urlscan.io logo urlscan.io
SecurityTrails logo

ing-direct.l-offre-de-parrainage-plus.com Open in urlscan Pro
178.33.252.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ing-direct-l-offre-de-parrainage.fr/faq-questions-etape-par-etape-ing-direct/
Effective URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Submission: On August 04 via manual from NL — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 43 HTTP transactions. The main IP is 178.33.252.162, located in France and belongs to OVH, FR. The main domain is ing-direct.l-offre-de-parrainage-plus.com.
This is the only time ing-direct.l-offre-de-parrainage-plus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    178.33.252.162 (France)

ASN16276 (OVH, FR)
PTR: p03-web.evxonline.net
www.ing-direct-l-offre-de-parrainage.fr
ing-direct.l-offre-de-parrainage-plus.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
4    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
5    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
2    18.195.18.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-18-145.eu-central-1.compute.amazonaws.com
fr.igraal.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700:10::6814:141f (United States)

ASN13335 (CLOUDFLARENET, US)
st-filebanking.igstatic.com
Apex Domain
Subdomains		 Transfer
15 l-offre-de-parrainage-plus.com
ing-direct.l-offre-de-parrainage-plus.com
207 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
394 KB
5 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3860
61 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10
41 KB
3 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 557 Failed
140 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
33 KB
2 igraal.com
fr.igraal.com — Cisco Umbrella Rank: 355261
982 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
87 KB
1 igstatic.com
st-filebanking.igstatic.com
38 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 685
557 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 ing-direct-l-offre-de-parrainage.fr
www.ing-direct-l-offre-de-parrainage.fr
311 B
43 12
Domain Requested by
15 ing-direct.l-offre-de-parrainage-plus.com ing-direct.l-offre-de-parrainage-plus.com
5 static.addtoany.com ing-direct.l-offre-de-parrainage-plus.com
static.addtoany.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com ing-direct.l-offre-de-parrainage-plus.com
www.gstatic.com
www.google.com
3 static.xx.fbcdn.net www.facebook.com
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 www.facebook.com connect.facebook.net
2 fr.igraal.com 1 redirects
2 connect.facebook.net static.addtoany.com
connect.facebook.net
1 st-filebanking.igstatic.com
1 s.w.org ing-direct.l-offre-de-parrainage-plus.com
1 fonts.googleapis.com ing-direct.l-offre-de-parrainage-plus.com
1 www.ing-direct-l-offre-de-parrainage.fr 1 redirects
43 13
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA		 2021-11-24 -
2022-12-25		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-13 -
2022-08-11		 3 months crt.sh
*.igstatic.com
GlobalSign RSA OV SSL CA 2018		 2021-11-09 -
2022-12-11		 a year crt.sh

This page contains 5 frames:

Primary Page: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Frame ID: 24A07597037700675A3A94E7692306AC
Requests: 33 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 4072E23C5D188D2D0D07CC6EE441923C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV&co=aHR0cDovL2luZy1kaXJlY3QubC1vZmZyZS1kZS1wYXJyYWluYWdlLXBsdXMuY29tOjgw&hl=fr&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=pf5cci346cfi
Frame ID: F0A7653789353CD1EF1AB4DFC26C2CAE
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30f77e906530cc%26domain%3Ding-direct.l-offre-de-parrainage-plus.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fing-direct.l-offre-de-parrainage-plus.com%252Ff326df496d45d28%26relation%3Dparent.parent&container_width=90&href=http%3A%2F%2Fing-direct.l-offre-de-parrainage-plus.com%2Ffaq-questions-etape-par-etape-ing-direct%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: 32CC7F3406A3BC6D7E82B02E9B851F74
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3da28b83092aa%26domain%3Ding-direct.l-offre-de-parrainage-plus.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fing-direct.l-offre-de-parrainage-plus.com%252Ff326df496d45d28%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fing-direct.l-offre-de-parrainage-plus.com%2Ffaq-questions-etape-par-etape-ing-direct%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: 716769382ECEC13FD810EBFFE11329B8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ᐅ FAQ et Etapes : 150€ grâce à L'Offre de parrainage ING - 2021 août

Page URL History Show full URLs

  1. http://www.ing-direct-l-offre-de-parrainage.fr/faq-questions-etape-par-etape-ing-direct/ HTTP 301
    http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

