credit-agricole-mon-securipass.maweb.eu Open in urlscan Pro
2001:1ab0:7e1e:220:ed:0:140:40 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://credit-agricole-mon-securipass.maweb.eu/
Submission: On May 19 via api (May 19th 2023, 1:37:49 pm UTC) from CA — Scanned from CA

Summary HTTP 107 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 107 HTTP transactions. The main IP is 2001:1ab0:7e1e:220:ed:0:140:40, located in Czech Republic and belongs to IGNUM-AS Czech Republic, CZ. The main domain is credit-agricole-mon-securipass.maweb.eu.

This is the only time credit-agricole-mon-securipass.maweb.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2001:1ab0:7e1... 2001:1ab0:7e1e:220:ed:0:140:40	29134 (IGNUM-AS ...) (IGNUM-AS Czech Republic)
13	2001:1ab0:7e1... 2001:1ab0:7e1e:220:ed::4	29134 (IGNUM-AS ...) (IGNUM-AS Czech Republic)
8	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
1 6	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
21	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:402... 2607:f8b0:4020:807::2003	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a02:598:c:18... 2a02:598:c:189::43	43037 (SEZNAM-) (SEZNAM-)
1 1	2a02:598:a::7... 2a02:598:a::79:235	43037 (SEZNAM-) (SEZNAM-)
2	2a02:598:c:18... 2a02:598:c:189::42	43037 (SEZNAM-) (SEZNAM-)
1	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
2	195.181.248.196 195.181.248.196	48689 (WEBGLOBE-...) (WEBGLOBE-SK-AS)
2	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00e:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:805::2003	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
107	23

1 2001:1ab0:7e1e:220:ed:0:140:40 (Czech Republic)

ASN29134 (IGNUM-AS Czech Republic, CZ)

credit-agricole-mon-securipass.maweb.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2001:1ab0:7e1e:220:ed::4 (Czech Republic)

ASN29134 (IGNUM-AS Czech Republic, CZ)

www.endora.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80f::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:807::2004 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:806::2008 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:598:c:189::43 (Prague, Czech Republic) 1 redirects

ASN43037 (SEZNAM-, CZ)

c.imedia.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:598:a::79:235 (Prague, Czech Republic) 1 redirects

ASN43037 (SEZNAM-, CZ)

c.imedia.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:598:c:189::42 (Prague, Czech Republic)

ASN43037 (SEZNAM-, CZ)

c.seznam.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.181.248.196 (Slovakia)

ASN48689 (WEBGLOBE-SK-AS, SK)
PTR: webglobe.core.webglobe.com

www.webglobe.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00e:13:face:b00c:0:3 (Toronto, Canada)

ASN32934 (FACEBOOK, US)

scontent-yyz1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:805::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 797 scontent-yyz1-1.xx.fbcdn.net — Cisco Umbrella Rank: 11579	540 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	244 KB
13	endora.cz www.endora.cz	419 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	31 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	303 KB
10	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 109 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68 analytics.google.com — Cisco Umbrella Rank: 243	76 KB
5	google.ca adservice.google.ca — Cisco Umbrella Rank: 14008 www.google.ca — Cisco Umbrella Rank: 8531	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	29 KB
4	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 40	227 KB
2	webglobe.cz www.webglobe.cz	37 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 174 partner.googleadservices.com — Cisco Umbrella Rank: 902	18 KB
2	seznam.cz c.seznam.cz — Cisco Umbrella Rank: 44790	30 KB
2	imedia.cz 2 redirects c.imedia.cz — Cisco Umbrella Rank: 88002	231 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	88 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	53 KB
1	maweb.eu credit-agricole-mon-securipass.maweb.eu	6 KB
107	18

	Domain	Requested by
19	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
13	www.endora.cz	credit-agricole-mon-securipass.maweb.eu www.endora.cz
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	fonts.gstatic.com	fonts.googleapis.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googleadservices.com www.googletagmanager.com
8	pagead2.googlesyndication.com	credit-agricole-mon-securipass.maweb.eu pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
6	www.google.com	1 redirects credit-agricole-mon-securipass.maweb.eu tpc.googlesyndication.com
4	www.google.ca	credit-agricole-mon-securipass.maweb.eu
4	www.facebook.com	connect.facebook.net static.xx.fbcdn.net
4	www.googletagmanager.com	1 redirects credit-agricole-mon-securipass.maweb.eu www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	scontent-yyz1-1.xx.fbcdn.net	www.facebook.com
2	www.webglobe.cz	credit-agricole-mon-securipass.maweb.eu
2	fonts.googleapis.com	client googleads.g.doubleclick.net
2	c.seznam.cz	credit-agricole-mon-securipass.maweb.eu
2	c.imedia.cz	2 redirects
2	www.google-analytics.com	credit-agricole-mon-securipass.maweb.eu www.google-analytics.com
2	www.gstatic.com	www.google.com googleads.g.doubleclick.net
2	connect.facebook.net	credit-agricole-mon-securipass.maweb.eu connect.facebook.net
2	apis.google.com	credit-agricole-mon-securipass.maweb.eu apis.google.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	analytics.google.com	www.googletagmanager.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.ca	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googleadservices.com	www.googletagmanager.com
1	credit-agricole-mon-securipass.maweb.eu
107	27

This site contains links to these domains. Also see Links.

Domain
www.endora.cz
podpora.endora.cz
webadmin.endora.cz
twitter.com
instagram.com
www.youtube.com
www.google.com
www.webglobe.cz

Subject Issuer	Validity	Valid
*.apis.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.webglobe.cz Sectigo RSA Domain Validation Secure Server CA	`2022-07-18` - `2023-08-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://credit-agricole-mon-securipass.maweb.eu/
Frame ID: 7B09D403543C448D399047766B837E4B
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Frame ID: F0858D84501AA4D54BAF8C74C86DD867
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%3D1409391765942444%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df359ea7f8a35a34%2526domain%253Dcredit-agricole-mon-securipass.maweb.eu%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fcredit-agricole-mon-securipass.maweb.eu%25252Ff45f3f6e9e27a4%2526relation%253Dparent.parent%26container_width%3D292%26header%3Dfalse%26height%3D239%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fendora.cz%26locale%3Dcs_CZ%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D292
Frame ID: 59E87F3A8AD9921B056631F5CCF871CA
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&pi=t.ma~as.8624521180&w=250&lmt=1684503464&format=250x250&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&wgl=1&dt=1684503463862&bpp=3&bdt=930&idt=287&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=3627703548332&frm=20&pv=2&ga_vid=1783312092.1684503464&ga_sid=1684503464&ga_hid=851698881&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1137&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071756%2C44788442%2C44792089&oid=2&pvsid=561733704603223&tmod=1088732708&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Hae6PYu0vM&p=http%3A//credit-agricole-mon-securipass.maweb.eu&dtd=307
Frame ID: 41A4C494E23FC21BD3F9FA67AC43E58B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&adk=1812271804&adf=3025194257&lmt=1684503464&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C212x675_r&format=0x0&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&ea=0&pra=7&wgl=1&dt=1684503464071&bpp=2&bdt=1139&idt=105&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&nras=1&correlator=3627703548332&frm=20&pv=1&ga_vid=1783312092.1684503464&ga_sid=1684503464&ga_hid=851698881&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071756%2C44788442%2C44792089&oid=2&pvsid=561733704603223&tmod=1088732708&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=126
Frame ID: C48987078556B7E4222824EA7800FEEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 61F7C1173F431B7D21BEA599B29D2930
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CB08EE26661434F52BEC47BE0742AA7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0ACAEA360611E3A8E599DF490829DBB3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Doména odstavena| Endora.cz

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

107
Requests

79 %
HTTPS

92 %
IPv6

18
Domains

27
Subdomains

23
IPs

4
Countries

2125 kB
Transfer

6244 kB
Size

11
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: http://www.endora.cz/

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti
Title: Vlastnosti

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/emailove-sluzby
Title: Emailové služby

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/registrace-domeny-cz
Title: Registrace domény

Search URL Search Domain Scan URL

URL: http://www.endora.cz/stranky-zdarma/webova-vizitka
Title: Webová vizitka

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/https-zdarma-webhosting-endora
Title: SSL zdarma

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/supercache
Title: Supercache

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/dnssec
Title: DNSSEC

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/virtualni-managed-servery
Title: Virtuální servery

Search URL Search Domain Scan URL

URL: http://www.endora.cz/cenik
Title: Ceník

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/napoveda
Title: Podpora

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/podminky-pouziti
Title: Podmínky použití

Search URL Search Domain Scan URL

URL: http://podpora.endora.cz/
Title: Fórum podpory

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/videonavody
Title: Videonávody

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/kontaktujte-nas
Title: Kontaktujte nás

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/kdo-jsme
Title: O nás

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/zazemi
Title: Zázemí

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/prenos-dat
Title: Přenos dat

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/endora-pomaha
Title: Pomáháme

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/podporte-nas
Title: Podpořte nás

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/napsali-o-nas
Title: Napsali o nás

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/kariera
Title: Kariéra

Search URL Search Domain Scan URL

URL: http://www.endora.cz/objednavka
Title: Zaregistrujte se

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/podminky-pouziti
Title: provozních podmínek

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/napoveda/5-domeny/43-jak-si-mohu-na-endora-cz-zaregistrovat-novou-domenu
Title: Jak si na Endora.cz zaregistrovat doménu

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/napoveda/5-domeny/167-jak-vygenerovat-ssl-certifikat
Title: Jak získat SSL certifikát zdarma

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/napoveda/12-e-maily/76-jak-mohu-pracovat-s-emaily-na-me-domene
Title: Jak můžete pracovat s e-maily na doménách hostovaných u Endora.cz

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/napoveda/25-webhosting/197-varianta-plus
Title: Plus

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/napoveda/25-webhosting/198-varianta-mega
Title: Mega

Search URL Search Domain Scan URL

URL: https://webadmin.endora.cz/?continue=%2Fuser%2Fstorage%2Fresolve-status%2F%3Fdomain%3Dcredit-agricole-mon-securipass.maweb.eu
Title: .

