conforme-secure.confirmation-session.gq Open in urlscan Pro
37.187.89.161 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://conforme-secure.confirmation-session.gq/
Submission: On January 01 via automatic, source phishtank (January 1st 2021, 2:34:14 am UTC)

Summary HTTP 229 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 16 domains to perform 229 HTTP transactions. The main IP is 37.187.89.161, located in France and belongs to OVH, FR. The main domain is conforme-secure.confirmation-session.gq.
TLS certificate: Issued by R3 on December 31st 2020. Valid for: 3 months.

This is the only time conforme-secure.confirmation-session.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Societe Generale (Banking)

Domain & IP information

	IP Address	AS Autonomous System
126	37.187.89.161 37.187.89.161	16276 (OVH) (OVH)
2	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	54.220.130.183 54.220.130.183	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1 22	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	3.124.25.217 3.124.25.217	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2 5	184.31.90.174 184.31.90.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	109.232.197.56 109.232.197.56	50234 (EULERIAN-AS) (EULERIAN-AS)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 4	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 5	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
9	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
2	80.252.91.52 80.252.91.52	15830 (EQUINIX-C...) (EQUINIX-CONNECT-EMEA)
4	52.19.224.33 52.19.224.33	16509 (AMAZON-02) (AMAZON-02)
1	18.184.108.250 18.184.108.250	16509 (AMAZON-02) (AMAZON-02)
229	24

126 37.187.89.161 (France)

ASN16276 (OVH, FR)
PTR: ns3368800.ip-37-187-89.eu

conforme-secure.confirmation-session.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

actorssl-5637.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.130.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-130-183.eu-west-1.compute.amazonaws.com

logs128.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.25.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-25-217.eu-central-1.compute.amazonaws.com

scriptsp.par.societegenerale.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.31.90.174 (Netherlands) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-90-174.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 109.232.197.56 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: sg.eulerian.net

1bva.societegenerale.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net

10354013.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.252.91.52 (Netherlands)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.19.224.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-224-33.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.108.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-108-250.eu-central-1.compute.amazonaws.com

aweucn1.advanced-web-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
126	confirmation-session.gq conforme-secure.confirmation-session.gq	2 MB
24	google.com 1 redirects www.google.com	3 KB
17	doubleclick.net 3 redirects 10354013.fls.doubleclick.net googleads.g.doubleclick.net	16 KB
13	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	169 KB
11	google.de www.google.de	1 KB
11	google.fr www.google.fr	2 KB
7	serving-sys.com 2 redirects secure-ds.serving-sys.com bs.serving-sys.com	18 KB
4	facebook.net connect.facebook.net	62 KB
4	societegenerale.fr scriptsp.par.societegenerale.fr 1bva.societegenerale.fr	39 KB
3	googleadservices.com www.googleadservices.com	36 KB
3	bing.com bat.bing.com	9 KB
2	facebook.com www.facebook.com	404 B
2	googletagmanager.com www.googletagmanager.com	76 KB
2	xiti.com logs128.xiti.com	263 B
2	kxcdn.com actorssl-5637.kxcdn.com
1	advanced-web-analytics.com aweucn1.advanced-web-analytics.com
229	16

	Domain	Requested by
126	conforme-secure.confirmation-session.gq	conforme-secure.confirmation-session.gq scriptsp.par.societegenerale.fr
24	www.google.com	1 redirects conforme-secure.confirmation-session.gq
13	googleads.g.doubleclick.net	1 redirects www.googleadservices.com conforme-secure.confirmation-session.gq
11	www.google.de	conforme-secure.confirmation-session.gq
11	www.google.fr	conforme-secure.confirmation-session.gq
5	cdn.krxd.net	conforme-secure.confirmation-session.gq cdn.krxd.net
5	secure-ds.serving-sys.com	2 redirects conforme-secure.confirmation-session.gq
4	beacon.krxd.net	cdn.krxd.net
4	consumer.krxd.net	cdn.krxd.net
4	10354013.fls.doubleclick.net	2 redirects conforme-secure.confirmation-session.gq
4	connect.facebook.net	conforme-secure.confirmation-session.gq connect.facebook.net
3	www.googleadservices.com	conforme-secure.confirmation-session.gq cdn.krxd.net
3	1bva.societegenerale.fr	conforme-secure.confirmation-session.gq 1bva.societegenerale.fr
3	bat.bing.com	conforme-secure.confirmation-session.gq
2	bs.serving-sys.com	secure-ds.serving-sys.com
2	www.facebook.com	conforme-secure.confirmation-session.gq
2	www.googletagmanager.com	conforme-secure.confirmation-session.gq
2	logs128.xiti.com	conforme-secure.confirmation-session.gq
2	actorssl-5637.kxcdn.com	conforme-secure.confirmation-session.gq
1	aweucn1.advanced-web-analytics.com	conforme-secure.confirmation-session.gq
1	scriptsp.par.societegenerale.fr	conforme-secure.confirmation-session.gq
229	21

This site contains links to these domains. Also see Links.

Domain
agences.societegenerale.fr
particuliers.societegenerale.fr
www.privatebanking.societegenerale.fr
professionnels.societegenerale.fr
entreprises.societegenerale.fr
associations.societegenerale.fr
www.societegenerale.com
careers.societegenerale.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
conforme-secure.confirmation-session.gq R3	`2020-12-31` - `2021-03-31`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2019-07-04` - `2021-09-01`	2 years	crt.sh
*.xiti.com Thawte RSA CA 2018	`2020-02-27` - `2022-05-22`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.fr GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
scriptsp.par.societegenerale.fr QuoVadis Global SSL ICA G3	`2019-07-19` - `2021-07-19`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
1bva.societegenerale.fr Sectigo RSA Domain Validation Secure Server CA	`2019-08-21` - `2021-08-20`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh
*.advanced-web-analytics.com GeoTrust TLS RSA CA G1	`2020-05-31` - `2022-06-30`	2 years	crt.sh

This page contains 11 frames:

Primary Page: https://conforme-secure.confirmation-session.gq/
Frame ID: DF37EC9172169E2782800FB6D17CCAB7
Requests: 175 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/activityi.html
Frame ID: 50F4C22EC0E5BBF93DCD2EA63A7308DF
Requests: 2 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/activityi(1).html
Frame ID: BED87F7915F1922161704982C265BC5B
Requests: 2 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Frame ID: 8FA8749C95CC90CB3C111D88AFEDE95D
Requests: 27 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/saved_resource.html
Frame ID: C30927DA6BBEC3F171FC136B1E8F774F
Requests: 1 HTTP requests in this frame

Frame: https://10354013.fls.doubleclick.net/activityi;dc_pre=CPnOrJTZ-e0CFf7IuwgdNnwPtw;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=7041928998476;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Frame ID: F99C1FE98178687B769A791A6E655CF9
Requests: 1 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: D9F50B9609AE8B31FB762C747C94AC30
Requests: 17 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 9B70E486CAAC9A92BCD535E0BCC5AB76
Requests: 1 HTTP requests in this frame

Frame: https://10354013.fls.doubleclick.net/activityi;dc_pre=CP3Yz5TZ-e0CFZnruwgdokEFuQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=2468678921461;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Frame ID: 69A63765590C69166166BC13FD43985C
Requests: 1 HTTP requests in this frame

Frame: https://conforme-secure.confirmation-session.gq/init/OKrh.html?si=0&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=xframe&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&icid=160946843893946128
Frame ID: EF0C4789D373BA12141B8261208DAB83
Requests: 1 HTTP requests in this frame

Frame: https://aweucn1.advanced-web-analytics.com/init/pric.html?e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&es=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&icid=160946843899822064
Frame ID: E83066A14F1C900F73355E8D0FF6838D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

229
Requests

99 %
HTTPS

52 %
IPv6

16
Domains

21
Subdomains

24
IPs

6
Countries

2513 kB
Transfer

6658 kB
Size

16
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://agences.societegenerale.fr/banque-assurance/
Title: Agences

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/icd/rvd_rva/aides_contacts/index-public.html#/home
Title: Aide et contacts

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/
Title:

Search URL Search Domain Scan URL

URL: https://www.privatebanking.societegenerale.fr/
Title: Banque privée

Search URL Search Domain Scan URL

URL: https://professionnels.societegenerale.fr/
Title: Professionnels

Search URL Search Domain Scan URL

URL: https://entreprises.societegenerale.fr/
Title: Entreprises

Search URL Search Domain Scan URL

URL: https://associations.societegenerale.fr/
Title: Associations

Search URL Search Domain Scan URL

URL: https://www.societegenerale.com/fr/accueil
Title: Groupe Société Générale

Search URL Search Domain Scan URL

URL: https://careers.societegenerale.com/
Title: Offres d’emploi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/societegenerale.france/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/sg_etvous
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/societegenerale/?hl=fr
Title:

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/tous-nos-tarifs
Title: Tarifs

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/engagements
Title: Nos engagements

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/informations-mentions-legales
Title: Informations légales

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/charte-cookies-societe-generale
Title: Charte Cookies

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/securite
Title: Sécurité

Search URL Search Domain Scan URL

URL: https://particuliers.societegenerale.fr/engagements/gestion-donnees-personnelles-rgpd
Title: Données personnelles

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

https://10354013.fls.doubleclick.net/activityi;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=7041928998476;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F HTTP 302
https://10354013.fls.doubleclick.net/activityi;dc_pre=CPnOrJTZ-e0CFf7IuwgdNnwPtw;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=7041928998476;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F

Request Chain 132

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/2/4932 HTTP 302
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

Request Chain 147

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/?random=1609468438397&cv=9&fst=1609468438397&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3D%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/1004456575/?random=1609468438397&cv=9&fst=1609466400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3D%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&is_vtc=1&random=3034381481&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1004456575/?random=1609468438397&cv=9&fst=1609466400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3D%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&is_vtc=1&random=3034381481&resp=GooglemKTybQhCsO&ipr=y

Request Chain 191

https://10354013.fls.doubleclick.net/activityi;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=2468678921461;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F HTTP 302
https://10354013.fls.doubleclick.net/activityi;dc_pre=CP3Yz5TZ-e0CFZnruwgdokEFuQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=2468678921461;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F

Request Chain 194

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/2/4932 HTTP 302
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

229 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
conforme-secure.confirmation-session.gq/ 398 KB
117 KB 167ms
42ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1ea54042cfb95f54f71f67d27cda8109e03edaaae121ce49a49ee95ab1da9323

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK awt-front-BDDF.css
conforme-secure.confirmation-session.gq/init/ 97 KB
12 KB 81ms
33ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 2334cc5892b03355d16b2ffcd360aca9ff2919e4a0b4d62639dac3408b0ffdcd

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "18482-5b7c19f78dacf-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12280

GET
H/1.1 200
OK bat.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 27 KB
9 KB 314ms
30ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/bat.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "6d92-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 8474

GET
H/1.1 200
OK action Show response
conforme-secure.confirmation-session.gq/init/ 209 KB
209 KB 37ms
31ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/action
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 02ef3ae0ca1178acafd3207951db6c3481be901748416a9fd2e15f7fecfbbf6a

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3425b-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 213595

GET
H/1.1 200
OK f.txt Show response
conforme-secure.confirmation-session.gq/init/ 30 KB
12 KB 38ms
33ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f.txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "7964-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 12174

GET
H/1.1 200
OK js Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 36ms
31ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 193ff02576d65ded44a2c940a4c79a325bd987d348a638c9ef3e57a7d2fe44bd

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f96-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 98198

GET
H/1.1 200
OK js(1) Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 36ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js(1)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: f184a41e83fe0fa7657e501e40874b3e2468e3be8130be2340d4694b896c993f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f97-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 98199

GET
H/1.1 200
OK js(2) Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 33ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js(2)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 50cb9b6a0426f8ea0e044c329ec2827ae666ab88f2c6c3de461aee71eeedc858

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f95-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 98197

GET
H/1.1 200
OK js(3) Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 30ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js(3)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 21c5befb758cb3e51d21840bcdb0b4d35cf335a336b20fbca8bb16b49396766b

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f97-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 98199

GET
H/1.1 200
OK js(4) Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 30ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js(4)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0aba1ffff4efe790a910a3576c2e8b397d201fc49c5af544cccb391fd3340a2a

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f98-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 98200

GET
H/1.1 200
OK fbevents.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 89 KB
23 KB 35ms
35ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/fbevents.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "16595-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 23387

GET
H/1.1 200
OK n2g_secu.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 74 B
428 B 90ms
30ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/n2g_secu.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: cacb3216bac8abc454ab954967d6ce67cd8969def976cb47b459261efdea3bc2

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "4a-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 80

GET
H/1.1 200
OK init-configs_20201126162313.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 4 KB
1 KB 111ms
29ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/init-configs_20201126162313.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: e9b1bf49a47050d8c8b2e5798cdbb0be796e55ee6b6fc058450d891f1c81ef5f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "107e-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1157

GET
H/1.1 200
OK dca_portail_global_20201127132605.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 3 KB
2 KB 117ms
30ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/dca_portail_global_20201127132605.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0f0c9a0d3315908b1f7c15f96957b4c61b59963d5137b40c130ab6e10f8eba83