43
Requests

56 %
HTTPS

73 %
IPv6

12
Domains

13
Subdomains

12
IPs

3
Countries

1017 kB
Transfer

2634 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ing-direct-l-offre-de-parrainage.fr/faq-questions-etape-par-etape-ing-direct/ HTTP 301
    http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • http://fr.igraal.com/parrainage/js/ig.js?f=img&l=383&g=daveduweb&b=36&s=4g-go&d=ig-LLEExaDMjrvXKeNp&c=root&i=LLEExaDMjrvXKeNp&h=ing-direct.l-offre-de-parrainage-plus.com&r=7795 HTTP 301
  • https://fr.igraal.com/parrainage/js/ig.js?f=img&l=383&g=daveduweb&b=36&s=4g-go&d=ig-LLEExaDMjrvXKeNp&c=root&i=LLEExaDMjrvXKeNp&h=ing-direct.l-offre-de-parrainage-plus.com&r=7795

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Redirect Chain
  • http://www.ing-direct-l-offre-de-parrainage.fr/faq-questions-etape-par-etape-ing-direct/
  • http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
103 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PHP/7.3.5 PleskLin
Resource Hash
85c132af77218e71d8399b1ccc69e79beef63ee5ba7e226ac6ec47d7c9448c81

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
max-age=172800
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
16508
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Aug 2022 08:17:04 GMT
Expires
Sat, 06 Aug 2022 08:17:04 GMT
Keep-Alive
timeout=5, max=100
Link
<http://ing-direct.l-offre-de-parrainage-plus.com/wp-json/>; rel="https://api.w.org/", <http://ing-direct.l-offre-de-parrainage-plus.com/wp-json/wp/v2/pages/137>; rel="alternate"; type="application/json", <http://ing-direct.l-offre-de-parrainage-plus.com/?p=137>; rel=shortlink
Server
Apache
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.5 PleskLin

Redirect headers

Connection
Keep-Alive
Content-Length
387
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 04 Aug 2022 08:17:04 GMT
Keep-Alive
timeout=5, max=100
Location
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Server
Apache
autoptimize_9f2d436c988111e032446c6288cfe98b.css
ing-direct.l-offre-de-parrainage-plus.com/wp-content/cache/autoptimize/css/ 		169 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/cache/autoptimize/css/autoptimize_9f2d436c988111e032446c6288cfe98b.css
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
f41e3e43578c1ce957d953274abcc0baff50c04cc80e18453a940e222672b127

