urlscan.io logo urlscan.io
SecurityTrails logo

prod.back.edf.fleet.loco.red Open in urlscan Pro
51.83.14.218  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://prod.back.edf.fleet.loco.red/
Effective URL: https://prod.back.edf.fleet.loco.red/
Submission: On November 15 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 20 domains to perform 65 HTTP transactions. The main IP is 51.83.14.218, located in France and belongs to . The main domain is prod.back.edf.fleet.loco.red.
TLS certificate: Issued by R11 on October 28th 2024. Valid for: 3 months.
This is the only time prod.back.edf.fleet.loco.red was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 51.83.14.218 ()
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 172.217.18.106 15169 (GOOGLE)
1 18.245.31.113 16509 (AMAZON-02)
4 18.245.54.149 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 13.32.27.21 16509 (AMAZON-02)
1 142.250.185.131 15169 (GOOGLE)
1 18.245.46.58 16509 (AMAZON-02)
1 34.241.32.147 16509 (AMAZON-02)
1 142.250.186.68 15169 (GOOGLE)
3 157.240.252.13 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 1 163.172.70.254 12876 (Online SAS)
2 163.172.102.120 12876 (Online SAS)
5 2606:4700:440... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
8 157.240.252.35 32934 (FACEBOOK)
1 54.229.70.174 16509 (AMAZON-02)
1 34.223.74.168 ()
1 2606:4700::68... 13335 (CLOUDFLAR...)
65 28
13    51.83.14.218 (France)

ASN- ()
prod.back.edf.fleet.loco.red
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2606:4700::6810:8ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
js-na1.hs-scripts.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f10.1e100.net
maps.googleapis.com
1    18.245.31.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-113.fra56.r.cloudfront.net
static.hotjar.com
4    18.245.54.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-54-149.fra56.r.cloudfront.net
cdn.segment.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::6812:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
1    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
1    18.245.46.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-58.fra56.r.cloudfront.net
vc.hotjar.io
1    34.241.32.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-32-147.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
3    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    163.172.70.254 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-70-254.rev.poneytelecom.eu
app.plezi.co
2    163.172.102.120 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-102-120.rev.poneytelecom.eu
api.plezi.co
5    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit-pro.fontawesome.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
8    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
1    54.229.70.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-70-174.eu-west-1.compute.amazonaws.com
metrics.hotjar.io
1    34.223.74.168 (Boardman, United States)

ASN- ()
PTR: ec2-34-223-74-168.us-west-2.compute.amazonaws.com
api.segment.io
1    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Apex Domain
Subdomains		 Transfer
13 loco.red
prod.back.edf.fleet.loco.red
14 MB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
837 B
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 404
px4.ads.linkedin.com — Cisco Umbrella Rank: 6892
2 KB
5 fontawesome.com
kit-pro.fontawesome.com — Cisco Umbrella Rank: 26999
98 KB
5 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 502
fonts.googleapis.com — Cisco Umbrella Rank: 55
236 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
region1.google-analytics.com — Cisco Umbrella Rank: 2944
22 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2162
36 KB
3 plezi.co
app.plezi.co
api.plezi.co
10 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
80 KB
3 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3728
content.hotjar.io — Cisco Umbrella Rank: 7484
metrics.hotjar.io — Cisco Umbrella Rank: 10814
484 B
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1083
script.hotjar.com — Cisco Umbrella Rank: 1463
63 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
252 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 3183
1 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1523
183 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1142
14 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 4
1 gstatic.com
fonts.gstatic.com
24 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 3038
25 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 3016
26 KB
1 hs-scripts.com
js-na1.hs-scripts.com — Cisco Umbrella Rank: 8016
881 B
65 20
Domain Requested by
13 prod.back.edf.fleet.loco.red prod.back.edf.fleet.loco.red
8 www.facebook.com prod.back.edf.fleet.loco.red
5 kit-pro.fontawesome.com prod.back.edf.fleet.loco.red
kit-pro.fontawesome.com
4 px.ads.linkedin.com 1 redirects prod.back.edf.fleet.loco.red
4 cdn.segment.com prod.back.edf.fleet.loco.red
cdn.segment.com
4 maps.googleapis.com prod.back.edf.fleet.loco.red
maps.googleapis.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 www.googletagmanager.com prod.back.edf.fleet.loco.red
www.googletagmanager.com
2 region1.google-analytics.com prod.back.edf.fleet.loco.red
2 api.plezi.co prod.back.edf.fleet.loco.red
2 www.google-analytics.com www.googletagmanager.com
prod.back.edf.fleet.loco.red
2 script.hotjar.com static.hotjar.com
script.hotjar.com
1 track.hubspot.com
1 api.segment.io prod.back.edf.fleet.loco.red
1 metrics.hotjar.io static.hotjar.com
1 px4.ads.linkedin.com prod.back.edf.fleet.loco.red
1 app.plezi.co 1 redirects
1 snap.licdn.com www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 content.hotjar.io prod.back.edf.fleet.loco.red
1 vc.hotjar.io prod.back.edf.fleet.loco.red
1 fonts.gstatic.com fonts.googleapis.com
1 js.hs-analytics.net js-na1.hs-scripts.com
1 js.hs-banner.com js-na1.hs-scripts.com
1 fonts.googleapis.com client
1 static.hotjar.com prod.back.edf.fleet.loco.red
1 js-na1.hs-scripts.com prod.back.edf.fleet.loco.red
65 27

This site contains no links.

Subject Issuer Validity Valid
app.fretly.fr
R11		 2024-10-28 -
2025-01-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
hs-scripts.com
WE1		 2024-09-26 -
2024-12-25		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.segment.com
Amazon RSA 2048 M02		 2024-10-15 -
2025-11-14		 a year crt.sh
hs-banner.com
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
hs-analytics.net
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-24 -
2024-11-22		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
*.plezi.co
Gandi RSA Domain Validation Secure Server CA 3		 2024-06-25 -
2025-05-27		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2024-11-13 -
2025-12-13		 a year crt.sh
hubspot.com
WE1		 2024-10-03 -
2025-01-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://prod.back.edf.fleet.loco.red/
Frame ID: B6CE064D3A7C632099933709A72C2012
Requests: 65 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fprod.back.edf.fleet.loco.red
Frame ID: 95E41F74F4ED9A14F5A937D6CCBCE82F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in - Fretly

Page URL History Show full URLs

  1. http://prod.back.edf.fleet.loco.red/ HTTP 307
    https://prod.back.edf.fleet.loco.red/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

