HTTP/1.1 200 
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Content-Type: text/html
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 26 Jan 2026 09:22:35 GMT
Keep-Alive: timeout=20
Accept-Ranges: bytes
ETag: W/"22794-1761290039759"
X-Content-Type-Options: nosniff
Connection: close
Last-Modified: Fri, 24 Oct 2025 07:13:59 GMT
Content-Length: 22794


<!-- <!doctype html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>cmp-esg</title>
  <base href="/">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="icon" type="image/x-icon" href="favicon.ico">
  <link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css?family=Montserrat:100" rel="stylesheet">
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.5.0/css/all.css" integrity="sha384-B4dIYHKNBt8Bc12p+WXckhzcICo0wtJAoU8YZTY5qE0Id1GSseTk6S+L3BlXeVIU" crossorigin="anonymous">
</head>
<body>
  <app-root></app-root>
</body>
</html> --><!DOCTYPE html><html lang="en"><head>
  <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
  <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
<!--  <script id="usercentrics-cmp" src="https://app.usercentrics.eu/browser-ui/latest/loader.js" data-version="preview" data-settings-id="BenZqU4lGykUom" async></script> -->
 <script id="usercentrics-cmp" src="https://app.usercentrics.eu/browser-ui/latest/loader.js" data-settings-id="BenZqU4lGykUom" async=""></script>

  <meta charset="utf-8">
  <title></title>
  <base href="/">
  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
  <link rel="icon" type="image/x-icon" href="favicon.ico">
  <!-- Font Montserrat -->
  <link rel="preconnect" href="https://fonts.googleapis.com">
  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin="">


  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css" integrity="sha512-Yu3tDzlofwBycOX5qb6K4tGJKGD72LA/9ckyioo8plGOdLwIeESQgo+KY4M+gvBJvDguqYeweLVTIn+S/9ZC/Q==" crossorigin="anonymous" referrerpolicy="no-referrer">



  <!-- Stili indispensabili -->
  <style type="text/css">@font-face{font-family:'Montserrat';font-style:italic;font-weight:400;font-display:swap;src:url(https://fonts.gstatic.com/s/montserrat/v31/JTUQjIg1_i6t8kCHKm459WxRxC7m0dR9pBOi.woff2) format('woff2');unicode-range:U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;}@font-face{font-family:'Montserrat';font-style:italic;font-weight:400;font-display:swap;src:url(https://fonts.gstatic.com/s/montserrat/v31/JTUQjIg1_i6t8kCHKm459WxRzS7m0dR9pBOi.woff2) format('woff2');unicode-range:U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;}@font-face{font-family:'Montserrat';font-style:italic;font-weight:400;font-display:swap;src:url(https://fonts.gstatic.com/s/montserrat/v31/JTUQjIg1_i6t8kCHKm459WxRxi7m0dR9pBOi.woff2) format('woff2');unicode-range:U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;}@font-face{font-family:'Montserrat';font-style:italic;font-weight:400;font-display:swap;src:url(https://fonts.gstatic.com/s/montserrat/v31/JTUQjIg1_i6t8kCHKm459WxRxy7m0dR9pBOi.woff2) format('woff2');unicode-range:U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U+0329, U+1D00-1DBF, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;}@font-face{font-family:'Montserrat';font-style:italic;font-weight:400;font-display:swap;src:url(https://fonts.gstatic.com/s/montserrat/v31/JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2) forma

HTTP/1.1 404 Not Found
Date: Fri, 23 Jan 2026 13:54:59 GMT
Connection: close
Transfer-Encoding: chunked

HTTP/1.1 200 OK
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-eval' https://*.usercentrics.eu https://crif.matomo.cloud https://browser-update.org https://maps.googleapis.com https://*.productfruits.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://*.typekit.net https://*.googleapis.com https://*.productfruits.com ; font-src 'self' https://*.typekit.net https://*.googleapis.com https://fonts.gstatic.com; connect-src 'self' https://*.usercentrics.eu https://*.googleapis.com https://*.matomo.cloud https://*.productfruits.com wss://ws2.productfruits.com; img-src 'self' data: https://*.usercentrics.eu https://*.googleapis.com https://*.gstatic.com https://cdn-assets.productfruits.com; object-src 'none'; form-action 'none'; frame-src 'self' https://www.youtube.com https://youtu.be https://www.google.com
cache-control: no-cache
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 23 Jan 2026 13:43:38 GMT
accept-ranges: bytes
etag: "691b2ccc-832"
X-Content-Type-Options: nosniff
Connection: close
set-cookie: d1f6c455fc7ed436dd123eb1f606651c=51d62348379db8ede66f5b9a0e8a3542; path=/; HttpOnly
last-modified: Mon, 17 Nov 2025 14:10:20 GMT
Referrer-Policy: strict-origin-when-cross-origin
content-length: 2098
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-BoV9ocYN.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html
Last-Modified: Mon, 12 Jan 2026 14:05:16 GMT
Accept-Ranges: bytes
ETag: "0b6237acc83dc1:0"
X-Content-Type-Options: nosniff
Date: Fri, 23 Jan 2026 12:40:45 GMT
Connection: close
Content-Length: 2098
Strict-Transport-Security: max-age=86400; includeSubdomains