Search URL Search Domain Scan URL

URL: http://www.endora.cz/stranky-zdarma/wordpress
Title: Wordpress

Search URL Search Domain Scan URL

URL: http://www.endora.cz/stranky-zdarma/presta-shop
Title: PrestaShop

Search URL Search Domain Scan URL

URL: http://www.endora.cz/stranky-zdarma/joomla
Title: Joomla!

Search URL Search Domain Scan URL

URL: http://www.endora.cz/domeny
Title: Domény

Search URL Search Domain Scan URL

URL: http://www.endora.cz/cenik#cenik_webhostingu
Title: Ceník webhostingu

Search URL Search Domain Scan URL

URL: http://www.endora.cz/cenik#domains
Title: Ceník domén

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/forum
Title: Nápověda a fórum

Search URL Search Domain Scan URL

URL: https://webadmin.endora.cz/
Title: Webadmin

Search URL Search Domain Scan URL

URL: http://www.endora.cz/skoly
Title: Pro školy

Search URL Search Domain Scan URL

URL: http://www.endora.cz/novinky
Title: Novinky

Search URL Search Domain Scan URL

URL: https://twitter.com/stablecz
Title: Twitter

Search URL Search Domain Scan URL

URL: http://instagram.com/stablecz/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.youtube.com/playlist?list=PLoruQc6QoN3Trqm6_biEmGEW-ksPhbbp5
Title: YouTube

Search URL Search Domain Scan URL

URL: http://www.endora.cz/rss
Title: RSS

Search URL Search Domain Scan URL

URL: http://www.endora.cz/privacy
Title: Ochrana soukromí

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/napoveda/2-fakturace/149-moznosti-platby-na-endora-cz

Search URL Search Domain Scan URL

URL: https://www.google.com/policies/technologies/cookies/
Title: Další informace

Search URL Search Domain Scan URL

URL: https://www.endora.cz/privacy
Title: Více informací

Search URL Search Domain Scan URL

URL: https://www.webglobe.cz/podminky
Title: Více informací

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5 HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5

Request Chain 14

http://connect.facebook.net/cs_CZ/all.js HTTP 307
https://connect.facebook.net/cs_CZ/all.js

Request Chain 25

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 26

http://c.imedia.cz/js/retargeting.js HTTP 301
https://c.imedia.cz/js/retargeting.js HTTP 301
https://c.seznam.cz/js/retargeting.js

Request Chain 30

http://www.googletagmanager.com/gtag/js?id=G-XFHYHKMEEW&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=G-XFHYHKMEEW&l=dataLayer&cx=c

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

http://c.seznam.cz/retargeting?id=15330&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&consent=-1 HTTP 307
https://c.seznam.cz/retargeting?id=15330&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&consent=-1

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 403
Forbidden Primary Request / Show response
credit-agricole-mon-securipass.maweb.eu/ 18 KB
6 KB 716ms
118ms Document
text/html 2001:1ab0:7e1e:220:ed:0:140:40
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to

Full URL: http://credit-agricole-mon-securipass.maweb.eu/
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed:0:140:40 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: efa87a768f0148054b815e1ff077efaddaed43f9dd8b7cf24333c869b6e62490

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 19 May 2023 13:37:42 GMT
ETag: W/"5d5ab281-4958"
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK webloader-web.css
www.endora.cz/webtemp/css/web/ 424 KB
100 KB 432ms
114ms Stylesheet
text/css 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
Requested by: Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 630cf96edce060fb45093270106cdf2388ad8d8887dad3dc56fb381adf894498

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 May 2023 05:37:06 GMT
Server: nginx
ETag: W/"645dd082-69f06"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2419200
Connection: keep-alive

GET
H/1.1 404
Not Found webloader-webHead.js
www.endora.cz/webtemp/css/webHead/ 0
0 788ms
468ms Script
text/html 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.endora.cz/webtemp/css/webHead/webloader-webHead.js?1523432989
Requested by: Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1 200
OK endoracz-freehosting-webhosting-zdarma.png
www.endora.cz/images/ 80 KB
80 KB 105ms
104ms Image
image/png 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/endoracz-freehosting-webhosting-zdarma.png
Requested by: Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: b557cf30a122931273857cc9fcc09e1dfbfd739c99ad3291d239d00cb693dba2

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:43 GMT
Last-Modified: Mon, 04 Jan 2021 12:56:36 GMT
Server: nginx
ETag: "5ff31084-140e3"
Content-Type: image/png
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 82147

GET
H/1.1 200
OK ico-hosted.png
www.endora.cz/images/ 2 KB
2 KB 314ms
104ms Image
image/png 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/ico-hosted.png
Requested by: Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 305f3d591b84041067571faecc77ae1f74e52fc857f1bc54b7ab9c9033962ccc

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:43 GMT
Last-Modified: Mon, 17 Aug 2020 11:37:20 GMT
Server: nginx
ETag: "5f3a6bf0-6c2"
Content-Type: image/png
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1730

GET
H/1.1 200
OK ico-newfast.png
www.endora.cz/images/ 3 KB
4 KB 329ms
107ms Image
image/png 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/ico-newfast.png
Requested by: Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: cd8e50622016ad57ca0fbbccee2690d504552b1ce0848142c442c127b8325178

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:44 GMT
Last-Modified: Mon, 17 Aug 2020 11:37:20 GMT
Server: nginx
ETag: "5f3a6bf0-d81"
Content-Type: image/png
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3457

GET
H/1.1 200
OK ico-registeredcz.png
www.endora.cz/images/ 2 KB
2 KB 336ms
111ms Image
image/png 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/ico-registeredcz.png
Requested by: Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: ef7a81264afb7408d3d24b684d6ea42daba371c0abfaa142bcf4f66313c5718c

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:44 GMT
Last-Modified: Mon, 17 Aug 2020 11:37:20 GMT
Server: nginx
ETag: "5f3a6bf0-84f"
Content-Type: image/png
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2127

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
50 KB 79ms
60ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd8feb9a58132c53fa466458461d8e613f4a7d9101999b2d9b42bd5647ee4f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50156
X-XSS-Protection: 0
Server: cafe
ETag: 17052289982928572330
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 19 May 2023 13:37:43 GMT

GET
H/1.1 200
OK platebni-metody-freehostingu.png
www.endora.cz/images/ 6 KB
6 KB 340ms
113ms Image
image/png 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/platebni-metody-freehostingu.png
Requested by: Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 8f708832c181e1694851f65a5d041591e94a24aabbc33e404fdac944e91c6eaa

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:44 GMT
Last-Modified: Mon, 17 Aug 2020 11:37:20 GMT
Server: nginx
ETag: "5f3a6bf0-17d9"
Content-Type: image/png
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6105

GET
H/1.1 200
OK gopay.png
www.endora.cz/images/ 3 KB
3 KB 209ms
114ms Image
image/png 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/gopay.png
Requested by: Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 77c33447aa8f6fef0a8068a95394b7c91b0ab176664f90a51a21492d72ab4a3d

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:43 GMT
Last-Modified: Mon, 17 Aug 2020 11:37:20 GMT
Server: nginx
ETag: "5f3a6bf0-b4a"
Content-Type: image/png
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2890

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 80ms
39ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98392425b4423e34d9d83ce3224189f26770e42bc2a8a6f7a980f7c8617d8ee3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 13:37:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21024
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "84946e99dd1bd73d"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 13:37:43 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
880 B 79ms
40ms Script
text/javascript 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e3a8cd754e8a6c30d9f9d6f90589dc9e84e7038f1fc2809494b2255d399ed3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 558
x-xss-protection: 1; mode=block
expires: Fri, 19 May 2023 13:37:43 GMT

GET
H/1.1 200
OK webloader-web.js Show response
www.endora.cz/webtemp/js/web/ 612 KB
205 KB 110ms
109ms Script
application/javascript 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.endora.cz/webtemp/js/web/webloader-web.js?1560241543
Requested by: Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 0916183c630f90de6848e05550b0bd25d595c947ab08163f9646070baec57453

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 May 2023 05:37:06 GMT
Server: nginx
ETag: W/"645dd082-9903e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=29030400
Connection: keep-alive