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:06 GMT
Content-Encoding
gzip
ETag
"2a3b2-5e54d65f04ae7-gzip"
Last-Modified
Wed, 03 Aug 2022 02:57:49 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=30672000, public, immutable
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
40399
Expires
Tue, 25 Jul 2023 08:17:06 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Ubuntu&ver=6.0.1
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8e198b55b876b98c1b1d961a9795d6047a5fd5704b3e6d2c1f9eca7b6ce2f72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Thu, 04 Aug 2022 08:17:00 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Thu, 04 Aug 2022 08:17:00 GMT
page.js
static.addtoany.com/menu/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faee00eada5be8145f6a31c5e58eea4fad5bdb37e36ea43d619c1787fe7f7157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:17:01 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
86909
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 Aug 2022 08:00:56 GMT
server
cloudflare
etag
W/"8a8-5e551a203f11e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
7355daad3b7a3b19-CDG
cf-bgj
minify
jquery.min.js
ing-direct.l-offre-de-parrainage-plus.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:06 GMT
Content-Encoding
gzip
ETag
"15db1-5c7996b63e2f0-gzip"
Last-Modified
Wed, 21 Jul 2021 03:03:49 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
30908
Expires
Fri, 04 Aug 2023 08:17:06 GMT
lazysizes.min.js
ing-direct.l-offre-de-parrainage-plus.com/wp-content/plugins/autoptimize/classes/external/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.0
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:06 GMT
Content-Encoding
gzip
ETag
"2655-5e433d54355e0-gzip"
Last-Modified
Wed, 20 Jul 2022 03:02:35 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4122
Expires
Fri, 04 Aug 2023 08:17:06 GMT
regenerator-runtime.min.js
ing-direct.l-offre-de-parrainage-plus.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:06 GMT
Content-Encoding
gzip
ETag
"194b-5dfcd609acf9f-gzip"
Last-Modified
Wed, 25 May 2022 03:07:45 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2457
Expires
Fri, 04 Aug 2023 08:17:06 GMT
wp-polyfill.min.js
ing-direct.l-offre-de-parrainage-plus.com/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:06 GMT
Content-Encoding
gzip
ETag
"4ac6-5dfcd609acf9f-gzip"
Last-Modified
Wed, 25 May 2022 03:07:45 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7095
Expires
Fri, 04 Aug 2023 08:17:06 GMT
api.js
www.google.com/recaptcha/ 		884 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV&ver=3.0
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dc846bc9cddd53d48439b3a2d421261d098954fae308661ed284b6a00407e21e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Thu, 04 Aug 2022 08:17:00 GMT
autoptimize_e467ceb75cbc6aee63dfcf6ac5952b06.js
ing-direct.l-offre-de-parrainage-plus.com/wp-content/cache/autoptimize/js/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/cache/autoptimize/js/autoptimize_e467ceb75cbc6aee63dfcf6ac5952b06.js
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
b71c83c356b1c1aeaa87dc6041a0f5629c106e96930dedb6d4b69a6533dc451b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:06 GMT
Content-Encoding
gzip
ETag
"b925-5e54e1d12014c-gzip"
Last-Modified
Wed, 03 Aug 2022 03:49:01 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=30672000, public, immutable
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14086
Expires
Tue, 25 Jul 2023 08:17:06 GMT
wp-emoji-release.min.js
ing-direct.l-offre-de-parrainage-plus.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:06 GMT
Content-Encoding
gzip
ETag
"48b9-5dfcd609a71df-gzip"
Last-Modified
Wed, 25 May 2022 03:07:45 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5009
Expires
Fri, 04 Aug 2023 08:17:06 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
734b8a197f82abbdf3e01bdeec2191cf1f98ff6fdebffccb5458261ecf3fdb7d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e3a6af544a85b89380d657a1987be46bb21a0733cfa517fe817a209b7fb1af

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1af28f449b2abfeb2eb4f04a73a4bb120d28386e11f890fe4854414a8d3c5eee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
arrow-right.png
ing-direct.l-offre-de-parrainage-plus.com/wp-content/themes/travelify/images/ 		951 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/themes/travelify/images/arrow-right.png
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/cache/autoptimize/css/autoptimize_9f2d436c988111e032446c6288cfe98b.css
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
09fb02198752555348a4678df8c8c001ad5824cd4e52a0e5b55a03837852c37a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/cache/autoptimize/css/autoptimize_9f2d436c988111e032446c6288cfe98b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:06 GMT
ETag
"3b7-59e44b42fe0ba"
Last-Modified
Tue, 11 Feb 2020 03:46:41 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
951
Expires
Fri, 04 Aug 2023 08:17:06 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Ubuntu&ver=6.0.1
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://ing-direct.l-offre-de-parrainage-plus.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 20:18:08 GMT
X-Content-Type-Options
nosniff
Age
43133
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
34852
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 16:31:23 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 03 Aug 2023 20:18:08 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064

Request headers

Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
Origin
http://ing-direct.l-offre-de-parrainage-plus.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ 		382 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcba4ebb3915e8aa2ef65c8b95140e43e5ecfe5dbdf5fe254ecbb7c2f208bf25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
Origin
http://ing-direct.l-offre-de-parrainage-plus.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 16:44:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
154574
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 04:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Aug 2023 16:44:22 GMT
FAQ-Questions-Reponses-ING-Direct-Banque-Offre-de-Parrainage-Plus-150x150.png
ing-direct.l-offre-de-parrainage-plus.com/wp-content/uploads/2018/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/uploads/2018/08/FAQ-Questions-Reponses-ING-Direct-Banque-Offre-de-Parrainage-Plus-150x150.png
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
da6dd802e53714a8744e30bbe86079c69d4b3efd1f2fbffbc6fe16abb1d4d167

