client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl Open in urlscan Pro
185.186.76.206 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
Effective URL:
https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Submission: On December 05 via automatic, source certstream-suspicious (December 5th 2023, 5:28:38 am UTC) — Scanned from NL

Summary HTTP 57 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 6 domains to perform 57 HTTP transactions. The main IP is 185.186.76.206, located in Zurich, Switzerland and belongs to M247, RO. The main domain is client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl.
TLS certificate: Issued by R3 on December 5th 2023. Valid for: 3 months.

This is the only time client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: FLOA Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 38	185.186.76.206 185.186.76.206	9009 (M247) (M247)
5	145.226.46.154 145.226.46.154	8255 (EURO-INFO...) (EURO-INFORMATION)
1	145.226.46.204 145.226.46.204	8255 (EURO-INFO...) (EURO-INFORMATION)
1	45.60.87.57 45.60.87.57	19551 (INCAPSULA) (INCAPSULA)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.226.62.102 145.226.62.102	8255 (EURO-INFO...) (EURO-INFORMATION)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	145.226.46.131 145.226.46.131	8255 (EURO-INFO...) (EURO-INFORMATION)
2	145.226.47.111 145.226.47.111	8255 (EURO-INFO...) (EURO-INFORMATION)
2	145.226.46.102 145.226.46.102	8255 (EURO-INFO...) (EURO-INFORMATION)
57	12

38 185.186.76.206 (Zurich, Switzerland) 2 redirects

ASN9009 (M247, RO)

client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 145.226.46.154 (France)

ASN8255 (EURO-INFORMATION, FR)
PTR: sxb-cdn1.e-i.com

cdnsi.e-i.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.226.46.204 (France)

ASN8255 (EURO-INFORMATION, FR)
PTR: cdnwmsi.e-i.com

cdnwmsi.e-i.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.87.57 (United States)

ASN19551 (INCAPSULA, US)

www.floabank.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.226.62.102 (France)

ASN8255 (EURO-INFORMATION, FR)
PTR: rqt-static.e-i.com

staticdb.e-i.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.226.46.131 (France)

ASN8255 (EURO-INFORMATION, FR)
PTR: sslsi.e-i.com

sslsi.e-i.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.226.47.111 (France)

ASN8255 (EURO-INFORMATION, FR)
PTR: api-nc.e-i.com

api-nc.e-i.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.226.46.102 (France)

ASN8255 (EURO-INFORMATION, FR)
PTR: static.e-i.com

staticsi.e-i.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	fryylecbgpkjqwvmiinhbcsegbkr.nl 2 redirects client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl	526 KB
13	e-i.com cdnsi.e-i.com — Cisco Umbrella Rank: 328605 cdnwmsi.e-i.com — Cisco Umbrella Rank: 572195 staticdb.e-i.com sslsi.e-i.com — Cisco Umbrella Rank: 827969 api-nc.e-i.com — Cisco Umbrella Rank: 423695 staticsi.e-i.com — Cisco Umbrella Rank: 350443	96 KB
4	criteo.com 1 redirects sslwidget.criteo.com — Cisco Umbrella Rank: 1761 gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	9 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	11 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	68 KB
1	floabank.fr www.floabank.fr	11 KB
57	6

	Domain	Requested by
38	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl	2 redirects client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
5	cdnsi.e-i.com	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
3	cdnjs.cloudflare.com	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
2	staticsi.e-i.com	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
2	api-nc.e-i.com	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
2	gum.criteo.com	1 redirects client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
2	staticdb.e-i.com	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
1	sslsi.e-i.com	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
1	www.googletagmanager.com	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
1	mug.criteo.com	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
1	sslwidget.criteo.com	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
1	www.floabank.fr	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
1	cdnwmsi.e-i.com	client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
57	13

This site contains links to these domains. Also see Links.

Domain
www.floabank.fr
client.floabank.fr
www.banque-casino.fr
www.monassurancevelo.com
floabank.fr
validation.floabank.fr
www.magazines-floabank.fr

Subject Issuer	Validity	Valid
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl R3	`2023-12-05` - `2024-03-04`	3 months	crt.sh
*.e-i.com GlobalSign RSA OV SSL CA 2018	`2023-06-26` - `2024-07-27`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-29` - `2024-05-27`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Frame ID: 200C4C72D8CD5239A7737B58BF711918
Requests: 54 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl&origin=onetag
Frame ID: 9A8ECEE98FE3035553D934CC0B5BC957
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FLOA Bank - Espace Client

Page URL History Show full URLs

https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/ HTTP 302
https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/index.php HTTP 302
https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

98 %
HTTPS

25 %
IPv6

6
Domains

13
Subdomains

12
IPs

4
Countries

720 kB
Transfer

8431 kB
Size

9
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: https://www.floabank.fr/gamme-service/espace-client/informations-securite
Title: Consultez le détail des recommandations de sécurité de la banque en ligne.

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/espace-client/service-client-annee

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/espace-client/service-client-annee?ORG=BELDI&utm_source=BELDI&utm_content=escda23&utm_campaign=authent

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/espace-client/telecharger-appli

Search URL Search Domain Scan URL

URL: https://client.floabank.fr/fr/client/async/messagerie-conversation.html
Title: Contactez nous

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/gamme-service/espace-client/informations-securite?ORG=BELDI&utm_source=BELDI&utm_content=fraude&utm_campaign=situbel
Title: + d’infos ici

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/credits/mon-coup-de-pouce?utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Coup de pouce

Search URL Search Domain Scan URL

URL: https://client.floabank.fr/fr/identification/fr/souscrire/credit.aspx?TRACABCA_projet=26&TRACABCA_duree=12&TRACABCA_montant=2500&TRACABCA_ORG=BELDI&TRACABCA_VIS=MHEAD&BELutm_source=BELDI&BELutm_medium=cross_sell_direct&BELutm_campaign=MHEAD&URL=floabank.fr/credits/credit-bateau
Title: Crédit Bateau

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/assurances/assurance-scolaire-extrascolaire?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Assurance Scolaire

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/assurances/assurance-auto-voiture-simulation-devis?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Assurance Auto

