urlscan.io logo urlscan.io
SecurityTrails logo

www.vol-retarde.fr Open in urlscan Pro
34.243.96.133  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Submission: On September 06 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 7 countries across 20 domains to perform 56 HTTP transactions. The main IP is 34.243.96.133, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.vol-retarde.fr.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 6th 2019. Valid for: 3 months.
This is the only time www.vol-retarde.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 34.243.96.133 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
14 2600:9000:20b... 16509 (AMAZON-02)
2 13.35.253.96 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 159.122.87.153 36351 (SOFTLAYER)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
3 6 2a00:1450:400... 15169 (GOOGLE)
3 3 2a00:1450:400... 15169 (GOOGLE)
3 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.16.198 15169 (GOOGLE)
1 147.75.83.163 54825 (PACKET)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 3 2a03:2880:f11... 32934 (FACEBOOK)
1 147.75.102.227 54825 (PACKET)
1 147.75.204.150 54825 (PACKET)
1 2a03:2880:f0f... 32934 (FACEBOOK)
1 2 188.166.71.69 14061 (DIGITALOC...)
56 23
3    34.243.96.133 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-243-96-133.eu-west-1.compute.amazonaws.com
www.vol-retarde.fr
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.jsdelivr.net
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
14    2600:9000:20bb:4400:18:427:27c0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d2htwrs017c1b3.cloudfront.net
2    13.35.253.96 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-96.fra6.r.cloudfront.net
widget.trustpilot.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
2    159.122.87.153 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com
2    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
6    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
3    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    172.217.16.198 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f6.1e100.net
8158438.fls.doubleclick.net
1    147.75.83.163 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-1
static.hotjar.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
3    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    147.75.102.227 (Central, Hong Kong)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-7
script.hotjar.com
1    147.75.204.150 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-8
vars.hotjar.com
1    2a03:2880:f0ff:2:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
cx.atdmt.com
2    188.166.71.69 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
chat.greenclaim.nl
Domain Requested by
14 d2htwrs017c1b3.cloudfront.net www.vol-retarde.fr
6 www.google-analytics.com 3 redirects www.vol-retarde.fr
www.google-analytics.com
5 connect.facebook.net www.vol-retarde.fr
connect.facebook.net
4 fonts.gstatic.com www.vol-retarde.fr
3 www.facebook.com 1 redirects www.vol-retarde.fr
connect.facebook.net
3 www.google.de www.vol-retarde.fr
3 www.google.com 3 redirects
3 stats.g.doubleclick.net 3 redirects
3 www.vol-retarde.fr www.vol-retarde.fr
2 chat.greenclaim.nl 1 redirects www.vol-retarde.fr
2 bat.bing.com www.vol-retarde.fr
2 8158438.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 platform.twitter.com www.vol-retarde.fr
platform.twitter.com
2 www.googletagmanager.com www.vol-retarde.fr
2 dev.visualwebsiteoptimizer.com www.vol-retarde.fr
2 widget.trustpilot.com www.vol-retarde.fr
widget.trustpilot.com
1 cx.atdmt.com www.vol-retarde.fr
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 staticxx.facebook.com connect.facebook.net
1 static.hotjar.com www.vol-retarde.fr
1 apis.google.com www.vol-retarde.fr
1 fonts.googleapis.com www.vol-retarde.fr
1 cdn.jsdelivr.net www.vol-retarde.fr
1 maxcdn.bootstrapcdn.com www.vol-retarde.fr
1 ajax.googleapis.com www.vol-retarde.fr
56 26
Subject Issuer Validity Valid
www.vol-retarde.fr
Let's Encrypt Authority X3		 2019-07-06 -
2019-10-04		 3 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-03 -
2019-10-12		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.trustpilot.com
Amazon		 2019-05-29 -
2020-06-29		 a year crt.sh
*.apis.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2017-06-30 -
2020-07-06		 3 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
www.google.de
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2019-07-11 -
2019-10-09		 3 months crt.sh
chat.greenclaim.nl
Let's Encrypt Authority X3		 2019-08-31 -
2019-11-29		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Frame ID: 870E90EBB618EB6E578A2E50C67A4CF5
Requests: 50 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html?origin=https%3A%2F%2Fwww.vol-retarde.fr
Frame ID: 2E3951EAD658232E365AC11D915875ED
Requests: 1 HTTP requests in this frame

Frame: https://8158438.fls.doubleclick.net/activityi;dc_pre=CODI_9ybvOQCFRXzdwodQQ8L5A;src=8158438;type=fr-re0;cat=gc-fr0;ord=9320703576412;gtm=2wg8l2;auiddc=383161546.1567773585;u1=%2Fbank-account%2F6xufycjqiqdb;~oref=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb
Frame ID: ED9853F263CAADEB7A4AC898278CF0CB
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5a709aaf4687810001203508
Frame ID: 3F307CCB927A3109E6C59E638542AF6D
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 0F323E1B06DE9582F7899ADE6C73143E
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 38DECDB025269264FC4D4E622CCA88D9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=376000235836162&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df12401e8bde619%26domain%3Dwww.vol-retarde.fr%26origin%3Dhttps%253A%252F%252Fwww.vol-retarde.fr%252Ff71ea3f84289c8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FVolRetarde&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=true
Frame ID: 7C67EF9E9F6B3BE5BAE211137675A4AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:Start|End) Visual Website Optimizer A?Synchronous Code -->/i
  • script /dev\.visualwebsiteoptimizer\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

