 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958350073/?random=1609463188624&cv=9&fst=1609463188624&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

593fc8c9d5e43501363f3ac1811726ea8528434b924a610fdc1267f6e4e2f4d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 295634171 Show response
1bva.societegenerale.fr/col646a/-/ 1 B
705 B 461ms
461ms Script
application/x-javascript 109.232.197.56
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1bva.societegenerale.fr/col646a/-/295634171?sd=24&product_category=autre&tc_container_22_version=74.40&fra=0&page_type=other&urlp=conforme-secure.confirmation-session.gq%2F&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&product_subcategory_1=autre&event_type=page_load&ss=1600x1200&

Requested by

Host: 1bva.societegenerale.fr
URL: https://1bva.societegenerale.fr/ngqbv313.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.197.56 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

sg.eulerian.net

Software

EWS /

Resource Hash

36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Fri, 01 Jan 2021 01:06:29 GMT
X-Content-Type-Options: nosniff
Server: EWS
P3P: policyref="http://1bva.societegenerale.fr/w3c/p3p.xml",CP="NOI DSP COR NID ADMa DEVa OUR IND UNI"
Strict-Transport-Security: max-age=604800
Content-Type: application/x-javascript
Cache-Control: max-age=0, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Keep-Alive: timeout=4
Content-Length: 1
X-XSS-Protection: 0

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ 42 B
66 B 31ms
30ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1609463188611&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=599594521&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1025892926/ 42 B
154 B 19ms
19ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1025892926/?random=1609463188611&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=599594521&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/786705886/ 42 B
66 B 20ms
18ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786705886/?random=1609463188621&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=644233192&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/786705886/ 42 B
66 B 62ms
47ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/786705886/?random=1609463188621&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=644233192&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 20ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1609463188622&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=90634310&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1004456575/ 42 B
66 B 62ms
48ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1004456575/?random=1609463188622&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=90634310&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 19ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1609463188623&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3D%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=197695994&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1004456575/ 42 B
530 B 59ms
47ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1004456575/?random=1609463188623&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3D%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=197695994&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/958350073/ 42 B
66 B 24ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958350073/?random=1609463188624&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=189026124&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/958350073/ 42 B
66 B 59ms
47ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/958350073/?random=1609463188624&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=189026124&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/ Frame E8A3 2 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/?random=1609463188710&cv=9&fst=1609463188710&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/f(11).txt

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ef4bb32d5b130e5bf49a119722728fc31970f94b602b2250e83ee43074624d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1050
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ Frame E8A3 42 B
66 B 45ms
44ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1607019695415&cv=9&fst=1607018400000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=krux_segments%3D&frm=2&url=https%3A%2F%2Fstatic.societegenerale.fr%2Fpri%2Fstatic%2Fdmsa%2Fiframe%2Fdmp_bridge.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=750928520&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.fr/pagead/1p-user-list/1025892926/ Frame E8A3 42 B
530 B 75ms
31ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1025892926/?random=1607019695415&cv=9&fst=1607018400000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=krux_segments%3D&frm=2&url=https%3A%2F%2Fstatic.societegenerale.fr%2Fpri%2Fstatic%2Fdmsa%2Fiframe%2Fdmp_bridge.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=750928520&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
conforme-secure.confirmation-session.gq/init/ Frame DEA0 1 KB
1 KB 40ms
39ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9503857c71db72bf77bce905db734b5ab572d433b6b7547bafb847aa6042167d

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAyLTM1MDcyMjMzNzAiLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V120211126270.8509044079697037; AB_Test_Privacy=B; N_Testing_Privacy=10; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiN2E1M2I5OS0zNzI4LTQyMGItYTk1ZC01ZDdlZjY3OGExODUiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDE6MDY6MjcuOTUzWiIsInBhdGgiOiIvIn19; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjk3NjE0MTI2NDg5NTIzMjZ9fQ%3D%3D; _MFB_=fHwyfHx8W118fDE2MDk0NjY3ODgzMzZ8fA==; compteurPagesVues=1; _gcl_au=1.1.1462844265.1609463188; _uetsid=93dab7404bcd11eb98c6fb8a1de151ea; _uetvid=93dad5504bcd11ebba254b6743902f6e; _fbp=fb.1.1609463188606.489393883
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
ETag: "522-5b7c19f78ea6f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 818
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ Frame E8A3 259 KB
83 KB 75ms
22ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/Kw6K3cJw.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
age: 6712795
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 3557573
content-length: 84451
x-served-by: cache-hhn4065-HHN
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1609463189.818866,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ Frame E8A3 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1609463188710&cv=9&fst=1609462800000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=2868154645&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/1025892926/ Frame E8A3 0
0

GET
H/1.1 200
OK 38802cd4-fc8e-4cc2-8ee8-42750d852201(2) Show response
conforme-secure.confirmation-session.gq/init/ Frame DEA0 225 B
483 B 31ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/38802cd4-fc8e-4cc2-8ee8-42750d852201(2)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c7437d1039eb9cef6f2b48233ad3f46fd216ae6b81e4b63390e0a9bb10cd1b74

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "e1-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 225

GET
H/1.1 200
OK controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
conforme-secure.confirmation-session.gq/init/ Frame DEA0 259 KB
82 KB 42ms
42ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "40cfc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82

GET
H/1.1 200
OK Kw6K3cJw.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ Frame DEA0 26 KB
7 KB 32ms
31ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/Kw6K3cJw.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 5af4af7ff6c657586349a7a52a3ecac9bc51bf8baed02b93bfbe4f2c85ca56a2

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "6919-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 7065

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ Frame DEA0 259 KB
83 KB 28ms
28ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/Kw6K3cJw.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 01 Jan 2021 01:06:28 GMT
content-encoding: gzip
age: 6712795
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 3557574
content-length: 84451
x-served-by: cache-hhn4065-HHN
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1609463189.847546,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 9E54 0
0 22ms
22ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 01 Jan 2021 01:06:28 GMT
via: 1.1 varnish
age: 8561700
x-served-by: cache-hhn4065-HHN
x-cache: HIT
x-cache-hits: 807388
x-timer: S1609463189.936960,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 38802cd4-fc8e-4cc2-8ee8-42750d852201 Show response
consumer.krxd.net/consent/get/ Frame E8A3 240 B
432 B 94ms
47ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/38802cd4-fc8e-4cc2-8ee8-42750d852201?idt=device&dt=kxcookie&callback=Krux.ns.socgenprod.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de8d7634f73863ed57dae3a0909df9cbb9343f698eb194f53df7c44c336ac23f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a005-dub-prod.krxd.net, cache-hhn4066-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609463189.993028,VS0,VE25
content-length: 193
x-cache-hits: 0, 1