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-DrpyuY5Z.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 200 OK
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-eval' https://*.usercentrics.eu https://crif.matomo.cloud https://browser-update.org https://maps.googleapis.com https://*.productfruits.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://*.typekit.net https://*.googleapis.com https://*.productfruits.com ; font-src 'self' https://*.typekit.net https://*.googleapis.com https://fonts.gstatic.com; connect-src 'self' https://*.usercentrics.eu https://*.googleapis.com https://*.matomo.cloud https://*.productfruits.com wss://ws2.productfruits.com; img-src 'self' data: https://*.usercentrics.eu https://*.googleapis.com https://*.gstatic.com https://cdn-assets.productfruits.com; object-src 'none'; form-action 'none'; frame-src 'self' https://www.youtube.com https://youtu.be https://www.google.com
cache-control: no-cache
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 23 Jan 2026 12:35:02 GMT
accept-ranges: bytes
etag: "691b2ccc-832"
X-Content-Type-Options: nosniff
Connection: close
set-cookie: cc9faaa3a84fd09a0943f71cb6c743b8=20f04807c6747ee6498b52ced11ba81e; path=/; HttpOnly
last-modified: Mon, 17 Nov 2025 14:10:20 GMT
Referrer-Policy: strict-origin-when-cross-origin
content-length: 2098
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-BoV9ocYN.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 404 Not Found
Date: Fri, 23 Jan 2026 11:28:12 GMT
Connection: close
Transfer-Encoding: chunked

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Fri, 23 Jan 2026 10:50:04 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Fri, 23 Jan 2026 10:50:04 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
Strict-Transport-Security: max-age=31536000; includeSubDomains
date: Fri, 23 Jan 2026 09:27:38 GMT
expires: 0
x-xss-protection: 0
pragma: no-cache
x-content-type-options: nosniff
Connection: close
set-cookie: 7a21caab1e7d8d8cbd12a5bf788edea1=36a6c8f30861da672a7f8795c3e4e256; path=/; HttpOnly
x-frame-options: DENY
content-length: 0

HTTP/1.1 401 
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
Strict-Transport-Security: max-age=31536000; includeSubDomains
date: Fri, 23 Jan 2026 06:30:07 GMT
expires: 0
x-xss-protection: 0
pragma: no-cache
transfer-encoding: chunked
x-content-type-options: nosniff
Connection: close
set-cookie: a0941165e481ba292ecf12498c300873=d67a0ff3812223b8a6b69d0f2179878d; path=/; HttpOnly
x-frame-options: DENY


{"message":"authentication is null"}

HTTP/1.1 401 Unauthorized
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Fri, 23 Jan 2026 01:41:42 GMT
x-envoy-upstream-service-time: 5
set-cookie: 61c4ba5a4a8223c9b3ad12cde81f284a=186670667dace8fa1416727f24cf40a4; path=/; HttpOnly
connection: close
Strict-Transport-Security: max-age=16070400; includeSubDomains
Set-Cookie: TS01d90829=01182a610514f85d06e3b7261ca1a2af2680e80fa4ca0eb8ab53267151f38be124f0c90e02f5f141cad9ac789050c38c6715fe365f2892b3f94c62accbb953b9714542da70; Path=/
Transfer-Encoding: chunked


{"message":"authentication is null"}

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 588
Connection: close
Date: Thu, 22 Jan 2026 20:59:07 GMT
Last-Modified: Fri, 19 Dec 2025 09:21:14 GMT
ETag: "4edac856ca7ae0fc1f63abdc8df40eac"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 70dc0df635de6c459634809796c9bbd8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P6
X-Amz-Cf-Id: bM9-0xoSsmWh-0RGxMQW_-0z-Uk6gnQ0jNozwT3wq-08Bq-1Hvp0Mg==

Page title: Safe Trade

<!doctype html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <!-- <link rel="icon" type="image/svg+xml" href="/abc.ico" /> -->
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Safe Trade</title>
     <!-- <link rel="stylesheet" href="/node_modules/crif-design-system-bootstrap5/styles/css/fonts/Poppins.css" />  -->
    <script type="module" crossorigin src="./assets/index-DofiyilM.js"></script>
    <link rel="stylesheet" crossorigin href="./assets/index-CVNwRM6O.css">
  </head>
  <body>
    <div id="root"></div>
  </body>
</html>