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:06 GMT
ETag
"1a0a-5741f3a7a934c"
Last-Modified
Thu, 23 Aug 2018 19:25:57 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
6666
Expires
Fri, 04 Aug 2023 08:17:06 GMT
Logo-Offre-parrainage-ING-Direct-50x50.png
ing-direct.l-offre-de-parrainage-plus.com/wp-content/uploads/2017/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/uploads/2017/10/Logo-Offre-parrainage-ING-Direct-50x50.png
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
9f31951e1c601abc70f631661e68696402357ca6e1d4a5518ef5de9eead5de1c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:06 GMT
ETag
"b90-55c29c11e6ef4"
Last-Modified
Sun, 22 Oct 2017 21:54:46 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2960
Expires
Fri, 04 Aug 2023 08:17:06 GMT
1f642.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		525 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f642.svg
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc
HIT cdg 1
date
Thu, 04 Aug 2022 08:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:50:38 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
arrows.png
ing-direct.l-offre-de-parrainage-plus.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/ 		824 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/arrows.png
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/cache/autoptimize/css/autoptimize_9f2d436c988111e032446c6288cfe98b.css
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/cache/autoptimize/css/autoptimize_9f2d436c988111e032446c6288cfe98b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:06 GMT
ETag
"338-5e41fb1019ac1"
Last-Modified
Tue, 19 Jul 2022 03:00:48 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
824
Expires
Fri, 04 Aug 2023 08:17:06 GMT
core.0345bddc.js
static.addtoany.com/menu/modules/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/modules/core.0345bddc.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c906bd987e427be37e59ab349f4dfc6b064bc7b4909ee58013e24079cf50cfa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
Origin
http://ing-direct.l-offre-de-parrainage-plus.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:17:01 GMT
via
e3s
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 Aug 2022 08:00:55 GMT
server
cloudflare
etag
W/"11894-5e551a1f1a19e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
7355daadd89a0818-CDG
icons.30.svg.js
static.addtoany.com/menu/svg/ 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons.30.svg.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:17:01 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
23072592
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 Nov 2021 01:49:04 GMT
server
cloudflare
etag
W/"132a9-5d0656e4a26b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
7355daadbcbd3b19-CDG
cf-bgj
minify
sm.23.html
static.addtoany.com/menu/ Frame 4072 		741 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.23.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
2158312
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
7355daadbcbe3b19-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 04 Aug 2022 08:17:01 GMT
etag
W/"2e5-5cc9e128a4c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 22 Sep 2021 23:42:51 GMT
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e4s
x-content-type-options
nosniff
anchor
www.google.com/recaptcha/api2/ Frame F0A7 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV&co=aHR0cDovL2luZy1kaXJlY3QubC1vZmZyZS1kZS1wYXJyYWluYWdlLXBsdXMuY29tOjgw&hl=fr&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=pf5cci346cfi
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c4e25528c6fa8351da10aefb5b8771c555e9fd9b0759f26d8c5c2faec137f093
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Jzq4v-4pMM5MVcFgNYVSgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22061
content-security-policy
script-src 'report-sample' 'nonce-Jzq4v-4pMM5MVcFgNYVSgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 08:17:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.0345bddc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bd147d1f28b99218a48c5bf4ca7ee419edb05d122fc8e94ab3a22052f93ba52f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
jW1+Hr10/x01xdgWEJIGZw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
J4ljgiZescSot1ZTAEYE+dw2dvU9i+iGSd7TLOe/ATlVBTGee8lCSXkjXq5IOcYcdVBCP+3qMjrdTf7/tmMeew==
x-fb-trip-id
686109401
x-fb-content-md5
8a19ee62c4d4752fa0041ca77d7a0bc7
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 04 Aug 2022 08:17:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"8817080b98872d7131124adb3c5ca603"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 04 Aug 2022 08:36:45 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame F0A7 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV&co=aHR0cDovL2luZy1kaXJlY3QubC1vZmZyZS1kZS1wYXJyYWluYWdlLXBsdXMuY29tOjgw&hl=fr&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=pf5cci346cfi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 15:19:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 04:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 15:19:21 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame F0A7 		382 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV&co=aHR0cDovL2luZy1kaXJlY3QubC1vZmZyZS1kZS1wYXJyYWluYWdlLXBsdXMuY29tOjgw&hl=fr&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=pf5cci346cfi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcba4ebb3915e8aa2ef65c8b95140e43e5ecfe5dbdf5fe254ecbb7c2f208bf25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 16:44:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