56
Requests

100 %
HTTPS

68 %
IPv6

20
Domains

26
Subdomains

23
IPs

7
Countries

815 kB
Transfer

2884 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=497700490&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb&dp=%2Fbank-account&ul=en-us&de=UTF-8&dt=Vol-Retard%C3%A9.fr&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBACEABB~&jid=184983743&gjid=1513373592&cid=460457126.1567773585&tid=UA-63937490-1&_gid=1139462178.1567773585&_r=1&z=579210653 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63937490-1&cid=460457126.1567773585&jid=184983743&_gid=1139462178.1567773585&gjid=1513373592&_v=j79&z=579210653 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=184983743&_v=j79&z=579210653 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=184983743&_v=j79&z=579210653&slf_rd=1&random=3386268034
Request Chain 25
  • https://8158438.fls.doubleclick.net/activityi;src=8158438;type=fr-re0;cat=gc-fr0;ord=9320703576412;gtm=2wg8l2;auiddc=383161546.1567773585;u1=%2Fbank-account%2F6xufycjqiqdb;~oref=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb HTTP 302
  • https://8158438.fls.doubleclick.net/activityi;dc_pre=CODI_9ybvOQCFRXzdwodQQ8L5A;src=8158438;type=fr-re0;cat=gc-fr0;ord=9320703576412;gtm=2wg8l2;auiddc=383161546.1567773585;u1=%2Fbank-account%2F6xufycjqiqdb;~oref=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb
Request Chain 36
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=497700490&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb&ul=en-us&de=UTF-8&dt=Vol-Retard%C3%A9.fr&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=6GDACEALR~&jid=381576466&gjid=1236435586&cid=460457126.1567773585&tid=UA-63937490-1&_gid=1139462178.1567773585&_r=1&gtm=2wg8l2P5LQ4SR&z=1091010845 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63937490-1&cid=460457126.1567773585&jid=381576466&_gid=1139462178.1567773585&gjid=1236435586&_v=j79&z=1091010845 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=381576466&_v=j79&z=1091010845 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=381576466&_v=j79&z=1091010845&slf_rd=1&random=3206030297
Request Chain 37
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=497700490&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb&ul=en-us&de=UTF-8&dt=Vol-Retard%C3%A9.fr&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=6GDACUALR~&jid=1110745146&gjid=600920400&cid=460457126.1567773585&uid=afcf9ac9-63dd-4987-a74b-7dfa916167c4&tid=UA-63937490-3&_gid=1139462178.1567773585&_r=1&gtm=2wg8l2P5LQ4SR&cg1=bank_account.create&cd1=afcf9ac9-63dd-4987-a74b-7dfa916167c4&cd3=fr-FR&cd4=No&cd5=production&z=729991561 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63937490-3&cid=460457126.1567773585&jid=1110745146&uid=afcf9ac9-63dd-4987-a74b-7dfa916167c4&_gid=1139462178.1567773585&gjid=600920400&_v=j79&z=729991561 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-3&cid=460457126.1567773585&jid=1110745146&_v=j79&z=729991561 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-3&cid=460457126.1567773585&jid=1110745146&_v=j79&z=729991561&slf_rd=1&random=2717534676
Request Chain 43
  • https://www.facebook.com/tr/?id=1706236556066392&ev=Microdata&dl=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb&rl=&if=false&ts=1567773585633&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Vol-Retard%C3%A9.fr%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22fr_FR%22%2C%22og%3Atitle%22%3A%22Vol-Retard%C3%A9.fr%22%2C%22og%3Atype%22%3A%22website%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2FVolRetarde%22%2C%22og%3Asite_name%22%3A%22Vol-Retard%C3%A9.fr%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.vol-retarde.fr%2Fimg%2Flogo-vol-retarde-fr-square.jpg%22%2C%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1567773585119.1146338503&it=1567773585048&coo=false&es=automatic&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=4136837878272785565&f=AYzi68cwsMoCjSXQZNM2YeX7tCXkWcmTDCh4IuEIDLR0aPtULi_2yxICda0C4YLT5YOj9B7lm74CDhGrOVvqafGO&id=1706236556066392&l=3&v=0
Request Chain 44
  • https://chat.greenclaim.nl/index.php/check HTTP 301
  • https://chat.greenclaim.nl/check