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "d62-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1200

GET
H/1.1 200
OK public-dca.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 4 KB
2 KB 120ms
30ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/public-dca.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 069f96cb554d5cf9afb0b9ad7edb382f789da3d7bd909e0e47a1c6f142841213

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "110b-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1782

GET
H/1.1 200
OK vendor_20201013181530.min.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 109 KB
38 KB 129ms
39ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/vendor_20201013181530.min.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: ea0c84249c6d3fb9c7ab3e12357104a9316a62515e0192725333f5a5d3d5c89e

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "1b455-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 39033

GET
H/1.1 200
OK gda.public.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 5 KB
2 KB 141ms
30ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/gda.public.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: deda47873b970f3f30793723271f158aa8bf0a8383016a41c5623cc63b8719ad

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "126f-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1673

GET
H/1.1 200
OK interact-lanceur.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 21 KB
7 KB 108ms
31ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/interact-lanceur.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: ebc5899ef97f2613c1f52d762fab2fae3597d86dfae1f1f51901a7d978475970

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "52f4-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7222

GET
H/1.1 200
OK index_20201013183946.min.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 251 KB
60 KB 120ms
39ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/index_20201013183946.min.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: a64d86f1fafd180096bd451dd066d77ed4a3715420e1af7f82573b6d16813218

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3ebac-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK tc_SocieteGenerale_20_20201126172020.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 173 KB
43 KB 121ms
38ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_20_20201126172020.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 36b9944367a227d50e80b8e6498f351e4c7ab4290360ae624dbb3eda9b972ab9

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2b20b-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 43377

GET
H/1.1 200
OK dmp_bridge.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 18 KB
7 KB 30ms
30ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 7432ce2d9558cdfad9fa922065edd4b052ce9d69366ccfcd08fd28cee4944f61

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "469a-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 6338

GET
H/1.1 200
OK tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 109 KB
23 KB 35ms
34ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1cd2e879a2bc431ce6bdd03338ab6d5b2be54646231a01d8b883f1ed06d643b7

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "1b576-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 23232

GET
H/1.1 200
OK index_pri_20201013141424.min.css
conforme-secure.confirmation-session.gq/init/ 217 KB
33 KB 58ms
39ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/index_pri_20201013141424.min.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: ffb0158cdc267512932acd22b13aa4f0df1652290faa987148d69f923b6cb797

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3655e-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33603

GET
H/1.1 200
OK spec56_btn_gsm_all_gcd_20201013141424.min.css
conforme-secure.confirmation-session.gq/init/ 711 B
628 B 49ms
29ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/spec56_btn_gsm_all_gcd_20201013141424.min.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0a2a772760a16e07b99ff6f6061b4d9b8c99bde4152bd0dde426d013987ef097

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2c7-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 292

GET
H/1.1 200
OK head-section_fix-gb9_16008653000000.css
conforme-secure.confirmation-session.gq/init/ 124 B
449 B 51ms
29ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/head-section_fix-gb9_16008653000000.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0d0c477e9849e1b674c4070ef22e282fe52c08b7d54018b3844a999ae8ca5c79

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "7c-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 114

GET
H/1.1 200
OK swm.main.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 762 KB
199 KB 123ms
40ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 6b3508e84845b497fe7de7c95b5565613fa4256341af4a1e96d614118f4ac5e9

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "be6cf-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK doctrans.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 55 KB
22 KB 35ms
34ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/doctrans.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1b859a247d2fec3895b0aec64bcd35fcdff5c75635a514f4818a14d0a27bb4f9

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "ddf2-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 21682

GET
H/1.1 200
OK awt-frameworks.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 196 KB
62 KB 139ms
40ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/awt-frameworks.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: fe6f751edcdcdef2f2fa677ebfeb50632396b12abd1b428c19a6f19b930ed5a4

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "30f8c-5b7c19f78dacf-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK awt-interact.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 747 KB
186 KB 141ms
38ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/awt-interact.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: cd3e2f420e0578b6dfc49e0a087eebe7c34fb44c412d71ae28d6bdbe71482c64

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "bad47-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK rootCheck.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 49 KB
18 KB 33ms
32ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/rootCheck.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 3d7e7086a0286cfca8aa269c77c12dc07dd9cb5fdedf911727d15189462e7fe1

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "c511-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 17677

GET
H/1.1 200
OK f(1).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 140ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(1).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 56aa5a35b12bc48ed6064ec1a2e38118a48017e00882bde53c8e2ed4f55b67fc

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9ce-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1090

GET
H/1.1 200
OK f(2).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 171ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(2).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: f8ab70f3116e708b14a1307483065aaf86d561c46de9ee19c188d029b52f97b0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9cc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1090

GET
H/1.1 200
OK f(3).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 174ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(3).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: d7c1b7ebef4e6c996d839f9032ada4a16056fc48d75218c0ff68b9975a47f833

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9cc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1090

GET
H/1.1 200
OK f(4).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 179ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(4).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 364bbad7da5c0db0c149ac68ff9b9248aae062459a93af8fa5e1b233131adda1

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9ce-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1091

GET
H/1.1 200
OK f(5).txt Show response
conforme-secure.confirmation-session.gq/init/ 3 KB
2 KB 189ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(5).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 19965187fdbb3f1593722e61fb1e3f26171e4bf10ac466a8af1ed6d3492afe29

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "ca0-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1243

GET
H/1.1 200
OK f(6).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 201ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(6).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 921dac444f4d12a6ad6a4d973e13655173978720e539b8a51d517545d074e03b

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9ce-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1091

GET
H/1.1 200
OK f(7).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 204ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(7).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1e94db35d45912e8b2125e47ba78c4e775c4af9357e9a498f68f845f17b0485d

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9cc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1091

GET
H/1.1 200
OK f(8).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 209ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(8).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b748e93de92cb578e0785b70bcc07d8bab67907bf0f089645b28dde03c5cffed

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9ce-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1090

GET
H/1.1 200
OK f(9).txt Show response
conforme-secure.confirmation-session.gq/init/ 2 KB
1 KB 209ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(9).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 048bec5fa4b6a8d6955d8b8b698730e946620c2d2cc0bd0503847021301c8c77

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9cc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1090

GET
H/1.1 200
OK f(10).txt Show response
conforme-secure.confirmation-session.gq/init/ 3 KB
2 KB 219ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(10).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 43ffec558cae11ca5ecdb80cfaff480509d7bf6b9c679f2740185115596d8e6f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "cde-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1259

GET
H/1.1 200
OK skys.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 46 KB
18 KB 233ms
32ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/skys.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 87ee987122090b081ec5309f61798c116b24929f9cb42ed070e20b25649b3197

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "b8c4-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 17684

GET
H/1.1 200
OK tactic.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 52 KB
19 KB 234ms
32ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/tactic.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9f58ce64b74dd78a12a96ab8a3baab42d15e82131c988b8e78a0666b9b1198b1

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "ce0b-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 19587

GET
H/1.1 200
OK statm.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 46 KB
18 KB 234ms
32ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/statm.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b7535f97c5a636c26669922844a25c061c8bbde4b18655308b70356430b60a18

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "b7a1-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 17596

GET
H/1.1 200
OK pic2Util.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 59 KB
21 KB 237ms
32ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/pic2Util.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0aafb22b992d46be72036702e842c00f9a0ba34d1780d8426289fb21bf01fab9

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "ead2-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 21105

GET
H/1.1 200
OK protocol.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 65 KB
24 KB 242ms
33ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/protocol.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 6cc2bc8e380d3fd79e62e1b745e955c698de1456eb5f224c1b79c8c313b32401

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "10530-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24465

GET
H/1.1 200
OK random.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ 54 KB
20 KB 241ms
32ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/random.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 8916863b5a9fb434907fb0e3354c12524f3e6a2c6fe12acff239df7bb9c7188c

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "d7e8-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 20360

GET
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 30ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 121

GET
H/1.1 200
OK hpeWk Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 31ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 121

GET
H/1.1 200
OK hpeWk(1) Show response
conforme-secure.confirmation-session.gq/init/ 122 B
380 B 30ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk(1)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 718a77b5368bc1aabdd38d82773c971788cbc930508eb949f1664bc813a5bbbb

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "7a-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 122

GET
H/1.1 200
OK hpeWk(2) Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 30ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk(2)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b5a5f5511c2dd368384aa82113ce950e5f455b51716631b9a7bd78388f46d64c

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 121

GET
H/1.1 200
OK hpeWk(3) Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 30ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk(3)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: dff42fc27824c65800c2671729e90622d40b31202a4c273b0039b31556f8fa65

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 121

GET
H/1.1 200
OK style.css
conforme-secure.confirmation-session.gq/init/ 166 KB
25 KB 48ms
35ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/style.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 25b86a63b1711e0badb83772b958f5dce6c81ec3148cc2114c4534a15b34cf3e

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "29788-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 25687

GET
H/1.1 200
OK loader.gif
conforme-secure.confirmation-session.gq/init/ 1 KB
2 KB 30ms
29ms Image
image/gif 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/loader.gif
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 31bf10d91090efb0932a4560d50ce0ed40e9d961374175331b008be7865142d6

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "563-5b7c19f78ea6f"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 1379

GET
H/1.1 200
OK eo2680-style.css
conforme-secure.confirmation-session.gq/init/ 2 KB
894 B 30ms
30ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/eo2680-style.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 42d1dc709aae2bded3fab89a75b78ac71ac56a5bc9938e213bb95dd47fb87fae

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "777-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 559

GET
H/1.1 200
OK securite-renforcee.png
conforme-secure.confirmation-session.gq/init/ 3 KB
4 KB 30ms
29ms Image
image/png 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/securite-renforcee.png
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0fb87a360659fde9b149b2036db331efa88b0d3d06ab319c0510480243c2bb8a

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "d84-5b7c19f78ea6f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3460

GET
H/1.1 200
OK s-curit-renforc-e-2.png
conforme-secure.confirmation-session.gq/init/ 4 KB
4 KB 30ms
29ms Image
image/png 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/s-curit-renforc-e-2.png
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 12ad8a6fe4c03864191066da21747429eb42250696a30943f165b6bbc19ae162

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "ece-5b7c19f78ea6f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 3790

GET
H/1.1 200
OK logo-sg-seul.svg
conforme-secure.confirmation-session.gq/init/ 3 KB
3 KB 30ms
29ms Image
image/svg+xml 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/logo-sg-seul.svg
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "be2-5b7c19f78ea6f"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 3042

GET
H/1.1 200
OK js(5) Show response
conforme-secure.confirmation-session.gq/init/ 96 KB
96 KB 35ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/js(5)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 6196e79a6beea903c5daccf483eae9f1052b0647cb165a9ffa0010392dc5e562

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "17f82-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 98178

GET
H/1.1 200
OK 0
conforme-secure.confirmation-session.gq/init/ 0
255 B 29ms
29ms Image
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/0
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "0-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 0

GET
H/1.1 200
OK 0(1)
conforme-secure.confirmation-session.gq/init/ 0
255 B 31ms
29ms Image
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/0(1)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "0-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 0

GET
H/1.1 404
Not Found dcaweb-main.js Show response
conforme-secure.confirmation-session.gq/icd/static/dcaweb-front/2.0.6/ 348 B
564 B 171ms
29ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/icd/static/dcaweb-front/2.0.6/dcaweb-main.js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/public-dca.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: a6bf99527ad5b9f3a33c9bc75ca43ae21dd804f0eec2554ae118fd708fb21e00

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 348
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found gda.js Show response
conforme-secure.confirmation-session.gq/icd/static/swm/resources/version/19.49.9/gda/sas_lgn/static/js/ 373 B
589 B 39ms
29ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/icd/static/swm/resources/version/19.49.9/gda/sas_lgn/static/js/gda.js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/gda.public.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 01ea1a63072bcb09f85ce6b7812b325703301751cfb5ab4ef2ece6a95449d8be

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 373
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found config.json Show response
conforme-secure.confirmation-session.gq/pri/static/dcaweb/ 333 B
549 B 84ms
29ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/pri/static/dcaweb/config.json?_=20210101000000
Requested by: Host:
URL: /icd/static/dcaweb-front/2.0.6/dcaweb-main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: df2309303b0a8eac62a9a55ef2823e5692caaba0accd4751b2f716a062d450d4

Request headers

Accept: application/json, text/plain, */*
Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found swm.main.js
conforme-secure.confirmation-session.gq/icd/static/swm/resources/version/19.49.9/js/ 0
0 31ms
30ms Script
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/icd/static/swm/resources/version/19.49.9/js/swm.main.js
Requested by: Host:
URL: /icd/static/swm/resources/version/19.49.9/gda/sas_lgn/static/js/gda.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 359
Content-Type: text/html; charset=iso-8859-1

GET
H2 400 action
actorssl-5637.kxcdn.com/actor/a7a30ba0aebbae114c740a1b35adb8c7-/ 0
0 134ms
115ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://actorssl-5637.kxcdn.com/actor/a7a30ba0aebbae114c740a1b35adb8c7-/action
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_20_20201126172020.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
server: keycdn-engine
x-edge-location: defr
vary: Accept-encoding
content-type: application/javascript