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/assurances/assurance-habitation-en-ligne?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Assurance Habitation

Search URL Search Domain Scan URL

URL: https://www.banque-casino.fr/assurances/formules-assurance-2-roues?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Assurances 2 roues

Search URL Search Domain Scan URL

URL: https://www.monassurancevelo.com/?aff=NVEIBCA
Title: Assurances Vélo

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/assurances/assurance-hospitalisation?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Assurance Hospitalisation

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/assurances/assurance-deces-accident?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Assurance Décès

Search URL Search Domain Scan URL

URL: https://floabank.fr/assurances/assurance-obseque?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Garantie Frais d'obsèques

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/assurances/assurance-chien-chat?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Assurance Chien et Chat

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/assurances/comparateur-mutuelles-sante?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Comparateur Mutuelles

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/assurances/assurance-credit?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Assurance Crédit

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/assurances/assurance-pret-immobilier?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Assurance Prêt immobilier

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/assurances/assurance-blessure?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Assurance Blessure

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/assurances/assurance-habitation-etudiant?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Assurance Habitation Étudiant

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/mastercard/carte-bancaire-casino?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Carte bancaire Casino

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/mastercard/landing-carte-gold-direct-9?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Carte Gold

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/espace-partenaires/cb4x-notre-banque?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Paiement CB4X

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/solution-paiement/pret-instantane-lydia?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Prêt instantané Lydia

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/solution-paiement/casino-max?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Casino Max

Search URL Search Domain Scan URL

URL: https://validation.floabank.fr/solution-paiement/location-longue-duree
Title: Location longue durée

Search URL Search Domain Scan URL

URL: https://validation.floabank.fr/assurances/gamme-assurances?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Assurance

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/suivi-de-ma-demande?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Suivi de demande

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/espace-client/appli?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Gérer vos comptes sur l'appli

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/comprendre-mon-releve?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Comprendre mon relevé

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/entreprise?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: FLOA Bank

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/entreprise/qui-sommes-nous?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Qui sommes-nous

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/entreprise/histoire?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Histoire

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/entreprise/innovation?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Innovation

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/produits-services/credits-consommation?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Nos produits

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/espace-recrutement/nos-metiers?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Nos métiers

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/espace-presse?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Espace presse

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/recrutement/nos-offres-emplois?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Recrutement

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/actu?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Actu

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/images/pdf/conditions_tarifaires_cartes/Conditions_tarifaires.pdf?utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Conditions tarifaires

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/i-contact?utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Contactez-nous

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/faq?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Questions/Réponses

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/espace-client/connexion?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Aide Espace client

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/services/la-signature-electronique?ORG=BELDI&VIS=footer&INT=lien&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=footer
Title: Signature électronique

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/gamme-service/espace-client/informations-securite?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Informations Sécurité

Search URL Search Domain Scan URL

URL: https://www.magazines-floabank.fr/
Title: Espace Magazines

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/credits/guide-pratique-pret-personnel?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Guide Pratique

Search URL Search Domain Scan URL

URL: https://www.floabank.fr/services/garantie-reprise?ORG=BELDI&VIS=MHEAD&utm_source=BELDI&utm_medium=cross_sell_direct&utm_campaign=MHEAD
Title: Garantie reprise achats

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/ HTTP 302
https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/index.php HTTP 302
https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://gum.criteo.com/sid/json?origin=onetag&domain=fryylecbgpkjqwvmiinhbcsegbkr.nl&sn=ChromeSyncframe&so=0&topUrl=client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=c3eggHxIZFhXbkhtRDZIQnIzZUZKbnhqb1ZPcWRZcXBLcytFQTRoOWlMaGk3TmJ3S0pCa1pDcDg5d1EwSEhlWFg4SlQ3SGVTYUNtYis0V0JhcjlRS2s1bnFHaFdqSmxrQTZNK2NGNFBKcVZXcjh5S1ZOUDhVL0srSkZIZ0JKUmdFT080U2thUUxVYzRsK2JTODA4ekhZSmJHY095Qm90aHFuNS95Tm1YSVdRT0FscEdvNmEzMS9KWnk2dVlZRi91SDdPMzJNdlkyZk81NWVvS2luRHNEU3V5SUZiSVpvVHFCM0ZOaUttUWRxR1ViRld0L0gvSEx2WGNHUUJia2dMdlV3ckh5TG9PMlM0dGxPOVZMQXRRRk1DbUUzcEtNNkxlTlY3Z05lWTlDa3BpR0IvSHRCblZueUNjOUpFYTJKbkpDOW9raHw&cppv=2

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login.php Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/
Redirect Chain

https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/index.php
https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php

163 KB
28 KB

1311ms
1310ms

Document
text/html

185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 47b7d58099a8e74b4c4935f96dce0bc8f31d7fcc70cf60bc13e26ea2229156a1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 28647
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 05:28:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 05:28:31 GMT
location: login.php
server: nginx

GET
H2 200 ei_base.css
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ 544 KB
73 KB 36ms
32ms Stylesheet
text/css 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: a6950028d421bea84fa87cf34a57049b93d6df2eddd764d11f47215899dca331

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Mon, 04 Sep 2023 01:01:50 GMT
server: nginx
etag: W/"64f52c7e-87e51"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery_ei.js.download Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ 105 KB
37 KB 81ms
78ms Script
application/javascript 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/jquery_ei.js.download
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 4bae9939c72cd3c52f4fd850bc79bed07bf3f355907314cc12de4d57a9224559

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "1a391-5f5d547250180-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 37224

GET
H2 200 lightbox.js.download Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ 1 KB
798 B 80ms
77ms Script
application/javascript 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/lightbox.js.download
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 92ba41aa9873d8f826083e78bbc5ead09ea62f3d2e13dfc453765c9aae1a16f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "52f-5f5d547250180-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 606

GET
H2 200 ei_tools.js.download Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ 3 KB
1 KB 101ms
98ms Script
application/javascript 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ei_tools.js.download
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 5a59032e7cc3276321edc07b1099c430689793bf7823a5c0c6bda23e6ad8693b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "b8c-5f5d547250180-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 1097