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6xufycjqiqdb
www.vol-retarde.fr/bank-account/ 		88 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.243.96.133 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-96-133.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
773ac9f6679c98b3f326a282cbd745b2e07d4357667ca90183e469f92dcc4fc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.vol-retarde.fr
:scheme
https
:path
/bank-account/6xufycjqiqdb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
date
Fri, 06 Sep 2019 12:39:44 GMT
set-cookie
XSRF-TOKEN=eyJpdiI6ImpMOVQyMm1UZHJnSlwvXC9cLzZMaUdzZmc9PSIsInZhbHVlIjoiUzhyQ0w2dDZPR1RpMkFYM0dPUU02REU3eXJzMDJwZzBWZHRIdmhSTE5cL1B4YVl1Wk1wQklvWjZMOEVOVHcyOFgiLCJtYWMiOiJjNDA3MmJkMzY3NTEwYzExYzRkZDNkZmRkOGI2MGQ5OTdlZjU3MmNmOTk2MjhlMGIyZWM2NzhhN2I1N2NhMjg2In0%3D; expires=Sat, 07-Sep-2019 12:39:44 GMT; Max-Age=86400; path=/ gc_session=eyJpdiI6IjFBd0lyV2pWdDhVbDlBelhRanBcL09BPT0iLCJ2YWx1ZSI6IlMrNVgyV0lxSWFXZ0Y1UmM0Nk9oTStRV3l1M2pPNlJrdHdrTXpiNEl1XC9tdm9cL0xDWFpLNTY1RUNBU3c0VlV2cSIsIm1hYyI6IjcwNmY3YWQ4MzIyZmMyZjhiZWUyYmRlZGM4OGIzNGE1Y2FlNGNjMzFkNzk2MDZhYTFmOTM5ODdiMWViMjg4YmUifQ%3D%3D; expires=Sat, 07-Sep-2019 12:39:44 GMT; Max-Age=86400; path=/; httponly
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.0/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.vol-retarde.fr/
Origin
https://www.vol-retarde.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 08:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1050932
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
29195
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Aug 2020 08:44:12 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.vol-retarde.fr/
Origin
https://www.vol-retarde.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 12:39:44 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7679
signature_pad.min.js
cdn.jsdelivr.net/npm/signature_pad@2.3.2/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/signature_pad@2.3.2/dist/signature_pad.min.js
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
5be8af36f5639905fa153945d12f9208332302e4d534acc7d7afa442f4567138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.vol-retarde.fr/
Origin
https://www.vol-retarde.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
content-length
3208
etag
W/"24a3-Hz6UHjN3nLm4eqRzZSIFQAOXWvk"
x-served-by
cache-ams21042-AMS, cache-hhn4057-HHN
date
Fri, 06 Sep 2019 12:39:44 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700%7CLeckerli+One|PT+Sans:400,700&display=swap
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
324ab9a71bf9bf9d5aba98e85ac69d2fc4c6741a0e366245074521d88976fc69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.vol-retarde.fr/
Origin
https://www.vol-retarde.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Sep 2019 12:39:44 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 06 Sep 2019 12:39:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 06 Sep 2019 12:39:44 GMT
all.css
d2htwrs017c1b3.cloudfront.net/css/ 		413 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2htwrs017c1b3.cloudfront.net/css/all.css?id=2f8ad028071a6ee22da1
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
71ac31d5e0ba414a58e33e9cede9a2104ef722083eeac47fe09a206ddaf9e2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 07:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17125
x-cache
Hit from cloudfront
status
200
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Fri, 06 Sep 2019 06:57:32 GMT
server
nginx/1.14.0 (Ubuntu)
x-frame-options
SAMEORIGIN
etag
W/"5d72035c-6748c"
vary
Accept-Encoding
content-type
text/css
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56
x-amz-cf-id
uOYI-wxNqYUk5PoagwbEMkDJuVwqPLVqL-8dnQaPcTLNY18WmKGWcg==
all.js
d2htwrs017c1b3.cloudfront.net/js/ 		532 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2htwrs017c1b3.cloudfront.net/js/all.js?id=699166daa4bdd5be2a6b
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bbfa18f466894d2efd09bb5061212caabd95e8943246cf9ccd38411c3c56a0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 15:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77631
x-cache
Hit from cloudfront
status
200
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Thu, 05 Sep 2019 13:24:21 GMT
server
nginx/1.14.0 (Ubuntu)
x-frame-options
SAMEORIGIN
etag
W/"5d710c85-8500c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56
x-amz-cf-id
9normGH9YaILPRpKHkTADL-fewXpknKCi5XiZ9ZNXRbD_EUpL_0QGA==
ZeroClipboard.js
d2htwrs017c1b3.cloudfront.net/assets/misc/zc/ 		88 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2htwrs017c1b3.cloudfront.net/assets/misc/zc/ZeroClipboard.js
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b1730825c97438dbba356236c45985cf4e9185e247ce96c5bbcc17e28a33d2eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 09:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10159
x-cache
Hit from cloudfront
status
200
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
x-frame-options
SAMEORIGIN
etag
W/"5d72035b-15ee8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56
x-amz-cf-id
XC5_yHyVWvHP_qXZGhdcz5UzH0x9GQqZfhT-9yrjgh3iOtmXltk9vA==
logo-vol-retarde-fr.svg
www.vol-retarde.fr/img/logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vol-retarde.fr/img/logos/logo-vol-retarde-fr.svg
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.243.96.133 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-96-133.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
afef37fca69f9a7e8499d88284cbd74f2593164c8c072727415c8c863551ba20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 12:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
x-frame-options
SAMEORIGIN
etag
W/"5d72035b-cff"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
x-xss-protection
1; mode=block
logo-vol-retarde-fr-mobile.svg
www.vol-retarde.fr/img/logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vol-retarde.fr/img/logos/logo-vol-retarde-fr-mobile.svg
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.243.96.133 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-96-133.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2910d7d8d0aaef77036635ed2e5098ec9ab19da4c68267025cae6a06fd932bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 12:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
x-frame-options
SAMEORIGIN
etag
W/"5d72035b-ce4"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
x-xss-protection
1; mode=block
blank.gif
d2htwrs017c1b3.cloudfront.net/img/ 		43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/blank.gif
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 09:56:21 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9803
x-cache
Hit from cloudfront
status
200
content-length
43
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d72035b-2b"
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
YhR57zGd15Z3GsromOlOwtK8Wmg3mRX52nBEtRfQhhzx_OnS6BWvSA==
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.96 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-96.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58dbae5bdf2b5e9ac2518952762a7d601120590b706c13577ae102c5cabeef73

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 15:49:46 GMT
content-encoding
gzip
age
74998
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
6405
last-modified
Wed, 24 Jul 2019 07:13:52 GMT
server
AmazonS3
etag
"46836a70570cb9d1b7d22070fd761a91"
content-type
application/x-javascript
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
wVjdxUX67JcZ_VHgEvKqyBmJXM746PcBEHmaFjYSQivx--xbdp2XEQ==
platform.js
apis.google.com/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1a560979c35508f894818e1f68012f0a56d6a6001c5dfb73ffeda325fcbafbeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 12:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-dUIyyGvRfl+38QgjEgeC7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"ce8f41226b511978bd0b369f1ffcc6fc"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Fri, 06 Sep 2019 12:39:44 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		899 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=317041&u=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb&r=0.05340586324729779
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
ddde50a511d43fada8059c3804a7518ed3c58c6fde1b49ce24c30d2d2bd2c829