GET
H2 200 38802cd4-fc8e-4cc2-8ee8-42750d852201 Show response
consumer.krxd.net/consent/get/ Frame DEA0 240 B
264 B 58ms
47ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/38802cd4-fc8e-4cc2-8ee8-42750d852201?idt=device&dt=kxcookie&callback=Krux.ns.socgenprod.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de8d7634f73863ed57dae3a0909df9cbb9343f698eb194f53df7c44c336ac23f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a005-dub-prod.krxd.net, cache-hhn4066-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609463189.993383,VS0,VE25
content-length: 193
x-cache-hits: 0, 1

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame DEA0 83 B
243 B 105ms
35ms Script
text/javascript 52.16.216.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.socgenprod.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.216.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-216-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9f2cb46e88c6a804c9b7cce18b174d8d70561ca7f128a9f61ed3dbb36c697dc6

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=39 t=1609463189
x-served-by: beacon-n008-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ Frame DEA0 347 B
514 B 120ms
120ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=38802cd4-fc8e-4cc2-8ee8-42750d852201&technographics=1&callback=Krux.ns.socgenprod.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 75d3456367750693ff25098e0357a59816bd74dd1701348886dc27d83c897173

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a010-ash-prod.krxd.net, cache-hhn4065-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609463189.048424,VS0,VE98
content-length: 269
x-cache-hits: 0, 1

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame E8A3 83 B
242 B 103ms
35ms Script
text/javascript 52.16.216.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.socgenprod.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.216.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-216-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9f2cb46e88c6a804c9b7cce18b174d8d70561ca7f128a9f61ed3dbb36c697dc6

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=34 t=1609463189
x-served-by: beacon-n016-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ Frame E8A3 347 B
341 B 168ms
168ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=38802cd4-fc8e-4cc2-8ee8-42750d852201&technographics=1&callback=Krux.ns.socgenprod.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 75d3456367750693ff25098e0357a59816bd74dd1701348886dc27d83c897173

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a010-ash-prod.krxd.net, cache-hhn4065-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609463189.051317,VS0,VE95
content-length: 269
x-cache-hits: 0, 1

GET
H3-Q050 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame DEA0 30 KB
12 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Jan 2021 01:06:29 GMT

GET
H3-Q050 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame E8A3 30 KB
12 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Jan 2021 01:06:29 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/ Frame E8A3 2 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/?random=1609463189111&cv=9&fst=1609463188710&num=2&label=uhG_CLCgz3oQvsSX6QM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e22e6b8eb7d323ea613c32c129b47d9cc886952f8aadface0951f6e39821d099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1072
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 38802cd4-fc8e-4cc2-8ee8-42750d852201 Show response
consumer.krxd.net/consent/get/ Frame E8A3 225 B
284 B 51ms
51ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/38802cd4-fc8e-4cc2-8ee8-42750d852201?idt=device&dt=kxcookie&callback=Krux.ns.socgenprod.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f482ac603b47a8631808a04e8f1d94a5e2bcd2e70960606405a1b70839d959da

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a007-dub-prod.krxd.net, cache-hhn4066-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609463189.123981,VS0,VE29
content-length: 184
x-cache-hits: 0, 1

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 320 B
1 KB 92ms
23ms Script
text/html 80.252.91.53
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=4932&dispType=js&sync=0&sessionid=4607883769783255124&pageurl=$$https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F$$&activityValues=$$Session%3D6833992210809726770$$&acp=$$camp_source_prospect%3D%2F$$&ns=0&rnd=8771484254089041
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 80.252.91.53 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: a3164b2b4a25b8a3a603478bbc3311b1be16edd40478a075f2b0bdb6a103713a

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Jan 2021 01:06:56 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 249
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/ Frame DEA0 2 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/?random=1609463189123&cv=9&fst=1609463189123&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fdmp_bridge.html&tiba=Proxy&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d45663b818a7476c6276384b2522678d6695b1d420eb8bc3e76682046a341b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 38802cd4-fc8e-4cc2-8ee8-42750d852201 Show response
consumer.krxd.net/consent/get/ Frame DEA0 225 B
244 B 39ms
39ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/38802cd4-fc8e-4cc2-8ee8-42750d852201?idt=device&dt=kxcookie&callback=Krux.ns.socgenprod.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f482ac603b47a8631808a04e8f1d94a5e2bcd2e70960606405a1b70839d959da

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a007-dub-prod.krxd.net, cache-hhn4066-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609463189.136383,VS0,VE17
content-length: 184
x-cache-hits: 0, 1

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ Frame E8A3 42 B
89 B 21ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1609463189111&cv=9&fst=1609462800000&num=2&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=2761338509&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/1025892926/ Frame E8A3 0
0

GET fbevents.js
connect.facebook.net/en_US/ Frame E8A3 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame DEA0 90 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23470
x-fb-rlafr: 0
pragma: public
x-fb-debug: EFij7Iw9hhpZfOlIEP0l9oqMKoV2djyxxUEKHQdjZ3flomXCE4Eo0f6JFkvPJ780XVSB7xKyMjifoIjj1ZamwQ==
x-fb-trip-id: 436667874
x-frame-options: DENY
date: Fri, 01 Jan 2021 01:06:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ Frame DEA0 42 B
66 B 21ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1609463189123&cv=9&fst=1609462800000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fdmp_bridge.html&tiba=Proxy&fmt=3&is_vtc=1&random=4100633861&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1025892926/ Frame DEA0 42 B
89 B 20ms
18ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1025892926/?random=1609463189123&cv=9&fst=1609462800000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fdmp_bridge.html&tiba=Proxy&fmt=3&is_vtc=1&random=4100633861&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 873080639448770 Show response
connect.facebook.net/signals/config/ Frame DEA0 27 KB
8 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/873080639448770?v=2.9.31&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a50502a32a50f668e2d0ca6d1d6ed9d4f8618019308fe0c39a2df17919a6c770

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 7793
x-fb-rlafr: 0
pragma: public
x-fb-debug: U/swjfTkxzV8IXSQKvx0EbHcQPZxTgFB9EtoysbhXtS7AQyH1ObM8KmDDEpBYxwoTEsHxtB57wcUv4JrDCFlBA==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 01 Jan 2021 01:06:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 706893505
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame DEA0 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=873080639448770&ev=PageView&dl=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html&rl=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fdmp_bridge.html&if=true&ts=1609463189222&sw=1600&sh=1200&v=2.9.31&r=stable&a=tmsalesforce&ec=0&o=28&fbp=fb.1.1609463188606.489393883&it=1609463189189&coo=false&rqm=GET