GET
H/1.1 404
Not Found env.js
cdnsi.e-i.com/INGR/sd/floabank_2020/2.95.7/fr/javascript/appli/ 0
0 236ms
38ms Script
text/html 145.226.46.154
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnsi.e-i.com/INGR/sd/floabank_2020/2.95.7/fr/javascript/appli/env.js
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 145.226.46.154 , France, ASN8255 (EURO-INFORMATION, FR),
Reverse DNS: sxb-cdn1.e-i.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H/1.1 404
Not Found ei_custom_responsive.css
cdnsi.e-i.com/INGR/sd/floabank_2020/2.95.7/fr/css/ 0
0 235ms
38ms Stylesheet
text/html 145.226.46.154
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnsi.e-i.com/INGR/sd/floabank_2020/2.95.7/fr/css/ei_custom_responsive.css
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 145.226.46.154 , France, ASN8255 (EURO-INFORMATION, FR),
Reverse DNS: sxb-cdn1.e-i.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ei_needscript.css
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ 10 KB
2 KB 60ms
58ms Stylesheet
text/css 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_needscript.css
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: ea70b79e172067437f5edcffc6303783e33e60a2035885c5a3a28c3425bd9f72

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: W/"63ff3b56-28a5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 display.js.download Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ 6 KB
2 KB 100ms
97ms Script
application/javascript 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/display.js.download
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: c0f2427a6d94e5d304775bd674cf7eba9ef2182939bf0705fa0fedf7001b9a36

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "1760-5f5d547250180-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 2089

GET
H2 200 ei_custom_messenger.css
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ 49 KB
10 KB 60ms
58ms Stylesheet
text/css 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_custom_messenger.css
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 1fa083e4b6ea6e2cfcedb4ca9c79594d2765c8adfe07bbd1b2470339ba513b0f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: W/"63ff3b56-c31e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ei_custom_scrollzone.css
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ 9 KB
2 KB 61ms
58ms Stylesheet
text/css 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_custom_scrollzone.css
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 1f0c252234bb6248c9dba0b1bace8660d881560721e378d72063cf96e6235318

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: W/"63ff3b56-25dd"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ei_custom_carousel.css
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ 11 KB
2 KB 61ms
58ms Stylesheet
text/css 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_custom_carousel.css
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 55972603a4812f2141339a35833edce3d5d1534e5736642ecf8c6e716414061d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: W/"63ff3b56-2c35"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ei_custom_rating.css
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ 2 KB
700 B 61ms
59ms Stylesheet
text/css 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_custom_rating.css
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: c72498cb5f7a213370aab81d7aee980a9266e750be3694ebcaf509bc91661367

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: W/"63ff3b56-839"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ei_custom_richradbutton.css
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ 75 KB
5 KB 61ms
59ms Stylesheet
text/css 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_custom_richradbutton.css
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 17c9299830ab3520234c301bca14b35a2fc288cf07ac6ac0ee2b60a60fb48548

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: W/"63ff3b56-12a6e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 webmaster2017.css
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ 15 KB
4 KB 61ms
59ms Stylesheet
text/css 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/webmaster2017.css
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: c5c2c5d9de6f9624cbf21ace12cd11167c258eece9a3a07187a5001e6244f2ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:36 GMT
server: nginx
etag: W/"63ff3b58-3bec"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.js.download Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ 1 KB
911 B 41ms
40ms Script
application/javascript 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/runtime.js.download
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "5cd-5f5d547250180-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 719

GET
H2 200 polyfills.js.download Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ 44 KB
15 KB 62ms
61ms Script
application/javascript 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/polyfills.js.download
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 1724c458e281a8ef99e936cf9c25a35d3e7234e373a1ecbc4d3ee6ea32fad29e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "b08c-5f5d547250180-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 14698

GET
H2 200 styles.js.download Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ 6 KB
3 KB 61ms
60ms Script
application/javascript 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/styles.js.download
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: beaa2670cd539ef2256ea89652f6e335067a8e29400be5c5cbc7addfb53128fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:36 GMT
server: nginx
etag: "1910-5f5d547438600-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 2424

GET
H2 200 main.js.download Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ 385 KB
100 KB 62ms
61ms Script
application/javascript 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/main.js.download
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: bbfe9aae410570eaa1f5274dd639ff191a44f7eda67325127ac0f759afe7b708

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "602fc-5f5d547250180-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes

GET
H/1.1 200
OK obsolete-tls.js Show response
cdnwmsi.e-i.com/SITW/wm/global/1.0.0/WEBA/ 3 KB
1 KB 195ms
39ms Script
application/javascript 145.226.46.204
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnwmsi.e-i.com/SITW/wm/global/1.0.0/WEBA/obsolete-tls.js

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

145.226.46.204 , France, ASN8255 (EURO-INFORMATION, FR),

Reverse DNS

cdnwmsi.e-i.com

Software

eiws /

Resource Hash

be4cb9bb60da130c27d6caaedec3082204e49eb1ee797360bf36d0b0ced39eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 05:28:32 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Wed, 26 Jan 2022 09:38:29 GMT
Server: eiws
ETag: "acd-5d678f6d30f40-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3456000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=50
Expires: Sun, 14 Jan 2024 05:28:32 GMT

GET
H2 200 ld.js.download Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ 39 KB
12 KB 41ms
41ms Script
application/javascript 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ld.js.download
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 76c79d3af714cd2570cdee0ff55daf2022f51477a4b5a89de470068280f8ddb1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "9d98-5f5d547250180-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 11632

GET
H2 200 escda.svg
www.floabank.fr/images/homepage/ 20 KB
11 KB 117ms
61ms Image
image/svg+xml 45.60.87.57
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.floabank.fr/images/homepage/escda.svg

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.87.57 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.56 (Debian) /