65
Requests

77 %
HTTPS

43 %
IPv6

20
Domains

27
Subdomains

28
IPs

4
Countries

14949 kB
Transfer

17075 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://prod.back.edf.fleet.loco.red/ HTTP 307
    https://prod.back.edf.fleet.loco.red/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://app.plezi.co/scripts/ossleads_analytics.js?tenant=603cfc8cf420875f160b016f&tw=603cfc8ff420875f160b021f HTTP 301
  • https://api.plezi.co/api/v1/analytics?tenant=603cfc8cf420875f160b016f&tw=603cfc8ff420875f160b021f
Request Chain 35
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2202876&time=1731642191052&url=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&tm=gtmv2 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2202876&time=1731642191052&url=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&tm=gtmv2&e_ipv6=AQKLpz9COnBOYgAAAZMt6u2mx06vYetlO1rOVxU-vZkFRkoXgFBgLCvjzSxBZLcOMN9kD1w

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
prod.back.edf.fleet.loco.red/
Redirect Chain
  • http://prod.back.edf.fleet.loco.red/
  • https://prod.back.edf.fleet.loco.red/
15 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prod.back.edf.fleet.loco.red/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ae8e314ae4058a04974695e264bc2b7ab874c8a1ae108c24d5462635ed77d30c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
15843
content-type
text/html
date
Fri, 15 Nov 2024 03:43:06 GMT
etag
"672ce24e-3de3"
last-modified
Thu, 07 Nov 2024 15:52:46 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Location
https://prod.back.edf.fleet.loco.red/
Non-Authoritative-Reason
HttpsUpgrades
js
maps.googleapis.com/maps/api/ 		385 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAwMb3GCwa_g3Ss9bm8ycYiDmqHOdtNZvQ
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
20f2dfce3c12e7bae2e93101287e6ea8f60c8ef1bd5f3c678120015fb6311634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

cache-control
public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
gzip
etag
6081a3e5
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123621
date
Fri, 15 Nov 2024 03:43:08 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
4318302.js
js-na1.hs-scripts.com/ 		1010 B
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-na1.hs-scripts.com/4318302.js
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df19dce0dc876c09eb580f8e3cf9312d4c0eb8c5432fd7199d7a6dc007cc6ec5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
HIT
age
4365
x-content-type-options
nosniff
date
Fri, 15 Nov 2024 03:43:08 GMT
x-hubspot-correlation-id
038836b8-5e66-486d-8b59-f150327fec4f
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Fri, 15 Nov 2024 02:30:23 GMT
access-control-allow-credentials
true
cf-ray
8e2c3c3cf99f9e9f-CDG
accept-ranges
bytes
access-control-allow-origin
https://prod.back.edf.fleet.loco.red
content-length
538
server
cloudflare
runtime.8cab9c12b47082e7.js
prod.back.edf.fleet.loco.red/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.back.edf.fleet.loco.red/runtime.8cab9c12b47082e7.js
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
2db582f07b8ba77c3d00fdc0507fc409cf7b4427405b9320d036f569874ccfe5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://prod.back.edf.fleet.loco.red
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

etag
"672ce246-7cf"
accept-ranges
bytes
content-length
1999
date
Fri, 15 Nov 2024 03:43:07 GMT
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 15:52:38 GMT
server
nginx
vary
Accept-Encoding
polyfills.a188780240f579c7.js
prod.back.edf.fleet.loco.red/ 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.back.edf.fleet.loco.red/polyfills.a188780240f579c7.js
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
2defc95c692e04dcf0cdf198aba5b4d24feda2b097fa2f334843f3fcd68bfe27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://prod.back.edf.fleet.loco.red
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

etag
"672ce246-95c3"
accept-ranges
bytes
content-length
38339
date
Fri, 15 Nov 2024 03:43:07 GMT
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 15:52:38 GMT
server
nginx
vary
Accept-Encoding
scripts.18180d73b596ad9c.js
prod.back.edf.fleet.loco.red/ 		493 KB
494 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.back.edf.fleet.loco.red/scripts.18180d73b596ad9c.js
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
df058e18f40bc902c2a5b99ccea8eed218823cd34fd9ae19363bbd7a077374bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

etag
"672ce246-7b413"
accept-ranges
bytes
content-length
504851
date
Fri, 15 Nov 2024 03:43:09 GMT
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 15:52:38 GMT
server
nginx
vary
Accept-Encoding
main.bcced7779bf1f881.js
prod.back.edf.fleet.loco.red/ 		10 MB
10 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.back.edf.fleet.loco.red/main.bcced7779bf1f881.js
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
cb97946233f2a32c20c37ff697edc2ad5054fe88eefc8c522b7c7eaba0ac1940

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://prod.back.edf.fleet.loco.red
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

etag
"672ce246-9dc815"
accept-ranges
bytes
content-length
10340373
date
Fri, 15 Nov 2024 03:43:07 GMT
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 15:52:38 GMT
server
nginx
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		382 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MM9FRRD
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a2d6afa6cfbc667a9874c1a8d11ab0d3e5f565e8aaeef5cbb6279fc4c28e9b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 15 Nov 2024 03:43:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 03:43:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 15 Nov 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
119191
x-xss-protection
0
server
Google Tag Manager
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAwMb3GCwa_g3Ss9bm8ycYiDmqHOdtNZvQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://prod.back.edf.fleet.loco.red
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Fri, 15 Nov 2024 03:43:09 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
hotjar-2130993.js
static.hotjar.com/c/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2130993.js?sv=6
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-113.fra56.r.cloudfront.net
Software
/
Resource Hash
fae881a37454c119d5049ac52d39da72bf219d09b7c1b49c33be3930af3d2a13
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/2212c609570ddc08ee0e9e00ec2982d1
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 1feab8d6a8e5cc920c359b62fd33d3de.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
d8KauehuliO_EHdaBsari9741Y11LfyNFnhu9X8X6v7XYkbggLF1BA==
date
Fri, 15 Nov 2024 03:43:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P8
analytics.min.js
cdn.segment.com/analytics.js/v1/MabbrKx3wEAIgK8KGSvjMQfIBUqp41sd/ 		106 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/MabbrKx3wEAIgK8KGSvjMQfIBUqp41sd/analytics.min.js
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.54.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-54-149.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6dbfc6414e168e9e644d2758b1c41d6b81f21a4bf98259de52e037ba94533378