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 01 Jan 2021 01:06:29 GMT

GET
H2 400 action
actorssl-5637.kxcdn.com/actor/a7a30ba0aebbae114c740a1b35adb8c7-/ 0
0 107ms
107ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://actorssl-5637.kxcdn.com/actor/a7a30ba0aebbae114c740a1b35adb8c7-/action
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_20_20201126172020.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
server: keycdn-engine
x-edge-location: defr
vary: Accept-encoding
content-type: application/javascript

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/ 2 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/?random=1609463189245&cv=9&fst=1609463189245&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f69268e639d26e514a84125d6b86d94b6ebb031f9c9d252f9fb2839a7c9bf19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/786705886/ 2 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786705886/?random=1609463189247&cv=9&fst=1609463189247&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e06c309c9ef318bd216d1e8e7758fc90b8f2ddf7369f04b8adf239b5c1512fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/ 2 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/?random=1609463189251&cv=9&fst=1609463189251&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0920eee8fb7f5b47538acf8d58b7e2123577c44d46642da1c37844bb066a627a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/958350073/ 2 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958350073/?random=1609463189253&cv=9&fst=1609463189253&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5070ed2f8bd67c0fd2468a1ca00d0e211359c50d38df9ed311fc7e0a8f9dcc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/ 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/?random=1609463189256&cv=9&fst=1609463189256&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3DMon_Profil%3A%3AConnexion%3A%3AEcran_Connexion%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72dfc8713972baf3bf986600cab05b24a67eb50704797cc748942ee9ba710590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

activityi;dc_pre=COCBtM3F-e0CFWOSdwodQi8Hkg;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=5681441810474;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-sess...
10354013.fls.doubleclick.net/ Frame 67A6
Redirect Chain

https://10354013.fls.doubleclick.net/activityi;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=5681441810474;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-s...
https://10354013.fls.doubleclick.net/activityi;dc_pre=COCBtM3F-e0CFWOSdwodQi8Hkg;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=5681441810474;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2...

0
0

65ms
64ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10354013.fls.doubleclick.net/activityi;dc_pre=COCBtM3F-e0CFWOSdwodQi8Hkg;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=5681441810474;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10354013.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COCBtM3F-e0CFWOSdwodQi8Hkg;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=5681441810474;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://conforme-secure.confirmation-session.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmi5Nvjf5DhuLhFoWRlSh_8SfSLiCoNWP7ph49TsB1aP2aJvSk9euBKBCAf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jan 2021 01:06:29 GMT
expires: Fri, 01 Jan 2021 01:06:29 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 348
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jan 2021 01:06:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10354013.fls.doubleclick.net/activityi;dc_pre=COCBtM3F-e0CFWOSdwodQi8Hkg;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=5681441810474;gtm=2odb41;auiddc=1462844265.1609463188;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 1246109967 Show response
1bva.societegenerale.fr/col646a/-/ 1 B
418 B 30ms
30ms Script
application/x-javascript 109.232.197.56
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1bva.societegenerale.fr/col646a/-/1246109967?url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&urlp=conforme-secure.confirmation-session.gq%2F&ss=1600x1200&event_type=virtual_page&page_type=other&fra=0&page_name=mon_profil%3A%3Aconnexion%3A%3Aecran_connexion&product_subcategory_1=autre&product_category=autre&tc_container_22_version=74.40&sd=24&

Requested by

Host: 1bva.societegenerale.fr
URL: https://1bva.societegenerale.fr/ngqbv313.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.197.56 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

sg.eulerian.net

Software

EWS /

Resource Hash

36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Fri, 01 Jan 2021 01:06:29 GMT
X-Content-Type-Options: nosniff
Server: EWS
Strict-Transport-Security: max-age=604800
Content-Type: application/x-javascript
Cache-Control: max-age=0, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Keep-Alive: timeout=4
Content-Length: 1
X-XSS-Protection: 0

GET
H2 200 hit.xiti
logs128.xiti.com/ 35 B
131 B 33ms
32ms Image
image/gif 52.18.166.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs128.xiti.com/hit.xiti?s=594119&idclient=b7a53b99-3728-420b-a95d-5d7ef678a185&ts=1609463189243&vtag=5.22.0&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=2x6x29&lng=en-US&idp=0206298099508&jv=0&at=&p=Mon_Profil::Connexion::Ecran_Connexion&s2=&x1=true&x8=mon_profil::connexion::ecran_connexion&x10=/&x11=page_vue_chargee&x12=/&x13=1609463189228_42978&x14=b7a53b99-3728-420b-a95d-5d7ef678a185&stc=%7B%22globVars%22%3A%7B%22date_datehour%22%3A%222021-01-01_02%3A06%3A29%22%2C%22page_currentAT%22%3A%22mon_profil%3A%3Aconnexion%3A%3Aecran_connexion%22%2C%22page_technicalURL%22%3A%22~%22%7D%7D&ref=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.166.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-166-88.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
content-length: 35
strict-transport-security: max-age=7776000
content-type: image/gif

GET
H2 200 error
connect.facebook.net//log/ 0
0 79ms
78ms Image
text/html 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=next&e=Error%3A%20Duplicate%20Pixel%20ID%3A%20873080639448770.&s=Error%3A%20Duplicate%20Pixel%20ID%3A%20873080639448770.%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ffbevents.js.t%25C3%25A9l%25C3%25A9chargement%3A23%3A38123)%0A%20%20%20%20at%20Function.Y%20%5Bas%20init%5D%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ffbevents.js.t%25C3%25A9l%25C3%25A9chargement%3A26%3A7728)%0A%20%20%20%20at%20Function.X%20%5Bas%20callMethod%5D%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ffbevents.js.t%25C3%25A9l%25C3%25A9chargement%3A26%3A3530)%0A%20%20%20%20at%20f.fbq%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ftc_SocieteGenerale_22.js.t%25C3%25A9l%25C3%25A9chargement%3A243%3A210)%0A%20%20%20%20at%20Function.executeTag147_3967_22%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ftc_SocieteGenerale_22.js.t%25C3%25A9l%25C3%25A9chargement%3A194%3A1016)%0A%20%20%20%20at%20Array.%3Canonymous%3E%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ftc_SocieteGenerale_22.js.t%25C3%25A9l%25C3%25A9chargement%3A11%3A31664)%0A%20%20%20%20at%20Object.tC.event.virtual_page%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ftc_SocieteGenerale_22.js.t%25C3%25A9l%25C3%25A9chargement%3A11%3A34002)%0A%20%20%20%20at%20tmsReload%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ftc_SocieteGenerale_20_20201126172020.js.t%25C3%25A9l%25C3%25A9chargement%3A25%3A180)%0A%20%20%20%20at%20Object.tms.trackEvent%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Ftc_SocieteGenerale_20_20201126172020.js.t%25C3%25A9l%25C3%25A9chargement%3A41%3A1)%0A%20%20%20%20at%20Object.t%20(https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fswm.main.js.t%25C3%25A9l%25C3%25A9chargement%3A39%3A303055)&ue=1&rs=canary&rqm=FGET
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