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5

255 KB
88 KB

106ms
64ms

Script
application/javascript

2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7556b8c3e511238dec6008332640f1789e575c94279d25b264ff2b0018d29306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89261
x-xss-protection: 0
last-modified: Fri, 19 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 13:37:43 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
Date: Fri, 19 May 2023 13:37:43 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK webloader-webPrint-print.css
www.endora.cz/webtemp/css/webPrint/ 195 B
456 B 115ms
114ms Stylesheet
text/css 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.endora.cz/webtemp/css/webPrint/webloader-webPrint-print.css?1523432989
Requested by: Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 0307813a544ed1fa8a8606edbdb10257272ff314a13d5d11d494a91bacd56600

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:44 GMT
Last-Modified: Fri, 12 May 2023 05:37:06 GMT
Server: nginx
ETag: "645dd082-c3"
Content-Type: text/css
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195

GET
H2

200

all.js Show response
connect.facebook.net/cs_CZ/
Redirect Chain

http://connect.facebook.net/cs_CZ/all.js
https://connect.facebook.net/cs_CZ/all.js

3 KB
3 KB

61ms
20ms

Script
application/x-javascript

2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/cs_CZ/all.js

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d64ee10b055f1152caca4b2ee4e2a5b59b29353b88b3494fd8c9566946d1f57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 13:37:43 GMT
content-md5: Iz3rYZcZE3904kePMeCi4Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1690
x-fb-rlafr: 0
x-fb-debug: 0ACuyW6p4/2VINitXwZDqvYoNOy/+jpV8niSjK1SC5clWQXPFqEfwNfkSFUN4nDDc6q+cz+wkmHWJ8XgdZ9Whg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 59084c1edefb89ce69da501c274ceac3
cross-origin-opener-policy: same-origin-allow-popups
etag: "296bc194f4ae1c561078aab14cb87960"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 19 May 2023 13:44:16 GMT

Redirect headers

Location: https://connect.facebook.net/cs_CZ/all.js#xfbml=1&appId=1409391765942444
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK header-bg-2.png
www.endora.cz/assets/web/css/ 2 KB
2 KB 189ms
103ms Image
image/png 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/assets/web/css/header-bg-2.png
Requested by: Host: www.endora.cz
URL: http://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: a6dc9b82f3a0c52addc43d1deedca36c606befc3a0bad4f29f9365701c32d165

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:43 GMT
Last-Modified: Mon, 17 Aug 2020 11:37:20 GMT
Server: nginx
ETag: "5f3a6bf0-7a1"
Content-Type: image/png
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1953

GET
H/1.1 200
OK slider-controls.png
www.endora.cz/assets/web/css/ 2 KB
2 KB 205ms
113ms Image
image/png 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/assets/web/css/slider-controls.png
Requested by: Host: www.endora.cz
URL: http://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 0e9da5da7346dd8033a870e67fa01e5e379ad0dc2eb49563ec3e5f0b09c03140

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:43 GMT
Last-Modified: Mon, 17 Aug 2020 11:37:20 GMT
Server: nginx
ETag: "5f3a6bf0-6d4"
Content-Type: image/png
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1748

GET
H/1.1 200
OK socials.png
www.endora.cz/assets/web/css/ 12 KB
12 KB 203ms
111ms Image
image/png 2001:1ab0:7e1e:220:ed::4
IGNUM-AS Czech Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/assets/web/css/socials.png
Requested by: Host: www.endora.cz
URL: http://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
Protocol: HTTP/1.1
Server: 2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software: nginx /
Resource Hash: a3e0cc1523fbef6a99b0c19bfdfdaf832e7c747d0f98183a3ea26343e14fee8b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:43 GMT
Last-Modified: Mon, 17 Aug 2020 11:37:20 GMT
Server: nginx
ETag: "5f3a6bf0-309f"
Content-Type: image/png
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12447

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/ 151 KB
52 KB 12ms
12ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d21496fff96f9f50f1094291999ba1e38efe7f44ca6e07814bcc07eadeae04f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 08:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53310
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 08:00:14 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ 408 KB
163 KB 54ms
11ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://credit-agricole-mon-securipass.maweb.eu/
Origin: http://credit-agricole-mon-securipass.maweb.eu
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166637
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 May 2024 17:39:40 GMT

GET
H3 200 all.js Show response
connect.facebook.net/cs_CZ/ 303 KB
85 KB 40ms
20ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/cs_CZ/all.js?hash=91293d43ecc758b44122074d51977b54

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/cs_CZ/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c74f531a75088f31ab7cc16e5684e2d1835f158c56255868af359e3952ac6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://credit-agricole-mon-securipass.maweb.eu/
Origin: http://credit-agricole-mon-securipass.maweb.eu
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 13:37:43 GMT
content-md5: 6GRul2JF4U3B5ug76I/DiA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87108
x-fb-rlafr: 0
x-fb-debug: egQIs71vYHKZGF/MBSpa5i+Vy6xOj0l1JRx72ePicseFEYdGs3j7iVAdNNSAOV4Uj7BKFfWYV2GpYKL98536+w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4cf331cb031b91d426077e34d45951fb
cross-origin-opener-policy: same-origin-allow-popups
etag: "c5c20d16f0fc00e57b0e3d30fd51148e"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 May 2024 11:43:30 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 355 KB
120 KB 167ms
119ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c82c526993008ee57025968fcc976a663e52cb00a5691ceab19531428881c893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122634
x-xss-protection: 0
server: cafe
etag: 7067701933234537551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 May 2023 13:37:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame F085 10 KB
5 KB 60ms
11ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://credit-agricole-mon-securipass.maweb.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 71191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 17:51:12 GMT
etag: 15057649708203361565
expires: Thu, 01 Jun 2023 17:51:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 74ms
34ms Fetch
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1409391765942444&input_token&origin=1&redirect_uri=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/all.js?hash=91293d43ecc758b44122074d51977b54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Fri, 19 May 2023 13:37:44 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 6SPiV9VYdO3EkStvniSr2hZ1Rc/CH/VQcEsoxy7h4k9bfJznzflB+kVSPParSHeZvNLXAkEu9QXcc1T2EWgbvQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://credit-agricole-mon-securipass.maweb.eu
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 like_box.php Show response
www.facebook.com/plugins/ Frame 59E8 96 KB
28 KB 127ms
111ms Document
text/html 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=1409391765942444&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df359ea7f8a35a34%26domain%3Dcredit-agricole-mon-securipass.maweb.eu%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcredit-agricole-mon-securipass.maweb.eu%252Ff45f3f6e9e27a4%26relation%3Dparent.parent&container_width=292&header=false&height=239&href=http%3A%2F%2Fwww.facebook.com%2Fendora.cz&locale=cs_CZ&sdk=joey&show_border=false&show_faces=true&stream=false&width=292

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/all.js?hash=91293d43ecc758b44122074d51977b54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2f39ce6e99b0f98a15a02ce945e16f4ead553d9a7e59fc4ef8c82ad4d4c8f81

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://credit-agricole-mon-securipass.maweb.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 13:37:44 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 5XPBkvOMxDeHLD4VG5auvfwqu6SANKFJ7W9375bbhOkOyRhzJxRI8JcyyLqSJ3AAbCA1cVaYeA7nt8bmuAm0Hg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

51 KB
21 KB

51ms
11ms

Script
text/javascript

2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 13:18:40 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1144
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 15:18:40 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

retargeting.js Show response
c.seznam.cz/js/
Redirect Chain

http://c.imedia.cz/js/retargeting.js
https://c.imedia.cz/js/retargeting.js
https://c.seznam.cz/js/retargeting.js

101 KB
30 KB

601ms
249ms

Script
application/javascript

2a02:598:c:189::42
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL

https://c.seznam.cz/js/retargeting.js

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Server

2a02:598:c:189::42 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),

Reverse DNS

Software

envoy /

Resource Hash

166951e3942236f57c0ae9cf591e04f1231cb14e8628704979215e593614726f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:45 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
slo-domain: sklik-ap-static
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
x-envoy-upstream-service-time: 20
slo-app: sklik-ap-static
last-modified: Tue, 25 Apr 2023 08:51:46 GMT
server: envoy
etag: W/"644794a2-19376"
slo-class: critical
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,public
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-openrtb-version,x-sklik-trace
expires: Fri, 19 May 2023 14:37:45 GMT

Redirect headers

location: https://c.seznam.cz/js/retargeting.js
date: Fri, 19 May 2023 13:37:44 GMT
server: envoy

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 63ms
42ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5

Protocol

HTTP/1.1

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b511cb7b7ffa86cedc109f7acf0b8a29ec06e360d8ec92845af47af050df18bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 13:37:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14106109003906514362
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 16840
X-XSS-Protection: 0
Expires: Fri, 19 May 2023 13:37:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 50ms
49ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-995118708

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47bda279766d9c1d991e75278da5a6512badd4e63ad0d9be3884e2dfc9c63d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68342
x-xss-protection: 0
last-modified: Fri, 19 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 13:37:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 126ms
86ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2bc6af15a42a7b6dd655abcc81821c3f0dd47f42aa391cfbf4aa8827ea970b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 13:32:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 13:37:44 GMT