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
dFN_ehcdr86ymJz3Fyn31ECo2uk1Pdcg
etag
W/"25f362f94a1362209202c20eefa933f9"
access-control-allow-methods
GET, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
tIANCRGCVnXDnc3yPMa4tGtRmwcZlURcrJPUHHPaZA4YA1yEz_YmuQ==
date
Fri, 15 Nov 2024 03:43:10 GMT
content-type
text/javascript; charset=utf-8
vary
accept-encoding
last-modified
Tue, 05 Nov 2024 17:53:01 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=120
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=League+Spartan:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2e0567abede1d2046d06741b202421eff05c59de4024dd24e221bb20f895445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 15 Nov 2024 03:43:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 03:43:09 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 15 Nov 2024 03:43:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
styles.5710436115a4abf6.css
prod.back.edf.fleet.loco.red/ 		313 KB
313 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod.back.edf.fleet.loco.red/styles.5710436115a4abf6.css
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
de7e334160c553a18344a795c3e77ba949c51d82e71470c9b75246105768f0d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

etag
"672ce246-4e35e"
accept-ranges
bytes
content-length
320350
date
Fri, 15 Nov 2024 03:43:09 GMT
content-type
text/css
last-modified
Thu, 07 Nov 2024 15:52:38 GMT
server
nginx
vary
Accept-Encoding
banner.js
js.hs-banner.com/v2/4318302/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/4318302/banner.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/4318302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
469b12fbf8a726ab5165862c5e9f5ddb2230c39df756963c0240a161e293525e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
c889db73-11b2-4da0-a258-ac9033e33a74
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"59499f9c0bece8538af1e62eee502fcf"
x-amz-version-id
qK2nKQnr5R7nSW6zDVirYsKBr4rjKSWo
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Fri, 15 Nov 2024 03:48:09 GMT
x-evy-trace-listener
listener_https
date
Fri, 15 Nov 2024 03:43:09 GMT
x-hubspot-correlation-id
c889db73-11b2-4da0-a258-ac9033e33a74
content-type
text/javascript; charset=UTF-8
last-modified
Mon, 15 Apr 2024 14:22:26 GMT
vary
origin, Accept-Encoding
x-amz-id-2
lNH7BudGD55nvZQHVALF+YCs7Xs0vbVA8o2Pm6Ks+spzRFA0Xpmex78Iz5sx5/uw5faM+950JOs=
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-d9dbd
x-envoy-upstream-service-time
210
access-control-allow-credentials
true
x-amz-request-id
AYKP86XYMY19EQZC
cf-ray
8e2c3c4388a7bb7e-CDG
access-control-allow-origin
https://prod.back.edf.fleet.loco.red
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
4318302.js
js.hs-analytics.net/analytics/1731637800000/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1731637800000/4318302.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/4318302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ae135394bb9f1f1a7234b4cfd25122210fbfb5d8201ec5875b46e542ccd84a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
e7dfb9b5-7957-4fb1-ab71-70e6a39e7eda
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"eeaa0e86d9b2cfef762dec4167304c4f"
x-amz-version-id
null
expires
Fri, 15 Nov 2024 03:48:09 GMT
x-evy-trace-listener
listener_https
date
Fri, 15 Nov 2024 03:43:09 GMT
x-hubspot-correlation-id
e7dfb9b5-7957-4fb1-ab71-70e6a39e7eda
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 20:42:49 GMT
vary
origin, Accept-Encoding
x-amz-id-2
cahLZzMubGsz3vQ4hAbwNOtqrX+6JT7Oq2vUcPGWTJpUVRuwrN/dKQc2U2H7Nd/aj/wS02GGFNCAnD2ujkFa9w==
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-8ghtt
x-envoy-upstream-service-time
56
access-control-allow-credentials
false
x-amz-request-id
DEDHC1M2NCHRJ9FW
cf-ray
8e2c3c438b8a02af-CDG
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
modules.6f60e575cf8ad7cb10f7.js
script.hotjar.com/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2130993.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

x-robots-tag
none
content-encoding
br
etag
"56b1b49a4bdc4c874445907df778d045"
age
912191
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
llRU82nwzaxg3-W6HIbMSetcJ29Mpau1AZw821X8iJhIte1Hcyv-dg==
date
Mon, 04 Nov 2024 14:19:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 14:19:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56128
x-amz-cf-pop
FRA56-C2
kJEqBuEW6A0lliaV_m88ja5TwvZwLZk.woff2
fonts.gstatic.com/s/leaguespartan/v11/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/leaguespartan/v11/kJEqBuEW6A0lliaV_m88ja5TwvZwLZk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=League+Spartan:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
7c5cfcbd829200ff3c2a547cdc10b61c27341e5af6b7a4434bbc6674e7b70b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://prod.back.edf.fleet.loco.red
Referer
https://fonts.googleapis.com/

Response headers

age
243081
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 12 Nov 2025 08:11:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 08:11:48 GMT
last-modified
Tue, 02 May 2023 16:09:20 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24064
x-xss-protection
0
server
sffe
2130993
vc.hotjar.io/sessions/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2130993?s=0.25&r=0.10875318193737127
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/polyfills.a188780240f579c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-58.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

via
1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
4SqepaXSSA51ZkxKNW_F6gXBSQuhvk9RHmW82v9XBDCznNch1N-sSw==
date
Fri, 15 Nov 2024 03:43:10 GMT
x-amz-cf-pop
FRA56-P9
browser-perf.8417c6bba72228fa2e29.js
script.hotjar.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

x-robots-tag
none
content-encoding
br
etag
"b83b61bc5871e9a23a0434e2c539f4f3"
age
4942428
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ifmyW5yArjWEDjYkmlXyn_fKFbNsmqihdqM7VSX-HIarnq-7a7C1tA==
date
Wed, 18 Sep 2024 22:49:21 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 17 Sep 2024 15:41:53 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1782
x-amz-cf-pop
FRA56-C2
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=2130993&gzip=1
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/polyfills.a188780240f579c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.32.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-32-147.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bbbede0d487f4e1e4f85a01416c2b099597c389cce439b3892984e8aa9d76aa0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

access-control-max-age
86400
access-control-allow-origin
*
content-length
56
date
Fri, 15 Nov 2024 03:43:10 GMT
content-type
application/json
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1165516430.1731642190&auid=354780252.1731642190&npa=1&gtm=45He4bc0v833409583za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&tft=1731642190101&tfd=3584&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM9FRRD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers
js
www.googletagmanager.com/gtag/ 		425 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YRPRK24X35&l=dataLayer&cx=c&gtm=45He4bc0v833409583za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM9FRRD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a849c7c2e0be4e4bf1d04b64a8b510826befc93613c837be8081a76f4e12f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 15 Nov 2024 03:43:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 03:43:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137281
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM9FRRD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-DkldSZlJ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 15 Nov 2024 03:43:10 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-DkldSZlJ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=23, mss=1232, tbw=4453, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
FDo7i52O43+mlvIHiKlB9ufqxacQWNsMyFstFzstIQEvR/15o6M0iufJZokEZkwIpmiaRxI0e0cp6pU2zSZpVA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM9FRRD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
gzip
age
6344
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 15 Nov 2024 03:57:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 01:57:26 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM9FRRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

cache-control
max-age=73319
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Fri, 15 Nov 2024 03:43:10 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
analytics
api.plezi.co/api/v1/
Redirect Chain
  • https://app.plezi.co/scripts/ossleads_analytics.js?tenant=603cfc8cf420875f160b016f&tw=603cfc8ff420875f160b021f
  • https://api.plezi.co/api/v1/analytics?tenant=603cfc8cf420875f160b016f&tw=603cfc8ff420875f160b021f
9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.plezi.co/api/v1/analytics?tenant=603cfc8cf420875f160b016f&tw=603cfc8ff420875f160b021f
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
HTTP/1.1
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash
7bdc9c974c578f98a85faf26402a7f9f3cdecfeb17407c0862accf4d2c1113be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