GET
H2 200 hit.xiti
logs128.xiti.com/ 35 B
132 B 116ms
30ms Image
image/gif 54.220.130.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs128.xiti.com/hit.xiti?s=594119&idclient=b45697d9-76dd-4777-84c8-416ed4a1b826&ts=1609468437851&vtag=5.22.0&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=3x33x57&lng=en-US&idp=0333579806410&jv=0&at=&p=&s2=&vrn=1&x1=true&x10=/&x11=page_vue_chargee&x13=1609468437827_7050&stc=%7B%22globVars%22%3A%7B%22date_datehour%22%3A%222021-01-01_03%3A33%3A57%22%2C%22page_technicalURL%22%3A%22~%22%7D%7D&ref=

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.220.130.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-130-183.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
content-length: 35
strict-transport-security: max-age=7776000
content-type: image/gif

GET
H/1.1 200
OK print_20201013141424.min.css
conforme-secure.confirmation-session.gq/init/ 3 KB
1 KB 38ms
30ms Stylesheet
text/css 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/print_20201013141424.min.css
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: cbf2f9788fa5b22dd4c4428843fdd3ea68595db536cf347517da7d048d3bedcf

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "bfb-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 874

GET
H2 200 /
www.google.com/pagead/1p-user-list/1025892926/ 42 B
138 B 22ms
19ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1607019693347&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=1393713664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1025892926/ 42 B
552 B 42ms
18ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1025892926/?random=1607019693347&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=1393713664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/786705886/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786705886/?random=1607019693349&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2164052255&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/786705886/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/786705886/?random=1607019693349&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2164052255&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/958350073/ 42 B
66 B 53ms
34ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958350073/?random=1607019693351&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3927815603&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/958350073/ 42 B
108 B 24ms
19ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/958350073/?random=1607019693351&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3927815603&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
530 B 50ms
32ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1607019693352&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3949691358&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1004456575/ 42 B
108 B 27ms
22ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1004456575/?random=1607019693352&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3949691358&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 54ms
36ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1607019693354&cv=9&fst=1607018400000&num=1&userId=21c3ce817050af0fea148692f6e5ea35&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3Dparticuliers%3Bpage_name%3Duser_login_page%3Bpage_type%3DHomePage%3Bpage_theme%3DHomepage%3Bpage_category_1%3Dloginpage%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=1551197706&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1004456575/ 42 B
108 B 26ms
21ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1004456575/?random=1607019693354&cv=9&fst=1607018400000&num=1&userId=21c3ce817050af0fea148692f6e5ea35&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3Dparticuliers%3Bpage_name%3Duser_login_page%3Bpage_type%3DHomePage%3Bpage_theme%3DHomepage%3Bpage_category_1%3Dloginpage%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=1551197706&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ 42 B
66 B 53ms
36ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1607019695098&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2527754176&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1025892926/ 42 B
108 B 25ms
20ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1025892926/?random=1607019695098&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2527754176&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/786705886/ 42 B
66 B 51ms
33ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786705886/?random=1607019695102&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3590229882&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/786705886/ 42 B
108 B 24ms
19ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/786705886/?random=1607019695102&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3590229882&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 53ms
35ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1607019695109&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2634078578&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1004456575/ 42 B
108 B 25ms
20ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1004456575/?random=1607019695109&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2634078578&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/958350073/ 42 B
66 B 54ms
36ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958350073/?random=1607019695113&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=4205784836&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/958350073/ 42 B
108 B 25ms
21ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/958350073/?random=1607019695113&cv=9&fst=1607018400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=4205784836&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 doctrans.js Show response
scriptsp.par.societegenerale.fr/978517/ 59 KB
26 KB 149ms
30ms Script
application/x-javascript 3.124.25.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scriptsp.par.societegenerale.fr/978517/doctrans.js?r=0.8997546950327839

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.25.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-25-217.eu-central-1.compute.amazonaws.com

Software

haile /

Resource Hash

89674fa5b46739595f18e8d4c9d4c271177cfd46c61b0d34aebca2490cca3b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
server: haile
strict-transport-security: max-age=86400
access-control-allow-methods: GET, OPTIONS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/x-javascript
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 52ms
36ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1607019695118&cv=9&fst=1607018400000&num=1&userId=21c3ce817050af0fea148692f6e5ea35&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3Dparticuliers%3Bpage_name%3DMon_Profil%3A%3AConnexion%3A%3AEcran_Connexion%3Bpage_type%3DHomePage%3Bpage_theme%3DHomepage%3Bpage_category_1%3Dloginpage%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2138579787&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.fr/pagead/1p-user-list/1004456575/ 42 B
530 B 54ms
36ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1004456575/?random=1607019695118&cv=9&fst=1607018400000&num=1&userId=21c3ce817050af0fea148692f6e5ea35&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3Dparticuliers%3Bpage_name%3DMon_Profil%3A%3AConnexion%3A%3AEcran_Connexion%3Bpage_type%3DHomePage%3Bpage_theme%3DHomepage%3Bpage_category_1%3Dloginpage%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fcom%2Ficd-web%2Fcbo%2Findex.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2Fpage-deconnexion&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2138579787&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found pictos-fonctionnels_20200629183129.svg
conforme-secure.confirmation-session.gq/static/Resources/img/ 0
0 45ms
29ms Other
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/static/Resources/img/pictos-fonctionnels_20200629183129.svg
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=89
Content-Length: 363
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-semibold.woff
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 31ms
31ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-semibold.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 365
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold.woff
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 42ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-bold.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 361
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-regular.woff
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 43ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-regular.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-semibold.woff2
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 30ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-semibold.woff2
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:30 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 366
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold.woff2
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 40ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-bold.woff2
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 362
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-regular.woff2
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 38ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-regular.woff2
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 365
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found getauthinfo.json Show response
conforme-secure.confirmation-session.gq/sec/ 324 B
540 B 47ms
29ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/sec/getauthinfo.json?niv_authent=300
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: f3cbfb0993936c56d926cdae8e9896452da8f7015991704a70817816fc4702e0

Request headers

Accept: */*
Referer: https://conforme-secure.confirmation-session.gq/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=89
Content-Length: 324
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found pictos-fonctionnels.svg
conforme-secure.confirmation-session.gq/static/Resources/img/ 0
0 43ms
29ms Other
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/static/Resources/img/pictos-fonctionnels.svg
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 348
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found new_sprite.png
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/img/ 350 B
350 B 29ms
29ms Image
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/img/new_sprite.png
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: f10f3e1f39253c9d4ee4374649f49bbdb22858f0332055c4e4de5259b624e109

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 350
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found spriteV4.png
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/img/ 348 B
348 B 40ms
29ms Image
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/img/spriteV4.png
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 3d2989ae22ced8b16ed95a8b7fa3063627d90277302b6b58c65e44b64b69684c

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Content-Length: 348
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-italic.otf
conforme-secure.confirmation-session.gq/fonts/ 0
0 30ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-italic.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/index_pri_20201013141424.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/index_pri_20201013141424.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-semibold.otf
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 29ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-semibold.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 1f2b078702ea31bf56ae40d080459b2c.svg
conforme-secure.confirmation-session.gq/icd/static/interact-front/5.0.7//dist/ 0
0 40ms
29ms Other
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/icd/static/interact-front/5.0.7//dist/1f2b078702ea31bf56ae40d080459b2c.svg
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 378
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold.otf
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 32ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-bold.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=89
Content-Length: 360
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-regular.otf
conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/ 0
0 32ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/assets/markets/BDDF/PRI/INT/fonts/sourcesanspro-regular.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=90
Content-Length: 363
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found swm-sign.html Show response
conforme-secure.confirmation-session.gq/swm/ 321 B
537 B 34ms
29ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/swm/swm-sign.html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1ffc4dc89ed1aa8b2a8097f2bffd3dfe37d0b80c824290db2920cba8d0408101

Request headers

Accept: */*
Referer: https://conforme-secure.confirmation-session.gq/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 321
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found swm-log.json Show response
conforme-secure.confirmation-session.gq/swm/ 320 B
536 B 44ms
30ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/swm/swm-log.json?an_niveau=error&cl_msg=_!.00%20Requ%C3%AAte%20%2Fsec%2Fgetauthinfo.json%3Fniv_authent%3D300%20rejet%C3%A9e%20avec%20erreur%20Not%20Found
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 18900ff5bb5dd79d4fc387ab09c9c55eebd75b6fa96b6b172cd844ac5557b56e

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Content-Length: 320
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK activityi.html Show response
conforme-secure.confirmation-session.gq/init/ Frame 50F4 607 B
794 B 31ms
30ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/activityi.html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 6d2bd4fa4a43c078a03101debe04fe33fd850dd2b1af2f2293a790b549911a6e

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAzLTMzNDg1MTA0MDciLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V1202111333570.021073190495523475; AB_Test_Privacy=A; N_Testing_Privacy=4; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiNDU2OTdkOS03NmRkLTQ3NzctODRjOC00MTZlZDRhMWI4MjYiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDI6MzM6NTcuODQxWiIsInBhdGgiOiIvIn19; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjM2MTg1MDc4OTkyMjE4NjF9fQ%3D%3D; _MFB_=fHwyfHx8W118fDE2MDk0NzIwMzgxNzR8fA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
ETag: "25f-5b7c19f78dacf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 458
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK activityi(1).html Show response
conforme-secure.confirmation-session.gq/init/ Frame BED8 607 B
794 B 34ms
30ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/activityi(1).html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b0cd10ba39008b79c2b5372a1c3bebf78ea9d6abee46e002bcb1d2a787d6068e

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAzLTMzNDg1MTA0MDciLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V1202111333570.021073190495523475; AB_Test_Privacy=A; N_Testing_Privacy=4; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiNDU2OTdkOS03NmRkLTQ3NzctODRjOC00MTZlZDRhMWI4MjYiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDI6MzM6NTcuODQxWiIsInBhdGgiOiIvIn19; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjM2MTg1MDc4OTkyMjE4NjF9fQ%3D%3D; _MFB_=fHwyfHx8W118fDE2MDk0NzIwMzgxNzR8fA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
ETag: "25f-5b7c19f78dacf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 458
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK dmp_bridge.html Show response
conforme-secure.confirmation-session.gq/init/ Frame 8FA8 37 KB
11 KB 43ms
31ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: a6c006153cf157bcd6f53f1f80a27f0b28987a86a5be166c6b53953799e18f66

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAzLTMzNDg1MTA0MDciLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V1202111333570.021073190495523475; AB_Test_Privacy=A; N_Testing_Privacy=4; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiNDU2OTdkOS03NmRkLTQ3NzctODRjOC00MTZlZDRhMWI4MjYiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDI6MzM6NTcuODQxWiIsInBhdGgiOiIvIn19; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjM2MTg1MDc4OTkyMjE4NjF9fQ%3D%3D; _MFB_=fHwyfHx8W118fDE2MDk0NzIwMzgxNzR8fA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
ETag: "95ce-5b7c19f78ea6f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10949
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK saved_resource.html Show response
conforme-secure.confirmation-session.gq/init/ Frame C309 187 B
501 B 44ms
30ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/saved_resource.html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 19e4a6a12289dba1a13b23131f4dc85ad68836d08cffca540b91d654de9b492f

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAzLTMzNDg1MTA0MDciLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V1202111333570.021073190495523475; AB_Test_Privacy=A; N_Testing_Privacy=4; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiNDU2OTdkOS03NmRkLTQ3NzctODRjOC00MTZlZDRhMWI4MjYiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDI6MzM6NTcuODQxWiIsInBhdGgiOiIvIn19; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjM2MTg1MDc4OTkyMjE4NjF9fQ%3D%3D; _MFB_=fHwyfHx8W118fDE2MDk0NzIwMzgxNzR8fA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
ETag: "bb-5b7c19f78ea6f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 166
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1004456575

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f34c23f809a35d9f6db11ada5dd4154bb051faa6c320f63165874038b627bf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38977
x-xss-protection: 0
last-modified: Fri, 01 Jan 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 2021 02:33:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1025892926&l=dataLayer&cx=c

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/js(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8e1667ba9cd6652e2fde418186e191f61c694b09935666a5b97e405fc6ee874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39040
x-xss-protection: 0
last-modified: Fri, 01 Jan 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 2021 02:33:58 GMT

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 67ms
22ms Script
application/javascript 184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=378
accept-ranges: bytes
content-length: 15848

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 48ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:57 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 138425C955024C789CAD26E9629F2F2E Ref B: FRAEDGE1317 Ref C: 2021-01-01T02:33:58Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8459

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23470
x-fb-rlafr: 0
pragma: public
x-fb-debug: GkjRurSU/3TR64QIoohf7+95d/NM3xIjloB4pxzSfezfWZfD/kgr7f7snBxb2GDMbsJvQwzHtO8WmVRA2YmADg==
x-fb-trip-id: 2067596246
x-frame-options: DENY
date: Fri, 01 Jan 2021 02:33:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK gqbvas314.js Show response
1bva.societegenerale.fr/ 35 KB
12 KB 123ms
34ms Script
application/javascript 109.232.197.56
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1bva.societegenerale.fr/gqbvas314.js

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_22.js.t%C3%A9l%C3%A9chargement

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.197.56 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

sg.eulerian.net

Software

EWS /

Resource Hash

914b339f8a246568ebfbae46cfbc624ecb670d0a99ab59d1aaa4f14770a38ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:33:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: EWS
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3600, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Keep-Alive: timeout=4
Content-Length: 12354
X-XSS-Protection: 0
Expires: Fri, 01 Jan 2021 03:33:58 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 82ms
32ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/js(4)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Jan 2021 02:33:58 GMT

GET
H3-Q050

200

activityi;dc_pre=CPnOrJTZ-e0CFf7IuwgdNnwPtw;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=7041928998476;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-sess...
10354013.fls.doubleclick.net/ Frame F99C
Redirect Chain

https://10354013.fls.doubleclick.net/activityi;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=7041928998476;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-s...
https://10354013.fls.doubleclick.net/activityi;dc_pre=CPnOrJTZ-e0CFf7IuwgdNnwPtw;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=7041928998476;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2...