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=G-XFHYHKMEEW&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=G-XFHYHKMEEW&l=dataLayer&cx=c

202 KB
72 KB

55ms
54ms

Script
application/javascript

2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XFHYHKMEEW&l=dataLayer&cx=c

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cffacc051217932ec7c1011288b7b39b2f291dac136a67bc5840b2b8849ffb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74172
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 May 2023 13:37:44 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=G-XFHYHKMEEW&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 815-cookie-icon.svg
www.webglobe.cz/upload/ 72 KB
35 KB 648ms
225ms Image
image/svg+xml 195.181.248.196
WEBGLOBE-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.webglobe.cz/upload/815-cookie-icon.svg

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.248.196 , Slovakia, ASN48689 (WEBGLOBE-SK-AS, SK),

Reverse DNS

webglobe.core.webglobe.com

Software

nginx /

Resource Hash

545e23e3cdfb634c986f23fa67143243a314531e03ac86575e0f650ea9aa0889

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
content-length: 35192
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 18 Feb 2022 09:37:21 GMT
server: nginx
etag: "121c3-5d847a12934ee-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sun, 18 Jun 2023 13:37:44 GMT

GET
H2 200 WEBGLOBE_logo.svg
www.webglobe.cz/assets/front/img/ 5 KB
2 KB 537ms
115ms Image
image/svg+xml 195.181.248.196
WEBGLOBE-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.webglobe.cz/assets/front/img/WEBGLOBE_logo.svg

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.248.196 , Slovakia, ASN48689 (WEBGLOBE-SK-AS, SK),

Reverse DNS

webglobe.core.webglobe.com

Software

nginx /

Resource Hash

31088643f84cdee5e5e58fe0d858030627be718f00bbeed861e49b7535e64c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
content-length: 1915
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 May 2023 03:44:48 GMT
server: nginx
etag: "13d2-5fb76ed35ec00-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sun, 18 Jun 2023 13:37:44 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
602 B 76ms
37ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=credit-agricole-mon-securipass.maweb.eu&callback=_gfp_s_&client=ca-pub-5207119889962754

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6e257bcafcea59d5e4a60a5ab71a6a52e4fb18c1a198f211506fc69313dee0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
532 B 99ms
37ms Script
application/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=credit-agricole-mon-securipass.maweb.eu

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 81ms
40ms Script
application/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=credit-agricole-mon-securipass.maweb.eu

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41A4 74 KB
23 KB 398ms
397ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&pi=t.ma~as.8624521180&w=250&lmt=1684503464&format=250x250&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&wgl=1&dt=1684503463862&bpp=3&bdt=930&idt=287&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=3627703548332&frm=20&pv=2&ga_vid=1783312092.1684503464&ga_sid=1684503464&ga_hid=851698881&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1137&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071756%2C44788442%2C44792089&oid=2&pvsid=561733704603223&tmod=1088732708&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Hae6PYu0vM&p=http%3A//credit-agricole-mon-securipass.maweb.eu&dtd=307

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bb60965dc9dab41d5ec6575e203fa6c9e4df5928966212b7e74b611154baeb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://credit-agricole-mon-securipass.maweb.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23459
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 13:37:44 GMT
expires: Fri, 19 May 2023 13:37:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
122 B 39ms
37ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=fixedBar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C489 0
19 B 37ms
36ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&adk=1812271804&adf=3025194257&lmt=1684503464&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C212x675_r&format=0x0&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&ea=0&pra=7&wgl=1&dt=1684503464071&bpp=2&bdt=1139&idt=105&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&nras=1&correlator=3627703548332&frm=20&pv=1&ga_vid=1783312092.1684503464&ga_sid=1684503464&ga_hid=851698881&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071756%2C44788442%2C44792089&oid=2&pvsid=561733704603223&tmod=1088732708&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=126

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://credit-agricole-mon-securipass.maweb.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 13:37:44 GMT
expires: Fri, 19 May 2023 13:37:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
225 B 33ms
33ms XHR
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=851698881&t=pageview&_s=1&dl=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&ul=en-us&de=UTF-8&dt=Dom%C3%A9na%20odstavena%7C%20Endora.cz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=605626758&gjid=1151181685&cid=1783312092.1684503464&tid=UA-5967828-26&_gid=1592094969.1684503464&_r=1&_slc=1&gtm=45He35h0n715S8CZ5&z=286028895

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://credit-agricole-mon-securipass.maweb.eu/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://credit-agricole-mon-securipass.maweb.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PkIO0W5ZNDQ.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame 59E8 21 KB
6 KB 67ms
20ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/PkIO0W5ZNDQ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=1409391765942444&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df359ea7f8a35a34%26domain%3Dcredit-agricole-mon-securipass.maweb.eu%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcredit-agricole-mon-securipass.maweb.eu%252Ff45f3f6e9e27a4%26relation%3Dparent.parent&container_width=292&header=false&height=239&href=http%3A%2F%2Fwww.facebook.com%2Fendora.cz&locale=cs_CZ&sdk=joey&show_border=false&show_faces=true&stream=false&width=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fef30923b42e21418b131694248e7dd55376159cac33cb19abbf4dc70140008f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nVvYlX+ASeAfnvOQ7UwVqA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5547
x-fb-rlafr: 0
x-fb-debug: dGot7mOViTKBNd4D8aU8aTSIqY/R+hEzO5KFpMdGym4Jv4NsGY292yUmIdJ0NGVgk7QYC8xBo0qgJd4GLveILg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 17 May 2024 17:10:49 GMT

GET
H2 200 5Efu-Dd9ERG.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame 59E8 33 KB
7 KB 66ms
19ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fl5R7gBdn+7q3joF/eO71w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6398
x-fb-rlafr: 0
x-fb-debug: EfzaCX7fZwPpf4Bh5N6YTdfgRJiMXWRhBJturzIifVE6nHrgapuj0g7bGjQho629SAwgpF3EcmGJpy6kPrJgbQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), idle-detection=()
timing-allow-origin: *
expires: Thu, 09 May 2024 23:45:04 GMT

GET
H2 200 VgXuLDvA2zT.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ Frame 59E8 27 KB
6 KB 82ms
36ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/VgXuLDvA2zT.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fd28da6577f5057a62532491cab66a46f9dfa1fc9ec579f37df029eee4ad10b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: V0NGtarqyDaKZK1WlYWbQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6402
x-fb-rlafr: 0
x-fb-debug: vGR1bljkwnARgZRK2dTbyxBBQvQSRcdoifV4GaAu53jZqqSMxnJeZi8PnQOz9/88eGukGSl0k+Tfdx8VyakFzg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 17 May 2024 17:10:49 GMT

GET
H2 200 gLi9nFwCjmA.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame 59E8 305 KB
80 KB 83ms
37ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/gLi9nFwCjmA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b06b921fc565f191fd269c0df815ff21ef62dc70e451a609b482afd6a9e92399

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rKZCyDeEbcPrkKUfLlVE3A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81618
x-fb-rlafr: 0
x-fb-debug: kMFdNDpdLXtUdhE17N+4VZKXuqQDLFwZj05ToNS6fyd8o+SMJdN+lVhsfDDUeWcOlYIBBubi1n8Du5mmRztFFg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 18 May 2024 03:13:01 GMT

GET
H2 200 z1rgw_ywh9V.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 59E8 97 KB
29 KB 82ms
36ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/z1rgw_ywh9V.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c53696e7ecdb66622eed2fa572c6195904de06485261b19e53a10573bddb1293

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Gn/O6qmVlTX9VR7Y2HMuIQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29637
x-fb-rlafr: 0
x-fb-debug: YqIGTIFP3l2IScrgo3m1lEQ6b663G8yg86z7eikcyiuShFDHcknyZ8uuA0UASRWcg8qxKAXmjI64YMTGR8GcnQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), magnetometer=()
timing-allow-origin: *
expires: Mon, 13 May 2024 16:43:44 GMT

GET
H2 200 PCjTVjBuPVs.js Show response
static.xx.fbcdn.net/rsrc.php/v3iGDr4/yy/l/cs_CZ/ Frame 59E8 103 KB
30 KB 120ms
75ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iGDr4/yy/l/cs_CZ/PCjTVjBuPVs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87d83bbfdd3379310bf24b362b4989ed6f3066b2cf0fea24b5baa6984549f2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jWhnnojpay6Fy6TYHMDAPQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30689
x-fb-rlafr: 0
x-fb-debug: +F0wYe1KdfwXlfaGO1VIFEoMAEqDd6BXyghp/qxchEPc/BALlcdtYaVGXayo2QJ2/TjVeTHj+O2EMeJ78bvBWg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), gyroscope=(), hid=(), midi=(), screen-wake-lock=(), usb=()
timing-allow-origin: *
expires: Wed, 15 May 2024 17:12:22 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 59E8 5 KB
2 KB 121ms
75ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: Zz4VMTnHyvUIf7+nnGnB54DULzr72TMbL/a8mtkNwdagLMcvzxPbXkSMhXKdMxradhMlIaGi7/iazAr3PoQs3A==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), hid=(), idle-detection=(), magnetometer=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 15 May 2024 16:10:25 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 59E8 507 B
486 B 121ms
76ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: Y89eMLze3pr7jgbOhC1JQeaZ9z9Pgj02OANL2Zn1o5Top99Jv+1nqw5Z5tXEngZpdxPyDqIboDj7jJzVOpfhgw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Wed, 08 May 2024 22:32:27 GMT