OneTagDefaultConfig.json Show response
secure-ds.serving-sys.com/BurstingCachedScripts/
Redirect Chain

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/2/4932
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

11 B
199 B

25ms
22ms

XHR
application/json

184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/3.0
Resource Hash: 9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
last-modified: Tue, 19 Dec 2017 08:44:56 GMT
server: Microsoft-IIS/8.5
x-powered-by: ARR/3.0
etag: "5a9573a5a578d31:0"
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11
expires: Mon, 31 Dec 2035 00:00:00 GMT

Redirect headers

location: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
date: Fri, 01 Jan 2021 01:06:29 GMT
server: AkamaiGHost
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0

GET
H2 204 0
bat.bing.com/action/ 0
115 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5500232&Ver=2&mid=32f6ba8e-e9c7-4469-88ca-e2b3597343cc&sid=93dab7404bcd11eb98c6fb8a1de151ea&vid=93dad5504bcd11ebba254b6743902f6e&vids=0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&p=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&r=&lt=1822&evt=pageLoad&msclkid=N&sv=1&rn=223063
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: C17A7982B705467CBC404F820AC38A72 Ref B: FRAEDGE1212 Ref C: 2021-01-01T01:06:29Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 31ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI1JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmglMjIlM0ElMjIlMjIlMkMlMjJlJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMjIlMkMlMjJkbSUyMiUzQXRydWUlN0QlN0QlNUQ%3D&cid=5&si=0&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=iua_fylpmmvpravq&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/statm.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:02 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 121

GET
H/1.1 200
OK hpeWk Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 31ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBMjgyNDczNDQ2JTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTElMkMlMjJ0cyUyMiUzQTE2MDk0NjMxODklMkMlMjJyYW5kJTIyJTNBNzI2MTMwJTdEJTdEJTVE&cid=8&si=1&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=ckgfpabtetd_iopv&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/random.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:02 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 121

GET
H/1.1 404
Not Found hpeWk
conforme-secure.confirmation-session.gq/false/ 0
0 31ms
31ms Script
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/false/hpeWk?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNiUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMkYlMjIlMkMlMjJ0JTIyJTNBJTIycnMlMjIlN0QlN0QlNUQ%3D&cid=16&si=2&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=mbbpz_rlchnebvlm&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/doctrans.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:02 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=83
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found hpeWk
conforme-secure.confirmation-session.gq/false/ 0
0 31ms
30ms Script
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/false/hpeWk?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNiUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMkYlMjIlMkMlMjJ0JTIyJTNBJTIycnMlMjIlN0QlN0QlNUQ%3D&cid=16&si=2&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=khokrmnlygtzgg_o&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: scriptsp.par.societegenerale.fr
URL: https://scriptsp.par.societegenerale.fr/978517/doctrans.js?r=0.41642089822575845
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:02 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found OKrh.html Show response
conforme-secure.confirmation-session.gq/init/ Frame 6D64 318 B
534 B 31ms
30ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/OKrh.html?si=0&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=xframe&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&icid=160946318928918783
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/statm.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 87fcdb7130b8d594441c4d7fef24598d959746c9c42c71094fefb3a709dfa541

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAyLTM1MDcyMjMzNzAiLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V120211126270.8509044079697037; AB_Test_Privacy=B; N_Testing_Privacy=10; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; _MFB_=fHwyfHx8W118fDE2MDk0NjY3ODgzMzZ8fA==; _gcl_au=1.1.1462844265.1609463188; _fbp=fb.1.1609463188606.489393883; compteurPagesVues=2; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiN2E1M2I5OS0zNzI4LTQyMGItYTk1ZC01ZDdlZjY3OGExODUiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDE6MDY6MjkuMjM2WiIsInBhdGgiOiIvIn19; _uetsid=93dab7404bcd11eb98c6fb8a1de151ea; _uetvid=93dad5504bcd11ebba254b6743902f6e; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjk3NjE0MTI2NDg5NTIzMjZ9LCJzcmNmIjp7InBzZCI6eyIzMTc3NzEwOTM1Ijp7InAiOiJodHRwczovL2NvbmZvcm1lLXNlY3VyZS5jb25maXJtYXRpb24tc2Vzc2lvbi5ncS8iLCJmayI6InJhbmRvbS5qcyIsInRhayI6Ik4vQSIsImJjYiI6WyIyIl0sIm1mIjpbImR1bW15Rm9ybSJdLCJyZXAiOnsiYmNiIjpbXSwibWYiOltdfX19fSwic2QiOm51bGwsInNkYyI6bnVsbCwiciI6Ii8ifQ%3D%3D; __gdic=kjdktsvklapz787v49p
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

Date: Fri, 01 Jan 2021 01:07:02 GMT
Server: Apache/2.4.10 (Debian)
Content-Length: 318
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

POST
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 66ms
66ms XHR
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU?cid=6&si=1&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=ajax&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/pic2Util.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 01 Jan 2021 01:07:02 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 121