0
0

72ms
44ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10354013.fls.doubleclick.net/activityi;dc_pre=CPnOrJTZ-e0CFf7IuwgdNnwPtw;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=7041928998476;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10354013.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPnOrJTZ-e0CFf7IuwgdNnwPtw;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=7041928998476;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://conforme-secure.confirmation-session.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jan 2021 02:33:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 404
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 01-Jan-2021 02:48:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jan 2021 02:33:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10354013.fls.doubleclick.net/activityi;dc_pre=CPnOrJTZ-e0CFf7IuwgdNnwPtw;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=7041928998476;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 404
Not Found sourcesanspro-italic.woff
conforme-secure.confirmation-session.gq/fonts/ 0
0 29ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-italic.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/index_pri_20201013141424.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/index_pri_20201013141424.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 335
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 873080639448770 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 33ms
31ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/873080639448770?v=2.9.29&r=stable

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/fbevents.js.t%C3%A9l%C3%A9chargement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4c3e1320a0696f8173bd2eada9b860560d9756316ac82249b3924ebe5a21f5b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: p/Ovy8eA/iWfyP4TpYJVq+MZt4+WUdSYh+NqpADlZQu2NdYfb4u47m4WEZcePvwSQHRS715mB4REbRoSaC/yOw==
x-fb-trip-id: 2067596246
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 01 Jan 2021 02:33:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 706893505
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 404
Not Found sourcesanspro-semibold.woff
conforme-secure.confirmation-session.gq/fonts/ 0
0 31ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-semibold.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold.woff
conforme-secure.confirmation-session.gq/fonts/ 0
0 30ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-bold.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found swm-log.json Show response
conforme-secure.confirmation-session.gq/swm/ 320 B
536 B 31ms
29ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/swm/swm-log.json?an_niveau=error&cl_msg=!+.00%20Requ%C3%AAte%20%2Fswm%2Fswm-sign.html%20rejet%C3%A9e%20avec%20erreur%20Not%20Found
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 18900ff5bb5dd79d4fc387ab09c9c55eebd75b6fa96b6b172cd844ac5557b56e

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Content-Length: 320
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found awtConfig.js Show response
conforme-secure.confirmation-session.gq/icd/interact/ 329 B
545 B 29ms
29ms XHR
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/icd/interact/awtConfig.js
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/interact-lanceur.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 5f39c97a5d41431187cf6f8d3c1c6cab7c46fbd2ee20febedd470e56043f3d41

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-regular.woff
conforme-secure.confirmation-session.gq/fonts/ 0
0 30ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-regular.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 336
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold.otf
conforme-secure.confirmation-session.gq/fonts/ 0
0 31ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-bold.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 332
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-semibold.otf
conforme-secure.confirmation-session.gq/fonts/ 0
0 30ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-semibold.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 336
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-it.woff
conforme-secure.confirmation-session.gq/fonts/ 0
0 29ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-it.woff
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=85
Content-Length: 331
Content-Type: text/html; charset=iso-8859-1

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5500232&Ver=2&mid=1c5a1200-8b33-4433-a805-f3719eeba29c&sid=ccf942d04bd911eba684eb4458bccbe5&vid=ccf94f604bd911eba69f315e91e48128&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&p=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&r=&lt=841&evt=pageLoad&msclkid=N&sv=1&rn=603063
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 01 Jan 2021 02:33:57 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 12B1DBF9153242079F2EA9BABCE84331 Ref B: FRAEDGE1317 Ref C: 2021-01-01T02:33:58Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found sourcesanspro-regular.otf
conforme-secure.confirmation-session.gq/fonts/ 0
0 30ms
29ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-regular.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=85
Content-Length: 335
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=873080639448770&ev=PageView&dl=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&rl=&if=false&ts=1609468438387&cd[content_category]=tagco&cd[dmp_id_tag]=Kw6K3cJw&cd[dmp_id_segment]=&cd[env_market]=&cd[page_name]=&cd[page_type]=&cd[page_category_1]=&cd[page_category_2]=&cd[page_category_3]=&cd[product_name_trade]=&cd[product_category_1]=&cd[product_category_2]=&cd[product_category_3]=&sw=1600&sh=1200&v=2.9.31&r=stable&ec=0&o=28&fbp=fb.1.1609468438386.80472476&it=1609468438283&coo=false&rqm=GET

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 01 Jan 2021 02:33:58 GMT

GET
H/1.1 200
OK dc_pre=CPXWm_C2su0CFWwWBgAdbTAHCw
conforme-secure.confirmation-session.gq/init/ Frame 50F4 42 B
299 B 31ms
30ms Image
image/gif 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/dc_pre=CPXWm_C2su0CFWwWBgAdbTAHCw
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/activityi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/activityi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2a-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 42

GET
H/1.1 200
OK dc_pre=CM_-ifG2su0CFX0NBgAdR4EN2Q
conforme-secure.confirmation-session.gq/init/ Frame BED8 42 B
299 B 30ms
29ms Image
image/gif 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conforme-secure.confirmation-session.gq/init/dc_pre=CM_-ifG2su0CFX0NBgAdR4EN2Q
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/activityi(1).html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/activityi(1).html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2a-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 42

GET
H2

200

OneTagDefaultConfig.json Show response
secure-ds.serving-sys.com/BurstingCachedScripts/
Redirect Chain

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/2/4932
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

11 B
199 B

21ms
21ms

XHR
application/json

184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/3.0
Resource Hash: 9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
last-modified: Tue, 19 Dec 2017 08:44:56 GMT
server: Microsoft-IIS/8.5
x-powered-by: ARR/3.0
etag: "5a9573a5a578d31:0"
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11
expires: Mon, 31 Dec 2035 00:00:00 GMT

Redirect headers

location: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
date: Fri, 01 Jan 2021 02:33:58 GMT
server: AkamaiGHost
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/ 2 KB
1 KB 21ms
16ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/?random=1609468438391&cv=9&fst=1609468438391&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbc59413888bd19f97c753e2c88219b8e660b7f0d4dec946e8cb52576c1ba907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fbevents.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ Frame 8FA8 89 KB
23 KB 69ms
34ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/fbevents.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "16595-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 23387

GET
H/1.1 200
OK 38802cd4-fc8e-4cc2-8ee8-42750d852201 Show response
conforme-secure.confirmation-session.gq/init/ Frame 8FA8 225 B
483 B 33ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/38802cd4-fc8e-4cc2-8ee8-42750d852201
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 2f4d67d216cb9eb9add56b0a9931fda4c46d7c3f79481ef2fecaabfac91f9ffe

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "e1-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 225

GET
H/1.1 200
OK 38802cd4-fc8e-4cc2-8ee8-42750d852201(1) Show response
conforme-secure.confirmation-session.gq/init/ Frame 8FA8 225 B
483 B 33ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/38802cd4-fc8e-4cc2-8ee8-42750d852201(1)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: e30e57a42d27bcee51206f5ab291f5a51f579d4e5992f2acece00062db35dcf8

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "e1-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 225

GET
H/1.1 200
OK get Show response
conforme-secure.confirmation-session.gq/init/ Frame 8FA8 253 B
511 B 33ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/get
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 848f658b2bf78c8fe2335b2d53678639932f7838abbb7ab2d5916edc867c62af

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "fd-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 253

GET
H/1.1 200
OK 38802cd4-fc8e-4cc2-8ee8-42750d852201(2) Show response
conforme-secure.confirmation-session.gq/init/ Frame 8FA8 225 B
483 B 34ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/38802cd4-fc8e-4cc2-8ee8-42750d852201(2)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c7437d1039eb9cef6f2b48233ad3f46fd216ae6b81e4b63390e0a9bb10cd1b74

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "e1-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 225

GET
H/1.1 200
OK optout_check Show response
conforme-secure.confirmation-session.gq/init/ Frame 8FA8 83 B
340 B 46ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/optout_check
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: eea9224712ace0e0753af1fc6db610143551bfa7227d8e4b6e2e3e5941c9b4a8

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "53-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 83

GET
H/1.1 200
OK controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
conforme-secure.confirmation-session.gq/init/ Frame 8FA8 259 KB
82 KB 40ms
39ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "40cfc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86

GET
H/1.1 200
OK Kw6K3cJw.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ Frame 8FA8 26 KB
7 KB 31ms
30ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/Kw6K3cJw.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 345d608a01842c47b698da2449e244db26c8fc34f23062aa4e5c15a8409e1613

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "6919-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 7065

GET
H/1.1 200
OK f(11).txt Show response
conforme-secure.confirmation-session.gq/init/ Frame 8FA8 30 KB
12 KB 55ms
31ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(11).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "7679-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 11865

GET
H/1.1 200
OK f(12).txt Show response
conforme-secure.confirmation-session.gq/init/ Frame 8FA8 2 KB
1 KB 53ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/f(12).txt
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9ab7a60a4a1240934bba8f69b945c8f4d7cfc912907362f2760cd3f16bb3d344

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "959-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 1100

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/958350073/ 2 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958350073/?random=1609468438395&cv=9&fst=1609468438395&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc4794db9a49fc3374f8118da0b02c7b50755e8585e1c540741d5fdec22e1659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/786705886/ 2 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786705886/?random=1609468438396&cv=9&fst=1609468438396&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a750dc79df8e4381ba1527fa4895e53df3d93edc854ecb9dbf15013e51895bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/ 2 KB
1 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/?random=1609468438397&cv=9&fst=1609468438397&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

652e7825c28a2dfe17a367815e03cbcca398d22ebf11ab32306db701a8e11175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-user-list/1004456575/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/?random=1609468438397&cv=9&fst=1609468438397&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...
https://www.google.com/pagead/1p-user-list/1004456575/?random=1609468438397&cv=9&fst=1609466400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java...
https://www.google.de/pagead/1p-user-list/1004456575/?random=1609468438397&cv=9&fst=1609466400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=...

42 B
530 B

50ms
26ms

Image
image/gif

2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1004456575/?random=1609468438397&cv=9&fst=1609466400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3D%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&is_vtc=1&random=3034381481&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1004456575/?random=1609468438397&cv=9&fst=1609466400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3D%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&is_vtc=1&random=3034381481&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1057818225 Show response
1bva.societegenerale.fr/col647a/-/ 1 B
705 B 446ms
446ms Script
application/x-javascript 109.232.197.56
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1bva.societegenerale.fr/col647a/-/1057818225?product_subcategory_1=autre&page_type=other&sd=24&product_category=autre&fra=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&event_type=page_load&tc_container_22_version=74.40&urlp=conforme-secure.confirmation-session.gq%2F&ss=1600x1200&

Requested by

Host: 1bva.societegenerale.fr
URL: https://1bva.societegenerale.fr/gqbvas314.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.197.56 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

sg.eulerian.net

Software

EWS /

Resource Hash

36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Fri, 01 Jan 2021 02:33:58 GMT
X-Content-Type-Options: nosniff
Server: EWS
P3P: policyref="http://1bva.societegenerale.fr/w3c/p3p.xml",CP="NOI DSP COR NID ADMa DEVa OUR IND UNI"
Strict-Transport-Security: max-age=604800
Content-Type: application/x-javascript
Cache-Control: max-age=0, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Keep-Alive: timeout=4
Content-Length: 1
X-XSS-Protection: 0

GET
H/1.1 404
Not Found sourcesanspro-it.otf
conforme-secure.confirmation-session.gq/fonts/ 0
0 32ms
30ms Font
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/fonts/sourcesanspro-it.otf
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Origin: https://conforme-secure.confirmation-session.gq
Referer: https://conforme-secure.confirmation-session.gq/init/awt-front-BDDF.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=83
Content-Length: 330
Content-Type: text/html; charset=iso-8859-1