Resource Hash

e957f06d419b20e4430d9ab159a9a50da992ebebdea8fe2ff6ba6408d601293b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.googletagmanager.com eb2.3lift.com *.floabank.fr secure-apis.notifadz.com *.doubleclick.net lantern.roeye.com c.contentsquare.net tr.cloud-media.fr *.googleapis.com exchange.mediavine.com gjigle.com api.realytics.io srm.ba.contentsquare.net criteo-sync.teads.tv try.abtasty.com ib.adnxs.com *.criteo.com www.awin1.com topics.avads.net matomo.floa.com i.realytics.io *.facebook.net ad.360yield.com id5-sync.com uploads.greenbureau.com tag.dtk.abtasty.com cm.adform.net criteo-partners.tremorhub.com m.realytics.io *.commander1.com *.criteo.net *.licdn.com www.dwin1.com manager.tagcommander.com ariane.abtasty.com *.facebook.com widgets.greenbureau.com public-prod-dspcookiematching.dmxleo.com *.adsrvr.org contextual.media.net csxd.moncoupdepouce.com e1.emxdgt.com events.sk.ht notifpush.com matching.ivitrack.com visitor.omnitagjs.com *.taboola.com *.outbrain.com sync-criteo.ads.yieldmo.com ads.avads.net img.youtube.com www.youtube.com ad.yieldlab.net simage2.pubmatic.com *.bidswitch.net cdn-eu.realytics.net api.dtk.abtasty.com *.rubiconproject.com *.dynatrace.com jadserve.postrelease.com sk.ht *.googlesyndication.com statics.pushaddict.com lantern.roeyecdn.com nocookie.avads.net privacy.trustcommander.net t.contentsquare.net github.com *.gstatic.com region1.analytics.google.com secure-trig.notifadz.com *.smartadserver.com www.google.com cdn.trustcommander.net *.linkedin.com *.casalemedia.com k-aeu1.contentsquare.net the.sciencebehindecommerce.com adservice.google.com static.avads.net common-fonts.abtasty.com match.sharethrough.com wss://bot.greenbureau.com core.greenbureau.com u360.d-bi.fr google.com secure-api.notifadz.com agent.greenbureau.com www.google.fr gddglis.com www.wepowerconnections.com q-aeu1.contentsquare.net dcinfos-cache.abtasty.com ups.analytics.yahoo.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-73479537-73472246 pNNy RT(1701754112139 15) q(0 0 0 1) r(1 1) U24
server-timing: dtSInfo;desc="0", dtRpid;desc="-1815534319"
content-length: 8595
last-modified: Fri, 17 Nov 2023 08:36:45 GMT
server: Apache/2.4.56 (Debian)
etag: "4fe0-60a550959616c-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
x-incap-sess-cookie-hdr: Hh4QPwFma0dq4M/ac0aaCgC1bmUAAAAAhhzypMDQ1ivP9FY8hK1Otg==
accept-ranges: bytes

GET
H2 404 DIRECT_18112022_BANNIERE_ESCDA_Mob_569x526.png
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/fr/images/img_messages/ 3 KB
3 KB 97ms
96ms Image
text/html 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/fr/images/img_messages/DIRECT_18112022_BANNIERE_ESCDA_Mob_569x526.png
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: d9cd6dfca94282619431285858508adf7a4552a70c2bb6dc4f30b0c83d9b1615

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Tue, 05 Dec 2023 04:57:08 GMT
server: nginx
etag: W/"b96-60bbc110f36c8"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 194ms
61ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2167955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4HG5i1%2FJKTc9J6VHc%2FzZYvhxPB3aZDCehhrw5kzcyUWnhpWXqXTIbTOFa%2FvAJ5FzJVpuH0v0a%2FmVP7cKE9kkRr5V7PL6DeLzQ30w8VnOZwHPQ8N8Nr02huEht5kXOQzRyCDXGQGlQES4Be2LkWcmG4d"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8309e2e4d85b0410-FRA
expires: Sun, 24 Nov 2024 05:28:32 GMT

GET
H2 200 picto-bleu.svg
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/imgs/images/ 939 B
1 KB 25ms
25ms Image
image/svg+xml 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/imgs/images/picto-bleu.svg
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: b3f56e609769b95c3b7eb6c5fa653ba40944aae487f88da393ca14bcabcf52d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "63ff3b56-3ab"
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 939
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.easyModal.js Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ 7 KB
2 KB 31ms
31ms Script
application/javascript 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/jquery.easyModal.js
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: b63c993774d0d2a8aa678b548fc3923f19395971edc126f25e73383782cf92f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: W/"63ff3b56-1da6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.1.1/ 55 KB
4 KB 713ms
667ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.1.1/animate.min.css

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1eedb6972fcfcaab179edfbabff2031d6a5cc14978916203aa52cd68b43881

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2173881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3819
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-da24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dsofHnkkAXewtzAJwoE%2FlVrHXnYJIuoyuF0ukv9zvIQTs1WCx4nBDckZ2VxA7xAvEpGCX5RSOsSZlq2HW7OyJjUGtV3w513c7zVI4jbO%2BkVtz7jAnlN%2BLHpI2DjSrEIVFJEF8L3pfVH9p%2FDgPyfzdJV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8309e2e4d85c0410-FRA
expires: Sun, 24 Nov 2024 05:28:32 GMT

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
955 B 685ms
683ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 424551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 591
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJ75E7JCDegNB5yFzsBnwvhQc1nYHGxiQ3DgXoqgxfu5cZkNW2jzpsee4lYe737B7zet09t8YRkXzFr%2BGgdcbCcZqV6HpoInza6Uc3KUsARLU5ucnJDHfJBpVPafoVYUMp61yr%2FlV0Wq%2FOQdeq9IVRis"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8309e2e4d8620410-FRA
expires: Sun, 24 Nov 2024 05:28:32 GMT

GET
H/1.1 200
OK jquery.bxslider.css
staticdb.e-i.com/public/CYB1_PSEVWEB/ 4 KB
2 KB 299ms
93ms Stylesheet
text/css 145.226.62.102
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to

Full URL

https://staticdb.e-i.com/public/CYB1_PSEVWEB/jquery.bxslider.css

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

145.226.62.102 , France, ASN8255 (EURO-INFORMATION, FR),

Reverse DNS

rqt-static.e-i.com

Software

eiws /

Resource Hash

52dd91ef019bb14b8d7b67b9fd5775a67de841d1bf2c6a57cc167a48c88f7bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 05:28:32 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 15 May 2020 06:57:08 GMT
Server: eiws
ETag: "0faa2c862ad61:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=345600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=50
Content-Length: 1620
X-XSS-Protection: 1