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/786705886/ 42 B
66 B 20ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786705886/?random=1609463189247&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3840503195&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/786705886/ 42 B
66 B 22ms
21ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/786705886/?random=1609463189247&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3840503195&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/958350073/ 42 B
66 B 22ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958350073/?random=1609463189253&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2515671090&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/958350073/ 42 B
66 B 25ms
23ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/958350073/?random=1609463189253&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2515671090&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1609463189251&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=751656544&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1004456575/ 42 B
66 B 24ms
22ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1004456575/?random=1609463189251&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=751656544&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1609463189245&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=1910743462&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1025892926/ 42 B
66 B 22ms
21ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1025892926/?random=1609463189245&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=1910743462&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1609463189256&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3DMon_Profil%3A%3AConnexion%3A%3AEcran_Connexion%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2492462099&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1004456575/ 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1004456575/?random=1609463189256&cv=9&fst=1609462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3DMon_Profil%3A%3AConnexion%3A%3AEcran_Connexion%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2492462099&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ Frame DEA0 0
337 B 35ms
34ms Image
text/plain 52.16.216.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=Kw6K3cJw&_kpid=38802cd4-fc8e-4cc2-8ee8-42750d852201&_kcp_s=socgen%20production&_kcp_d=conforme-secure.confirmation-session.gq&_knifr=1&_kpref_=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fdmp_bridge.html&_kua_kx_tz=-60&geo_country=nl&geo_region=nh&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2083&_kua_kx_tech_manufacturer=Apple%20Inc.&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Mac%20OS%20X&_kua_kx_geo_country=nl&_kua_kx_geo_region=nh&_kua_kx_whistle=1&_kpa_url_path_1=init&_kpa_url_path_2=proxy.3d2100fd7107262ecb55ce6847f01fa5.html&_kpa_domain=confirmation-session.gq&_kpa_isSecureContext=true&_kpa_isSecureSite=false&t_navigation_type=0&t_dns=0&t_tcp=0&t_http_request=-1&t_http_response=3&t_content_ready=89&t_window_load=321&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=vv0myyzv6&userdata_user=N24rsD-k%2Cvv0myyzv6&sview=1&kplt0=26164&kplt1=23708&kplt2=23709&kplt3=26163&kplt4=26170&kplt5=28365&kplt6=33235&kplt7=33491&kplt8=36231&kplt9=43312&kplt10=44331&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F38802cd4-fc8e-4cc2-8ee8-42750d852201%2C62%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C108%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C121%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F38802cd4-fc8e-4cc2-8ee8-42750d852201%2C41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.216.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-216-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=49 t=1609463189
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 pixel.gif
beacon.krxd.net/ Frame E8A3 0
337 B 35ms
35ms Image
text/plain 52.16.216.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=Kw6K3cJw&_kpid=38802cd4-fc8e-4cc2-8ee8-42750d852201&_kcp_s=socgen%20production&_kcp_d=conforme-secure.confirmation-session.gq&_knifr=1&_kpref_=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&_kua_kx_tz=-60&geo_country=nl&geo_region=nh&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2083&_kua_kx_tech_manufacturer=Apple%20Inc.&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Mac%20OS%20X&_kua_kx_geo_country=nl&_kua_kx_geo_region=nh&_kua_kx_whistle=0&_kpa_url_path_1=init&_kpa_url_path_2=dmp_bridge.html&_kpa_domain=confirmation-session.gq&_kpa_isSecureContext=true&_kpa_isSecureSite=false&t_navigation_type=0&t_dns=0&t_tcp=0&t_http_request=-1&t_http_response=2&t_content_ready=358&t_window_load=682&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=vv0myyzv6&userdata_user=N24rsD-k%2Cvv0myyzv6&sview=2&kplt0=26164&kplt1=23708&kplt2=23709&kplt3=26163&kplt4=26170&kplt5=28365&kplt6=33235&kplt7=33491&kplt8=36231&kplt9=43312&kplt10=44331&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F38802cd4-fc8e-4cc2-8ee8-42750d852201%2C96%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C105%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C179%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F38802cd4-fc8e-4cc2-8ee8-42750d852201%2C54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.216.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-216-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=146 t=1609463189
x-served-by: beacon-n010-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pric.html
aweucn1.advanced-web-analytics.com/init/ Frame E0B1 0
0 92ms
24ms Document
text/html 18.184.108.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aweucn1.advanced-web-analytics.com/init/pric.html?e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&es=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&icid=160946318936190107
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/protocol.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.108.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-108-250.eu-central-1.compute.amazonaws.com
Software: haile /
Resource Hash

Request headers

:method: GET
:authority: aweucn1.advanced-web-analytics.com
:scheme: https
:path: /init/pric.html?e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&es=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&icid=160946318936190107
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://conforme-secure.confirmation-session.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

date: Fri, 01 Jan 2021 01:06:29 GMT
content-type: text/html
content-length: 0
server: haile
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 320 B
1 KB 23ms
23ms Script
text/html 80.252.91.53
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=4932&dispType=js&sync=0&sessionid=7951815198330701559&pageurl=$$https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F$$&activityValues=$$Session%3D6833992210809726770$$&acp=$$camp_source_prospect%3D%2F$$&ns=0&rnd=8600803266738273
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 80.252.91.53 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: f89fb7053654624cad63cd19e12c1668680b4266897663934b275f275bc8a84e

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Jan 2021 01:06:56 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 248
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 31ms
31ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyOSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJuYW1lJTIyJTNBJTIyVHlwZUVycm9yJTIyJTJDJTIybWVzc2FnZSUyMiUzQSUyMkNhbm5vdCUyMHJlYWQlMjBwcm9wZXJ0eSUyMCcxNSclMjBvZiUyMG51bGwlMjIlMkMlMjJ0cmFjZSUyMiUzQSUyMiUyMCUyMCUyMCUyMGF0JTIwT2JqZWN0LmNlJTIwKGh0dHBzJTNBJTJGJTJGY29uZm9ybWUtc2VjdXJlLmNvbmZpcm1hdGlvbi1zZXNzaW9uLmdxJTJGaW5pdCUyRnBpYzJVdGlsLmpzLnQlMjVDMyUyNUE5bCUyNUMzJTI1QTljaGFyZ2VtZW50JTNBMSUzQTM4MDU2KSUyMiUyQyUyMmhhc2hfaWQlMjIlM0ElMjI1MzFjMGE4ZTE1ZDQxZmM1MjVkNmQyMGRmYWIxODE5ZWFkNWQ4NTZiMGUzZDRhNzU5MWMzNTM0NjQwOTQ5MThjJTIyJTdEJTdEJTVE&cid=29&si=1&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=lo_pxsygb_sbzxrz&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/pic2Util.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:02 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 121

GET
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 30ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIzNCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZCUyMiUzQSU3QiUyMnBzZCUyMiUzQSU3QiUyMjMxNzc3MTA5MzUlMjIlM0ElN0IlMjJwJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMkYlMjIlMkMlMjJmayUyMiUzQSUyMnJhbmRvbS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyMiUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTIyZHVtbXlGb3JtJTIyJTVEJTJDJTIycmVwJTIyJTNBJTdCJTIyYmNiJTIyJTNBJTVCJTVEJTJDJTIybWYlMjIlM0ElNUIlNUQlN0QlN0QlN0QlN0QlN0QlN0QlNUQ%3D&cid=34&si=2&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=porxnxtdmlctturp&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/skys.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:03 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 121