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1609468438391&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3330111368&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1025892926/ 42 B
108 B 20ms
18ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1025892926/?random=1609468438391&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3330111368&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 25ms
25ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1609468438397&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2580848976&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1004456575/ 42 B
108 B 23ms
21ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1004456575/?random=1609468438397&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2580848976&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/958350073/ 42 B
66 B 26ms
25ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958350073/?random=1609468438395&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3156576446&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/958350073/ 42 B
108 B 22ms
20ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/958350073/?random=1609468438395&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3156576446&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/786705886/ 42 B
66 B 19ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786705886/?random=1609468438396&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3031086112&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/786705886/ 42 B
108 B 23ms
22ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/786705886/?random=1609468438396&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3031086112&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/ Frame 8FA8 2 KB
2 KB 79ms
60ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/?random=1609468438459&cv=9&fst=1609468438459&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/f(11).txt

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0d0b68a95816727ce179180be288b99c4698a3ac82e3a6dc35d19cfd09d9e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ Frame 8FA8 42 B
66 B 22ms
18ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1607019695415&cv=9&fst=1607018400000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=krux_segments%3D&frm=2&url=https%3A%2F%2Fstatic.societegenerale.fr%2Fpri%2Fstatic%2Fdmsa%2Fiframe%2Fdmp_bridge.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=750928520&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.fr/pagead/1p-user-list/1025892926/ Frame 8FA8 42 B
66 B 23ms
20ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1025892926/?random=1607019695415&cv=9&fst=1607018400000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=864&u_w=1536&u_ah=834&u_aw=1536&u_cd=24&u_his=11&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=krux_segments%3D&frm=2&url=https%3A%2F%2Fstatic.societegenerale.fr%2Fpri%2Fstatic%2Fdmsa%2Fiframe%2Fdmp_bridge.html&ref=https%3A%2F%2Fparticuliers.societegenerale.fr%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=750928520&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
conforme-secure.confirmation-session.gq/init/ Frame D9F5 1 KB
1 KB 31ms
30ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9503857c71db72bf77bce905db734b5ab572d433b6b7547bafb847aa6042167d

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAzLTMzNDg1MTA0MDciLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V1202111333570.021073190495523475; AB_Test_Privacy=A; N_Testing_Privacy=4; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiNDU2OTdkOS03NmRkLTQ3NzctODRjOC00MTZlZDRhMWI4MjYiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDI6MzM6NTcuODQxWiIsInBhdGgiOiIvIn19; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjM2MTg1MDc4OTkyMjE4NjF9fQ%3D%3D; _MFB_=fHwyfHx8W118fDE2MDk0NzIwMzgxNzR8fA==; compteurPagesVues=1; _gcl_au=1.1.1897958136.1609468438; _uetsid=ccf942d04bd911eba684eb4458bccbe5; _uetvid=ccf94f604bd911eba69f315e91e48128; _fbp=fb.1.1609468438386.80472476
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
ETag: "522-5b7c19f78ea6f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 818
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ Frame 8FA8 259 KB
83 KB 71ms
22ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/Kw6K3cJw.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
age: 1899183
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1518712
content-length: 84451
x-served-by: cache-fra19165-FRA
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1609468439.534825,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H/1.1 200
OK 38802cd4-fc8e-4cc2-8ee8-42750d852201(2) Show response
conforme-secure.confirmation-session.gq/init/ Frame D9F5 225 B
483 B 30ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/38802cd4-fc8e-4cc2-8ee8-42750d852201(2)
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c7437d1039eb9cef6f2b48233ad3f46fd216ae6b81e4b63390e0a9bb10cd1b74

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "e1-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 225

GET
H/1.1 200
OK controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
conforme-secure.confirmation-session.gq/init/ Frame D9F5 259 KB
82 KB 42ms
41ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "40cfc-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85

GET
H/1.1 200
OK Kw6K3cJw.js.t%C3%A9l%C3%A9chargement Show response
conforme-secure.confirmation-session.gq/init/ Frame D9F5 26 KB
7 KB 31ms
31ms Script
application/javascript 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/Kw6K3cJw.js.t%C3%A9l%C3%A9chargement
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 5af4af7ff6c657586349a7a52a3ecac9bc51bf8baed02b93bfbe4f2c85ca56a2

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "6919-5b7c19f78ea6f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 7065

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ Frame 8FA8 42 B
66 B 20ms
18ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1609468438459&cv=9&fst=1609466400000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=2918114014&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/1025892926/ Frame 8FA8 0
0

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ Frame D9F5 259 KB
83 KB 22ms
21ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/Kw6K3cJw.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
age: 1899183
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1518713
content-length: 84451
x-served-by: cache-fra19165-FRA
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1609468439.579454,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 320 B
1 KB 92ms
23ms Script
text/html 80.252.91.52
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=4932&dispType=js&sync=0&sessionid=3832329594409511330&pageurl=$$https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F$$&activityValues=$$Session%3D6162516655974445880$$&acp=$$camp_source_prospect%3D%2F$$&ns=0&rnd=3983109855684057
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 80.252.91.52 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: a7a1305761583d7774ce06eb59b1f5c918142f81197567b09a20fe97409d1b50

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Jan 2021 02:34:26 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 248
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 9B70 0
0 23ms
23ms Document
text/html 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 01 Jan 2021 02:33:58 GMT
via: 1.1 varnish
age: 9773248
x-served-by: cache-fra19165-FRA
x-cache: HIT
x-cache-hits: 403169
x-timer: S1609468439.644457,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 38802cd4-fc8e-4cc2-8ee8-42750d852201 Show response
consumer.krxd.net/consent/get/ Frame 8FA8 240 B
432 B 92ms
46ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/38802cd4-fc8e-4cc2-8ee8-42750d852201?idt=device&dt=kxcookie&callback=Krux.ns.socgenprod.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de8d7634f73863ed57dae3a0909df9cbb9343f698eb194f53df7c44c336ac23f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a008-dub-prod.krxd.net, cache-fra19155-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609468439.705451,VS0,VE25
content-length: 193
x-cache-hits: 0, 1

GET
H2 200 38802cd4-fc8e-4cc2-8ee8-42750d852201 Show response
consumer.krxd.net/consent/get/ Frame D9F5 240 B
264 B 64ms
46ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/38802cd4-fc8e-4cc2-8ee8-42750d852201?idt=device&dt=kxcookie&callback=Krux.ns.socgenprod.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de8d7634f73863ed57dae3a0909df9cbb9343f698eb194f53df7c44c336ac23f

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a008-dub-prod.krxd.net, cache-fra19155-FRA
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609468439.705730,VS0,VE24
content-length: 193
x-cache-hits: 0, 1

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame D9F5 83 B
243 B 98ms
31ms Script
text/javascript 52.19.224.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.socgenprod.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.224.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-224-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3ee732a91759f1bba204625e7fad8341e2ca44b05cc9526e05caec6edc665e6c

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=27 t=1609468438
x-served-by: beacon-n022-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ Frame D9F5 347 B
517 B 114ms
114ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=38802cd4-fc8e-4cc2-8ee8-42750d852201&technographics=1&callback=Krux.ns.socgenprod.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 33950217fadcfd08f5f8634e09d8b6302fed554c86c23da5cc965e941485f79d

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a002-ash-prod.krxd.net, cache-fra19165-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609468439.760614,VS0,VE93
content-length: 271
x-cache-hits: 0, 1

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 8FA8 83 B
242 B 95ms
32ms Script
text/javascript 52.19.224.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.socgenprod.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.224.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-224-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3ee732a91759f1bba204625e7fad8341e2ca44b05cc9526e05caec6edc665e6c

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=34 t=1609468438
x-served-by: beacon-n002-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ Frame 8FA8 347 B
343 B 161ms
161ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=38802cd4-fc8e-4cc2-8ee8-42750d852201&technographics=1&callback=Krux.ns.socgenprod.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 33950217fadcfd08f5f8634e09d8b6302fed554c86c23da5cc965e941485f79d

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a002-ash-prod.krxd.net, cache-fra19165-FRA
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609468439.764981,VS0,VE89
content-length: 271
x-cache-hits: 0, 1

GET
H3-Q050 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame D9F5 30 KB
12 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Jan 2021 02:33:58 GMT

GET
H3-Q050 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 8FA8 30 KB
12 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Jan 2021 02:33:58 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/ Frame D9F5 2 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/?random=1609468438794&cv=9&fst=1609468438794&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fdmp_bridge.html&tiba=Proxy&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aac7a9e3f89e6cc38b748c755d07ad0e9eb9067f886ed3fc4504df5e91d3c891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 38802cd4-fc8e-4cc2-8ee8-42750d852201 Show response
consumer.krxd.net/consent/get/ Frame D9F5 225 B
286 B 51ms
50ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/38802cd4-fc8e-4cc2-8ee8-42750d852201?idt=device&dt=kxcookie&callback=Krux.ns.socgenprod.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1d3dbbaff10cb0105b80b2b18bb2b48e60525b3da76cddd8d08c2f92797a6012

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a010-dub-prod.krxd.net, cache-fra19155-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609468439.810999,VS0,VE29
content-length: 186
x-cache-hits: 0, 1

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/ Frame 8FA8 2 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/?random=1609468438801&cv=9&fst=1609468438459&num=2&label=uhG_CLCgz3oQvsSX6QM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36a9675f38e689a3c9051afe88fa8d7ce85983d789e9cb19d67aff2dd8141817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 38802cd4-fc8e-4cc2-8ee8-42750d852201 Show response
consumer.krxd.net/consent/get/ Frame 8FA8 225 B
246 B 44ms
44ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/38802cd4-fc8e-4cc2-8ee8-42750d852201?idt=device&dt=kxcookie&callback=Krux.ns.socgenprod.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1d3dbbaff10cb0105b80b2b18bb2b48e60525b3da76cddd8d08c2f92797a6012

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a010-dub-prod.krxd.net, cache-fra19155-FRA
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1609468439.817833,VS0,VE23
content-length: 186
x-cache-hits: 0, 1

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ Frame D9F5 42 B
66 B 20ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1609468438794&cv=9&fst=1609466400000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fdmp_bridge.html&tiba=Proxy&fmt=3&is_vtc=1&random=1561386194&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1025892926/ Frame D9F5 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1025892926/?random=1609468438794&cv=9&fst=1609466400000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fdmp_bridge.html&tiba=Proxy&fmt=3&is_vtc=1&random=1561386194&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 action
actorssl-5637.kxcdn.com/actor/a7a30ba0aebbae114c740a1b35adb8c7-/ 0
0 106ms
105ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://actorssl-5637.kxcdn.com/actor/a7a30ba0aebbae114c740a1b35adb8c7-/action
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/tc_SocieteGenerale_20_20201126172020.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
server: keycdn-engine
x-edge-location: defr
vary: Accept-encoding
content-type: application/javascript

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/ 2 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025892926/?random=1609468438868&cv=9&fst=1609468438868&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fddcc32253525f8a2b8226fe25f7f843f77a13cc923cab06c36f343dd39fcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/786705886/ 2 KB
1 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786705886/?random=1609468438870&cv=9&fst=1609468438870&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbfc126f1caf1e6f9a015239dc814ae9c944e6afa3b84e32a8372691b8e74f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/ 2 KB
1 KB 148ms
148ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/?random=1609468438872&cv=9&fst=1609468438872&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee6f3b4f9b4161314e79939b801f4cbae9b54670431cc481f9b9f697f83b2a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/958350073/ 2 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958350073/?random=1609468438874&cv=9&fst=1609468438874&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b508ee8b1348f8d6cd8c8b08ee9466aea3673b3596aba6968f8de66465953352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/ 3 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004456575/?random=1609468438876&cv=9&fst=1609468438876&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3DMon_Profil%3A%3AConnexion%3A%3AEcran_Connexion%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b070e82c2906d390a4433e2ec96947fee5adc67a3c21d58a4db3d5e11a54d4c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

activityi;dc_pre=CP3Yz5TZ-e0CFZnruwgdokEFuQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=2468678921461;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-sess...
10354013.fls.doubleclick.net/ Frame 69A6
Redirect Chain

https://10354013.fls.doubleclick.net/activityi;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=2468678921461;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-s...
https://10354013.fls.doubleclick.net/activityi;dc_pre=CP3Yz5TZ-e0CFZnruwgdokEFuQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=2468678921461;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2...