GET
H2 200 ZM3L49TYQh3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 59E8 52 KB
15 KB 120ms
75ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/ZM3L49TYQh3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76b74642069c57ae910aa0a015b4b71daf04409b5bdb127b60f483d5b88e8d52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5bji0EHAVTzslJcgDDY3/g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14826
x-fb-rlafr: 0
x-fb-debug: c08Xl+JeWNrWf9Cf/+kjDkmGx3M1E4AyIrJ1NnYFuc5cBV+HwIMTf9piGlrZRwBxc9n0hXmdiMOjfbUxjeyDXQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 18 May 2024 03:50:24 GMT

GET
H2 200 JGyP8Jcxgh5.js Show response
static.xx.fbcdn.net/rsrc.php/v3ilel4/yi/l/cs_CZ/ Frame 59E8 232 KB
66 KB 121ms
77ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ilel4/yi/l/cs_CZ/JGyP8Jcxgh5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7847c55277cdc3299f029f94177067723905b491566567513e835b835c8f092

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bjhAIeadvDhDKMErzEFgQA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66849
x-fb-rlafr: 0
x-fb-debug: Mf+ccJq60qqBxDbCj0kwj1IVtrXQhHJXjQYJJUqI0UuUDj03Tt1tdP5EtUoDZVpTGcj8z7rKvNqp3H11CnApvA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 16 May 2024 20:30:26 GMT

GET
H2 200 3h_tpVmGFFJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3i4PO4/yu/l/cs_CZ/ Frame 59E8 330 KB
78 KB 120ms
76ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i4PO4/yu/l/cs_CZ/3h_tpVmGFFJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aea0ecc2c1a8d2db6f135b030a87881dcaa9cc37717d38a9d5190247edeffb7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: b1GVfZeQW0PuWvBcOcTZCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 79311
x-fb-rlafr: 0
x-fb-debug: dGpdI3PVfK9U+43mmZu87blQZUcGUL7jNOoura2zuYTlNR5h+HfDfOm9ZCEQw9yNfbBTNlcgejcOqV14WT6kYg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 15 May 2024 22:53:07 GMT

GET
H2 200 gBqjKXQZHG4.js Show response
static.xx.fbcdn.net/rsrc.php/v3iOfv4/yY/l/cs_CZ/ Frame 59E8 412 KB
97 KB 121ms
76ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iOfv4/yY/l/cs_CZ/gBqjKXQZHG4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

75279a209df6c127cc1c935716dd9d91c79b106fbadb3559ffaeafa57900f403

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: eaIa8zQnImFzMxt9WALyVw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 98881
x-fb-rlafr: 0
x-fb-debug: mBDr74ERoSKubRVTq/xz54EXgt+FWpo4XV7oVSjtbYRxd+3TaH3ws19KgNF2rbTOf9bIXGf/7c1ieM9g31MXAQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), screen-wake-lock=()
timing-allow-origin: *
expires: Fri, 10 May 2024 17:23:12 GMT

GET
H2 200 0gG258I2Fba.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame 59E8 27 KB
9 KB 80ms
37ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/0gG258I2Fba.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b42cc17eca986eef87f69dbca78061a186f65c979704fec9b94ae7ee723fe4ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MsS46QEOkYNReYiF6+Nmew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9192
x-fb-rlafr: 0
x-fb-debug: us8aOoqotuw7j2hNs23NrYOz5tgIbmn/xrG6jSrsZenj6yLHPOMhDDYj+vLrhDaCKRI2pSbn6/Yp+WdOOUW1XQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 16 May 2024 15:56:04 GMT

GET
H2 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 59E8 55 KB
15 KB 79ms
36ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: 6EoDun9q/pYbY+utXU2/R5+PlWJuzenj3uOmAPvI8Yex3KvbGg4cysCvNb6wjuZVFCX5mVDyNqA029jR4/O1EQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 20:56:19 GMT

GET
H2 200 173097046_130785465722333_6025192029201064863_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t1.6435-9/ Frame 59E8 9 KB
9 KB 58ms
19ms Image
image/jpeg 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-yyz1-1.xx.fbcdn.net/v/t1.6435-9/173097046_130785465722333_6025192029201064863_n.jpg?stp=dst-jpg_p296x100&_nc_cat=103&ccb=1-7&_nc_sid=dd9801&_nc_ohc=NmR9D2LwY7IAX9LH4-s&_nc_oc=AQnStkqKwUkS4N07MnYjr6HbJBnaaB1qL7WnJiE4UOAFjzhY1M-IyDO_5ZLxFs0HJUZLSzG0m-DNyuECe4qxbDAf&_nc_ht=scontent-yyz1-1.xx&edm=ANSO7JkEAAAA&oh=00_AfAcmetgtBujeEtiIx2bJyIcsDShhS3D2n2vuDbQhgAKSg&oe=648ED551
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=1409391765942444&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df359ea7f8a35a34%26domain%3Dcredit-agricole-mon-securipass.maweb.eu%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcredit-agricole-mon-securipass.maweb.eu%252Ff45f3f6e9e27a4%26relation%3Dparent.parent&container_width=292&header=false&height=239&href=http%3A%2F%2Fwww.facebook.com%2Fendora.cz&locale=cs_CZ&sdk=joey&show_border=false&show_faces=true&stream=false&width=292
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 94ae24ce020b195dac6c68377885ec0a775a477ce6835516ed0671ba84b69690

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-haystack-needlechecksum: 450738255
date: Fri, 19 May 2023 13:37:44 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Apr 2021 09:34:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2070871874
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 519273975
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 8814

GET
H2 200 173459904_130785469055666_608153751354824602_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t1.6435-1/ Frame 59E8 2 KB
2 KB 59ms
32ms Image
image/jpeg 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-yyz1-1.xx.fbcdn.net/v/t1.6435-1/173459904_130785469055666_608153751354824602_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=107&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=If33ulGBKbcAX_tzAJp&_nc_ht=scontent-yyz1-1.xx&edm=ANSO7JkEAAAA&oh=00_AfC4RCtCJhDQD_yiT8fKve6DIbHEJiUMO2c3_YBBSJYx_g&oe=648F071F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=1409391765942444&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df359ea7f8a35a34%26domain%3Dcredit-agricole-mon-securipass.maweb.eu%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcredit-agricole-mon-securipass.maweb.eu%252Ff45f3f6e9e27a4%26relation%3Dparent.parent&container_width=292&header=false&height=239&href=http%3A%2F%2Fwww.facebook.com%2Fendora.cz&locale=cs_CZ&sdk=joey&show_border=false&show_faces=true&stream=false&width=292
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 00a31ac69a32b40fa470604b97e9fb8e2d5dad38bd2fcdb5685fdcbd3974c072

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-haystack-needlechecksum: 3346886209
date: Fri, 19 May 2023 13:37:44 GMT
x-fbtype: 6435
content-digest: adler32=483520473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1542
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Apr 2021 09:34:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2337836380
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
365 B 101ms
33ms XHR
text/plain 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-5967828-26&cid=1783312092.1684503464&jid=605626758&gjid=1151181685&_gid=1592094969.1684503464&_u=YAhAAAAAAAAAAC~&z=603682951

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://credit-agricole-mon-securipass.maweb.eu/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 19 May 2023 13:37:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://credit-agricole-mon-securipass.maweb.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
270 B 113ms
32ms Ping
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XFHYHKMEEW&gtm=45je35h0&_p=851698881&_gaz=1&cid=1783312092.1684503464&ul=en-us&sr=1600x1200&_s=1&sid=1684503464&sct=1&seg=0&dl=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&dt=Dom%C3%A9na%20odstavena%7C%20Endora.cz&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-XFHYHKMEEW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://credit-agricole-mon-securipass.maweb.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 33ms
32ms Ping
text/plain 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XFHYHKMEEW&cid=1783312092.1684503464&gtm=45je35h0&aip=1
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-XFHYHKMEEW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://credit-agricole-mon-securipass.maweb.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
108 B 91ms
39ms Image
image/gif 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XFHYHKMEEW&cid=1783312092.1684503464&gtm=45je35h0&aip=1&z=789093293

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
297 B 50ms
49ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5967828-26&cid=1783312092.1684503464&jid=605626758&_u=YAhAAAAAAAAAAC~&z=99012549

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
409 B 63ms
38ms Image
image/gif 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5967828-26&cid=1783312092.1684503464&jid=605626758&_u=YAhAAAAAAAAAAC~&z=99012549

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 59E8 573 B
630 B 39ms
19ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/PkIO0W5ZNDQ.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/PkIO0W5ZNDQ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: n693sYCdmpTUqrXHvdJY1sjTU31S1Ul85lo9m1btAecEP+XB4M5s6Eh75dBje+W+XiiDMAD+RACbrZvUFk6beQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 May 2024 21:27:31 GMT