154574
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 04:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Aug 2023 16:44:22 GMT
sdk.js
connect.facebook.net/en_US/ 		297 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2bc0a2192b96a82e49d1123280556507
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5c24533b1e169a6ac288a1d748289487e447755aab01719e1fd86afc80b79ce3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
Origin
http://ing-direct.l-offre-de-parrainage-plus.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ts6kzgDW07aJapLeDt/z5g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86388
x-fb-rlafr
0
x-fb-debug
wJoaFJI5+KLPSvHjS5RetSkV1WjxI+91YmleXSYPQK2TKYoo2ptXrEXAjcLd8A0tGevwSM5tCFhnnDBXOnTF5Q==
x-fb-content-md5
c5a9c9558638c276906c9d08b1d03b17
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 04 Aug 2022 08:17:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"5cb519f9cd8eb7f4a6293fd675970de2"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 04 Aug 2023 08:13:19 GMT
share_16_16.png
static.addtoany.com/buttons/ 		627 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.addtoany.com/buttons/share_16_16.png
Requested by
Host: ing-direct.l-offre-de-parrainage-plus.com
URL: http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0be4f9ad500ab40b4ce11a4ac59f5751eb02fe95ddcdc0bccfec1b5c20594214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:17:01 GMT
via
e3s
x-content-type-options
nosniff
cf-cache-status
HIT
age
13824257
cf-polished
status=not_needed
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
627
last-modified
Sat, 11 Dec 2010 19:15:28 GMT
server
cloudflare
etag
"273-497274b331400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
accept-ranges
bytes
cf-ray
7355dab03f98edff-CDG
cf-bgj
imgq:100,h2pri
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F0A7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:40:09 GMT
x-content-type-options
nosniff
age
563812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 04 Aug 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F0A7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV&co=aHR0cDovL2luZy1kaXJlY3QubC1vZmZyZS1kZS1wYXJyYWluYWdlLXBsdXMuY29tOjgw&hl=fr&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=pf5cci346cfi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 17:06:41 GMT
x-content-type-options
nosniff
age
141020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 02 Aug 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F0A7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV&co=aHR0cDovL2luZy1kaXJlY3QubC1vZmZyZS1kZS1wYXJyYWluYWdlLXBsdXMuY29tOjgw&hl=fr&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=pf5cci346cfi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 22:21:19 GMT
x-content-type-options
nosniff
age
208542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 22:21:19 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame F0A7 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=5JGZgxkKwe0uOXDdUvSaNtk_
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV&co=aHR0cDovL2luZy1kaXJlY3QubC1vZmZyZS1kZS1wYXJyYWluYWdlLXBsdXMuY29tOjgw&hl=fr&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=pf5cci346cfi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c726f7ac22450323fc6e310740564163559bf2af639c11c142ee8c05cb312abd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV&co=aHR0cDovL2luZy1kaXJlY3QubC1vZmZyZS1kZS1wYXJyYWluYWdlLXBsdXMuY29tOjgw&hl=fr&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=pf5cci346cfi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 04 Aug 2022 08:17:01 GMT
ig.js
fr.igraal.com/parrainage/js/
Redirect Chain
  • http://fr.igraal.com/parrainage/js/ig.js?f=img&l=383&g=daveduweb&b=36&s=4g-go&d=ig-LLEExaDMjrvXKeNp&c=root&i=LLEExaDMjrvXKeNp&h=ing-direct.l-offre-de-parrainage-plus.com&r=7795
  • https://fr.igraal.com/parrainage/js/ig.js?f=img&l=383&g=daveduweb&b=36&s=4g-go&d=ig-LLEExaDMjrvXKeNp&c=root&i=LLEExaDMjrvXKeNp&h=ing-direct.l-offre-de-parrainage-plus.com&r=7795
330 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fr.igraal.com/parrainage/js/ig.js?f=img&l=383&g=daveduweb&b=36&s=4g-go&d=ig-LLEExaDMjrvXKeNp&c=root&i=LLEExaDMjrvXKeNp&h=ing-direct.l-offre-de-parrainage-plus.com&r=7795
Protocol
H2
Server
18.195.18.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-18-145.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4a3e3ce7291c34a5ed6f67bdb600ec69b4bcb1b69f10c9d2151a1d30f6518406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, must-revalidate, private
server-timing
intid;desc=c5ad7f99ce8e090c
x-xss-protection
1; mode=block
expires
Thu, 04 Aug 2022 08:17:01 GMT