Transfer-Encoding
chunked
X-Request-Id
3fada489-1d87-4282-a683-876248490de3
Cache-Control
max-age=0, private, must-revalidate
ETag
W/"7bdc9c974c578f98a85faf26402a7f9f"
Connection
keep-alive
X-UA-Compatible
IE=Edge,chrome=1
Date
Fri, 15 Nov 2024 03:43:11 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Server
nginx/1.10.3
X-Runtime
0.015436

Redirect headers

location
https://api.plezi.co/api/v1/analytics?tenant=603cfc8cf420875f160b016f&tw=603cfc8ff420875f160b021f
content-length
169
x-ua-compatible
IE=Edge,chrome=1
date
Fri, 15 Nov 2024 03:43:10 GMT
content-type
text/html
server
nginx/1.19.6
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 95E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fprod.back.edf.fleet.loco.red
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM9FRRD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Nov 2024 03:43:10 GMT
expires
Sat, 15 Nov 2025 03:43:10 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pro-v4-shims.min.css
kit-pro.fontawesome.com/releases/latest/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/scripts.18180d73b596ad9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

cache-control
public, max-age=1800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"715826d7cea0f100c00238e5e5dc92b4"
age
1722
x-amz-request-id
WY30STRH6CV4QQ7S
expires
Fri, 15 Nov 2024 04:13:10 GMT
cf-ray
8e2c3c4b5c92bb3f-CDG
date
Fri, 15 Nov 2024 03:43:10 GMT
content-type
text/css
last-modified
Wed, 04 Aug 2021 21:18:33 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
CZlyjptuHo5kkGV7XM5zD5FDlDv+OSpggBUSwr28XnU5+f43roOgHhQe4/uz5NHyubAxnPQ+3ny62+KWx8rG2A==
pro-v4-font-face.min.css
kit-pro.fontawesome.com/releases/latest/css/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/scripts.18180d73b596ad9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

cache-control
public, max-age=1800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"1cb05a2f9541200e1fa0a2cd0abc7663"
age
1634
x-amz-request-id
PN39WN6YAWV1PXR2
expires
Fri, 15 Nov 2024 04:13:10 GMT
cf-ray
8e2c3c4b5c99bb3f-CDG
date
Fri, 15 Nov 2024 03:43:10 GMT
content-type
text/css
last-modified
Wed, 04 Aug 2021 21:18:33 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
oxWZJD4OUJE2I3wApeK73r3N80i51c9vLiDj65Xi2/uke8/ThHrNtc5muUcPDWm2EWZqZDKAiKhAi5B6hrtyEWJSJRdQPCCz7FwhbBu87WQ=
pro.min.css
kit-pro.fontawesome.com/releases/latest/css/ 		315 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit-pro.fontawesome.com/releases/latest/css/pro.min.css
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/scripts.18180d73b596ad9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

cache-control
public, max-age=1800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"486b13730aafe2a39cdaf1666679fa5b"
age
10
x-amz-request-id
58SFX0PZ4VACBRHE
expires
Fri, 15 Nov 2024 04:13:10 GMT
cf-ray
8e2c3c4b5c97bb3f-CDG
date
Fri, 15 Nov 2024 03:43:10 GMT
content-type
text/css
last-modified
Wed, 04 Aug 2021 21:18:33 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
cZ86P3Fyz7Ge7XLUtwhCQSid1JIS25mOkYYYHBcXYaUzS+KhA3afVTiOqpDNvaVcJLmllvnK1RYYTfm0F68MGyz4NqnDHfiQkK0Ez63hCa4=
settings
cdn.segment.com/v1/projects/MabbrKx3wEAIgK8KGSvjMQfIBUqp41sd/ 		679 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/MabbrKx3wEAIgK8KGSvjMQfIBUqp41sd/settings
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/polyfills.a188780240f579c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.54.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-54-149.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5580a1c4e8d6bc5d5e6d83135e84887953353ea0a66dd378cd7f6980d3a5eccd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

access-control-max-age
3000
x-amz-version-id
IqMvDLtIaQ_8NCPqTi190VdvaHcmWbbM
etag
"f48587100e415156dec863859b7a6c35"
access-control-allow-methods
GET, HEAD
x-cache
RefreshHit from cloudfront
x-amz-cf-id
SmAgcYAUlYLL8eI2i-z_x1gdSDbKRww0kTexgZKvE68Q3zOT4JKpcA==
date
Fri, 15 Nov 2024 03:43:11 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
last-modified
Wed, 13 Nov 2024 18:10:25 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=10800
via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
679
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
1094411411456978
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1094411411456978?v=2.9.177&r=stable&domain=prod.back.edf.fleet.loco.red&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
65d51ca761fa3cf74eba5c66432e6b82ebc8821e617badaa25952b2c3a2bcc41
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-qUZgKEkU' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 15 Nov 2024 03:43:10 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-qUZgKEkU' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=64, mss=1232, tbw=70421, tp=66, tpl=0, uplat=232, ullat=0
pragma
public
x-fb-debug
hHRqBN55Fj9LWcalEaxMLCjPn2NlBvbUN6DiTO56fkoy7sTXZTD4+i9HHkJioND4pgMCCkpO4zWVhmh8rz2Sog==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YRPRK24X35&gtm=45je4bc0v898999858z8833409583za200zb833409583&_p=1731642188652&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&cid=53669440.1731642191&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731642190&sct=1&seg=0&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&dt=Fretly&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=prod.back.edf.fleet.loco.red&tfd=4309
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/polyfills.a188780240f579c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://prod.back.edf.fleet.loco.red
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 03:43:11 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/ 		3 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1169848472&t=pageview&_s=1&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&ul=fr-fr&de=UTF-8&dt=Fretly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=203425414&gjid=19318161&cid=53669440.1731642191&tid=UA-177379058-1&_gid=170290875.1731642191&_r=1&_slc=1&gtm=45He4bc0n81MM9FRRDv833409583za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&npa=1&z=73545870
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/polyfills.a188780240f579c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 03:43:11 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://prod.back.edf.fleet.loco.red
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
/
px.ads.linkedin.com/wa/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/polyfills.a188780240f579c7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prod.back.edf.fleet.loco.red/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8BDF5F26D22F4C66B847EFAF0276DB14 Ref B: PRAEDGE0912 Ref C: 2024-11-15T03:43:11Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYm612wNgF7cO03GYxxYQ==
x-li-proto
http/2
access-control-allow-origin
https://prod.back.edf.fleet.loco.red
x-cache
CONFIG_NOCACHE
date
Fri, 15 Nov 2024 03:43:11 GMT
vary
Origin
attribution_trigger
px.ads.linkedin.com/ 		2 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2202876&time=1731642191052&url=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&tm=gtmv2
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/polyfills.a188780240f579c7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