GET
H/1.1 200
OK jquery.bxslider.js Show response
staticdb.e-i.com/public/CYB1_PSEVWEB/ 78 KB
21 KB 321ms
89ms Script
application/javascript 145.226.62.102
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to

Full URL

https://staticdb.e-i.com/public/CYB1_PSEVWEB/jquery.bxslider.js

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

145.226.62.102 , France, ASN8255 (EURO-INFORMATION, FR),

Reverse DNS

rqt-static.e-i.com

Software

eiws /

Resource Hash

219136867f72daec4707f48baaa2f58037a8d8d41f46e2389a6b0d201ae55ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 05:28:32 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Thu, 20 Apr 2023 12:05:12 GMT
Server: eiws
ETag: "0cf65b8073d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=345600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=50
Content-Length: 21434
X-XSS-Protection: 1

GET
H/1.1 200
OK SITW-tools.js Show response
cdnsi.e-i.com/SITW/sd/tools/2.1.4/javascripts/ 28 KB
7 KB 200ms
70ms Script
application/javascript 145.226.46.154
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnsi.e-i.com/SITW/sd/tools/2.1.4/javascripts/SITW-tools.js

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

145.226.46.154 , France, ASN8255 (EURO-INFORMATION, FR),

Reverse DNS

sxb-cdn1.e-i.com

Software

eiws /

Resource Hash

d8179f14781be7aa008067c5b191d2cfacb09c009886e391aa73bcd57c0b4918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 05:28:32 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Tue, 12 Apr 2022 12:59:00 GMT
Server: eiws
ETag: "71d2-5dc749fde0d00-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3456000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=50
Expires: Sun, 14 Jan 2024 05:28:32 GMT

GET
H2 200 logo.svg
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/imgs/ 6 KB
3 KB 26ms
26ms Image
image/svg+xml 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/imgs/logo.svg
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: e85ffc4c52565c7bec77d67897c06d7a69705354748df53fcda97d2733e69d48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: W/"63ff3b56-18a3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Poppins--400--normal.woff2
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/ 8 KB
8 KB 26ms
25ms Font
font/woff2 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/Poppins--400--normal.woff2
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Request headers

Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Origin: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "63ff3b56-1edc"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7900
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Poppins--700--normal.woff2
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/ 8 KB
8 KB 28ms
27ms Font
font/woff2 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/Poppins--700--normal.woff2
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Request headers

Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Origin: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "63ff3b56-1e98"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7832
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Gotham--700--normal.woff2
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/ 34 KB
34 KB 28ms
27ms Font
font/woff2 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/Gotham--700--normal.woff2
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 5f54877fab17abbda124f8b5d0ec73cc9f0261c5608fa3187ffb83ce4aa9e400

Request headers

Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Origin: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "63ff3b56-8746"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 34630
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fts_picto.woff2
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/ 92 KB
92 KB 29ms
28ms Font
font/woff2 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/fts_picto.woff2
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 000c357512b57825954202a7c78f22f6cf0ca7e6c9360a4bbdaf9fe13d5b95cb

Request headers

Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Origin: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "63ff3b56-16e80"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 93824
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Gotham--400--normal.woff2
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/ 35 KB
35 KB 41ms
41ms Font
font/woff2 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/Gotham--400--normal.woff2
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 6c5db82766dac2b50fc02e0655a3cf481ca52de4055662001c32e30486190235

Request headers

Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Origin: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "63ff3b56-8a6a"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 35434
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 206 ConfMobileObligatoire_V2.mp4
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/imgs/videos/ 6 MB
0 35ms
35ms Media
video/mp4 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/imgs/videos/ConfMobileObligatoire_V2.mp4
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 05 Dec 2023 05:28:32 GMT
last-modified: Wed, 01 Mar 2023 11:47:36 GMT
server: nginx
etag: "63ff3b58-763f86"
content-type: video/mp4
Content-Range: bytes 0-7749509/7749510
cache-control: max-age=315360000
Content-Length: 7749510
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 2 KB
1 KB 89ms
30ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=7608&v=5.7.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26si%3D2&p2=e%3Ddis&adce=1&tld=fryylecbgpkjqwvmiinhbcsegbkr.nl&dtycbr=19314

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ld.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5ac5700f626e2c49a8360183260af3d277858eeed07c8562fb13076ed313d6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 05:28:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2828665
timing-allow-origin: *
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9A8E 15 KB
6 KB 408ms
33ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl&origin=onetag

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/ld.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 05:28:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 307617
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9A8E
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=fryylecbgpkjqwvmiinhbcsegbkr.nl&sn=ChromeSyncframe&so=0&topUrl=client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=c3eggHxIZFhXbkhtRDZIQnIzZUZKbnhqb1ZPcWRZcXBLcytFQTRoOWlMaGk3TmJ3S0pCa1pDcDg5d1EwSEhlWFg4SlQ3SGVTYUNtYis0V0JhcjlRS2s1bnFHaFdqSmxrQTZNK2NGNFBKcVZXcjh5S1ZOUDhVL0srSkZIZ0...

465 B
675 B

15ms
14ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=c3eggHxIZFhXbkhtRDZIQnIzZUZKbnhqb1ZPcWRZcXBLcytFQTRoOWlMaGk3TmJ3S0pCa1pDcDg5d1EwSEhlWFg4SlQ3SGVTYUNtYis0V0JhcjlRS2s1bnFHaFdqSmxrQTZNK2NGNFBKcVZXcjh5S1ZOUDhVL0srSkZIZ0JKUmdFT080U2thUUxVYzRsK2JTODA4ekhZSmJHY095Qm90aHFuNS95Tm1YSVdRT0FscEdvNmEzMS9KWnk2dVlZRi91SDdPMzJNdlkyZk81NWVvS2luRHNEU3V5SUZiSVpvVHFCM0ZOaUttUWRxR1ViRld0L0gvSEx2WGNHUUJia2dMdlV3ckh5TG9PMlM0dGxPOVZMQXRRRk1DbUUzcEtNNkxlTlY3Z05lWTlDa3BpR0IvSHRCblZueUNjOUpFYTJKbkpDOW9raHw&cppv=2