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 06 Sep 2019 12:39:45 GMT
content-encoding
gzip
server
dacdn2
content-type
application/javascript; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		101 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P5LQ4SR
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19a31baef51cd2a2c317aa39aea4d3fee4f9494a9f9cfa14ea3a12ee880e357a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 12:39:44 GMT
content-encoding
br
last-modified
Fri, 06 Sep 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
30500
x-xss-protection
0
expires
Fri, 06 Sep 2019 12:39:44 GMT
jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v11/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700%7CLeckerli+One|PT+Sans:400,700&display=swap
Origin
https://www.vol-retarde.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 01:30:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:28:25 GMT
server
sffe
age
1076980
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11504
x-xss-protection
0
expires
Mon, 24 Aug 2020 01:30:04 GMT
fontawesome-webfont.woff2
d2htwrs017c1b3.cloudfront.net/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2htwrs017c1b3.cloudfront.net/assets/fonts/fontawesome-webfont.woff2?v=4.2.0
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://d2htwrs017c1b3.cloudfront.net/css/all.css?id=2f8ad028071a6ee22da1
Origin
https://www.vol-retarde.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 10:14:30 GMT
via
1.1 c735fa223fb16fb135c387781f0fadf6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
8714
x-cache
Hit from cloudfront
status
200
content-length
77160
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d72035b-12d68"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
VOLsWOwynVRtVwV2UDuOxo6AS8uP7-aux7KarpepLDHneF5Snc4lfw==
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700%7CLeckerli+One|PT+Sans:400,700&display=swap
Origin
https://www.vol-retarde.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 14:53:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
337581
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9132
x-xss-protection
0
expires
Tue, 01 Sep 2020 14:53:23 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700%7CLeckerli+One|PT+Sans:400,700&display=swap
Origin
https://www.vol-retarde.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 10:34:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
1217106
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9180
x-xss-protection
0
expires
Sat, 22 Aug 2020 10:34:38 GMT
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700%7CLeckerli+One|PT+Sans:400,700&display=swap
Origin
https://www.vol-retarde.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 13:42:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:28:02 GMT
server
sffe
age
946615
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11380
x-xss-protection
0
expires
Tue, 25 Aug 2020 13:42:49 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6d019172dde658c81208de9f434848fd3b3fbf8d3659a0af5cfde9d17043d5c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
dvhaHCFvgEtEkgr1WrkLhw==
status
200
content-length
1779
etag
"7f2918ae7c0460168db1441ffcda704a"
x-fb-debug
FM6Syyk7xuSQMnKaYbNJY/D7zxMQVrWzZmq5Ogy4hNQF9nc4vYqkRPcNlZSTuXDu3F/7ZuCxicM3e1trWB9Zgg==
x-fb-trip-id
194532234
x-fb-content-md5
05fd58a6f0b6e90465d8f2fdfa913e78
x-frame-options
DENY
date
Fri, 06 Sep 2019 12:39:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 06 Sep 2019 12:41:57 GMT
widgets.js
platform.twitter.com/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/419C) /
Resource Hash
f1106d00331995db22eee14181b1510b7ec3b7e780e0e4fa6827c66aaa2a99b4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Sep 2019 12:39:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 20:15:11 GMT
Server
ECS (fcn/419C)
Etag
"c94e1412de2586837b1f5f0a672cec7e+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28055
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6971
date
Fri, 06 Sep 2019 10:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Fri, 06 Sep 2019 12:43:33 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=497700490&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb&dp=%2Fbank-account&ul=en-us&de=UTF-8&dt=Vol...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63937490-1&cid=460457126.1567773585&jid=184983743&_gid=1139462178.1567773585&gjid=1513373592&_v=j79&z=579210653
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=184983743&_v=j79&z=579210653
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=184983743&_v=j79&z=579210653&slf_rd=1&random=3386268034
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=184983743&_v=j79&z=579210653&slf_rd=1&random=3386268034
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2019 12:39:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Sep 2019 12:39:45 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=184983743&_v=j79&z=579210653&slf_rd=1&random=3386268034
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html
platform.twitter.com/widgets/ Frame 2E39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html?origin=https%3A%2F%2Fwww.vol-retarde.fr