Redirect headers

Location
https://fr.igraal.com:443/parrainage/js/ig.js?f=img&l=383&g=daveduweb&b=36&s=4g-go&d=ig-LLEExaDMjrvXKeNp&c=root&i=LLEExaDMjrvXKeNp&h=ing-direct.l-offre-de-parrainage-plus.com&r=7795
Date
Thu, 04 Aug 2022 08:17:01 GMT
Server
awselb/2.0
Connection
keep-alive
Content-Length
134
Content-Type
text/html
like.php
www.facebook.com/v3.1/plugins/ Frame 32CC 		48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30f77e906530cc%26domain%3Ding-direct.l-offre-de-parrainage-plus.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fing-direct.l-offre-de-parrainage-plus.com%252Ff326df496d45d28%26relation%3Dparent.parent&container_width=90&href=http%3A%2F%2Fing-direct.l-offre-de-parrainage-plus.com%2Ffaq-questions-etape-par-etape-ing-direct%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=2bc0a2192b96a82e49d1123280556507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e82f7a3eaef1fd1e5d30fad30ddc6e75f9f71ec306e49591fa9f88a5575b3707
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Thu, 04 Aug 2022 08:17:02 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v7.0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
6/Mbmt2LjsHuduB7X9P/SRZ+xZVCSNUPmQyUITXRAW8PYLCP4kq4M3If4iGhpCrDLZKMuQh8Iomwxsh/ehorfg==
x-fb-rlafr
0
x-xss-protection
0
reload
www.google.com/recaptcha/api2/ Frame F0A7 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
539c4838b64397f13e9cff7bb7649e43ffeaccfb1e843d58a720f51e546ca534
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4E_4cAAAAAI3m3XB3MF1RK3Zlr1ggiSWMFyMV&co=aHR0cDovL2luZy1kaXJlY3QubC1vZmZyZS1kZS1wYXJyYWluYWdlLXBsdXMuY29tOjgw&hl=fr&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=pf5cci346cfi
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 04 Aug 2022 08:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18334
x-xss-protection
1; mode=block
expires
Thu, 04 Aug 2022 08:17:01 GMT
36.gif
st-filebanking.igstatic.com/front/banner/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st-filebanking.igstatic.com/front/banner/36.gif?4858df0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:141f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c67d63da52a5fb5dfac0b0e21e0f375d6cdc346d7db0ab67c0629a113a55a652