POST
H2 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 59E8 1 KB
1004 B 43ms
42ms XHR
application/x-javascript 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=910807752292196&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iGDr4/yy/l/cs_CZ/PCjTVjBuPVs.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ddc53ecc23b58bc29b6597f17fe25f12e100d4c4b7dc0223f27e6e4a183b674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: gj2tqGNY_Wz7Ae0M7V63Wa
Referer: https://www.facebook.com/plugins/like_box.php?app_id=1409391765942444&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df359ea7f8a35a34%26domain%3Dcredit-agricole-mon-securipass.maweb.eu%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcredit-agricole-mon-securipass.maweb.eu%252Ff45f3f6e9e27a4%26relation%3Dparent.parent&container_width=292&header=false&height=239&href=http%3A%2F%2Fwww.facebook.com%2Fendora.cz&locale=cs_CZ&sdk=joey&show_border=false&show_faces=true&stream=false&width=292
X-ASBD-ID: 198387
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 May 2023 13:37:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: zCGq3WHJ7en9Ite4SO7TwrMukAQx+rfXwrQRpn4Zq6jCJn0pG9mfDUY6+4VBIVuDxUSveM0Xn8uIN5tjz64v4w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 59E8 12 KB
12 KB 19ms
18ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
x-fb-rlafr: 0
x-fb-debug: fqX9wxFewLq0wri27imXM8nGCUaqasx/rLTbWuUOboy3hd+zvp/Ffr5IyFMfuVPabkEOdSJCkOg9T9V2km7buQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 May 2024 20:49:59 GMT

GET
H3 200 XW8Wp_XLd02.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 59E8 17 KB
5 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/XW8Wp_XLd02.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/gLi9nFwCjmA.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f6d05c9a4e6246b04d7d2c74a0acf4a9ccbe8b69e1137a713c35cc717eba588

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AuqNjS2COD6Y5P6Uh4etsA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4885
x-fb-rlafr: 0
x-fb-debug: sI1GaKDf5yTbHfg72YCzvrzVoPFO+UTXv5y1ccFeDSRHLAPQWJjVEjji4VSNbo4sF5y68ViCKvq8pn+GvgHPCQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), screen-wake-lock=()
timing-allow-origin: *
priority: u=1
expires: Wed, 15 May 2024 17:26:08 GMT

GET
H3 200 Es47YDVPeXV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 59E8 336 KB
73 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/Es47YDVPeXV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/gLi9nFwCjmA.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e615adecfab746b03bbc503bd5a48ccb8c5a1c233795efe9a6ec52f49c72342a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: U0JoHf1vLn5iLsipWkTuGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74335
x-fb-rlafr: 0
x-fb-debug: jxUEu9C2puF49Bhw7C+40whojQM+7CEx8kIxQmMUJQMFK0DInwG6O5irT9AZoeJXSTkC6XOcH5vP5N5V86Cphg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
priority: u=1
expires: Thu, 09 May 2024 21:41:22 GMT

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 59E8 198 B
252 B 18ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/gLi9nFwCjmA.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: VOMnbMm/xsdg3NPJh1EunE4fuAdgJLbNEtFjVyIqIkvXteODbgsdJRCMaMHPsXSHMf07uSEwOIqLH7Ia+k/03Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
priority: u=1
expires: Thu, 09 May 2024 19:25:57 GMT

GET
H3 200 /
www.facebook.com/login/ Frame 59E8 0
0 74ms
74ms Document
text/html 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%3D1409391765942444%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df359ea7f8a35a34%2526domain%253Dcredit-agricole-mon-securipass.maweb.eu%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fcredit-agricole-mon-securipass.maweb.eu%25252Ff45f3f6e9e27a4%2526relation%253Dparent.parent%26container_width%3D292%26header%3Dfalse%26height%3D239%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fendora.cz%26locale%3Dcs_CZ%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D292

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/gLi9nFwCjmA.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id=1409391765942444&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df359ea7f8a35a34%26domain%3Dcredit-agricole-mon-securipass.maweb.eu%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcredit-agricole-mon-securipass.maweb.eu%252Ff45f3f6e9e27a4%26relation%3Dparent.parent&container_width=292&header=false&height=239&href=http%3A%2F%2Fwww.facebook.com%2Fendora.cz&locale=cs_CZ&sdk=joey&show_border=false&show_faces=true&stream=false&width=292
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 May 2023 13:37:44 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: gdxA2VLRyGJLA4R7k0CAnTe/BXb8Q6TIVIMV6VT5W5rBz2+9Kn1Cc1eM2cr7CJC16cXBJH+uFTZ7SFCh6RMYhQ==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 41A4 9 KB
1006 B 40ms
38ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&pi=t.ma~as.8624521180&w=250&lmt=1684503464&format=250x250&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&wgl=1&dt=1684503463862&bpp=3&bdt=930&idt=287&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=3627703548332&frm=20&pv=2&ga_vid=1783312092.1684503464&ga_sid=1684503464&ga_hid=851698881&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1137&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071756%2C44788442%2C44792089&oid=2&pvsid=561733704603223&tmod=1088732708&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Hae6PYu0vM&p=http%3A//credit-agricole-mon-securipass.maweb.eu&dtd=307

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 13:03:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 13:37:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 41A4 2 KB
846 B 58ms
15ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:02:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 17:02:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 41A4 22 KB
9 KB 55ms
11ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:59:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 41A4 3 KB
1 KB 44ms
15ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 17:01:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 41A4 19 KB
8 KB 57ms
13ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 17:01:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41A4 170 KB
53 KB 96ms
53ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 13:37:44 GMT

GET
H3 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 41A4 32 KB
13 KB 40ms
12ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 16:12:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 41A4 0
0 49ms
49ms Fetch
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7_0VqHtnZKvVDKSZlAP5hJ7oB_2XxLFw19i81o4RoKSM6JAOEAEgi-6IHGD96KKB8AOgAeHd7egoyAEBqAMBqgT4AU_Q6enjuNOWmtVdy8ClYHI7h8gAd5TA5vitL-5qS1abrO7ZK8EzwQ7qg8ItnJu7DciJHFxDIr6W8HmLmi1kGS5UGUHZEoO-7hVoS5oIdXHLMs9xf6gyRed7mGpHT0KjSs9j0xpRTaY9Wo1a5Y_88ZDc9HGXYzsLSr5HyoELcsla7JngUsPkrnnNCYoEFsXIjy6QVdMQVj-1qGloUf2zvsuTlMeidvBNL4vrwvxMgW0ylUu0wy2Yx1G2B6fciDK8Hs3UiTJPL3EgdsltCMcPFSW8vmbrpWHt8VXm4us6rwoTwlDPdONriJyskvd8SbH5C41dskUS6gfFwATvkujjpwSSBQQIBBgBkgUECAUYBIAH4ZW-yAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDVvQHSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi01MjA3MTE5ODg5OTYyNzU0GAA&sigh=7G3MIg10z00&uach_m=[UACH]&cid=CAQSGwBygQiDhkMrhfeMS_3-HZVHs5t2ZmALtQtKmRgB&template_id=5007

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&pi=t.ma~as.8624521180&w=250&lmt=1684503464&format=250x250&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&wgl=1&dt=1684503463862&bpp=3&bdt=930&idt=287&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=3627703548332&frm=20&pv=2&ga_vid=1783312092.1684503464&ga_sid=1684503464&ga_hid=851698881&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1137&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071756%2C44788442%2C44792089&oid=2&pvsid=561733704603223&tmod=1088732708&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Hae6PYu0vM&p=http%3A//credit-agricole-mon-securipass.maweb.eu&dtd=307
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 19 May 2023 13:37:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 13:37:44 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/18193597066086933941/ Frame 41A4 17 KB
17 KB 44ms
19ms Image
image/jpeg 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18193597066086933941/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d211e2044837e2127f9974a6efab05dadd419be7100343ee8e75b5aa171a80f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 10:33:17 GMT
x-content-type-options: nosniff
age: 97467
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17078
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 15:06:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 May 2024 10:33:17 GMT

GET
H2 200 14638585062266978348
tpc.googlesyndication.com/simgad/ Frame 41A4 1 KB
1 KB 48ms
24ms Image
image/png 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14638585062266978348?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e783f0757047441db994e26a894471c17f764c0aae67e6e7061c7a9cc639daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 06:18:16 GMT
x-content-type-options: nosniff
age: 112768
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1132
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 13:04:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 May 2024 06:18:16 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 61F7 143 B
166 B 12ms
11ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&pi=t.ma~as.8624521180&w=250&lmt=1684503464&format=250x250&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&wgl=1&dt=1684503463862&bpp=3&bdt=930&idt=287&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=3627703548332&frm=20&pv=2&ga_vid=1783312092.1684503464&ga_sid=1684503464&ga_hid=851698881&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1137&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071756%2C44788442%2C44792089&oid=2&pvsid=561733704603223&tmod=1088732708&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Hae6PYu0vM&p=http%3A//credit-agricole-mon-securipass.maweb.eu&dtd=307
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 13:26:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 41A4 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce8aac6ce35d09c85079414f08487a93cbf8eb4749b925badb857ab8b1c1db8f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 61F7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 13:37:44 GMT
expires: Fri, 19 May 2023 13:37:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 13:37:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 41A4 29 KB
30 KB 53ms
12ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:51:32 GMT
x-content-type-options: nosniff
age: 531972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 09:51:32 GMT