GET
H/1.1 200
OK hpeWk Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 31ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIzNCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZCUyMiUzQSU3QiUyMnBzZCUyMiUzQSU3QiUyMjMxNzc3MTA5MzUlMjIlM0ElN0IlMjJwJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMkYlMjIlMkMlMjJmayUyMiUzQSUyMnJhbmRvbS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyMiUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTIyZHVtbXlGb3JtJTIyJTVEJTJDJTIycmVwJTIyJTNBJTdCJTIyYmNiJTIyJTNBJTVCJTVEJTJDJTIybWYlMjIlM0ElNUIlNUQlN0QlN0QlN0QlN0QlN0QlN0QlNUQ%3D&cid=34&si=1&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=iirvsfluailqxecp&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/random.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:03 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 121

POST
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 68ms
67ms XHR
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU?cid=6&si=1&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=ajax&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/pic2Util.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 01 Jan 2021 01:07:03 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 121

POST
H/1.1 200
OK hpeWk Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 31ms
31ms XHR
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk?cid=13&si=0&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=ajax&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/protocol.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 01 Jan 2021 01:07:04 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 121

GET
H/1.1 200
OK hpeWk Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 31ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyOSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJuYW1lJTIyJTNBJTIyVHlwZUVycm9yJTIyJTJDJTIybWVzc2FnZSUyMiUzQSUyMkNhbm5vdCUyMHJlYWQlMjBwcm9wZXJ0eSUyMCcxNSclMjBvZiUyMG51bGwlMjIlMkMlMjJ0cmFjZSUyMiUzQSUyMiUyMCUyMCUyMCUyMGF0JTIwT2JqZWN0LmNNJTIwKGh0dHBzJTNBJTJGJTJGY29uZm9ybWUtc2VjdXJlLmNvbmZpcm1hdGlvbi1zZXNzaW9uLmdxJTJGaW5pdCUyRnByb3RvY29sLmpzLnQlMjVDMyUyNUE5bCUyNUMzJTI1QTljaGFyZ2VtZW50JTNBMSUzQTM4MTE5KSUyMiUyQyUyMmhhc2hfaWQlMjIlM0ElMjIzZDRlM2IzYzQ2YjE0MWE4ZjlkMDBhMTNmODkyY2QyMDkwMDE4NTgxNDZiZGJjNGY5YjUyN2RlZjgzNWJhMzVmJTIyJTdEJTdEJTVE&cid=29&si=0&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=cppvmvtlevuwthfo&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/protocol.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 01:07:04 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 121

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/1025892926/?random=1609463188710&cv=9&fst=1609462800000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=2868154645&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/1025892926/?random=1609463189111&cv=9&fst=1609462800000&num=2&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=2761338509&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Societe Generale (Banking)