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418C) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.vol-retarde.fr/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.vol-retarde.fr/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 06 Sep 2019 12:39:45 GMT
Etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified
Thu, 05 Sep 2019 20:14:23 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/418C)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5816
sdk.js
connect.facebook.net/en_US/ 		200 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=15b7d3ed4685531fb8fe4a12f5a39c1d&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
177a8d1301874bb71e115652f23f90a36f87e8da6d92a60c801921eacdea3b51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.vol-retarde.fr/
Origin
https://www.vol-retarde.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
55voZQUumxg3YImpfIU59A==
status
200
content-length
60758
etag
"c97a7bbb1a830545e081396b97fe2b7a"
x-fb-debug
mX/VdBANkpxheinChaJgnmxKkO0K64O+jOmrd0j3V6W0sSus/wrMAFaLimMjbDLF7DEEufZR8Ri0rJgk60sSyA==
x-fb-trip-id
194532234
x-fb-content-md5
56cd4f3d63914b6384d352273712a952
x-frame-options
DENY
date
Fri, 06 Sep 2019 12:39:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sat, 05 Sep 2020 11:11:05 GMT
activityi;dc_pre=CODI_9ybvOQCFRXzdwodQQ8L5A;src=8158438;type=fr-re0;cat=gc-fr0;ord=9320703576412;gtm=2wg8l2;auiddc=383161546.1567773585;u1=%2Fbank-account%2F6xufycjqiqdb;~oref=https%3A%2F%2Fwww.vol...
8158438.fls.doubleclick.net/ Frame ED98
Redirect Chain
  • https://8158438.fls.doubleclick.net/activityi;src=8158438;type=fr-re0;cat=gc-fr0;ord=9320703576412;gtm=2wg8l2;auiddc=383161546.1567773585;u1=%2Fbank-account%2F6xufycjqiqdb;~oref=https%3A%2F%2Fwww.v...
  • https://8158438.fls.doubleclick.net/activityi;dc_pre=CODI_9ybvOQCFRXzdwodQQ8L5A;src=8158438;type=fr-re0;cat=gc-fr0;ord=9320703576412;gtm=2wg8l2;auiddc=383161546.1567773585;u1=%2Fbank-account%2F6xuf...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8158438.fls.doubleclick.net/activityi;dc_pre=CODI_9ybvOQCFRXzdwodQQ8L5A;src=8158438;type=fr-re0;cat=gc-fr0;ord=9320703576412;gtm=2wg8l2;auiddc=383161546.1567773585;u1=%2Fbank-account%2F6xufycjqiqdb;~oref=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5LQ4SR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8158438.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CODI_9ybvOQCFRXzdwodQQ8L5A;src=8158438;type=fr-re0;cat=gc-fr0;ord=9320703576412;gtm=2wg8l2;auiddc=383161546.1567773585;u1=%2Fbank-account%2F6xufycjqiqdb;~oref=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.vol-retarde.fr/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.vol-retarde.fr/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 06 Sep 2019 12:39:45 GMT
expires
Fri, 06 Sep 2019 12:39:45 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
360
x-xss-protection
0
set-cookie
IDE=AHWqTUkk9uc0B0hprMoscF9z4OsTECPgnSq0PbLvhKYGloXwYEO4arHbz2ctwg_r; expires=Wed, 30-Sep-2020 12:39:45 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 06 Sep 2019 12:39:45 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8158438.fls.doubleclick.net/activityi;dc_pre=CODI_9ybvOQCFRXzdwodQQ8L5A;src=8158438;type=fr-re0;cat=gc-fr0;ord=9320703576412;gtm=2wg8l2;auiddc=383161546.1567773585;u1=%2Fbank-account%2F6xufycjqiqdb;~oref=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 06-Sep-2019 12:54:45 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
js
www.google-analytics.com/gtm/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-M6FGJTM&t=gtm1&cid=460457126.1567773585
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e6db815ad2960df19d5f22685e51f1bdce3338cdd465f6f2f56e09a2f5bc3ec5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 12:39:45 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
26640
x-xss-protection
0
expires
Fri, 06 Sep 2019 12:39:45 GMT
hotjar-652395.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-652395.js?sv=6
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.163 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-1
Software
openresty /
Resource Hash
76f75b47aa4fe94e54a67585a31ef81bf1a07226783752e972c08fe5af20f24f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 12:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
section-io-tag
hotjar
age
191
status
200
section-io-cache
Hit
vary
Accept-Encoding
content-length
1807
server
openresty
cache-control
max-age=60
x-frame-options
SAMEORIGIN
etag
W/5eb5e1b4e4588ad3952f468d02646e2f
access-control-max-age
600
section-io-origin-status
304
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.120
section-io-id
4e278458b0ab9d4814e2d34d30f4a052
accept-ranges
bytes
content-type
application/javascript
fbevents.js
connect.facebook.net/en_US/ 		121 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
ZPRzi7l4Tnj1VYj3t3TodluSAlkIh9aSvbg0T1XxfjQSffLryQgd+lQs7RYHf8YMsjQaDbvCbx+Vt9xDMCEHuQ==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Fri, 06 Sep 2019 12:39:45 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
6b4c72b8214beaceed57a85c54eed2c61cfc4911b3d677db9a6e00849ef6be05