x-li-pop
afd-prod-lor1-x
content-encoding
gzip
x-fs-uuid
000626eb5db03e24e1a72e288126fa2a
x-msedge-ref
Ref A: B3456B44CD7749B4A906F90618EBE296 Ref B: PRAEDGE1607 Ref C: 2024-11-15T03:43:11Z
x-li-fabric
prod-lor1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYm612wPiThpy4ogSb6Kg==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 15 Nov 2024 03:43:11 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2202876&time=1731642191052&url=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&tm=gtmv2
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2202876&time=1731642191052&url=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&tm=gtmv2&e_ipv6=AQKLpz9COnBOYgAAAZMt6u2mx06vYetlO1rOVxU-vZkFRkoXgFBg...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2202876&time=1731642191052&url=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&tm=gtmv2&e_ipv6=AQKLpz9COnBOYgAAAZMt6u2mx06vYetlO1rOVxU-vZkFRkoXgFBgLCvjzSxBZLcOMN9kD1w
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 78DBA6A5A90F42EA83BA2545EE4E14B9 Ref B: PAR02EDGE0809 Ref C: 2024-11-15T03:43:12Z
x-li-fabric
prod-lor1
x-li-uuid
AAYm613JppC6i3CGrp8e0A==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 15 Nov 2024 03:43:12 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2202876&time=1731642191052&url=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&tm=gtmv2&e_ipv6=AQKLpz9COnBOYgAAAZMt6u2mx06vYetlO1rOVxU-vZkFRkoXgFBgLCvjzSxBZLcOMN9kD1w
x-msedge-ref
Ref A: 527308D32ECC4B97B68B27DA125E02CF Ref B: PRAEDGE0912 Ref C: 2024-11-15T03:43:11Z
x-li-fabric
prod-lor1
x-li-uuid
AAYm612wNttLiFrswuiCXQ==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 15 Nov 2024 03:43:11 GMT
493993669310709
connect.facebook.net/signals/config/ 		36 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/493993669310709?v=2.9.177&r=stable&domain=prod.back.edf.fleet.loco.red&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C234%2C116%2C127%2C235%2C165%2C119%2C237%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
ec13e36eacdb6e99fa1219a169aea1f2af26e2fc5c274e27d16db48dbdb1b0e3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-jgYMo68n' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 15 Nov 2024 03:43:11 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-jgYMo68n' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=66, mss=1232, tbw=85605, tp=81, tpl=0, uplat=232, ullat=0
pragma
public
x-fb-debug
c1FuqzZnH4Bp0K+IQBDfa0/g8WIPzR30lCLGKe1s6fglQZ39dU6ulFnp5fyP4V7NDYilXCn8kkxQQ23xZzN7nw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1094411411456978&ev=PageView&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&rl=&if=false&ts=1731642191099&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731642191098.941043163255073093&ler=empty&cdl=API_unavailable&it=1731642190444&coo=false&tm=1&rqm=GET
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4472, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 15 Nov 2024 03:43:11 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1094411411456978&ev=PageView&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&rl=&if=false&ts=1731642191099&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731642191098.941043163255073093&ler=empty&cdl=API_unavailable&it=1731642190444&coo=false&tm=1&rqm=FGET
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437346579083187282"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 15 Nov 2024 03:43:11 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
+luevETdKfaRyHY5voPVsQhXTOhGTHthMmAve38gB4WuJweHCciaWqRkIKpS37vTBPkRGCkVzKADLiPNlerfOg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437346579083187282", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=23, mss=1232, tbw=4840, tp=13, tpl=0, uplat=70, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
/
px.ads.linkedin.com/wa/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/polyfills.a188780240f579c7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prod.back.edf.fleet.loco.red/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5ADC29B0AD474521A25634A6E930F746 Ref B: PRAEDGE0912 Ref C: 2024-11-15T03:43:12Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYm613GIXuwSsHJ83o/Iw==
x-li-proto
http/2
access-control-allow-origin
https://prod.back.edf.fleet.loco.red
x-cache
CONFIG_NOCACHE
date
Fri, 15 Nov 2024 03:43:12 GMT
vary
Origin
logo-fretly.png
prod.back.edf.fleet.loco.red/assets/images/auth/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.back.edf.fleet.loco.red/assets/images/auth/logo-fretly.png
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5aa4db83c51b10c6ddc216bf1cf53227b8968e06fe55b47a23eef8215af7887f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/login

Response headers

accept-ranges
bytes
content-length
99960
date
Fri, 15 Nov 2024 03:43:12 GMT
etag
"672ce24d-18678"
content-type
image/png
last-modified
Thu, 07 Nov 2024 15:52:45 GMT
server
nginx
slide_1.webp
prod.back.edf.fleet.loco.red/assets/images/auth/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.back.edf.fleet.loco.red/assets/images/auth/slide_1.webp
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e996812fa552b32aafd8fdb80f163b4d972bcd748ea949b0e1c43b29775f6cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/login

Response headers

accept-ranges
bytes
content-length
1098136
date
Fri, 15 Nov 2024 03:43:12 GMT
etag
"672ce24d-10c198"
content-type
image/webp
last-modified
Thu, 07 Nov 2024 15:52:45 GMT
server
nginx
slide_2.webp
prod.back.edf.fleet.loco.red/assets/images/auth/ 		498 KB
498 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.back.edf.fleet.loco.red/assets/images/auth/slide_2.webp
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1f5e7165e9c19d28c9a696799c2e76fc5c692551b7dafb6158bc8933b2946f95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/login

Response headers

accept-ranges
bytes
content-length
509614
date
Fri, 15 Nov 2024 03:43:12 GMT
etag
"672ce24d-7c6ae"
content-type
image/webp
last-modified
Thu, 07 Nov 2024 15:52:45 GMT
server
nginx
slide_3.webp
prod.back.edf.fleet.loco.red/assets/images/auth/ 		543 KB
544 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.back.edf.fleet.loco.red/assets/images/auth/slide_3.webp
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
416838ffc6967cc487217dfe3e5b993e5f0148cc382fb6472d42aec1b51cfd15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/login

Response headers

accept-ranges
bytes
content-length
556542
date
Fri, 15 Nov 2024 03:43:12 GMT
etag
"672ce24d-87dfe"
content-type
image/webp
last-modified
Thu, 07 Nov 2024 15:52:45 GMT
server
nginx
slide_4.webp
prod.back.edf.fleet.loco.red/assets/images/auth/ 		861 KB
862 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.back.edf.fleet.loco.red/assets/images/auth/slide_4.webp
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c27b1d9c563ec4a67083ba4c49dc4cab527c9ee416dd626ee9dd8d220c7f8e54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/login

Response headers

accept-ranges
bytes
content-length
882098
date
Fri, 15 Nov 2024 03:43:12 GMT
etag
"672ce24d-d75b2"
content-type
image/webp
last-modified
Thu, 07 Nov 2024 15:52:45 GMT
server
nginx
en-US.svg
prod.back.edf.fleet.loco.red/assets/images/languages/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.back.edf.fleet.loco.red/assets/images/languages/en-US.svg
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1cf6058653528ff7d27f3509f4f43483c36156fd221b57d63e026e055a9dfa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/login