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ca093ca5ddd27d5d8403858295b08a6cae4b976e482d3847ae1a869e4e0d361d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 05:28:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1108090
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 05:28:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=c3eggHxIZFhXbkhtRDZIQnIzZUZKbnhqb1ZPcWRZcXBLcytFQTRoOWlMaGk3TmJ3S0pCa1pDcDg5d1EwSEhlWFg4SlQ3SGVTYUNtYis0V0JhcjlRS2s1bnFHaFdqSmxrQTZNK2NGNFBKcVZXcjh5S1ZOUDhVL0srSkZIZ0JKUmdFT080U2thUUxVYzRsK2JTODA4ekhZSmJHY095Qm90aHFuNS95Tm1YSVdRT0FscEdvNmEzMS9KWnk2dVlZRi91SDdPMzJNdlkyZk81NWVvS2luRHNEU3V5SUZiSVpvVHFCM0ZOaUttUWRxR1ViRld0L0gvSEx2WGNHUUJia2dMdlV3ckh5TG9PMlM0dGxPOVZMQXRRRk1DbUUzcEtNNkxlTlY3Z05lWTlDa3BpR0IvSHRCblZueUNjOUpFYTJKbkpDOW9raHw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 260943
content-length: 0
expires: 0

GET
H2 200 footer_contactform.svg
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/imgs/ 1 KB
824 B 28ms
28ms Image
image/svg+xml 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/imgs/footer_contactform.svg
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 204e3003b5cc67d23e0eadc811fba2bcdeaddfbbda48d09bb28af574821cc777

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:33 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: W/"63ff3b56-534"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer_faq.svg
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/imgs/ 1 KB
805 B 29ms
28ms Image
image/svg+xml 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/imgs/footer_faq.svg
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: cfe0c21d3149ab2ff46878477eec0c116a8a52db0de9b43cda3c94294b2bcf3c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:33 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: W/"63ff3b56-49b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Gotham--500--normal.woff2
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/ 34 KB
35 KB 25ms
25ms Font
font/woff2 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/fonts/Gotham--500--normal.woff2
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 5bd2dbeae1691b8f2a8c49a0071c7b7238b672f17721bf0e90955e9b01a3be4d

Request headers

Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_base.css
Origin: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:33 GMT
last-modified: Wed, 01 Mar 2023 11:47:34 GMT
server: nginx
etag: "63ff3b56-8962"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 35170
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 euConsentConfig.json Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/ 3 KB
1 KB 28ms
27ms XHR
text/html 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/euConsentConfig.json
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/jquery_ei.js.download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: d9cd6dfca94282619431285858508adf7a4552a70c2bb6dc4f30b0c83d9b1615

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:33 GMT
content-encoding: gzip
last-modified: Tue, 05 Dec 2023 04:57:08 GMT
server: nginx
etag: W/"b96-60bbc110f36c8"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
68 KB 476ms
99ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJFFVKB

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cb021828967f26a54396eb1d9e7ed77cd0de3e3e06fd3f469be3511129ec474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69021
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 05:28:33 GMT

GET
H/1.1 200
OK / Show response
sslsi.e-i.com/ 113 B
596 B 176ms
41ms XHR
text/html 145.226.46.131
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to

Full URL

https://sslsi.e-i.com/

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/polyfills.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

145.226.46.131 , France, ASN8255 (EURO-INFORMATION, FR),

Reverse DNS

sslsi.e-i.com

Software

eiws /

Resource Hash

040a53cfe1627ea4438e36c8bec86c6afa960ae20ea8089079347af631b8ecd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 05:28:33 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 08:47:02 GMT
Server: eiws
ETag: "71-5cca5aca94d80-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=3456000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=50
Expires: Sun, 14 Jan 2024 05:28:33 GMT

POST
H2 200 fetch.php Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/panel/ 1 B
129 B 29ms
28ms XHR
text/html 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/panel/fetch.php
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/polyfills.js.download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 05:28:34 GMT
content-encoding: gzip
server: nginx
content-length: 21
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

OPTIONS
H/1.1 200
OK /
api-nc.e-i.com/apic_apichats/devbget.svc/platforms/TCHATBCA/ Frame 0
0 169ms
38ms Preflight 145.226.47.111
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to

Full URL

https://api-nc.e-i.com/apic_apichats/devbget.svc/platforms/TCHATBCA/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

145.226.47.111 , France, ASN8255 (EURO-INFORMATION, FR),

Reverse DNS

api-nc.e-i.com

Software

eiws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type, Accept, Access-Control-Allow-Headers, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: private
Connection: Keep-Alive
Content-Length: 0
Date: Tue, 05 Dec 2023 05:28:35 GMT
Keep-Alive: timeout=2, max=50
Server: eiws
Strict-Transport-Security: max-age=31536000

GET
H/1.1 200
OK jquery.min.js Show response
staticsi.e-i.com/public/shared/jquery/3.5.1/ 98 KB
43 KB 219ms
48ms Script
application/javascript 145.226.46.102
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to

Full URL

https://staticsi.e-i.com/public/shared/jquery/3.5.1/jquery.min.js?loadedByChat=1

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/main.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

145.226.46.102 , France, ASN8255 (EURO-INFORMATION, FR),

Reverse DNS

static.e-i.com

Software

eiws /

Resource Hash

f1c65ee7ffb0f275ac05214ff6ce8d595bf1f92a7edf4647056e8bdc5fb9cb6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 05:28:35 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Thu, 13 Apr 2023 14:57:14 GMT
Server: eiws
ETag: "01763b186ed91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=345600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=50
Content-Length: 44042

POST
H/1.1 200
OK / Show response
api-nc.e-i.com/apic_apichats/devbget.svc/platforms/TCHATBCA/ 105 B
450 B 68ms
68ms XHR
application/json 145.226.47.111
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to

Full URL

https://api-nc.e-i.com/apic_apichats/devbget.svc/platforms/TCHATBCA/

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/polyfills.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