GET
H2

200

retargeting
c.seznam.cz/
Redirect Chain

http://c.seznam.cz/retargeting?id=15330&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&consent=-1
https://c.seznam.cz/retargeting?id=15330&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&consent=-1

43 B
346 B

119ms
118ms

Image
image/gif

2a02:598:c:189::42
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.seznam.cz/retargeting?id=15330&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&consent=-1

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Server

2a02:598:c:189::42 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),

Reverse DNS

Software

envoy /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:45 GMT
content-encoding: deflate
strict-transport-security: max-age=63072000
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
x-envoy-upstream-service-time: 3
content-length: 38
x-request-id: 8db378ec-c365-4f42-9f3c-14cdf2d6133b
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-openrtb-version,x-sklik-trace
x-szn-hostname: rtghitserver-796b9bd88b-5p262

Redirect headers

Location: https://c.seznam.cz/retargeting?id=15330&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&consent=-1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/995118708/ 3 KB
1 KB 133ms
132ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/995118708/?random=1684503465442&cv=9&fst=1684503465442&num=1&label=hieZCISf0wQQ9JzB2gM&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&tiba=Dom%C3%A9na%20odstavena%7C%20Endora.cz&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

221f5eeaaeee1735ba9cd7fc71c9de093034541ed08e03fc652e45135003ca8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/995118708/ 3 KB
1 KB 932ms
932ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/995118708/?random=1684503465460&cv=11&fst=1684503465460&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&hn=www.googleadservices.com&frm=0&tiba=Dom%C3%A9na%20odstavena%7C%20Endora.cz&auid=560682802.1684503464&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-995118708

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

975c79564cc20a4e24ff79e5e15d8b28fb30a6e67468843bdbaf0b490aac8367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1230
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/995118708/ 42 B
64 B 37ms
37ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/995118708/?random=1684503465442&cv=9&fst=1684501200000&num=1&label=hieZCISf0wQQ9JzB2gM&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&tiba=Dom%C3%A9na%20odstavena%7C%20Endora.cz&async=1&fmt=3&is_vtc=1&random=3934887571&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/995118708/ 42 B
155 B 43ms
42ms Image
image/gif 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/995118708/?random=1684503465442&cv=9&fst=1684501200000&num=1&label=hieZCISf0wQQ9JzB2gM&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&tiba=Dom%C3%A9na%20odstavena%7C%20Endora.cz&async=1&fmt=3&is_vtc=1&random=3934887571&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 41A4 42 B
64 B 81ms
40ms Fetch
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDAN6kb7OLamryqQML3d4F0NqcvPdjp5msFms-KCd7jUZYkdSHWfobxRjJDwmSojpfNyBN10sB4DbxwjsMGcMjBCl-t9ozqr608maVpL3_gAKF7gTAQ_4BeJTeoluGnuBVWUo&sai=AMfl-YTcwMi4264R74IcVVJoGaUQ-cs3G_NlSkRRrDo_X8IsNGjHa28GNTdEH8LfzD4F_ekeXK2XaP6PZPeQ&sig=Cg0ArKJSzK9wiiQzDtaWEAE&cid=CAQSGwBygQiDhkMrhfeMS_3-HZVHs5t2ZmALtQtKmRgB&id=lidar2&mcvt=1000&p=0,0,250,250&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=157814446&rs=2&la=0&cr=0&vs=4&r=v&rst=1684503464171&rpt=653&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 12ms
11ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://credit-agricole-mon-securipass.maweb.eu
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:01:31 GMT
x-content-type-options: nosniff
age: 506175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:01:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 14ms
13ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://credit-agricole-mon-securipass.maweb.eu
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:51:07 GMT
x-content-type-options: nosniff
age: 531999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 09:51:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 16ms
15ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://credit-agricole-mon-securipass.maweb.eu
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:22:17 GMT
x-content-type-options: nosniff
age: 530129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 10:22:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 17ms
17ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://credit-agricole-mon-securipass.maweb.eu
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:01:31 GMT
x-content-type-options: nosniff
age: 506175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:01:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
12 KB 20ms
20ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://credit-agricole-mon-securipass.maweb.eu
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 18:58:02 GMT
x-content-type-options: nosniff
age: 67184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11756
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 May 2024 18:58:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 21ms
21ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://credit-agricole-mon-securipass.maweb.eu
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 06:21:04 GMT
x-content-type-options: nosniff
age: 112602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11796
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 May 2024 06:21:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 18ms
18ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://credit-agricole-mon-securipass.maweb.eu
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:06:42 GMT
x-content-type-options: nosniff
age: 505864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:06:42 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/995118708/ 42 B
64 B 40ms
39ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/995118708/?random=1684503465460&cv=11&fst=1684501200000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&frm=0&tiba=Dom%C3%A9na%20odstavena%7C%20Endora.cz&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=35640654&rmt_tld=0&ipr=y

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/995118708/ 42 B
64 B 41ms
41ms Image
image/gif 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/995118708/?random=1684503465460&cv=11&fst=1684501200000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=http%3A%2F%2Fcredit-agricole-mon-securipass.maweb.eu%2F&frm=0&tiba=Dom%C3%A9na%20odstavena%7C%20Endora.cz&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=35640654&rmt_tld=1&ipr=y

Requested by

Host: credit-agricole-mon-securipass.maweb.eu
URL: http://credit-agricole-mon-securipass.maweb.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 13:37:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 50ms
49ms XHR
application/json 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f84ca33541cc3277539daf26687705d6a92a8804daf225bfaf43040da64e8386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11279
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 102ms
102ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 May 2023 13:37:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CB0 13 KB
5 KB 14ms
12ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://credit-agricole-mon-securipass.maweb.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 158505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 17:36:01 GMT
expires: Thu, 16 May 2024 17:36:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0ACA 783 B
535 B 45ms
44ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

50be4e75e8eb1a7ac3085f41453f8064e015fd896149de06909bcabd438edad9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QdYUgLfkk0V-CkQ4Yn4YpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://credit-agricole-mon-securipass.maweb.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-QdYUgLfkk0V-CkQ4Yn4YpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 13:37:46 GMT
expires: Fri, 19 May 2023 13:37:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CB0 37 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 00:32:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 219887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 00:32:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0ACA 0
0 40ms
40ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=561733704603223&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6CB0 0
10 B 11ms
11ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Xe0ETQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 13:37:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230515&jk=561733704603223&bg=!t7SltODNAAYldGN0BXQ7ADkAdvg8Wo0B7pLV3P1zbOX11VhMbwjV0qwL7VrWwgZn0pyMW-A1uG0Uww6IvQJzs9uCd_sN1oLGBXMCAAAAVlIAAAADaAEHmQLA44V6eCvzkgoBbAnoKs7PINu85AaLwViRY2HuG5Z85NNGcZWw24Y73_c-Z9ubnpBH3t5NZN3G1Xnwl6SpS3HibUDKwrJYs9EGr6XPpjDivfWbS0m2ws_2HjWsS2WWrJqVLTMFWFpPGIysEDjPbWPf9TU3TVC8Onl_503PdeuTzGxGENp8m3Y2NEleqBSIEV63ElIEX-4njc0OIcnguv46oNwKHLZPnniTOYwHg-44M6TVZ3tYF8F9x9KzxTxh-UZc-Hq-3nTAlPH3frJUKQqUuzojxRcFf5FQF5bEwMsqCoue78YSLDt5zsyQku15b9yOyFTk_1PdySbwN9qRXR50wXmsDslLGBA3FKbmd0_pt-vKUMHzj3Gxg3hsdl9ZHLbGIWzYT610D0vOF3nsbkLMBIIB7StG3lJXnktwzesKaTGHKv0NbkNSoN1_9OIHraaDtdQC3gmab3kaiSeQIn4mVmCdhXLyL7kNMF_GFReJpbwjo5NYjH-xat-2IlJPULsFbhem8s1TfcLyVIj9pDcvNXaYj7SHO3NPqF61j07IDoPXWKrUo-ZNm06B0avm5OWCBHMZNdEHolpG1kZH9pV6pQq7m21eM7skb_YCPTmfLMH0pwvKaaUEXM9rts4nhd2KXM22ni62ngsOcLMTE3QLC0q_MRFM2lFLFsp0m6lbeZGgjUgdl0o8i9sUuhKrxYZbFQj7fktggJGSkP0VDPaYYbRZ7OgY0yHg0Oq_Ig9DbRBg8DttLwnEXIWBM4x-2IAYFmm4GSIEaqESE1jzLbCsjMF1hZLy7hxi1c0esAr623WFAm5dBhTIG6T4JfU1dTTghykU-kz0ef7LMxr0jeaDlAz3egOx1gWfzLwz8oi4-HIDE9GCCHbkwgATZ_jgtilkU-Q-roUIM47BiAIrh9BeoROcWXV484tP1LQhtRHg37g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://credit-agricole-mon-securipass.maweb.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.maweb.eu/	1970-01-20 14:04:39	Name: _gcl_au Value: 1.1.560682802.1684503464
.credit-agricole-mon-securipass.maweb.eu/	1970-01-20 21:31:03	Name: _ga Value: GA1.3.1783312092.1684503464
.credit-agricole-mon-securipass.maweb.eu/	1970-01-20 11:56:29	Name: _gid Value: GA1.3.1592094969.1684503464
.credit-agricole-mon-securipass.maweb.eu/	1970-01-20 11:55:03	Name: _gat_UA-5967828-26 Value: 1
.maweb.eu/	1970-01-20 21:16:39	Name: __gads Value: ID=25e072aa82c0dc1b-22dea87fb2df009d:T=1684503464:RT=1684503464:S=ALNI_MYUYKFPoHARLA_WS3b1ItyCjzrOoA
.maweb.eu/	1970-01-20 21:16:39	Name: __gpi Value: UID=00000c1912e18e12:T=1684503464:RT=1684503464:S=ALNI_MZubQwPB1_ZKl6Ago2eEjZo_WujFA
.maweb.eu/	1970-01-20 21:31:03	Name: _ga_XFHYHKMEEW Value: GS1.1.1684503464.1.0.1684503464.60.0.0
.maweb.eu/	1970-01-20 21:31:03	Name: _ga Value: GA1.1.1783312092.1684503464
.doubleclick.net/	1970-01-20 21:31:03	Name: IDE Value: AHWqTUk8TrM5BJ1Wb3eW5dMHSkjOql62HIM3JfjE085rLbcYrgTp4CIpOheymTrpt2o
.doubleclick.net/	1970-01-20 11:55:07	Name: DSID Value: NO_DATA
.seznam.cz/	1970-01-20 12:38:15	Name: sid Value: id=2733423049445034183\|t=1684503465.542\|te=1684503465.542\|c=E98AF90D1A81AEBAC92EA576D25791CB