Response headers

accept-ranges
bytes
content-length
933
date
Fri, 15 Nov 2024 03:43:12 GMT
etag
"672ce24d-3a5"
content-type
image/svg+xml
last-modified
Thu, 07 Nov 2024 15:52:45 GMT
server
nginx
pro-fa-duotone-900-5.0.0.woff2
kit-pro.fontawesome.com/releases/latest/webfonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.0.0.woff2
Requested by
Host: kit-pro.fontawesome.com
URL: https://kit-pro.fontawesome.com/releases/latest/css/pro.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f931c30f48b2240d4eba1be47c045c70545573713c19833a5573e0dad05a613

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://prod.back.edf.fleet.loco.red
Referer
https://kit-pro.fontawesome.com/releases/latest/css/pro.min.css

Response headers

access-control-max-age
3000
cf-cache-status
REVALIDATED
etag
"1c407e373b715c8a7096628163d85435"
access-control-allow-methods
GET
expires
Fri, 15 Nov 2024 04:13:13 GMT
date
Fri, 15 Nov 2024 03:43:13 GMT
content-type
font/woff2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 04 Aug 2021 21:22:37 GMT
x-amz-id-2
hvoK3NGjEYcQndJehqax/MLICc1NLd3GM/nJBeNxWpmpb21p6uaTg/nGmNaFcopuIICkQ6fbvhE=
cache-control
public, max-age=1800
x-amz-request-id
148FYFX9BJCPFHR8
cf-ray
8e2c3c593fe6d09a-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
28100
server
cloudflare
pro-fa-duotone-900-5.7.0.woff2
kit-pro.fontawesome.com/releases/latest/webfonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2
Requested by
Host: kit-pro.fontawesome.com
URL: https://kit-pro.fontawesome.com/releases/latest/css/pro.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
272922821dedf161cdf3bebb80a3353ae53e530698f4f92606e3f76b5415c158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://prod.back.edf.fleet.loco.red
Referer
https://kit-pro.fontawesome.com/releases/latest/css/pro.min.css

Response headers

access-control-max-age
3000
cf-cache-status
REVALIDATED
etag
"b297f9c677379a25dab795e0546e1e07"
access-control-allow-methods
GET
expires
Fri, 15 Nov 2024 04:13:13 GMT
date
Fri, 15 Nov 2024 03:43:13 GMT
content-type
font/woff2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 04 Aug 2021 21:22:39 GMT
x-amz-id-2
zKDIDhyZtQVgo1eCw4C0wV5OGn4w8PcM55xJsT3wbGRK04k/XSO9lq17uPllQe2i5u1JFVxXGfIFsMAbol/mgdoNHAq580Ud3FuSscoOmuk=
cache-control
public, max-age=1800
x-amz-request-id
D8NBST5NR99E69EE
cf-ray
8e2c3c593fe7d09a-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
10884
server
cloudflare
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/MabbrKx3wEAIgK8KGSvjMQfIBUqp41sd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.54.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-54-149.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id
7HrcoEDii4CJjqNCahwryaG4L.vk9kns
age
4942542
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
4-01yuk8iabDtGUmoQmS1i-t6n-QNtVNlKuiG6d-CSE7RnnEoXXRAQ==
date
Wed, 18 Sep 2024 22:47:32 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 18 Sep 2024 22:21:40 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
create
api.plezi.co/api/v1/analytics/ 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.plezi.co/api/v1/analytics/create?key_hit=603cfc8cf420875f160b016f-1731642191-&hit=true&tenant=603cfc8cf420875f160b016f&tw=603cfc8ff420875f160b021f&origin_url=&visitor=9394652813196256173164219325718843&visit=83362822-8e1e-4cae-8c04-e071a702599e&title=Log%20in%20%20Fretly&tracking_version=3&gclid=&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&cid=&utm_plz_email_id=&current_url=https://prod.back.edf.fleet.loco.red/login
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

Transfer-Encoding
chunked
X-Request-Id
0486b3cf-afaf-476f-bd90-36f862378155
Cache-Control
max-age=0, private, must-revalidate
ETag
W/"a065920df8cc4016d67c3a464be90099"
Connection
keep-alive
X-UA-Compatible
IE=Edge,chrome=1
Date
Fri, 15 Nov 2024 03:43:13 GMT
Content-Type
image/gif; charset=utf-8
Vary
Origin
Server
nginx/1.10.3
X-Runtime
0.006493
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=493993669310709&ev=PageView&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2Flogin&rl=&if=false&ts=1731642193271&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731642191098.941043163255073093&ler=empty&cdl=API_unavailable&cs_est=true&it=1731642190444&coo=false&tm=1&rqm=GET
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=26, mss=1232, tbw=8312, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 15 Nov 2024 03:43:13 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=493993669310709&ev=PageView&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2Flogin&rl=&if=false&ts=1731642193271&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731642191098.941043163255073093&ler=empty&cdl=API_unavailable&cs_est=true&it=1731642190444&coo=false&tm=1&rqm=FGET
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437346589084837865"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 15 Nov 2024 03:43:13 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
DsOpUQB9A0pzzqg+HCSK5x/5BKFPCABDFl4dslUSWtt3pya3RQEJnhKiWLz9pM5YKFMt1g0fxke9cM2en8QfKw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437346589084837865", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=27, mss=1232, tbw=9864, tp=31, tpl=0, uplat=111, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1094411411456978&ev=PageView&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2Flogin&rl=&if=false&ts=1731642193273&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1731642191098.941043163255073093&ler=empty&cdl=API_unavailable&it=1731642190444&coo=false&rqm=GET
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=26, mss=1232, tbw=8504, tp=24, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 15 Nov 2024 03:43:13 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1094411411456978&ev=PageView&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2Flogin&rl=&if=false&ts=1731642193273&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1731642191098.941043163255073093&ler=empty&cdl=API_unavailable&it=1731642190444&coo=false&rqm=FGET
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437346588184095051"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 15 Nov 2024 03:43:13 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
7dUzhK8H92so+gIyOhrZ0rb6vS19Gq8jakuQcV3oetEvM1Vw9O9YmAhK0SXCh7iuftPDJ7wxtgPxMLFjKzU0DA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437346588184095051", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=27, mss=1232, tbw=8984, tp=30, tpl=0, uplat=49, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=493993669310709&ev=PageView&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2Flogin&rl=&if=false&ts=1731642193275&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1731642191098.941043163255073093&ler=empty&cdl=API_unavailable&cs_est=true&it=1731642190444&coo=false&rqm=GET
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=26, mss=1232, tbw=8744, tp=27, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 15 Nov 2024 03:43:13 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=493993669310709&ev=PageView&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2Flogin&rl=&if=false&ts=1731642193275&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1731642191098.941043163255073093&ler=empty&cdl=API_unavailable&cs_est=true&it=1731642190444&coo=false&rqm=FGET
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437346589131339376"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 15 Nov 2024 03:43:13 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
yKtA7eTJrCfWnd05bZ4RwShYra8mfZyKWBH3SOZWjR75bP8VgeY5o2ovymOGUP/sXFTieRmsADw7b+qaeRivpg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437346589131339376", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=27, mss=1232, tbw=10744, tp=32, tpl=0, uplat=110, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
metrics.hotjar.io/ 		0
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://metrics.hotjar.io/?v=6&site_id=2130993
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2130993.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.229.70.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-70-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