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 12:39:44 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2019 18:53:49 GMT
x-msedge-ref
Ref A: FB7CDABFC2BD4D36A18982BDA2A2A93E Ref B: VIEEDGE1014 Ref C: 2019-09-06T12:39:45Z
status
200
etag
"809cac9e6349d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7126
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 12:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
2330
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1296
x-xss-protection
0
expires
Fri, 06 Sep 2019 13:00:55 GMT
index.html
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 3F30 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5a709aaf4687810001203508
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.96 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-96.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
widget.trustpilot.com
:scheme
https
:path
/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5a709aaf4687810001203508
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.vol-retarde.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.vol-retarde.fr/

Response headers

status
200
content-type
text/html
content-length
1893
date
Tue, 27 Aug 2019 13:06:12 GMT
last-modified
Tue, 27 Aug 2019 13:00:53 GMT
etag
"7c4ef2a079b43d7b57ec1f6939c3049f"
x-amz-server-side-encryption
AES256
cache-control
max-age=86400
content-encoding
gzip
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
HYR2xEcT26MTlzkcaLR3rnE_CaAQVDTak_nkWE9vmj6_tV9Ax_dVvg==
age
84545
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?a=317041&d=vol-retarde.fr&u=D49ED32C5D40461B393B553DEDB7486FE&h=19744ce1896b94f5754a033127506759&t=false&r=0.08754132002440418
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2019 12:39:45 GMT
x-content-type-options
nosniff
server
dacdn2
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
1706236556066392
connect.facebook.net/signals/config/ 		307 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1706236556066392?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6ffb0e9fa61d0da3a593745963d28e196a891e7a4edab97d8664f10ae3ccca1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79754
x-xss-protection
0
pragma
public
x-fb-debug
0HM91dq0FWXQHLotjrDjH+IavR+7FwEQxIKTxEHhMYobJ2HSYtabIO4iz14yJrepMUzGoVhjoVO1Vq2BITkcFA==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Fri, 06 Sep 2019 12:39:45 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 0F32 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=15b7d3ed4685531fb8fe4a12f5a39c1d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.vol-retarde.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.vol-retarde.fr/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 04 Sep 2020 15:13:34 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
ZZ/rtRfl29tbUtKwFtJAONt8pgpcgEu/vGZ1IE4HqC6w6PeoyfRhAfdDq0vcdd7nc3nzyBUDYNoTDciMwVjsqQ==
content-length
11694
x-fb-trip-id
194532234
date
Fri, 06 Sep 2019 12:39:45 GMT
a
www.googletagmanager.com/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-M6FGJTM&cv=11&t=ol&g=97&p=gtm&q=212&f=31&e=32&i=25&d=128&c=18&sr=0.050000&ps=0.002046634416659421&cb=505557813
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2019 12:39:45 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=497700490&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb&ul=en-us&de=UTF-8&dt=Vol-Retard%C3%A9.fr&sd=24-bi...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63937490-1&cid=460457126.1567773585&jid=381576466&_gid=1139462178.1567773585&gjid=1236435586&_v=j79&z=1091010845
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=381576466&_v=j79&z=1091010845
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=381576466&_v=j79&z=1091010845&slf_rd=1&random=3206030297
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=381576466&_v=j79&z=1091010845&slf_rd=1&random=3206030297
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2019 12:39:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Sep 2019 12:39:45 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-1&cid=460457126.1567773585&jid=381576466&_v=j79&z=1091010845&slf_rd=1&random=3206030297
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=497700490&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb&ul=en-us&de=UTF-8&dt=Vol-Retard%C3%A9.fr&sd...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63937490-3&cid=460457126.1567773585&jid=1110745146&uid=afcf9ac9-63dd-4987-a74b-7dfa916167c4&_gid=1139462178.1567773585&gjid=6009...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-3&cid=460457126.1567773585&jid=1110745146&_v=j79&z=729991561
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-3&cid=460457126.1567773585&jid=1110745146&_v=j79&z=729991561&slf_rd=1&random=2717534676
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-3&cid=460457126.1567773585&jid=1110745146&_v=j79&z=729991561&slf_rd=1&random=2717534676
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2019 12:39:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Sep 2019 12:39:45 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63937490-3&cid=460457126.1567773585&jid=1110745146&_v=j79&z=729991561&slf_rd=1&random=2717534676
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=27001940&Ver=2&mid=4d3a11f1-9d5c-1e45-a2b3-0a4ac5d02434&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Vol-Retard%C3%A9.fr&p=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb&r=&lt=1111&evt=pageLoad&msclkid=N&rn=137134
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Fri, 06 Sep 2019 12:39:44 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 1E0DD45AA7F946CF9E85FF13BF59087A Ref B: VIEEDGE1014 Ref C: 2019-09-06T12:39:45Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
B/5Kgca7krF8LFeIZFvjrh9c4dIIq6vfA6puz66FcvgyLGZuksfaJI1wlJ0CINJuTVxVgLfuPI9GiBmccWGGQQ==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Fri, 06 Sep 2019 12:39:45 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1706236556066392&ev=PageView&dl=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb&rl=&if=false&ts=1567773585120&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1567773585119.1146338503&it=1567773585048&coo=false&rqm=GET
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 12:39:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 06 Sep 2019 12:39:45 GMT
modules.4d71caa5b820d76ee739.js
script.hotjar.com/ 		426 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4d71caa5b820d76ee739.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-652395.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.227 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-7
Software
/
Resource Hash
38896119b5b0007bd7b5066e7c4825ed18a0a741890546619445250cdf4efadc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 12:39:49 GMT
content-encoding
br
last-modified
Thu, 05 Sep 2019 12:36:45 GMT
status
200
etag
"2b450139f51541542dec21ed468002e5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.063
section-io-origin-status
200
accept-ranges
bytes
section-io-id
5de4b1ee4be8a3b18fd7c0444ed0ad70
content-length
72902
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 38DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-652395.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.204.150 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-8
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.vol-retarde.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.vol-retarde.fr/

Response headers

status
200
date
Fri, 06 Sep 2019 12:39:45 GMT
content-type
text/html
content-length
787
cache-control
max-age=31536000
content-encoding
br
last-modified
Mon, 12 Aug 2019 15:26:38 GMT
etag
"5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status
200
section-io-origin-time-seconds
0.041
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
132c2c09f75b51be36e34af533cbf408
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=1706236556066392&ev=Microdata&dl=https%3A%2F%2Fwww.vol-retarde.fr%2Fbank-account%2F6xufycjqiqdb&rl=&if=false&ts=1567773585633&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22tit...
  • https://cx.atdmt.com/?c=4136837878272785565&f=AYzi68cwsMoCjSXQZNM2YeX7tCXkWcmTDCh4IuEIDLR0aPtULi_2yxICda0C4YLT5YOj9B7lm74CDhGrOVvqafGO&id=1706236556066392&l=3&v=0
42 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cx.atdmt.com/?c=4136837878272785565&f=AYzi68cwsMoCjSXQZNM2YeX7tCXkWcmTDCh4IuEIDLR0aPtULi_2yxICda0C4YLT5YOj9B7lm74CDhGrOVvqafGO&id=1706236556066392&l=3&v=0
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f0ff:2:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 06 Sep 2019 12:39:45 GMT
content-type
image/gif
content-length
42
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma
no-cache
date
Fri, 06 Sep 2019 12:39:45 GMT
server
proxygen-bolt
status
302
content-type
text/plain
location
https://cx.atdmt.com/?c=4136837878272785565&f=AYzi68cwsMoCjSXQZNM2YeX7tCXkWcmTDCh4IuEIDLR0aPtULi_2yxICda0C4YLT5YOj9B7lm74CDhGrOVvqafGO&id=1706236556066392&l=3&v=0
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
check
chat.greenclaim.nl/
Redirect Chain
  • https://chat.greenclaim.nl/index.php/check
  • https://chat.greenclaim.nl/check
1 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://chat.greenclaim.nl/check
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.71.69 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Fri, 06 Sep 2019 12:39:35 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, must-revalidate, no-cache, no-store, private
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT, Thu, 05 Sep 2019 12:00:00 GMT