0
0

67ms
67ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10354013.fls.doubleclick.net/activityi;dc_pre=CP3Yz5TZ-e0CFZnruwgdokEFuQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=2468678921461;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10354013.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CP3Yz5TZ-e0CFZnruwgdokEFuQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=2468678921461;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://conforme-secure.confirmation-session.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnF0-qOsPWknRwjQoLVVqrnN14nW5Lw1xBU0e-o2WZgyGhYSbP3C9McR3ox
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jan 2021 02:33:58 GMT
expires: Fri, 01 Jan 2021 02:33:58 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 348
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jan 2021 02:33:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10354013.fls.doubleclick.net/activityi;dc_pre=CP3Yz5TZ-e0CFZnruwgdokEFuQ;src=10354013;type=arriv0;cat=sg_vi0;ord=1;num=2468678921461;gtm=2odb41;auiddc=1897958136.1609468438;~oref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 267639617 Show response
1bva.societegenerale.fr/col647a/-/ 1 B
418 B 31ms
30ms Script
application/x-javascript 109.232.197.56
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1bva.societegenerale.fr/col647a/-/267639617?ss=1600x1200&fra=0&tc_container_22_version=74.40&sd=24&product_category=autre&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&page_type=other&page_name=mon_profil%3A%3Aconnexion%3A%3Aecran_connexion&urlp=conforme-secure.confirmation-session.gq%2F&event_type=virtual_page&product_subcategory_1=autre&

Requested by

Host: 1bva.societegenerale.fr
URL: https://1bva.societegenerale.fr/gqbvas314.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.197.56 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

sg.eulerian.net

Software

EWS /

Resource Hash

36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Fri, 01 Jan 2021 02:33:58 GMT
X-Content-Type-Options: nosniff
Server: EWS
Strict-Transport-Security: max-age=604800
Content-Type: application/x-javascript
Cache-Control: max-age=0, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Keep-Alive: timeout=4
Content-Length: 1
X-XSS-Protection: 0

GET
H2 200 hit.xiti
logs128.xiti.com/ 35 B
131 B 32ms
30ms Image
image/gif 54.220.130.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs128.xiti.com/hit.xiti?s=594119&idclient=b45697d9-76dd-4777-84c8-416ed4a1b826&ts=1609468438867&vtag=5.22.0&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=3x33x58&lng=en-US&idp=0333589509663&jv=0&at=&p=Mon_Profil::Connexion::Ecran_Connexion&s2=&x1=true&x8=mon_profil::connexion::ecran_connexion&x10=/&x11=page_vue_chargee&x12=/&x13=1609468438855_97898&x14=b45697d9-76dd-4777-84c8-416ed4a1b826&stc=%7B%22globVars%22%3A%7B%22date_datehour%22%3A%222021-01-01_03%3A33%3A58%22%2C%22page_currentAT%22%3A%22mon_profil%3A%3Aconnexion%3A%3Aecran_connexion%22%2C%22page_technicalURL%22%3A%22~%22%7D%7D&ref=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.220.130.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-130-183.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:58 GMT
content-length: 35
strict-transport-security: max-age=7776000
content-type: image/gif

GET
H2

200

OneTagDefaultConfig.json Show response
secure-ds.serving-sys.com/BurstingCachedScripts/
Redirect Chain

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/2/4932
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

11 B
199 B

23ms
21ms

XHR
application/json

184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/3.0
Resource Hash: 9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:59 GMT
last-modified: Tue, 19 Dec 2017 08:44:56 GMT
server: Microsoft-IIS/8.5
x-powered-by: ARR/3.0
etag: "5a9573a5a578d31:0"
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11
expires: Mon, 31 Dec 2035 00:00:00 GMT

Redirect headers

location: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
date: Fri, 01 Jan 2021 02:33:59 GMT
server: AkamaiGHost
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0

GET
H2 204 0
bat.bing.com/action/ 0
116 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5500232&Ver=2&mid=ea77888f-0746-415d-ae18-207c89bbaf67&sid=ccf942d04bd911eba684eb4458bccbe5&vid=ccf94f604bd911eba69f315e91e48128&vids=0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&p=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&r=&lt=1500&evt=pageLoad&msclkid=N&sv=1&rn=804131
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 01 Jan 2021 02:33:58 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 751F0A5874ED4D4590344EA1E769967B Ref B: FRAEDGE1317 Ref C: 2021-01-01T02:33:58Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 30ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI1JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmglMjIlM0ElMjIlMjIlMkMlMjJlJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMjIlMkMlMjJkbSUyMiUzQXRydWUlN0QlN0QlNUQ%3D&cid=5&si=0&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=gdotfgvrkilpuuxc&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/statm.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 121

GET
H/1.1 200
OK hpeWk Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 31ms
29ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBOTAzNTY0MzclMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYwOTQ2ODQzOCUyQyUyMnJhbmQlMjIlM0E4OTc1OTUlN0QlN0QlNUQ%3D&cid=8&si=1&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=z_fmpgochns_pp_u&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/random.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 121

GET
H/1.1 404
Not Found hpeWk
conforme-secure.confirmation-session.gq/false/ 0
0 31ms
31ms Script
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/false/hpeWk?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNiUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMkYlMjIlMkMlMjJ0JTIyJTNBJTIycnMlMjIlN0QlN0QlNUQ%3D&cid=16&si=2&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=swwhrw_viuygkcmf&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/doctrans.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=83
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found hpeWk
conforme-secure.confirmation-session.gq/false/ 0
0 31ms
30ms Script
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/false/hpeWk?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNiUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMkYlMjIlMkMlMjJ0JTIyJTNBJTIycnMlMjIlN0QlN0QlNUQ%3D&cid=16&si=2&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=_oigopnxnppuck_h&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: scriptsp.par.societegenerale.fr
URL: https://scriptsp.par.societegenerale.fr/978517/doctrans.js?r=0.8997546950327839
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=82
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame D9F5 90 KB
23 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23470
x-fb-rlafr: 0
pragma: public
x-fb-debug: GkjRurSU/3TR64QIoohf7+95d/NM3xIjloB4pxzSfezfWZfD/kgr7f7snBxb2GDMbsJvQwzHtO8WmVRA2YmADg==
x-fb-trip-id: 2067596246
x-frame-options: DENY
date: Fri, 01 Jan 2021 02:33:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET fbevents.js
connect.facebook.net/en_US/ Frame 8FA8 0
0

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ Frame 8FA8 42 B
89 B 22ms
21ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1609468438801&cv=9&fst=1609466400000&num=2&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=1620082146&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/1025892926/ Frame 8FA8 0
0

GET
H/1.1 404
Not Found OKrh.html Show response
conforme-secure.confirmation-session.gq/init/ Frame EF0C 318 B
534 B 32ms
32ms Document
text/html 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/OKrh.html?si=0&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=xframe&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&icid=160946843893946128
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/statm.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 87fcdb7130b8d594441c4d7fef24598d959746c9c42c71094fefb3a709dfa541

Request headers

Host: conforme-secure.confirmation-session.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://conforme-secure.confirmation-session.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDIxMDEwMTAzLTMzNDg1MTA0MDciLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119; tcSessionId=V1202111333570.021073190495523475; AB_Test_Privacy=A; N_Testing_Privacy=4; atidvisitor=eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==; LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg; _MFB_=fHwyfHx8W118fDE2MDk0NzIwMzgxNzR8fA==; _gcl_au=1.1.1897958136.1609468438; _fbp=fb.1.1609468438386.80472476; compteurPagesVues=2; atuserid=eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiNDU2OTdkOS03NmRkLTQ3NzctODRjOC00MTZlZDRhMWI4MjYiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDI6MzM6NTguODYyWiIsInBhdGgiOiIvIn19; _uetsid=ccf942d04bd911eba684eb4458bccbe5; _uetvid=ccf94f604bd911eba69f315e91e48128; ___so978517=eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjM2MTg1MDc4OTkyMjE4NjF9LCJzcmNmIjp7InBzZCI6eyIzMTc3NzEwOTM1Ijp7InAiOiJodHRwczovL2NvbmZvcm1lLXNlY3VyZS5jb25maXJtYXRpb24tc2Vzc2lvbi5ncS8iLCJmayI6InJhbmRvbS5qcyIsInRhayI6Ik4vQSIsImJjYiI6WyIyIl0sIm1mIjpbImR1bW15Rm9ybSJdLCJyZXAiOnsiYmNiIjpbXSwibWYiOltdfX19fSwic2QiOm51bGwsInNkYyI6bnVsbCwiciI6Ii8ifQ%3D%3D; __gdic=kjdnybit64kvo43m
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Server: Apache/2.4.10 (Debian)
Content-Length: 318
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

POST
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 64ms
51ms XHR
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU?cid=6&si=1&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=ajax&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/pic2Util.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 01 Jan 2021 02:34:31 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 121

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1025892926/ 42 B
66 B 20ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025892926/?random=1609468438868&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2937780129&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1025892926/ 42 B
89 B 20ms
19ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1025892926/?random=1609468438868&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=2937780129&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/786705886/ 42 B
66 B 26ms
22ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786705886/?random=1609468438870&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=990662504&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/786705886/ 42 B
66 B 22ms
19ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/786705886/?random=1609468438870&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=990662504&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/958350073/ 42 B
66 B 25ms
22ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958350073/?random=1609468438874&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=4242192397&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/958350073/ 42 B
66 B 21ms
18ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/958350073/?random=1609468438874&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=4242192397&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 22ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1609468438876&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3DMon_Profil%3A%3AConnexion%3A%3AEcran_Connexion%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=4238865983&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1004456575/ 42 B
66 B 22ms
19ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1004456575/?random=1609468438876&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dpage_view%3Benv_market%3D%3Bpage_name%3DMon_Profil%3A%3AConnexion%3A%3AEcran_Connexion%3Bpage_type%3D%3Bpage_theme%3D%3Bpage_category_1%3D%3Bpage_category_2%3D%3Bpage_category_3%3D%3Bproduct_name_trade%3D%3Bproduct_category_1%3D%3Bproduct_category_2%3D%3Bproduct_category_3%3D%3Bdmp_id_tag%3DKw6K3cJw%3Bdmp_id_segment%3D&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=4238865983&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ Frame 8FA8 0
337 B 33ms
32ms Image
text/plain 52.19.224.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=Kw6K3cJw&_kpid=38802cd4-fc8e-4cc2-8ee8-42750d852201&_kcp_s=socgen%20production&_kcp_d=conforme-secure.confirmation-session.gq&_knifr=1&_kpref_=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&_kua_kx_tz=-60&geo_country=nl&geo_region=nh&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_whistle=0&_kua_kx_tech_browser=Chrome%2083&_kua_kx_tech_manufacturer=Apple%20Inc.&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Mac%20OS%20X&_kua_kx_geo_country=nl&_kua_kx_geo_region=nh&_kpa_url_path_1=init&_kpa_url_path_2=dmp_bridge.html&_kpa_domain=confirmation-session.gq&_kpa_isSecureContext=true&_kpa_isSecureSite=false&t_navigation_type=0&t_dns=0&t_tcp=0&t_http_request=-1&t_http_response=1&t_content_ready=272&t_window_load=556&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=vv0vnixnb&userdata_user=N25K-qlF%2Cvv0vnixnb&sview=1&kplt0=26164&kplt1=23708&kplt2=23709&kplt3=26163&kplt4=26170&kplt5=28365&kplt6=33235&kplt7=33491&kplt8=36231&kplt9=43312&kplt10=44331&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F38802cd4-fc8e-4cc2-8ee8-42750d852201%2C94%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C98%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C268%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F38802cd4-fc8e-4cc2-8ee8-42750d852201%2C195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.224.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-224-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/dmp_bridge.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:59 GMT
cache-control: private, no-cache, no-store
x-request-time: D=64 t=1609468439
x-served-by: beacon-n011-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pric.html
aweucn1.advanced-web-analytics.com/init/ Frame E830 0
0 119ms
22ms Document
text/html 18.184.108.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aweucn1.advanced-web-analytics.com/init/pric.html?e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&es=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&icid=160946843899822064
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/protocol.js.t%C3%A9l%C3%A9chargement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.108.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-108-250.eu-central-1.compute.amazonaws.com
Software: haile /
Resource Hash

Request headers

:method: GET
:authority: aweucn1.advanced-web-analytics.com
:scheme: https
:path: /init/pric.html?e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&es=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&icid=160946843899822064
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://conforme-secure.confirmation-session.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://conforme-secure.confirmation-session.gq/

Response headers

date: Fri, 01 Jan 2021 02:33:59 GMT
content-type: text/html
content-length: 0
server: haile
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"

GET
H2 204 pixel.gif
beacon.krxd.net/ Frame D9F5 0
337 B 32ms
32ms Image
text/plain 52.19.224.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=Kw6K3cJw&_kpid=38802cd4-fc8e-4cc2-8ee8-42750d852201&_kcp_s=socgen%20production&_kcp_d=conforme-secure.confirmation-session.gq&_knifr=1&_kpref_=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fdmp_bridge.html&_kua_kx_tz=-60&geo_country=nl&geo_region=nh&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2083&_kua_kx_tech_manufacturer=Apple%20Inc.&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Mac%20OS%20X&_kua_kx_geo_country=nl&_kua_kx_geo_region=nh&_kua_kx_whistle=1&_kpa_url_path_1=init&_kpa_url_path_2=proxy.3d2100fd7107262ecb55ce6847f01fa5.html&_kpa_domain=confirmation-session.gq&_kpa_isSecureContext=true&_kpa_isSecureSite=false&t_navigation_type=0&t_dns=0&t_tcp=0&t_http_request=-1&t_http_response=1&t_content_ready=70&t_window_load=281&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=vv0vnixnb&userdata_user=N25K-qlF%2Cvv0vnixnb&sview=2&kplt0=26164&kplt1=23708&kplt2=23709&kplt3=26163&kplt4=26170&kplt5=28365&kplt6=33235&kplt7=33491&kplt8=36231&kplt9=43312&kplt10=44331&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F38802cd4-fc8e-4cc2-8ee8-42750d852201%2C68%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C100%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C255%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F38802cd4-fc8e-4cc2-8ee8-42750d852201%2C201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.224.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-224-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:59 GMT
cache-control: private, no-cache, no-store
x-request-time: D=80 t=1609468439
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004456575/ 42 B
66 B 20ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004456575/?random=1609468438872&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3499581958&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1004456575/ 42 B
66 B 27ms
26ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1004456575/?random=1609468438872&cv=9&fst=1609466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=Soci%C3%A9t%C3%A9%20G%C3%A9n%C3%A9rale%20%7C%20Connexion&async=1&fmt=3&is_vtc=1&random=3499581958&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jan 2021 02:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 873080639448770 Show response
connect.facebook.net/signals/config/ Frame D9F5 27 KB
8 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/873080639448770?v=2.9.31&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a50502a32a50f668e2d0ca6d1d6ed9d4f8618019308fe0c39a2df17919a6c770