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:17:01 GMT
cf-cache-status
HIT
age
80032
cf-polished
origSize=40229
x-amz-meta-adminid
121
content-length
38683
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JRC5Y40CMXEW8KE0
x-amz-id-2
zAEWJ/EOdoa1pTrLTo91wz5Lg0a6NFBbgf3dPDO4otY/ZnMa15eh6ygCu/IxHbYNc0TMB0QDKbs=
x-amz-meta-img_h
600
last-modified
Mon, 15 Oct 2018 13:29:52 GMT
server
cloudflare
etag
"b6eb6547a5dd5a9edbe442765a45b28f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-meta-img_w
160
content-type
image/gif
cache-control
public, max-age=31536000
x-amz-meta-mime
image/gif
accept-ranges
bytes
cf-ray
7355dab33e5c399f-CDG
cf-bgj
imgq:100,h2pri
_qg4gXeYVhp.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/ Frame 32CC 		0
0
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 32CC 		299 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30f77e906530cc%26domain%3Ding-direct.l-offre-de-parrainage-plus.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fing-direct.l-offre-de-parrainage-plus.com%252Ff326df496d45d28%26relation%3Dparent.parent&container_width=90&href=http%3A%2F%2Fing-direct.l-offre-de-parrainage-plus.com%2Ffaq-questions-etape-par-etape-ing-direct%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:17:02 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
QQAooN0MGau+8YeYtXxEHTTGPSl2q5YNVdxEokwnadLwRkMwON2yHAozAe1hznFpeRN6ZabPJm1jcWMdKTBPeQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 23 Jul 2023 05:06:30 GMT
like.php
www.facebook.com/v3.1/plugins/ Frame 7167 		48 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3da28b83092aa%26domain%3Ding-direct.l-offre-de-parrainage-plus.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fing-direct.l-offre-de-parrainage-plus.com%252Ff326df496d45d28%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fing-direct.l-offre-de-parrainage-plus.com%2Ffaq-questions-etape-par-etape-ing-direct%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=2bc0a2192b96a82e49d1123280556507
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
91cee8410afccfe52714eee8d5365155f2d31a3b746748a1044600298461993c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ing-direct.l-offre-de-parrainage-plus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Thu, 04 Aug 2022 08:17:02 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v7.0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
7h7YHpwAHtE3yRrIaU2brHxjWEpS7im3KVypoKNSj8zrVxJ65z4jQr/V4z83IB85wVoql2siFdc6HiL1nUHwrw==
x-fb-rlafr
0
x-xss-protection
0
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 7167 		299 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3da28b83092aa%26domain%3Ding-direct.l-offre-de-parrainage-plus.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fing-direct.l-offre-de-parrainage-plus.com%252Ff326df496d45d28%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fing-direct.l-offre-de-parrainage-plus.com%2Ffaq-questions-etape-par-etape-ing-direct%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:17:02 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
QQAooN0MGau+8YeYtXxEHTTGPSl2q5YNVdxEokwnadLwRkMwON2yHAozAe1hznFpeRN6ZabPJm1jcWMdKTBPeQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sun, 23 Jul 2023 05:06:30 GMT
_qg4gXeYVhp.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/ Frame 7167 		533 KB
139 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/_qg4gXeYVhp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3da28b83092aa%26domain%3Ding-direct.l-offre-de-parrainage-plus.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fing-direct.l-offre-de-parrainage-plus.com%252Ff326df496d45d28%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fing-direct.l-offre-de-parrainage-plus.com%2Ffaq-questions-etape-par-etape-ing-direct%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
65da3eeea8a53cc4f8de2e514e631f23d995d92112be9798a5ec7f25ae70c910
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lMOVo515Vx+5Pj3TrLptPw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
142021
x-fb-rlafr
0
x-fb-debug
9KOWVs/DpNXEUAR8ltTKHginf2c3lQ6aU80nave5jjOoKyAqHYO5h0KVsNEMv6hSxgokmJA6GkpeoeeVGSATZg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 29 Jul 2023 03:44:11 GMT
Logo-Offre-parrainage-Boursorama-Banque-250x250.png
ing-direct.l-offre-de-parrainage-plus.com/wp-content/uploads/2017/10/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/uploads/2017/10/Logo-Offre-parrainage-Boursorama-Banque-250x250.png
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
9fb1a6895e7249aa833fbac3b49186b04a5c854cb996ab137f974f9128bc9906

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:10 GMT
ETag
"5b49-55c2a1b45b7a7"
Last-Modified
Sun, 22 Oct 2017 22:19:59 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
23369
Expires
Fri, 04 Aug 2023 08:17:10 GMT
Logo-Offre-parrainage-Fortuneo-Banque-250x250.png
ing-direct.l-offre-de-parrainage-plus.com/wp-content/uploads/2017/10/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/uploads/2017/10/Logo-Offre-parrainage-Fortuneo-Banque-250x250.png
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
5ff566546ac12404e5f8bf10999da5572fa8ae4681141e71a9d5b4dafc493c0a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:10 GMT
ETag
"5a4e-55c2a1b4029c7"
Last-Modified
Sun, 22 Oct 2017 22:19:59 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
23118
Expires
Fri, 04 Aug 2023 08:17:10 GMT
Parrain-de-confiance-depuis-2009-250-2-238x238.png
ing-direct.l-offre-de-parrainage-plus.com/wp-content/uploads/2015/04/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ing-direct.l-offre-de-parrainage-plus.com/wp-content/uploads/2015/04/Parrain-de-confiance-depuis-2009-250-2-238x238.png
Protocol
HTTP/1.1
Server
178.33.252.162 , France, ASN16276 (OVH, FR),
Reverse DNS
p03-web.evxonline.net
Software
Apache / PleskLin
Resource Hash
9a776ac922cecf4c55bdd267cbb97e96b0470f1f2540443402e39d0f0de90cec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ing-direct.l-offre-de-parrainage-plus.com/faq-questions-etape-par-etape-ing-direct/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 08:17:10 GMT
ETag
"6b97-52edf46def488"
Last-Modified
Fri, 25 Mar 2016 13:09:45 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
27543
Expires
Fri, 04 Aug 2023 08:17:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/_qg4gXeYVhp.js?_nc_x=Ij3Wp8lg5Kz