date
Fri, 15 Nov 2024 03:43:13 GMT
access-control-max-age
86400
access-control-allow-origin
*
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/MabbrKx3wEAIgK8KGSvjMQfIBUqp41sd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.54.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-54-149.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id
u16VcQlfwBtHRZyWZ3J5lA.kF3ts0Fc8
age
5106703
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
CUxqm4JmUDIO6BQfKt__6IWa1mrRZgqa_1ljplG7eqo6zzasdXMBBA==
date
Tue, 17 Sep 2024 01:11:31 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 16 Sep 2024 16:03:18 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
p
api.segment.io/v1/ 		21 B
183 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/polyfills.a188780240f579c7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.74.168 Boardman, United States, ASN (),
Reverse DNS
ec2-34-223-74-168.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://prod.back.edf.fleet.loco.red
content-length
21
date
Fri, 15 Nov 2024 03:43:13 GMT
content-type
application/json
vary
Origin
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fr-fr&bfp=1019920244&v=1.1&a=4318302&pu=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2Flogin&t=Log+in+-+Fretly&cts=1731642193461&vi=5009caaabf66da332cc2acc31ea7fe87&nc=true&u=138160943.5009caaabf66da332cc2acc31ea7fe87.1731642193457.1731642193457.1731642193457.1&b=138160943.1.1731642193457&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

x-robots-tag
none
x-request-id
74312b64-973b-4c44-95b8-12f9673a157d
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ltSgEUblMcMNptKWQOLxo%2BmAKo%2F9dT5s374FSqWRccNPfEQDGGsbKI%2B9HoonXWR92o%2F19lp7wQi2fx9AQaA3HyS0bRomPKmW7nXApC2Hq89is1IllmGoJoLGiRqjeD05Dkn2dMtHuZeWYmEzOEZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Fri, 15 Nov 2024 03:43:13 GMT
x-hubspot-correlation-id
74312b64-973b-4c44-95b8-12f9673a157d
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-px578
x-envoy-upstream-service-time
8
access-control-allow-credentials
false
cf-ray
8e2c3c5f0c6c9992-CDG
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
favicon.ico
prod.back.edf.fleet.loco.red/assets/icons/ 		9 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://prod.back.edf.fleet.loco.red/assets/icons/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.14.218 , France, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d2eaa4898bcda0ca8b81014d204d76f03a118384afb0ae6274a4368aec51d489

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/login

Response headers

accept-ranges
bytes
content-length
9662
date
Fri, 15 Nov 2024 03:43:13 GMT
etag
"672ce24d-25be"
content-type
image/x-icon
last-modified
Thu, 07 Nov 2024 15:52:45 GMT
server
nginx
common.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/fr_ALL/ 		267 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/fr_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAwMb3GCwa_g3Ss9bm8ycYiDmqHOdtNZvQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
sffe /
Resource Hash
7856dbe2c281d8c99fa2b203a24c557c168f4814ebd2d72ec4fa59aea6448e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
br
age
52373
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 13:10:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 13:10:21 GMT
last-modified
Tue, 29 Oct 2024 22:44:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
57070
x-xss-protection
0
server
sffe
util.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/fr_ALL/ 		191 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/fr_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAwMb3GCwa_g3Ss9bm8ycYiDmqHOdtNZvQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
sffe /
Resource Hash
c7aa3c7ab03c2453bbf0adbbcde476196ad48648741333e902d3e3c6dcfbade5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

content-encoding
br
age
21683
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 21:41:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 21:41:51 GMT
last-modified
Tue, 29 Oct 2024 22:44:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
59567
x-xss-protection
0
server
sffe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YRPRK24X35&gtm=45je4bc0v898999858za200zb833409583&_p=1731642188652&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&cid=53669440.1731642191&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&sid=1731642190&sct=1&seg=0&dl=https%3A%2F%2Fprod.back.edf.fleet.loco.red%2F&dt=Fretly&_s=2&tfd=9453
Requested by
Host: prod.back.edf.fleet.loco.red
URL: https://prod.back.edf.fleet.loco.red/polyfills.a188780240f579c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://prod.back.edf.fleet.loco.red/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://prod.back.edf.fleet.loco.red
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 03:43:16 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView function| hj object| _hjSettings object| analytics object| _hsp object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| webpackChunkplateform_front function| $localize function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| __zone_symbol__pagehidefalse object| __zone_symbol__beforeunloadfalse object| __zone_symbol__scrolltrue object| __zone_symbol__scrollfalse object| __zone_symbol__resizefalse object| google_tag_manager object| google_tag_data object| __zone_symbol__loadfalse object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| _hsq function| sanitizeKey object| __zone_symbol__loadtrue boolean| _hstc_loaded function| fbq function| _fbq object| _fbq_gtm_ids string| GoogleAnalyticsObject function| ga object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| FontAwesomeKitConfig object| TreemapSquared function| SVG object| Apex function| ApexCharts object| prefixesArray string| prefixesSelectorString object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| __zone_symbol__hashchangefalse object| __zone_symbol__popstatefalse function| onYouTubeIframeAPIReady object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| __zone_symbol__pageshowfalse object| gaGlobal object| gaplugins object| gaData function| lintrk object| ORIBILI object| __zone_symbol__ORIBI_historyChangedfalse function| _ function| saveAs function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__messagefalse string| website string| tenant string| hostUrl string| keyHit number| trackingVersion object| mitch_script object| mitchScriptDocCookies function| mitchScriptQueryString function| mitchScriptGetUniqueID function| mitchScriptGenerateUUID function| mitchScriptImgCreate function| mitchScriptExtractHostname function| mitchScriptGetDomain function| mitchScriptCreatePixel boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