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 7793
x-fb-rlafr: 0
pragma: public
x-fb-debug: uXwNXjHaMu3ayqmIYMWw9qOfzagmxRjiQYAdpn6stE0X4r1ssfd4aP7VU6Lm5BvuMd6j1x8Cz/xmO8HDTd8GBQ==
x-fb-trip-id: 2067596246
x-frame-options: DENY
date: Fri, 01 Jan 2021 02:33:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 706893505
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame D9F5 44 B
146 B 6ms
5ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=873080639448770&ev=PageView&dl=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html&rl=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2Finit%2Fdmp_bridge.html&if=true&ts=1609468439063&sw=1600&sh=1200&v=2.9.31&r=stable&a=tmsalesforce&ec=0&o=28&fbp=fb.1.1609468438386.80472476&it=1609468439047&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://conforme-secure.confirmation-session.gq/init/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 02:33:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 01 Jan 2021 02:33:59 GMT

GET
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 31ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyOSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJuYW1lJTIyJTNBJTIyVHlwZUVycm9yJTIyJTJDJTIybWVzc2FnZSUyMiUzQSUyMkNhbm5vdCUyMHJlYWQlMjBwcm9wZXJ0eSUyMCcxNSclMjBvZiUyMG51bGwlMjIlMkMlMjJ0cmFjZSUyMiUzQSUyMiUyMCUyMCUyMCUyMGF0JTIwT2JqZWN0LmNlJTIwKGh0dHBzJTNBJTJGJTJGY29uZm9ybWUtc2VjdXJlLmNvbmZpcm1hdGlvbi1zZXNzaW9uLmdxJTJGaW5pdCUyRnBpYzJVdGlsLmpzLnQlMjVDMyUyNUE5bCUyNUMzJTI1QTljaGFyZ2VtZW50JTNBMSUzQTM4MDU2KSUyMiUyQyUyMmhhc2hfaWQlMjIlM0ElMjI1MzFjMGE4ZTE1ZDQxZmM1MjVkNmQyMGRmYWIxODE5ZWFkNWQ4NTZiMGUzZDRhNzU5MWMzNTM0NjQwOTQ5MThjJTIyJTdEJTdEJTVE&cid=29&si=1&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=qnbrhhorczemodkl&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/pic2Util.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:32 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 121

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 320 B
1 KB 23ms
23ms Script
text/html 80.252.91.52
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=4932&dispType=js&sync=0&sessionid=3735740720498098468&pageurl=$$https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F$$&activityValues=$$Session%3D6162516655974445880$$&acp=$$camp_source_prospect%3D%2F$$&ns=0&rnd=6899385214952884
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 80.252.91.52 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: c5380e00729e90f940d0b9d7b0fe64c64b8b48b11291797537ab91aaf5fbfa9a

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Jan 2021 02:34:26 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 249
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 30ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIzNCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZCUyMiUzQSU3QiUyMnBzZCUyMiUzQSU3QiUyMjMxNzc3MTA5MzUlMjIlM0ElN0IlMjJwJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMkYlMjIlMkMlMjJmayUyMiUzQSUyMnJhbmRvbS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyMiUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTIyZHVtbXlGb3JtJTIyJTVEJTJDJTIycmVwJTIyJTNBJTdCJTIyYmNiJTIyJTNBJTVCJTVEJTJDJTIybWYlMjIlM0ElNUIlNUQlN0QlN0QlN0QlN0QlN0QlN0QlNUQ%3D&cid=34&si=2&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=dpdzkibchyvdthay&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/skys.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:32 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 121

GET
H/1.1 200
OK hpeWk Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 30ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIzNCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZCUyMiUzQSU3QiUyMnBzZCUyMiUzQSU3QiUyMjMxNzc3MTA5MzUlMjIlM0ElN0IlMjJwJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25mb3JtZS1zZWN1cmUuY29uZmlybWF0aW9uLXNlc3Npb24uZ3ElMkYlMjIlMkMlMjJmayUyMiUzQSUyMnJhbmRvbS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyMiUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTIyZHVtbXlGb3JtJTIyJTVEJTJDJTIycmVwJTIyJTNBJTdCJTIyYmNiJTIyJTNBJTVCJTVEJTJDJTIybWYlMjIlM0ElNUIlNUQlN0QlN0QlN0QlN0QlN0QlN0QlNUQ%3D&cid=34&si=1&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=swgqluzlbctbymwx&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/random.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:32 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 121

POST
H/1.1 200
OK 9C0XU Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 65ms
53ms XHR
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/9C0XU?cid=6&si=1&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=ajax&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/pic2Util.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 01 Jan 2021 02:34:33 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78dacf"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 121

POST
H/1.1 200
OK hpeWk Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 30ms
30ms XHR
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk?cid=13&si=0&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=ajax&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/protocol.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 01 Jan 2021 02:34:34 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 121

GET
H/1.1 200
OK hpeWk Show response
conforme-secure.confirmation-session.gq/init/ 121 B
379 B 30ms
30ms Script
text/plain 37.187.89.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://conforme-secure.confirmation-session.gq/init/hpeWk?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyOSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJuYW1lJTIyJTNBJTIyVHlwZUVycm9yJTIyJTJDJTIybWVzc2FnZSUyMiUzQSUyMkNhbm5vdCUyMHJlYWQlMjBwcm9wZXJ0eSUyMCcxNSclMjBvZiUyMG51bGwlMjIlMkMlMjJ0cmFjZSUyMiUzQSUyMiUyMCUyMCUyMCUyMGF0JTIwT2JqZWN0LmNNJTIwKGh0dHBzJTNBJTJGJTJGY29uZm9ybWUtc2VjdXJlLmNvbmZpcm1hdGlvbi1zZXNzaW9uLmdxJTJGaW5pdCUyRnByb3RvY29sLmpzLnQlMjVDMyUyNUE5bCUyNUMzJTI1QTljaGFyZ2VtZW50JTNBMSUzQTM4MTE5KSUyMiUyQyUyMmhhc2hfaWQlMjIlM0ElMjIzZDRlM2IzYzQ2YjE0MWE4ZjlkMDBhMTNmODkyY2QyMDkwMDE4NTgxNDZiZGJjNGY5YjUyN2RlZjgzNWJhMzVmJTIyJTdEJTdEJTVE&cid=29&si=0&e=https%3A%2F%2Fconforme-secure.confirmation-session.gq&LSESSIONID=jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg&t=jsonp&c=pmgwmwoscxzg_duz&eu=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F
Requested by: Host: conforme-secure.confirmation-session.gq
URL: https://conforme-secure.confirmation-session.gq/init/protocol.js.t%C3%A9l%C3%A9chargement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.89.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3368800.ip-37-187-89.eu
Software: Apache/2.4.10 (Debian) /
Resource Hash: 16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5

Request headers

Referer: https://conforme-secure.confirmation-session.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 02:34:34 GMT
Last-Modified: Thu, 31 Dec 2020 12:18:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "79-5b7c19f78ea6f"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 121

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/1025892926/?random=1609468438459&cv=9&fst=1609466400000&num=1&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=2918114014&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/1025892926/?random=1609468438801&cv=9&fst=1609466400000&num=2&label=uhG_CLCgz3oQvsSX6QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=krux_segments%3D&frm=1&url=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&ref=https%3A%2F%2Fconforme-secure.confirmation-session.gq%2F&tiba=DMP%20BRIDGE&fmt=3&is_vtc=1&random=1620082146&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Societe Generale (Banking)

395 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.krxd.net/	1970-01-19 19:23:40	Name: _kuid_ Value: N25K-qlF
conforme-secure.confirmation-session.gq/	1970-01-20 00:36:09	Name: atuserid Value: eyJuYW1lIjoiYXR1c2VyaWQiLCJ2YWwiOiJiNDU2OTdkOS03NmRkLTQ3NzctODRjOC00MTZlZDRhMWI4MjYiLCJvcHRpb25zIjp7ImVuZCI6IjIwMjItMDItMDJUMDI6MzM6NTguODYyWiIsInBhdGgiOiIvIn19
.doubleclick.net/	1970-01-20 00:26:04	Name: IDE Value: AHWqTUnF0-qOsPWknRwjQoLVVqrnN14nW5Lw1xBU0e-o2WZgyGhYSbP3C9McR3ox
.confirmation-session.gq/	1969-12-31 23:59:59	Name: compteurPagesVues Value: 2
.confirmation-session.gq/	1970-01-19 17:14:04	Name: _fbp Value: fb.1.1609468438386.80472476
.confirmation-session.gq/	1970-01-19 17:14:04	Name: _gcl_au Value: 1.1.1897958136.1609468438
conforme-secure.confirmation-session.gq/	1969-12-31 23:59:59	Name: LSESSIONID Value: jLd1oaId4IEkdi%2BHLx0t0D0PpP%2BSr3TdUEiwEXavFtPX08UvP8R45sWg
.confirmation-session.gq/	1970-01-19 15:27:52	Name: _uetvid Value: ccf94f604bd911eba69f315e91e48128
conforme-secure.confirmation-session.gq/	1970-01-19 23:42:52	Name: _MFB_ Value: fHwyfHx8W118fDE2MDk0NzIwMzgxNzR8fA==
.confirmation-session.gq/	1969-12-31 23:59:59	Name: tcSessionId Value: V1202111333570.021073190495523475
conforme-secure.confirmation-session.gq/	1970-01-20 00:26:04	Name: atidvisitor Value: eyJuYW1lIjoiYXRpZHZpc2l0b3IiLCJ2YWwiOnsidnJuIjoiLTU5NDExOS0iLCJhdCI6IiJ9LCJvcHRpb25zIjp7InBhdGgiOiIvIiwic2Vzc2lvbiI6MzM2OTYwMDAsImVuZCI6MzM2OTYwMDB9fQ==
conforme-secure.confirmation-session.gq/	1969-12-31 23:59:59	Name: ___so978517 Value: eyJsc2giOjQwMjYzODQ3NTcsImUiOnsibiI6MywiYSI6W3siNCI6dHJ1ZX0sIjQiXSwicmlkIjowLjM2MTg1MDc4OTkyMjE4NjF9fQ%3D%3D
.confirmation-session.gq/	1969-12-31 23:59:59	Name: N_Testing_Privacy Value: 4
.confirmation-session.gq/	1969-12-31 23:59:59	Name: AB_Test_Privacy Value: A
.confirmation-session.gq/	1970-01-19 15:05:54	Name: _uetsid Value: ccf942d04bd911eba684eb4458bccbe5
.confirmation-session.gq/	1970-01-19 15:47:40	Name: tc_xtors Value: eyJmb3JtSWQiOiIyMDIxMDEwMTAzLTMzNDg1MTA0MDciLCJmb3JtQ29udGV4dCI6ImNvbnRleHRfdW5kZWZpbmVkIiwieHRvciI6W119