145.226.47.111 , France, ASN8255 (EURO-INFORMATION, FR),

Reverse DNS

api-nc.e-i.com

Software

eiws /

Resource Hash

1da8c1466842dba38c6a897c50e2ccc502c38ca640b8131355a0274754929a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
accept-language: nl-NL,nl;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 05 Dec 2023 05:28:35 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: eiws
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Keep-Alive: timeout=2, max=49
Content-Length: 109

GET
H/1.1 200
OK RA-logo-floa.svg
cdnsi.e-i.com/MSGS/sd/chat/5.8.1/assets/images/logos/ 6 KB
3 KB 142ms
39ms Image
image/svg+xml 145.226.46.154
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnsi.e-i.com/MSGS/sd/chat/5.8.1/assets/images/logos/RA-logo-floa.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

145.226.46.154 , France, ASN8255 (EURO-INFORMATION, FR),

Reverse DNS

sxb-cdn1.e-i.com

Software

eiws /

Resource Hash

e85ffc4c52565c7bec77d67897c06d7a69705354748df53fcda97d2733e69d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 05:28:35 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Tue, 03 Nov 2020 15:34:17 GMT
Server: eiws
ETag: "18a3-5b33598845040-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3456000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=50
Expires: Sun, 14 Jan 2024 05:28:35 GMT

GET
H/1.1 200
OK ra-wait-3.gif
cdnsi.e-i.com/MSGS/sd/chat/5.8.1/assets/images/wait/ 536 B
951 B 143ms
39ms Image
image/gif 145.226.46.154
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnsi.e-i.com/MSGS/sd/chat/5.8.1/assets/images/wait/ra-wait-3.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

145.226.46.154 , France, ASN8255 (EURO-INFORMATION, FR),

Reverse DNS

sxb-cdn1.e-i.com

Software

eiws /

Resource Hash

85af22f3eed6347f0fb8d222576092a0ae74fb2664e99ae8358eed03698590fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 05:28:35 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 03 Nov 2020 15:34:17 GMT
Server: eiws
ETag: "218-5b33598845040"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3456000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=50
Content-Length: 536
Expires: Sun, 14 Jan 2024 05:28:35 GMT

GET
H2 404 bubble-icon.png
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/images/appli/watson/ 3 KB
3 KB 31ms
30ms Image
text/html 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/images/appli/watson/bubble-icon.png
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_custom_messenger.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: d9cd6dfca94282619431285858508adf7a4552a70c2bb6dc4f30b0c83d9b1615

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_custom_messenger.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:35 GMT
content-encoding: gzip
last-modified: Tue, 05 Dec 2023 04:57:08 GMT
server: nginx
etag: W/"b96-60bbc110f36c8"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 send-icon.png
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/images/appli/watson/ 3 KB
3 KB 34ms
34ms Image
text/html 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/images/appli/watson/send-icon.png
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_custom_messenger.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: d9cd6dfca94282619431285858508adf7a4552a70c2bb6dc4f30b0c83d9b1615

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/css/ei_custom_messenger.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:28:35 GMT
content-encoding: gzip
last-modified: Tue, 05 Dec 2023 04:57:08 GMT
server: nginx
etag: W/"b96-60bbc110f36c8"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK jquery.mCustomScrollbar.concat.min.js Show response
staticsi.e-i.com/public/shared/malihu-custom-scrollbar-plugin/3.0.9/ 40 KB
16 KB 36ms
35ms Script
application/javascript 145.226.46.102
EURO-INFORMATION

General

Check archive.org

Show headers Download Go to

Full URL

https://staticsi.e-i.com/public/shared/malihu-custom-scrollbar-plugin/3.0.9/jquery.mCustomScrollbar.concat.min.js?loadedByChat=1

Requested by

Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/main.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

145.226.46.102 , France, ASN8255 (EURO-INFORMATION, FR),

Reverse DNS

static.e-i.com

Software

eiws /

Resource Hash

c50f405a8145af9bc337ad8cece8c1f3193178118d85e8a40a4cca4728a6f03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 05:28:35 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Thu, 18 Mar 2021 08:55:28 GMT
Server: eiws
ETag: "0406271d41bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=345600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=49
Content-Length: 15695

POST
H2 200 fetch.php Show response
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/panel/ 1 B
129 B 36ms
36ms XHR
text/html 185.186.76.206
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/panel/fetch.php
Requested by: Host: client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/js/polyfills.js.download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.186.76.206 Zurich, Switzerland, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/login.php
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 05:28:36 GMT
content-encoding: gzip
server: nginx
content-length: 21
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: FLOA Bank (Banking)

289 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/fr/	1970-01-20 21:01:46	Name: cookies_accepted Value: wait
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/	1969-12-31 23:59:59	Name: PHPSESSID Value: k6mbq8cgpjompt855j5dggo5pi
.www.floabank.fr/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 7204bd480c80e3dbbd6edaec68886b6155d88b0089fae155f4b19c3a1ec993fe
.floabank.fr/	1970-01-21 01:27:59	Name: visid_incap_2435510 Value: Li5WKOgaQ4eRvaf/jsXxgwC1bmUAAAAAQUIPAAAAAAB+gl1DKCcUJa0rKanUZeEs
.floabank.fr/	1969-12-31 23:59:59	Name: incap_ses_764_2435510 Value: HJvleysAhQlq4M/ac0aaCgC1bmUAAAAAw96p9Gjsg6m7mci72H5j3w==
.criteo.com/	1970-01-21 02:04:10	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:04:10	Name: uid Value: afd420c9-7b3e-49f3-8b16-ea48478da9da
.fryylecbgpkjqwvmiinhbcsegbkr.nl/	1970-01-21 02:11:58	Name: cto_bundle Value: 8YB2g19abGMxNzFZZjQlMkZRck5sdGxEZGJPdDhsJTJCMnExdmVCTnNaN2FheDhYVmNIYmREJTJGVWNZTmRramVvb0IyVE0zVnFZVGxhOVM2a0tla0xlWVA2YnR2VDU1NjdxJTJGRU1CYWxtVXdwRXRPcnRpRldjJTJCOHpLemJhbktteEJ2OUJwVmxaUFZZNSUyRlVzVUVoQzFQd0FQTGpybmVFaHdEVlN2blNFdzE5SHREU1BrJTJGTnphQSUzRA
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/	1970-01-20 16:42:37	Name: msgs-authent-state Value: false