20 Cookies

Domain/Path Name / Value
.loco.red/ Name: _hjSessionUser_2130993
Value: eyJpZCI6ImEwNTIyODBjLTEwYjktNWNmYS1iYWFmLWFjMjI1NmQ4Njg0YyIsImNyZWF0ZWQiOjE3MzE2NDIxODk3OTAsImV4aXN0aW5nIjp0cnVlfQ==
.loco.red/ Name: _hjSession_2130993
Value: eyJpZCI6IjU0Njk5ZjU1LWRiMzYtNGRkOC04MGI3LTMyNzI2ZmUwNmIzYyIsImMiOjE3MzE2NDIxODk3OTQsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.loco.red/ Name: _gcl_au
Value: 1.1.354780252.1731642190
.loco.red/ Name: _ga
Value: GA1.2.53669440.1731642191
.loco.red/ Name: _gid
Value: GA1.2.170290875.1731642191
.loco.red/ Name: _gat_UA-177379058-1
Value: 1
.loco.red/ Name: _fbp
Value: fb.1.1731642191098.941043163255073093
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3399:u=1:x=1:i=1731642191:t=1731728591:v=2:sig=AQHN5Rh8pHxN4PEqkztEkO8Pc7yM3TvU"
.linkedin.com/ Name: bcookie
Value: "v=2&2ca73075-c5b6-402c-8f88-9c31d2b90085"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzE2NDIxOTE7MjswMjEg/7OwQEmHKvez13k9x6iA9lg0DTGhWUxZaJQf3xARzg==
.loco.red/ Name: visitor
Value: 9394652813196256173164219325718843---603cfc8cf420875f160b016f
.loco.red/ Name: visit
Value: 83362822-8e1e-4cae-8c04-e071a702599e
.loco.red/ Name: ajs_anonymous_id
Value: 8f3106a1-c88f-4797-8cdb-82d0f74d1056
prod.back.edf.fleet.loco.red/ Name: __hstc
Value: 138160943.5009caaabf66da332cc2acc31ea7fe87.1731642193457.1731642193457.1731642193457.1
prod.back.edf.fleet.loco.red/ Name: hubspotutk
Value: 5009caaabf66da332cc2acc31ea7fe87
prod.back.edf.fleet.loco.red/ Name: __hssrc
Value: 1
prod.back.edf.fleet.loco.red/ Name: __hssc
Value: 138160943.1.1731642193457
.loco.red/ Name: _ga_YRPRK24X35
Value: GS1.1.1731642190.1.1.1731642193.0.0.0
.hubspot.com/ Name: __cf_bm
Value: XsZ1CJ9_gGYnV6nGjD7mEZDcq4ebTroRRWE7hKNSC_U-1731642193-1.0.1.1-jz5Tyh3Dckci2qz37ywpf3zCAlfT0m1RaIa0iL.NPneAbSx0_dbzpD8QSZ9xSU3MO1ejAaSX3cvMVLaDN1_WMQ
.hubspot.com/ Name: _cfuvid
Value: UBinxHUvs_35ugyRsTqlNhfPYNgqHh0VNref27weNPY-1731642193881-0.0.1.1-604800000

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://prod.back.edf.fleet.loco.red/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.plezi.co
api.segment.io
app.plezi.co
cdn.segment.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
kit-pro.fontawesome.com
maps.googleapis.com
metrics.hotjar.io
prod.back.edf.fleet.loco.red
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
track.hubspot.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
13.107.42.14
13.32.27.21
142.250.185.131
142.250.186.68
157.240.252.13
157.240.252.35
163.172.102.120
163.172.70.254
172.217.18.106
18.245.31.113
18.245.46.58
18.245.54.149
2001:4860:4802:32::36
2001:4860:4802:36::178
2606:4700:4400::6812:2844
2606:4700:4400::6812:28f0
2606:4700::6810:7574
2606:4700::6810:8ad1
2606:4700::6811:afc9
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:809::200a
2a00:1450:4001:831::2008
2a02:26f0:3500:10::210:a99
34.223.74.168
34.241.32.147
51.83.14.218
54.229.70.174
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1cf6058653528ff7d27f3509f4f43483c36156fd221b57d63e026e055a9dfa27
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f5e7165e9c19d28c9a696799c2e76fc5c692551b7dafb6158bc8933b2946f95
20f2dfce3c12e7bae2e93101287e6ea8f60c8ef1bd5f3c678120015fb6311634
272922821dedf161cdf3bebb80a3353ae53e530698f4f92606e3f76b5415c158
2a849c7c2e0be4e4bf1d04b64a8b510826befc93613c837be8081a76f4e12f38
2db582f07b8ba77c3d00fdc0507fc409cf7b4427405b9320d036f569874ccfe5
2defc95c692e04dcf0cdf198aba5b4d24feda2b097fa2f334843f3fcd68bfe27
2f931c30f48b2240d4eba1be47c045c70545573713c19833a5573e0dad05a613
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
416838ffc6967cc487217dfe3e5b993e5f0148cc382fb6472d42aec1b51cfd15
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
469b12fbf8a726ab5165862c5e9f5ddb2230c39df756963c0240a161e293525e
4e996812fa552b32aafd8fdb80f163b4d972bcd748ea949b0e1c43b29775f6cd
5580a1c4e8d6bc5d5e6d83135e84887953353ea0a66dd378cd7f6980d3a5eccd
5aa4db83c51b10c6ddc216bf1cf53227b8968e06fe55b47a23eef8215af7887f
65d51ca761fa3cf74eba5c66432e6b82ebc8821e617badaa25952b2c3a2bcc41
6a2d6afa6cfbc667a9874c1a8d11ab0d3e5f565e8aaeef5cbb6279fc4c28e9b8
6dbfc6414e168e9e644d2758b1c41d6b81f21a4bf98259de52e037ba94533378
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
7856dbe2c281d8c99fa2b203a24c557c168f4814ebd2d72ec4fa59aea6448e39
7bdc9c974c578f98a85faf26402a7f9f3cdecfeb17407c0862accf4d2c1113be
7c5cfcbd829200ff3c2a547cdc10b61c27341e5af6b7a4434bbc6674e7b70b66
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae8e314ae4058a04974695e264bc2b7ab874c8a1ae108c24d5462635ed77d30c
bbbede0d487f4e1e4f85a01416c2b099597c389cce439b3892984e8aa9d76aa0
c27b1d9c563ec4a67083ba4c49dc4cab527c9ee416dd626ee9dd8d220c7f8e54
c7aa3c7ab03c2453bbf0adbbcde476196ad48648741333e902d3e3c6dcfbade5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb97946233f2a32c20c37ff697edc2ad5054fe88eefc8c522b7c7eaba0ac1940
d2e0567abede1d2046d06741b202421eff05c59de4024dd24e221bb20f895445
d2eaa4898bcda0ca8b81014d204d76f03a118384afb0ae6274a4368aec51d489
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7e334160c553a18344a795c3e77ba949c51d82e71470c9b75246105768f0d2
df058e18f40bc902c2a5b99ccea8eed218823cd34fd9ae19363bbd7a077374bd
df19dce0dc876c09eb580f8e3cf9312d4c0eb8c5432fd7199d7a6dc007cc6ec5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec13e36eacdb6e99fa1219a169aea1f2af26e2fc5c274e27d16db48dbdb1b0e3
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
f3ae135394bb9f1f1a7234b4cfd25122210fbfb5d8201ec5875b46e542ccd84a
fae881a37454c119d5049ac52d39da72bf219d09b7c1b49c33be3930af3d2a13