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://conforme-secure.confirmation-session.gq/init/public-dca.js.t%C3%A9l%C3%A9chargement(Line 1) Message: [dcaApi] : impossible de charger le script /icd/static/dcaweb-front/2.0.6/dcaweb-main.js Erreur : status=404
console-api	error	URL: https://conforme-secure.confirmation-session.gq/init/public-dca.js.t%C3%A9l%C3%A9chargement(Line 1) Message: [dcaApi] : api null ou vide
console-api	error	URL: /icd/static/dcaweb-front/2.0.6/dcaweb-main.js(Line 43) Message: [error] [dcaApi] fetchAndInitConfig error Erreur lors de l'appel du service /pri/static/dcaweb/config.json?_=20210101000000 : Request failed with status code 404
console-api	warning	URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement(Line 39) Message: @babel/polyfill is loaded more than once on this page. This is probably not desirable/intended and may have consequences if different versions of the polyfills are applied sequentially. If you do need to load the polyfill more than once, use @babel/polyfill/noConflict instead to bypass the warning.
console-api	error	URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement(Line 39) Message: [error] Requête /sec/getauthinfo.json?niv_authent=300 rejetée avec erreur Not Found
console-api	warning	URL: https://conforme-secure.confirmation-session.gq/init/interact-lanceur.js.t%C3%A9l%C3%A9chargement(Line 1) Message: [warning] Interact container already added, should not be appended
console-api	error	URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement(Line 39) Message: [error] Requête /swm/swm-sign.html rejetée avec erreur Not Found
console-api	error	URL: https://conforme-secure.confirmation-session.gq/init/swm.main.js.t%C3%A9l%C3%A9chargement(Line 39) Message: 2 log service requests on error reached, log requested disabled
console-api	warning	URL: https://conforme-secure.confirmation-session.gq/init/fbevents.js.t%C3%A9l%C3%A9chargement(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 873080639448770.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10354013.fls.doubleclick.net
1bva.societegenerale.fr
actorssl-5637.kxcdn.com
aweucn1.advanced-web-analytics.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
cdn.krxd.net
conforme-secure.confirmation-session.gq
connect.facebook.net
consumer.krxd.net
googleads.g.doubleclick.net
logs128.xiti.com
scriptsp.par.societegenerale.fr
secure-ds.serving-sys.com
www.facebook.com
www.google.com
www.google.de
www.google.fr
www.googleadservices.com
www.googletagmanager.com
connect.facebook.net
www.google.de
109.232.197.56
151.101.14.133
172.217.16.130
172.217.23.102
18.184.108.250
184.31.90.174
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:809::2008
2a00:1450:4001:814::2004
2a00:1450:4001:815::2002
2a00:1450:4001:817::2002
2a00:1450:4001:818::2003
2a00:1450:4001:81f::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a0b:4d07:101::1
3.124.25.217
37.187.89.161
52.19.224.33
54.220.130.183
80.252.91.52
01ea1a63072bcb09f85ce6b7812b325703301751cfb5ab4ef2ece6a95449d8be
02ef3ae0ca1178acafd3207951db6c3481be901748416a9fd2e15f7fecfbbf6a
048bec5fa4b6a8d6955d8b8b698730e946620c2d2cc0bd0503847021301c8c77
069f96cb554d5cf9afb0b9ad7edb382f789da3d7bd909e0e47a1c6f142841213
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
0a2a772760a16e07b99ff6f6061b4d9b8c99bde4152bd0dde426d013987ef097
0a750dc79df8e4381ba1527fa4895e53df3d93edc854ecb9dbf15013e51895bc
0aafb22b992d46be72036702e842c00f9a0ba34d1780d8426289fb21bf01fab9
0aba1ffff4efe790a910a3576c2e8b397d201fc49c5af544cccb391fd3340a2a
0d0c477e9849e1b674c4070ef22e282fe52c08b7d54018b3844a999ae8ca5c79
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
0f0c9a0d3315908b1f7c15f96957b4c61b59963d5137b40c130ab6e10f8eba83
0fb87a360659fde9b149b2036db331efa88b0d3d06ab319c0510480243c2bb8a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12ad8a6fe4c03864191066da21747429eb42250696a30943f165b6bbc19ae162
16a6f8712b87dd92e10e9f89e160e2f9111309ccd46922d95f38132289528ed5
18900ff5bb5dd79d4fc387ab09c9c55eebd75b6fa96b6b172cd844ac5557b56e
193ff02576d65ded44a2c940a4c79a325bd987d348a638c9ef3e57a7d2fe44bd
19965187fdbb3f1593722e61fb1e3f26171e4bf10ac466a8af1ed6d3492afe29
19e4a6a12289dba1a13b23131f4dc85ad68836d08cffca540b91d654de9b492f
1b859a247d2fec3895b0aec64bcd35fcdff5c75635a514f4818a14d0a27bb4f9
1cd2e879a2bc431ce6bdd03338ab6d5b2be54646231a01d8b883f1ed06d643b7
1d3dbbaff10cb0105b80b2b18bb2b48e60525b3da76cddd8d08c2f92797a6012
1e94db35d45912e8b2125e47ba78c4e775c4af9357e9a498f68f845f17b0485d
1ea54042cfb95f54f71f67d27cda8109e03edaaae121ce49a49ee95ab1da9323
1ffc4dc89ed1aa8b2a8097f2bffd3dfe37d0b80c824290db2920cba8d0408101
21c5befb758cb3e51d21840bcdb0b4d35cf335a336b20fbca8bb16b49396766b
2334cc5892b03355d16b2ffcd360aca9ff2919e4a0b4d62639dac3408b0ffdcd
25b86a63b1711e0badb83772b958f5dce6c81ec3148cc2114c4534a15b34cf3e
2f4d67d216cb9eb9add56b0a9931fda4c46d7c3f79481ef2fecaabfac91f9ffe
2fddcc32253525f8a2b8226fe25f7f843f77a13cc923cab06c36f343dd39fcab
31bf10d91090efb0932a4560d50ce0ed40e9d961374175331b008be7865142d6
33950217fadcfd08f5f8634e09d8b6302fed554c86c23da5cc965e941485f79d
345d608a01842c47b698da2449e244db26c8fc34f23062aa4e5c15a8409e1613
364bbad7da5c0db0c149ac68ff9b9248aae062459a93af8fa5e1b233131adda1
36a9675f38e689a3c9051afe88fa8d7ce85983d789e9cb19d67aff2dd8141817
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36b9944367a227d50e80b8e6498f351e4c7ab4290360ae624dbb3eda9b972ab9
3d2989ae22ced8b16ed95a8b7fa3063627d90277302b6b58c65e44b64b69684c
3d7e7086a0286cfca8aa269c77c12dc07dd9cb5fdedf911727d15189462e7fe1
3ee732a91759f1bba204625e7fad8341e2ca44b05cc9526e05caec6edc665e6c
42d1dc709aae2bded3fab89a75b78ac71ac56a5bc9938e213bb95dd47fb87fae
43ffec558cae11ca5ecdb80cfaff480509d7bf6b9c679f2740185115596d8e6f
4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
50cb9b6a0426f8ea0e044c329ec2827ae666ab88f2c6c3de461aee71eeedc858
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
56aa5a35b12bc48ed6064ec1a2e38118a48017e00882bde53c8e2ed4f55b67fc
5af4af7ff6c657586349a7a52a3ecac9bc51bf8baed02b93bfbe4f2c85ca56a2
5f39c97a5d41431187cf6f8d3c1c6cab7c46fbd2ee20febedd470e56043f3d41
5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3
6196e79a6beea903c5daccf483eae9f1052b0647cb165a9ffa0010392dc5e562
652e7825c28a2dfe17a367815e03cbcca398d22ebf11ab32306db701a8e11175
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3508e84845b497fe7de7c95b5565613fa4256341af4a1e96d614118f4ac5e9
6cc2bc8e380d3fd79e62e1b745e955c698de1456eb5f224c1b79c8c313b32401
6d2bd4fa4a43c078a03101debe04fe33fd850dd2b1af2f2293a790b549911a6e
718a77b5368bc1aabdd38d82773c971788cbc930508eb949f1664bc813a5bbbb
7432ce2d9558cdfad9fa922065edd4b052ce9d69366ccfcd08fd28cee4944f61
848f658b2bf78c8fe2335b2d53678639932f7838abbb7ab2d5916edc867c62af
87ee987122090b081ec5309f61798c116b24929f9cb42ed070e20b25649b3197
87fcdb7130b8d594441c4d7fef24598d959746c9c42c71094fefb3a709dfa541
8916863b5a9fb434907fb0e3354c12524f3e6a2c6fe12acff239df7bb9c7188c
89674fa5b46739595f18e8d4c9d4c271177cfd46c61b0d34aebca2490cca3b30
914b339f8a246568ebfbae46cfbc624ecb670d0a99ab59d1aaa4f14770a38ac3
921dac444f4d12a6ad6a4d973e13655173978720e539b8a51d517545d074e03b
9503857c71db72bf77bce905db734b5ab572d433b6b7547bafb847aa6042167d
9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308
9ab7a60a4a1240934bba8f69b945c8f4d7cfc912907362f2760cd3f16bb3d344
9f58ce64b74dd78a12a96ab8a3baab42d15e82131c988b8e78a0666b9b1198b1
a50502a32a50f668e2d0ca6d1d6ed9d4f8618019308fe0c39a2df17919a6c770
a64d86f1fafd180096bd451dd066d77ed4a3715420e1af7f82573b6d16813218
a6bf99527ad5b9f3a33c9bc75ca43ae21dd804f0eec2554ae118fd708fb21e00
a6c006153cf157bcd6f53f1f80a27f0b28987a86a5be166c6b53953799e18f66
a7a1305761583d7774ce06eb59b1f5c918142f81197567b09a20fe97409d1b50
aac7a9e3f89e6cc38b748c755d07ad0e9eb9067f886ed3fc4504df5e91d3c891
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
b070e82c2906d390a4433e2ec96947fee5adc67a3c21d58a4db3d5e11a54d4c7
b0cd10ba39008b79c2b5372a1c3bebf78ea9d6abee46e002bcb1d2a787d6068e
b4c3e1320a0696f8173bd2eada9b860560d9756316ac82249b3924ebe5a21f5b
b508ee8b1348f8d6cd8c8b08ee9466aea3673b3596aba6968f8de66465953352
b5a5f5511c2dd368384aa82113ce950e5f455b51716631b9a7bd78388f46d64c
b748e93de92cb578e0785b70bcc07d8bab67907bf0f089645b28dde03c5cffed
b7535f97c5a636c26669922844a25c061c8bbde4b18655308b70356430b60a18
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
c4621d91e3440020752933daa717d38c90286ea1663a98b54fb3ffa9c970f7f3
c5380e00729e90f940d0b9d7b0fe64c64b8b48b11291797537ab91aaf5fbfa9a
c7437d1039eb9cef6f2b48233ad3f46fd216ae6b81e4b63390e0a9bb10cd1b74
cacb3216bac8abc454ab954967d6ce67cd8969def976cb47b459261efdea3bc2
cbf2f9788fa5b22dd4c4428843fdd3ea68595db536cf347517da7d048d3bedcf
cbfc126f1caf1e6f9a015239dc814ae9c944e6afa3b84e32a8372691b8e74f66
cd3e2f420e0578b6dfc49e0a087eebe7c34fb44c412d71ae28d6bdbe71482c64
d7c1b7ebef4e6c996d839f9032ada4a16056fc48d75218c0ff68b9975a47f833
dbc59413888bd19f97c753e2c88219b8e660b7f0d4dec946e8cb52576c1ba907
dc4794db9a49fc3374f8118da0b02c7b50755e8585e1c540741d5fdec22e1659
de8d7634f73863ed57dae3a0909df9cbb9343f698eb194f53df7c44c336ac23f
deda47873b970f3f30793723271f158aa8bf0a8383016a41c5623cc63b8719ad
df2309303b0a8eac62a9a55ef2823e5692caaba0accd4751b2f716a062d450d4
dff42fc27824c65800c2671729e90622d40b31202a4c273b0039b31556f8fa65
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e30e57a42d27bcee51206f5ab291f5a51f579d4e5992f2acece00062db35dcf8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b1bf49a47050d8c8b2e5798cdbb0be796e55ee6b6fc058450d891f1c81ef5f
ea0c84249c6d3fb9c7ab3e12357104a9316a62515e0192725333f5a5d3d5c89e
ebc5899ef97f2613c1f52d762fab2fae3597d86dfae1f1f51901a7d978475970
ee6f3b4f9b4161314e79939b801f4cbae9b54670431cc481f9b9f697f83b2a46
eea9224712ace0e0753af1fc6db610143551bfa7227d8e4b6e2e3e5941c9b4a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d0b68a95816727ce179180be288b99c4698a3ac82e3a6dc35d19cfd09d9e67
f10f3e1f39253c9d4ee4374649f49bbdb22858f0332055c4e4de5259b624e109
f184a41e83fe0fa7657e501e40874b3e2468e3be8130be2340d4694b896c993f
f34c23f809a35d9f6db11ada5dd4154bb051faa6c320f63165874038b627bf6a
f3cbfb0993936c56d926cdae8e9896452da8f7015991704a70817816fc4702e0
f8ab70f3116e708b14a1307483065aaf86d561c46de9ee19c188d029b52f97b0
f8e1667ba9cd6652e2fde418186e191f61c694b09935666a5b97e405fc6ee874
fe6f751edcdcdef2f2fa677ebfeb50632396b12abd1b428c19a6f19b930ed5a4
ffb0158cdc267512932acd22b13aa4f0df1652290faa987148d69f923b6cb797

conforme-secure.confirmation-session.gq Open in urlscan Pro 37.187.89.161 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

229 Requests

99 %HTTPS

52 %IPv6

16 Domains

21 Subdomains

24 IPs

6 Countries

2513 kBTransfer

6658 kBSize

16 Cookies

18 Outgoing links

Redirected requests

229 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

conforme-secure.confirmation-session.gq Open in urlscan Pro
37.187.89.161 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

229
Requests

99 %
HTTPS

52 %
IPv6

16
Domains

21
Subdomains

24
IPs

6
Countries

2513 kB
Transfer

6658 kB
Size

16
Cookies

229 HTTP transactions
0 data transactions