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/fr/images/img_messages/DIRECT_18112022_BANNIERE_ESCDA_Mob_569x526.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdnsi.e-i.com/INGR/sd/floabank_2020/2.95.7/fr/css/ei_custom_responsive.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cdnsi.e-i.com/INGR/sd/floabank_2020/2.95.7/fr/javascript/appli/env.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/euConsentConfig.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/images/appli/watson/bubble-icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl/client/images/appli/watson/send-icon.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-nc.e-i.com
cdnjs.cloudflare.com
cdnsi.e-i.com
cdnwmsi.e-i.com
client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl
gum.criteo.com
mug.criteo.com
sslsi.e-i.com
sslwidget.criteo.com
staticdb.e-i.com
staticsi.e-i.com
www.floabank.fr
www.googletagmanager.com
145.226.46.102
145.226.46.131
145.226.46.154
145.226.46.204
145.226.47.111
145.226.62.102
178.250.1.9
185.186.76.206
2606:4700::6811:180e
2a00:1450:4001:81c::2008
2a02:2638:3::c
45.60.87.57
000c357512b57825954202a7c78f22f6cf0ca7e6c9360a4bbdaf9fe13d5b95cb
040a53cfe1627ea4438e36c8bec86c6afa960ae20ea8089079347af631b8ecd0
1724c458e281a8ef99e936cf9c25a35d3e7234e373a1ecbc4d3ee6ea32fad29e
17c9299830ab3520234c301bca14b35a2fc288cf07ac6ac0ee2b60a60fb48548
1da8c1466842dba38c6a897c50e2ccc502c38ca640b8131355a0274754929a3f
1f0c252234bb6248c9dba0b1bace8660d881560721e378d72063cf96e6235318
1fa083e4b6ea6e2cfcedb4ca9c79594d2765c8adfe07bbd1b2470339ba513b0f
204e3003b5cc67d23e0eadc811fba2bcdeaddfbbda48d09bb28af574821cc777
219136867f72daec4707f48baaa2f58037a8d8d41f46e2389a6b0d201ae55ab3
3cb021828967f26a54396eb1d9e7ed77cd0de3e3e06fd3f469be3511129ec474
3d1eedb6972fcfcaab179edfbabff2031d6a5cc14978916203aa52cd68b43881
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
47b7d58099a8e74b4c4935f96dce0bc8f31d7fcc70cf60bc13e26ea2229156a1
4bae9939c72cd3c52f4fd850bc79bed07bf3f355907314cc12de4d57a9224559
52dd91ef019bb14b8d7b67b9fd5775a67de841d1bf2c6a57cc167a48c88f7bfa
55972603a4812f2141339a35833edce3d5d1534e5736642ecf8c6e716414061d
5a59032e7cc3276321edc07b1099c430689793bf7823a5c0c6bda23e6ad8693b
5ac5700f626e2c49a8360183260af3d277858eeed07c8562fb13076ed313d6f5
5bd2dbeae1691b8f2a8c49a0071c7b7238b672f17721bf0e90955e9b01a3be4d
5f54877fab17abbda124f8b5d0ec73cc9f0261c5608fa3187ffb83ce4aa9e400
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
6c5db82766dac2b50fc02e0655a3cf481ca52de4055662001c32e30486190235
76c79d3af714cd2570cdee0ff55daf2022f51477a4b5a89de470068280f8ddb1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85af22f3eed6347f0fb8d222576092a0ae74fb2664e99ae8358eed03698590fa
92ba41aa9873d8f826083e78bbc5ead09ea62f3d2e13dfc453765c9aae1a16f1
a6950028d421bea84fa87cf34a57049b93d6df2eddd764d11f47215899dca331
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b3f56e609769b95c3b7eb6c5fa653ba40944aae487f88da393ca14bcabcf52d6
b63c993774d0d2a8aa678b548fc3923f19395971edc126f25e73383782cf92f9
bbfe9aae410570eaa1f5274dd639ff191a44f7eda67325127ac0f759afe7b708
be4cb9bb60da130c27d6caaedec3082204e49eb1ee797360bf36d0b0ced39eb9
beaa2670cd539ef2256ea89652f6e335067a8e29400be5c5cbc7addfb53128fb
c0f2427a6d94e5d304775bd674cf7eba9ef2182939bf0705fa0fedf7001b9a36
c50f405a8145af9bc337ad8cece8c1f3193178118d85e8a40a4cca4728a6f03c
c5c2c5d9de6f9624cbf21ace12cd11167c258eece9a3a07187a5001e6244f2ed
c72498cb5f7a213370aab81d7aee980a9266e750be3694ebcaf509bc91661367
ca093ca5ddd27d5d8403858295b08a6cae4b976e482d3847ae1a869e4e0d361d
cfe0c21d3149ab2ff46878477eec0c116a8a52db0de9b43cda3c94294b2bcf3c
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d8179f14781be7aa008067c5b191d2cfacb09c009886e391aa73bcd57c0b4918
d9cd6dfca94282619431285858508adf7a4552a70c2bb6dc4f30b0c83d9b1615
e85ffc4c52565c7bec77d67897c06d7a69705354748df53fcda97d2733e69d48
e957f06d419b20e4430d9ab159a9a50da992ebebdea8fe2ff6ba6408d601293b
ea70b79e172067437f5edcffc6303783e33e60a2035885c5a3a28c3425bd9f72
f1c65ee7ffb0f275ac05214ff6ce8d595bf1f92a7edf4647056e8bdc5fb9cb6e

client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl Open in urlscan Pro 185.186.76.206 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

25 %IPv6

6 Domains

13 Subdomains

12 IPs

4 Countries

720 kBTransfer

8431 kBSize

9 Cookies

50 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

client-fl.fryylecbgpkjqwvmiinhbcsegbkr.nl Open in urlscan Pro
185.186.76.206 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

25 %
IPv6

6
Domains

13
Subdomains

12
IPs

4
Countries

720 kB
Transfer

8431 kB
Size

9
Cookies

57 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!