Redirect headers

Date
Fri, 06 Sep 2019 12:39:35 GMT
Server
nginx
Location
https://chat.greenclaim.nl/check
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
178
flag-nl.png
d2htwrs017c1b3.cloudfront.net/img/ 		98 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/flag-nl.png
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9303b958ec9bf96de19f3c32c48d5da489b89d71600eb6f6932246918f230a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 09:56:34 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9791
x-cache
Hit from cloudfront
status
200
content-length
98
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d72035b-62"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
_xNx6lJYA1Dm4RABam5dS-5QNk-u257O517IOIcHNjxkEY2cwM-_SQ==
flag-gb.png
d2htwrs017c1b3.cloudfront.net/img/ 		467 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/flag-gb.png
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
628aed6f70b9ad8d500c814933859d6d3a84315fab41c62e9df32ec5dd501b83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 09:56:34 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9791
x-cache
Hit from cloudfront
status
200
content-length
467
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d72035b-1d3"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
eD6SoZW5egh6wSDbuPiGXaepFaADQrSb-fka6i-clODmazvv1wTL9g==
flag-fr.png
d2htwrs017c1b3.cloudfront.net/img/ 		95 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/flag-fr.png
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
66dd1f885a8a119716b225fd8531282c9bed7b82124e4d4b6e4b48e78b628e3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 09:56:34 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9792
x-cache
Hit from cloudfront
status
200
content-length
95
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d72035b-5f"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
BthvSZaR5rMRmCpdHRY64dtn_Bn0aJIUcRkarrKvuGNZaASxneWJFA==
flag-de.png
d2htwrs017c1b3.cloudfront.net/img/ 		97 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/flag-de.png
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
991dc327d7c6a304e78d6b52150b0724fefe40015eb7e86258bd88cf6b9be86f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 09:56:34 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9791
x-cache
Hit from cloudfront
status
200
content-length
97
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d72035b-61"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
sPzSk7ZQqho5s_C9ut7UyVM_M8u-zYhtJ9AjxBFV1gFsf9BcrYAz3w==
flag-es.png
d2htwrs017c1b3.cloudfront.net/img/ 		151 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/flag-es.png
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7af86b7f2acb17501acdc34efe905fa68d6e00567d07e8ad9099c59d42dcfc43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 09:56:34 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9791
x-cache
Hit from cloudfront
status
200
content-length
151
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d72035b-97"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
ffQNEnLmsbliC4YxfBVXduPeBnLDXuYhGn7c14j6XNUyrykqUbWXlw==
flag-it.png
d2htwrs017c1b3.cloudfront.net/img/ 		112 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/flag-it.png
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0d4d7ed45902d868c110f09a15b06cbc23abbab248601dd3d749e40e674a9d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 09:56:34 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9791
x-cache
Hit from cloudfront
status
200
content-length
112
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d72035b-70"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
puSWVt7UmckpdEe1ot_V8920q8e2kGjTFdWHwpV7Q6k2NjF8OnhXsg==
flag-be.png
d2htwrs017c1b3.cloudfront.net/img/ 		105 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/flag-be.png
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0d03f9e69bc053ee32e76ca01a250f1ac8fdc301a75df2844e6dc1af5aa9ed20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 09:56:34 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9791
x-cache
Hit from cloudfront
status
200
content-length
105
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d72035b-69"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
5t8F9-CBGrRuaOq4AEm3eXZ2y3HdD3M-uuDaNOmxdgDYwQ15YwidHg==
flag-dk.png
d2htwrs017c1b3.cloudfront.net/img/ 		282 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/flag-dk.png
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9afcff7c492b11b6b23919b9ea4c9b61adc2d30a944c26245eb15f8503d5a35a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 09:56:34 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9791
x-cache
Hit from cloudfront
status
200
content-length
282
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d72035b-11a"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
EfSJ1cNLTXFmIiO7g1cGn_01fF47SudNwUQL5tk8-1TphLCWkj0JKg==
flag-pl.png
d2htwrs017c1b3.cloudfront.net/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/flag-pl.png
Requested by
Host: www.vol-retarde.fr
URL: https://www.vol-retarde.fr/bank-account/6xufycjqiqdb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:18:427:27c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
94ec079676cdcb119a804a7a4c4c2f4b7f3528484c6c7b3b30d19e688958e42c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.vol-retarde.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 09:56:34 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9791
x-cache
Hit from cloudfront
status
200
content-length
1029
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 06:57:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d72035b-405"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
AN8ft9UsABwTMfgbQxnBFavWaFYU5CxASzSTtGK3mKZ_LqVqm3ZHQg==
like.php
www.facebook.com/v2.0/plugins/ Frame 7C67 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=376000235836162&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df12401e8bde619%26domain%3Dwww.vol-retarde.fr%26origin%3Dhttps%253A%252F%252Fwww.vol-retarde.fr%252Ff71ea3f84289c8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FVolRetarde&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=15b7d3ed4685531fb8fe4a12f5a39c1d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.0/plugins/like.php?action=like&app_id=376000235836162&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df12401e8bde619%26domain%3Dwww.vol-retarde.fr%26origin%3Dhttps%253A%252F%252Fwww.vol-retarde.fr%252Ff71ea3f84289c8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FVolRetarde&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.vol-retarde.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.vol-retarde.fr/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
facebook-api-version
v2.10
x-xss-protection
0
content-type
text/html; charset="utf-8"
x-fb-debug
OfvjXv1askfs+BLUaBs5+aqunF4eeaTZ1Mev+Siz62RJVU5BbdTOa45JBQFCYifie7duLW1fXvuK5iE3nUb9DA==
date
Fri, 06 Sep 2019 12:39:50 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| SignaturePad function| Swiper function| autosize object| intlTelInputGlobals function| intlTelInput object| intlTelInputUtils function| ZeroClipboard object| _vwo_code number| settings_timer number| _vwo_settings_timer object| dataLayer function| cleanAutoLinker function| gaEvent string| page string| GoogleAnalyticsObject function| ga object| translations function| getParameterByName function| timelineOption function| trans function| initAirportpicker function| addPassenger object| that object| gapi object| ___jsl object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr object| FB function| hj object| _hjSettings function| fbq function| _fbq object| uetq object| Trustpilot undefined| b object| vwo_iehack_queue object| google_optimize function| UET object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled

1 Cookies

Domain/Path Name / Value
.vol-retarde.fr/ Name: _hjid
Value: e4a065af-fc70-47c1-b20b-4d8c6fa832b1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8158438.fls.doubleclick.net
ajax.googleapis.com
apis.google.com
bat.bing.com
cdn.jsdelivr.net
chat.greenclaim.nl
connect.facebook.net
cx.atdmt.com
d2htwrs017c1b3.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
platform.twitter.com
script.hotjar.com
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
vars.hotjar.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.vol-retarde.fr
13.35.253.96
147.75.102.227
147.75.204.150
147.75.83.163
159.122.87.153
172.217.16.198
188.166.71.69
2001:4de0:ac19::1:b:2b
2600:9000:20bb:4400:18:427:27c0:21
2606:2800:234:59:254c:406:2366:268c
2620:1ec:c11::200
2a00:1450:4001:808::200a
2a00:1450:4001:809::200a
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f0ff:2:face:b00c:0:8c
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:1b::621
34.243.96.133
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0d03f9e69bc053ee32e76ca01a250f1ac8fdc301a75df2844e6dc1af5aa9ed20
0d4d7ed45902d868c110f09a15b06cbc23abbab248601dd3d749e40e674a9d0f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
177a8d1301874bb71e115652f23f90a36f87e8da6d92a60c801921eacdea3b51
19a31baef51cd2a2c317aa39aea4d3fee4f9494a9f9cfa14ea3a12ee880e357a
1a560979c35508f894818e1f68012f0a56d6a6001c5dfb73ffeda325fcbafbeb
2910d7d8d0aaef77036635ed2e5098ec9ab19da4c68267025cae6a06fd932bf5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
324ab9a71bf9bf9d5aba98e85ac69d2fc4c6741a0e366245074521d88976fc69
38896119b5b0007bd7b5066e7c4825ed18a0a741890546619445250cdf4efadc
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58dbae5bdf2b5e9ac2518952762a7d601120590b706c13577ae102c5cabeef73
5be8af36f5639905fa153945d12f9208332302e4d534acc7d7afa442f4567138
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
628aed6f70b9ad8d500c814933859d6d3a84315fab41c62e9df32ec5dd501b83
66dd1f885a8a119716b225fd8531282c9bed7b82124e4d4b6e4b48e78b628e3c
6b4c72b8214beaceed57a85c54eed2c61cfc4911b3d677db9a6e00849ef6be05
6d019172dde658c81208de9f434848fd3b3fbf8d3659a0af5cfde9d17043d5c8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ffb0e9fa61d0da3a593745963d28e196a891e7a4edab97d8664f10ae3ccca1d
71ac31d5e0ba414a58e33e9cede9a2104ef722083eeac47fe09a206ddaf9e2df
76f75b47aa4fe94e54a67585a31ef81bf1a07226783752e972c08fe5af20f24f
773ac9f6679c98b3f326a282cbd745b2e07d4357667ca90183e469f92dcc4fc2
7af86b7f2acb17501acdc34efe905fa68d6e00567d07e8ad9099c59d42dcfc43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
9303b958ec9bf96de19f3c32c48d5da489b89d71600eb6f6932246918f230a19
94ec079676cdcb119a804a7a4c4c2f4b7f3528484c6c7b3b30d19e688958e42c
991dc327d7c6a304e78d6b52150b0724fefe40015eb7e86258bd88cf6b9be86f
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
9afcff7c492b11b6b23919b9ea4c9b61adc2d30a944c26245eb15f8503d5a35a
afef37fca69f9a7e8499d88284cbd74f2593164c8c072727415c8c863551ba20
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1730825c97438dbba356236c45985cf4e9185e247ce96c5bbcc17e28a33d2eb
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
bbfa18f466894d2efd09bb5061212caabd95e8943246cf9ccd38411c3c56a0cb
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ddde50a511d43fada8059c3804a7518ed3c58c6fde1b49ce24c30d2d2bd2c829
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6db815ad2960df19d5f22685e51f1bdce3338cdd465f6f2f56e09a2f5bc3ec5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1106d00331995db22eee14181b1510b7ec3b7e780e0e4fa6827c66aaa2a99b4