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| _wpemojiSettings object| a2a_config object| a2a_localize undefined| $ function| jQuery function| clignotement number| periode object| IGSponso_LLEExaDMjrvXKeNp object| lazySizesConfig object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| lazySizes object| twemoji object| wp object| wpcf7_recaptcha function| metaslider_132 function| timer_metaslider_132 object| a2a object| recaptcha object| closure_lm_988437 function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init number| a2apage_init function| fbAsyncInit object| FB object| __buffer object| igDiv

1 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AMjm62Xwih26eq9dASObXbEbWUoAoCDtkI_TsPgLHg1AxQeQF47eP0YA0ftx9hVNDBuOyBfyHl8uzuhLumosF5A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fr.igraal.com
ing-direct.l-offre-de-parrainage-plus.com
s.w.org
st-filebanking.igstatic.com
static.addtoany.com
static.xx.fbcdn.net
www.facebook.com
www.google.com
www.gstatic.com
www.ing-direct-l-offre-de-parrainage.fr
static.xx.fbcdn.net
178.33.252.162
18.195.18.145
192.0.77.48
2606:4700:10::6814:141f
2606:4700:10::ac43:2794
2a00:1450:4001:80f::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
09fb02198752555348a4678df8c8c001ad5824cd4e52a0e5b55a03837852c37a
0be4f9ad500ab40b4ce11a4ac59f5751eb02fe95ddcdc0bccfec1b5c20594214
1af28f449b2abfeb2eb4f04a73a4bb120d28386e11f890fe4854414a8d3c5eee
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a3e3ce7291c34a5ed6f67bdb600ec69b4bcb1b69f10c9d2151a1d30f6518406
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
539c4838b64397f13e9cff7bb7649e43ffeaccfb1e843d58a720f51e546ca534
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c24533b1e169a6ac288a1d748289487e447755aab01719e1fd86afc80b79ce3
5ff566546ac12404e5f8bf10999da5572fa8ae4681141e71a9d5b4dafc493c0a
65da3eeea8a53cc4f8de2e514e631f23d995d92112be9798a5ec7f25ae70c910
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
734b8a197f82abbdf3e01bdeec2191cf1f98ff6fdebffccb5458261ecf3fdb7d
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
85c132af77218e71d8399b1ccc69e79beef63ee5ba7e226ac6ec47d7c9448c81
91cee8410afccfe52714eee8d5365155f2d31a3b746748a1044600298461993c
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
9a776ac922cecf4c55bdd267cbb97e96b0470f1f2540443402e39d0f0de90cec
9f31951e1c601abc70f631661e68696402357ca6e1d4a5518ef5de9eead5de1c
9fb1a6895e7249aa833fbac3b49186b04a5c854cb996ab137f974f9128bc9906
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
b71c83c356b1c1aeaa87dc6041a0f5629c106e96930dedb6d4b69a6533dc451b
bd147d1f28b99218a48c5bf4ca7ee419edb05d122fc8e94ab3a22052f93ba52f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c4e25528c6fa8351da10aefb5b8771c555e9fd9b0759f26d8c5c2faec137f093
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c67d63da52a5fb5dfac0b0e21e0f375d6cdc346d7db0ab67c0629a113a55a652
c726f7ac22450323fc6e310740564163559bf2af639c11c142ee8c05cb312abd
c906bd987e427be37e59ab349f4dfc6b064bc7b4909ee58013e24079cf50cfa9
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d8e198b55b876b98c1b1d961a9795d6047a5fd5704b3e6d2c1f9eca7b6ce2f72
da6dd802e53714a8744e30bbe86079c69d4b3efd1f2fbffbc6fe16abb1d4d167
dc846bc9cddd53d48439b3a2d421261d098954fae308661ed284b6a00407e21e
e0e3a6af544a85b89380d657a1987be46bb21a0733cfa517fe817a209b7fb1af
e82f7a3eaef1fd1e5d30fad30ddc6e75f9f71ec306e49591fa9f88a5575b3707
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f41e3e43578c1ce957d953274abcc0baff50c04cc80e18453a940e222672b127
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
faee00eada5be8145f6a31c5e58eea4fad5bdb37e36ea43d619c1787fe7f7157
fcba4ebb3915e8aa2ef65c8b95140e43e5ecfe5dbdf5fe254ecbb7c2f208bf25