395 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.krxd.net/	1970-01-19 19:23:35	Name: _kuid_ Value: N24rsD-k
conforme-secure.confirmation-session.gq/	1970-01-20 00:36:03	Name: atuserid Value: eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiN2E1M2I5OS0zNzI4LTQyMGItYTk1ZC01ZDdlZjY3OGExODUiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDE6MDY6MjkuMjM2WiIsInBhdGgiOiIvIn19
.doubleclick.net/	1970-01-20 00:25:59	Name: IDE Value: AHWqTUmi5Nvjf5DhuLhFoWRlSh_8SfSLiCoNWP7ph49TsB1aP2aJvSk9euBKBCAf
.confirmation-session.gq/	1969-12-31 23:59:59	Name: compteurPagesVues Value: 2
.confirmation-session.gq/	1970-01-19 17:13:59	Name: _fbp Value: fb.1.1609463188606.489393883
.confirmation-session.gq/	1970-01-19 17:13:59	Name: _gcl_au Value: 1.1.1462844265.1609463188
conforme-secure.confirmation-session.gq/	1969-12-31 23:59:59	Name: LSESSIONID Value: jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg
.confirmation-session.gq/	1970-01-19 15:27:47	Name: _uetvid Value: 93dad5504bcd11ebba254b6743902f6e
conforme-secure.confirmation-session.gq/	1970-01-19 23:42:47	Name: _MFB_ Value: fHwyfHx8W118fDE2MDk0NjY3ODgzMzZ8fA==
.confirmation-session.gq/	1969-12-31 23:59:59	Name: tcSessionId Value: V120211126270.8509044079697037
conforme-secure.confirmation-session.gq/	1970-01-20 00:25:59	Name: atidvisitor Value: eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==
conforme-secure.confirmation-session.gq/	1969-12-31 23:59:59	Name: ___so978517 Value: eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjk3NjE0MTI2NDg5NTIzMjZ9fQ%3D%3D
.confirmation-session.gq/	1969-12-31 23:59:59	Name: N_Testing_Privacy Value: 10
.confirmation-session.gq/	1969-12-31 23:59:59	Name: AB_Test_Privacy Value: B
.confirmation-session.gq/	1970-01-19 15:05:49	Name: _uetsid Value: 93dab7404bcd11eb98c6fb8a1de151ea
.confirmation-session.gq/	1970-01-19 15:47:35	Name: tc_xtors Value: eyJmb3JtSWQiOiIyMDIxMDEwMTAyLTM1MDcyMjMzNzAiLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://conforme-secure.confirmation-session.gq/init/public-dca.js.t%C3%A9l%C3%A9chargement(Line 1) Message: [dcaApi] : impossible de charger le script /icd/static/dcaweb-front/2.0.6/dcaweb-main.js Erreur : status=404
console-api	error	URL: https://conforme-secure.confirmation-session.gq/init/public-dca.js.t%C3%A9l%C3%A9chargement(Line 1) Message: [dcaApi] : api null ou vide
console-api	error	URL: /icd/static/dcaweb-front/2.0.6/dcaweb-main.js(Line 43) Message: [error] [dcaApi] fetchAndInitConfig error Erreur lors de l'appel du service /pri/static/dcaweb/config.json?_=20210101000000 : Request failed with status code 404
console-api	warning	URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement(Line 39) Message: @babel/polyfill is loaded more than once on this page. This is probably not desirable/intended and may have consequences if different versions of the polyfills are applied sequentially. If you do need to load the polyfill more than once, use @babel/polyfill/noConflict instead to bypass the warning.
console-api	error	URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement(Line 39) Message: [error] Requête /sec/getauthinfo.json?niv_authent=300 rejetée avec erreur Not Found
console-api	warning	URL: https://conforme-secure.confirmation-session.gq/init/interact-lanceur.js.t%C3%A9l%C3%A9chargement(Line 1) Message: [warning] Interact container already added, should not be appended
console-api	error	URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement(Line 39) Message: [error] Requête /swm/swm-sign.html rejetée avec erreur Not Found
console-api	error	URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement(Line 39) Message: 2 log service requests on error reached, log requested disabled
console-api	warning	URL: https://conforme-secure.confirmation-session.gq/init/fbevents.js.t%C3%A9l%C3%A9chargement(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 873080639448770.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10354013.fls.doubleclick.net
1bva.societegenerale.fr
actorssl-5637.kxcdn.com
aweucn1.advanced-web-analytics.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
cdn.krxd.net
conforme-secure.confirmation-session.gq
connect.facebook.net
consumer.krxd.net
googleads.g.doubleclick.net
logs128.xiti.com
scriptsp.par.societegenerale.fr
secure-ds.serving-sys.com
www.facebook.com
www.google.com
www.google.de
www.google.fr
www.googleadservices.com
www.googletagmanager.com
connect.facebook.net
www.google.de
109.232.197.56
151.101.114.133
172.217.18.162
18.184.108.250
184.31.90.174
216.58.208.38
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:814::2004
2a00:1450:4001:817::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a0b:4d07:101::1
3.122.173.68
37.187.89.161
52.16.216.253
52.18.166.88
80.252.91.53
01ea1a63072bcb09f85ce6b7812b325703301751cfb5ab4ef2ece6a95449d8be
02ef3ae0ca1178acafd3207951db6c3481be901748416a9fd2e15f7fecfbbf6a
039f95a1cd011149fb2eb4079e8b4152eadb9c4b4e420fbf6e9ef78168f3d8c8
048bec5fa4b6a8d6955d8b8b698730e946620c2d2cc0bd0503847021301c8c77
069f96cb554d5cf9afb0b9ad7edb382f789da3d7bd909e0e47a1c6f142841213
0920eee8fb7f5b47538acf8d58b7e2123577c44d46642da1c37844bb066a627a
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
0a2a772760a16e07b99ff6f6061b4d9b8c99bde4152bd0dde426d013987ef097
0aafb22b992d46be72036702e842c00f9a0ba34d1780d8426289fb21bf01fab9
0aba1ffff4efe790a910a3576c2e8b397d201fc49c5af544cccb391fd3340a2a
0d0c477e9849e1b674c4070ef22e282fe52c08b7d54018b3844a999ae8ca5c79
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
0f0c9a0d3315908b1f7c15f96957b4c61b59963d5137b40c130ab6e10f8eba83
0fb87a360659fde9b149b2036db331efa88b0d3d06ab319c0510480243c2bb8a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12ad8a6fe4c03864191066da21747429eb42250696a30943f165b6bbc19ae162
14190b95d2c64835a3a813ef53c1791e34b26d39932d1b8f5907c739ee5af04e
16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5
18900ff5bb5dd79d4fc387ab09c9c55eebd75b6fa96b6b172cd844ac5557b56e
193ff02576d65ded44a2c940a4c79a325bd987d348a638c9ef3e57a7d2fe44bd
19965187fdbb3f1593722e61fb1e3f26171e4bf10ac466a8af1ed6d3492afe29
19e4a6a12289dba1a13b23131f4dc85ad68836d08cffca540b91d654de9b492f
1b859a247d2fec3895b0aec64bcd35fcdff5c75635a514f4818a14d0a27bb4f9
1cd2e879a2bc431ce6bdd03338ab6d5b2be54646231a01d8b883f1ed06d643b7
1e3d667300d887a2e5a37802c0507531c5b2beb6de7ac143b6ecfee9025c0cae
1e94db35d45912e8b2125e47ba78c4e775c4af9357e9a498f68f845f17b0485d
1ea54042cfb95f54f71f67d27cda8109e03edaaae121ce49a49ee95ab1da9323