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://credit-agricole-mon-securipass.maweb.eu/ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://www.endora.cz/webtemp/css/webHead/webloader-webHead.js?1523432989 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
analytics.google.com
apis.google.com
c.imedia.cz
c.seznam.cz
connect.facebook.net
credit-agricole-mon-securipass.maweb.eu
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
scontent-yyz1-1.xx.fbcdn.net
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.endora.cz
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.webglobe.cz
172.217.13.194
195.181.248.196
2001:1ab0:7e1e:220:ed:0:140:40
2001:1ab0:7e1e:220:ed::4
2607:f8b0:4004:c17::9c
2607:f8b0:4006:80f::2002
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::2003
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
2a02:598:a::79:235
2a02:598:c:189::42
2a02:598:c:189::43
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
00a31ac69a32b40fa470604b97e9fb8e2d5dad38bd2fcdb5685fdcbd3974c072
0307813a544ed1fa8a8606edbdb10257272ff314a13d5d11d494a91bacd56600
0916183c630f90de6848e05550b0bd25d595c947ab08163f9646070baec57453
0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774
0ddc53ecc23b58bc29b6597f17fe25f12e100d4c4b7dc0223f27e6e4a183b674
0e783f0757047441db994e26a894471c17f764c0aae67e6e7061c7a9cc639daf
0e9da5da7346dd8033a870e67fa01e5e379ad0dc2eb49563ec3e5f0b09c03140
0fd28da6577f5057a62532491cab66a46f9dfa1fc9ec579f37df029eee4ad10b
166951e3942236f57c0ae9cf591e04f1231cb14e8628704979215e593614726f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
221f5eeaaeee1735ba9cd7fc71c9de093034541ed08e03fc652e45135003ca8a
2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0
2bc6af15a42a7b6dd655abcc81821c3f0dd47f42aa391cfbf4aa8827ea970b89
305f3d591b84041067571faecc77ae1f74e52fc857f1bc54b7ab9c9033962ccc
31088643f84cdee5e5e58fe0d858030627be718f00bbeed861e49b7535e64c21
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
47bda279766d9c1d991e75278da5a6512badd4e63ad0d9be3884e2dfc9c63d3b
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
4c74f531a75088f31ab7cc16e5684e2d1835f158c56255868af359e3952ac6da
50be4e75e8eb1a7ac3085f41453f8064e015fd896149de06909bcabd438edad9
545e23e3cdfb634c986f23fa67143243a314531e03ac86575e0f650ea9aa0889
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5bb60965dc9dab41d5ec6575e203fa6c9e4df5928966212b7e74b611154baeb1
5f6d05c9a4e6246b04d7d2c74a0acf4a9ccbe8b69e1137a713c35cc717eba588
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630cf96edce060fb45093270106cdf2388ad8d8887dad3dc56fb381adf894498
6d21496fff96f9f50f1094291999ba1e38efe7f44ca6e07814bcc07eadeae04f
6e3a8cd754e8a6c30d9f9d6f90589dc9e84e7038f1fc2809494b2255d399ed3a
75279a209df6c127cc1c935716dd9d91c79b106fbadb3559ffaeafa57900f403
7556b8c3e511238dec6008332640f1789e575c94279d25b264ff2b0018d29306
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
76b74642069c57ae910aa0a015b4b71daf04409b5bdb127b60f483d5b88e8d52
77c33447aa8f6fef0a8068a95394b7c91b0ab176664f90a51a21492d72ab4a3d
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87d83bbfdd3379310bf24b362b4989ed6f3066b2cf0fea24b5baa6984549f2ba
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
8f708832c181e1694851f65a5d041591e94a24aabbc33e404fdac944e91c6eaa
94ae24ce020b195dac6c68377885ec0a775a477ce6835516ed0671ba84b69690
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
975c79564cc20a4e24ff79e5e15d8b28fb30a6e67468843bdbaf0b490aac8367
98392425b4423e34d9d83ce3224189f26770e42bc2a8a6f7a980f7c8617d8ee3
9cffacc051217932ec7c1011288b7b39b2f291dac136a67bc5840b2b8849ffb2
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a3e0cc1523fbef6a99b0c19bfdfdaf832e7c747d0f98183a3ea26343e14fee8b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6dc9b82f3a0c52addc43d1deedca36c606befc3a0bad4f29f9365701c32d165
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d
aea0ecc2c1a8d2db6f135b030a87881dcaa9cc37717d38a9d5190247edeffb7e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b06b921fc565f191fd269c0df815ff21ef62dc70e451a609b482afd6a9e92399
b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b42cc17eca986eef87f69dbca78061a186f65c979704fec9b94ae7ee723fe4ca
b511cb7b7ffa86cedc109f7acf0b8a29ec06e360d8ec92845af47af050df18bc
b557cf30a122931273857cc9fcc09e1dfbfd739c99ad3291d239d00cb693dba2
b7847c55277cdc3299f029f94177067723905b491566567513e835b835c8f092
c53696e7ecdb66622eed2fa572c6195904de06485261b19e53a10573bddb1293
c82c526993008ee57025968fcc976a663e52cb00a5691ceab19531428881c893
cd8e50622016ad57ca0fbbccee2690d504552b1ce0848142c442c127b8325178
cd8feb9a58132c53fa466458461d8e613f4a7d9101999b2d9b42bd5647ee4f14
ce8aac6ce35d09c85079414f08487a93cbf8eb4749b925badb857ab8b1c1db8f
d211e2044837e2127f9974a6efab05dadd419be7100343ee8e75b5aa171a80f2
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d64ee10b055f1152caca4b2ee4e2a5b59b29353b88b3494fd8c9566946d1f57e
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e2f39ce6e99b0f98a15a02ce945e16f4ead553d9a7e59fc4ef8c82ad4d4c8f81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e615adecfab746b03bbc503bd5a48ccb8c5a1c233795efe9a6ec52f49c72342a
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7a81264afb7408d3d24b684d6ea42daba371c0abfaa142bcf4f66313c5718c
efa87a768f0148054b815e1ff077efaddaed43f9dd8b7cf24333c869b6e62490
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6e257bcafcea59d5e4a60a5ab71a6a52e4fb18c1a198f211506fc69313dee0b
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f84ca33541cc3277539daf26687705d6a92a8804daf225bfaf43040da64e8386
fef30923b42e21418b131694248e7dd55376159cac33cb19abbf4dc70140008f

credit-agricole-mon-securipass.maweb.eu Open in urlscan Pro 2001:1ab0:7e1e:220:ed:0:140:40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

107 Requests

79 %HTTPS

92 %IPv6

18 Domains

27 Subdomains

23 IPs

4 Countries

2125 kBTransfer

6244 kBSize

11 Cookies

49 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

credit-agricole-mon-securipass.maweb.eu Open in urlscan Pro
2001:1ab0:7e1e:220:ed:0:140:40 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

79 %
HTTPS

92 %
IPv6

18
Domains

27
Subdomains

23
IPs

4
Countries

2125 kB
Transfer

6244 kB
Size

11
Cookies

107 HTTP transactions
0 data transactions