1ffc4dc89ed1aa8b2a8097f2bffd3dfe37d0b80c824290db2920cba8d0408101
21c5befb758cb3e51d21840bcdb0b4d35cf335a336b20fbca8bb16b49396766b
2334cc5892b03355d16b2ffcd360aca9ff2919e4a0b4d62639dac3408b0ffdcd
25b86a63b1711e0badb83772b958f5dce6c81ec3148cc2114c4534a15b34cf3e
2d45663b818a7476c6276384b2522678d6695b1d420eb8bc3e76682046a341b3
2f4d67d216cb9eb9add56b0a9931fda4c46d7c3f79481ef2fecaabfac91f9ffe
31bf10d91090efb0932a4560d50ce0ed40e9d961374175331b008be7865142d6
345d608a01842c47b698da2449e244db26c8fc34f23062aa4e5c15a8409e1613
3600a157ff0cfee66b9880d8e8bece7ea1d20ea276e1c4adb816e7630f7cff8f
364bbad7da5c0db0c149ac68ff9b9248aae062459a93af8fa5e1b233131adda1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36b9944367a227d50e80b8e6498f351e4c7ab4290360ae624dbb3eda9b972ab9
3d2989ae22ced8b16ed95a8b7fa3063627d90277302b6b58c65e44b64b69684c
3d7e7086a0286cfca8aa269c77c12dc07dd9cb5fdedf911727d15189462e7fe1
42d1dc709aae2bded3fab89a75b78ac71ac56a5bc9938e213bb95dd47fb87fae
43ffec558cae11ca5ecdb80cfaff480509d7bf6b9c679f2740185115596d8e6f
4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
5070ed2f8bd67c0fd2468a1ca00d0e211359c50d38df9ed311fc7e0a8f9dcc22
50cb9b6a0426f8ea0e044c329ec2827ae666ab88f2c6c3de461aee71eeedc858
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
56aa5a35b12bc48ed6064ec1a2e38118a48017e00882bde53c8e2ed4f55b67fc
58d5cea0a1910c305f8196581ff7cba7a42d78e978100e08eb5ab4200e6b6395
593fc8c9d5e43501363f3ac1811726ea8528434b924a610fdc1267f6e4e2f4d7
5af4af7ff6c657586349a7a52a3ecac9bc51bf8baed02b93bfbe4f2c85ca56a2
5f39c97a5d41431187cf6f8d3c1c6cab7c46fbd2ee20febedd470e56043f3d41
5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3
6196e79a6beea903c5daccf483eae9f1052b0647cb165a9ffa0010392dc5e562
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3508e84845b497fe7de7c95b5565613fa4256341af4a1e96d614118f4ac5e9
6cc2bc8e380d3fd79e62e1b745e955c698de1456eb5f224c1b79c8c313b32401
6d2bd4fa4a43c078a03101debe04fe33fd850dd2b1af2f2293a790b549911a6e
6f69268e639d26e514a84125d6b86d94b6ebb031f9c9d252f9fb2839a7c9bf19
70598d3b3a26ff9f2509808d9d4270127ffde997b476c95ecc1bd0ce50b7bc28
718a77b5368bc1aabdd38d82773c971788cbc930508eb949f1664bc813a5bbbb
72dfc8713972baf3bf986600cab05b24a67eb50704797cc748942ee9ba710590
7432ce2d9558cdfad9fa922065edd4b052ce9d69366ccfcd08fd28cee4944f61
75d3456367750693ff25098e0357a59816bd74dd1701348886dc27d83c897173
7e06c309c9ef318bd216d1e8e7758fc90b8f2ddf7369f04b8adf239b5c1512fe
848f658b2bf78c8fe2335b2d53678639932f7838abbb7ab2d5916edc867c62af
87ee987122090b081ec5309f61798c116b24929f9cb42ed070e20b25649b3197
87fcdb7130b8d594441c4d7fef24598d959746c9c42c71094fefb3a709dfa541
8916863b5a9fb434907fb0e3354c12524f3e6a2c6fe12acff239df7bb9c7188c
921dac444f4d12a6ad6a4d973e13655173978720e539b8a51d517545d074e03b
9503857c71db72bf77bce905db734b5ab572d433b6b7547bafb847aa6042167d
9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308
9ab7a60a4a1240934bba8f69b945c8f4d7cfc912907362f2760cd3f16bb3d344
9e80f3d36e361a203127a8e75bbae947798cdea30de31eae0486ac153548c27d
9f2cb46e88c6a804c9b7cce18b174d8d70561ca7f128a9f61ed3dbb36c697dc6
9f58ce64b74dd78a12a96ab8a3baab42d15e82131c988b8e78a0666b9b1198b1
a3164b2b4a25b8a3a603478bbc3311b1be16edd40478a075f2b0bdb6a103713a
a50502a32a50f668e2d0ca6d1d6ed9d4f8618019308fe0c39a2df17919a6c770
a64d86f1fafd180096bd451dd066d77ed4a3715420e1af7f82573b6d16813218
a6bf99527ad5b9f3a33c9bc75ca43ae21dd804f0eec2554ae118fd708fb21e00
a6c006153cf157bcd6f53f1f80a27f0b28987a86a5be166c6b53953799e18f66
a6c18d9d61c43824add438820a22d49c45219bd41ede26b749d9a040b132bd4c
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
b0cd10ba39008b79c2b5372a1c3bebf78ea9d6abee46e002bcb1d2a787d6068e
b348d7a8f3d2aef69a2b98d8627a16b031dd53491d2b90af3bf6499ce1097800
b4c3e1320a0696f8173bd2eada9b860560d9756316ac82249b3924ebe5a21f5b
b5a5f5511c2dd368384aa82113ce950e5f455b51716631b9a7bd78388f46d64c
b748e93de92cb578e0785b70bcc07d8bab67907bf0f089645b28dde03c5cffed
b7535f97c5a636c26669922844a25c061c8bbde4b18655308b70356430b60a18
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
c2d5b8c288c9a04f0b641a139ac2176b90378aacf0f8ac9c4dbbe19dfe2b7855
c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3
c7437d1039eb9cef6f2b48233ad3f46fd216ae6b81e4b63390e0a9bb10cd1b74
cacb3216bac8abc454ab954967d6ce67cd8969def976cb47b459261efdea3bc2
cbf2f9788fa5b22dd4c4428843fdd3ea68595db536cf347517da7d048d3bedcf
cd3e2f420e0578b6dfc49e0a087eebe7c34fb44c412d71ae28d6bdbe71482c64
d1ef4bb32d5b130e5bf49a119722728fc31970f94b602b2250e83ee43074624d
d7c1b7ebef4e6c996d839f9032ada4a16056fc48d75218c0ff68b9975a47f833
de8d7634f73863ed57dae3a0909df9cbb9343f698eb194f53df7c44c336ac23f
deda47873b970f3f30793723271f158aa8bf0a8383016a41c5623cc63b8719ad
df2309303b0a8eac62a9a55ef2823e5692caaba0accd4751b2f716a062d450d4
dff42fc27824c65800c2671729e90622d40b31202a4c273b0039b31556f8fa65
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e22e6b8eb7d323ea613c32c129b47d9cc886952f8aadface0951f6e39821d099
e30e57a42d27bcee51206f5ab291f5a51f579d4e5992f2acece00062db35dcf8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b1bf49a47050d8c8b2e5798cdbb0be796e55ee6b6fc058450d891f1c81ef5f
ea0c84249c6d3fb9c7ab3e12357104a9316a62515e0192725333f5a5d3d5c89e
ebc5899ef97f2613c1f52d762fab2fae3597d86dfae1f1f51901a7d978475970
eea9224712ace0e0753af1fc6db610143551bfa7227d8e4b6e2e3e5941c9b4a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10f3e1f39253c9d4ee4374649f49bbdb22858f0332055c4e4de5259b624e109
f184a41e83fe0fa7657e501e40874b3e2468e3be8130be2340d4694b896c993f
f3cbfb0993936c56d926cdae8e9896452da8f7015991704a70817816fc4702e0
f482ac603b47a8631808a04e8f1d94a5e2bcd2e70960606405a1b70839d959da
f89fb7053654624cad63cd19e12c1668680b4266897663934b275f275bc8a84e
f8ab70f3116e708b14a1307483065aaf86d561c46de9ee19c188d029b52f97b0
fe6f751edcdcdef2f2fa677ebfeb50632396b12abd1b428c19a6f19b930ed5a4
ffb0158cdc267512932acd22b13aa4f0df1652290faa987148d69f923b6cb797

conforme-secure.confirmation-session.gq Open in urlscan Pro 37.187.89.161 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

234 Requests

99 %HTTPS

45 %IPv6

16 Domains

21 Subdomains

21 IPs

6 Countries

2553 kBTransfer

6761 kBSize

16 Cookies

18 Outgoing links

Page URL History

Redirected requests

234 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

conforme-secure.confirmation-session.gq Open in urlscan Pro
37.187.89.161 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

234
Requests

99 %
HTTPS

45 %
IPv6

16
Domains

21
Subdomains

21
IPs

6
Countries

2553 kB
Transfer

6761 kB
Size

16
Cookies

234 HTTP transactions
0 data transactions