HTTP/1.0 503 Service Unavailable
cache-control: private, max-age=0, no-cache, no-store
content-type: text/html
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
pragma: no-cache
Connection: close


<html>
  <head>
    <meta name="viewport" content="width=device-width, initial-scale=1">

    <style type="text/css">
      body {
        font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
        line-height: 1.66666667;
        font-size: 16px;
        color: #333;
        background-color: #fff;
        margin: 2em 1em;
      }
      h1 {
        font-size: 28px;
        font-weight: 400;
      }
      p {
        margin: 0 0 10px;
      }
      .alert.alert-info {
        background-color: #F0F0F0;
        margin-top: 30px;
        padding: 30px;
      }
      .alert p {
        padding-left: 35px;
      }
      ul {
        padding-left: 51px;
        position: relative;
      }
      li {
        font-size: 14px;
        margin-bottom: 1em;
      }
      p.info {
        position: relative;
        font-size: 20px;
      }
      p.info:before, p.info:after {
        content: "";
        left: 0;
        position: absolute;
        top: 0;
      }
      p.info:before {
        background: #0066CC;
        border-radius: 16px;
        color: #fff;
        content: "i";
        font: bold 16px/24px serif;
        height: 24px;
        left: 0px;
        text-align: center;
        top: 4px;
        width: 24px;
      }

      @media (min-width: 768px) {
        body {
          margin: 6em;
        }
      }
    </style>
  </head>
  <body>
    <div>
      <h1>Application is not available</h1>
      <p>The application is currently not serving requests at this endpoint. It may not have been started or is still starting.</p>

      <div class="alert alert-info">
        <p class="info">
          Possible reasons you are seeing this page:
        </p>
        <ul>
          <li>
            <strong>The host doesn't exist.</strong>
            Make sure the hostname was typed correctly and that a route matching this hostname exists.
          </li>
          <li>
            <strong>The host exists, but doesn't have a matching path.</strong>
            Check if the URL path was typed correctly and that the route was created using the desired path.
          </li>
          <li>
            <strong>Route and path matches, but all pods are down.</strong>
            Make sure that the resources exposed by this route (pods, services, deployment configs, etc) have at least one pod running.
          </li>
        </ul>
      </div>
    </div>
  </body>
</html>

HTTP/1.1 400 Bad Request
Date: Tue, 13 Jan 2026 00:24:03 GMT
Content-Type: application/json
Content-Length: 23
Connection: close
x-amzn-RequestId: fcfa6048-d6a1-4107-8c2a-8e2fe1c4d219
x-amzn-ErrorType: ForbiddenException
x-amz-apigw-id: XGOJjFNsFiAEGkQ=


{"message":"Forbidden"}

HTTP/1.1 400 Bad Request
Date: Tue, 13 Jan 2026 00:24:03 GMT
Content-Type: application/json
Content-Length: 23
Connection: close
x-amzn-RequestId: ce2e408a-8df9-4563-83e0-f2413e41fe61
x-amzn-ErrorType: ForbiddenException
x-amz-apigw-id: XGOJmFVoFiAEaSg=


{"message":"Forbidden"}

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Tue, 13 Jan 2026 00:24:02 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Tue, 13 Jan 2026 00:24:02 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Tue, 13 Jan 2026 00:19:46 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Tue, 13 Jan 2026 00:19:46 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 400 Bad Request
Date: Tue, 13 Jan 2026 00:19:39 GMT
Content-Type: application/json
Content-Length: 23
Connection: close
x-amzn-RequestId: 1f3da642-640d-496c-8452-7a467ab6cd4d
x-amzn-ErrorType: ForbiddenException
x-amz-apigw-id: XGNgSGRHFiAEQ6Q=


{"message":"Forbidden"}

HTTP/1.1 400 Bad Request
Date: Tue, 13 Jan 2026 00:19:38 GMT
Content-Type: application/json
Content-Length: 23
Connection: close
x-amzn-RequestId: 863f5511-5c05-4cc5-85e7-a0a842044062
x-amzn-ErrorType: ForbiddenException
x-amz-apigw-id: XGNgQH9-FiAEe_A=


{"message":"Forbidden"}

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://financemeeting.crif.com/
Date: Sun, 11 Jan 2026 23:14:25 GMT
Connection: close

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Location: https://www.crif.it/tomorrow-speaks/
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Length: 159
Date: Sun, 11 Jan 2026 23:13:43 GMT
Connection: close
Set-Cookie: X-Mapping-cnaaejcl=386672CA3DE04F7A24BE9613E098F0AF; path=/
Strict-Transport-Security: max-age=86400

Page title: Document Moved

<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="https://www.crif.it/tomorrow-speaks/">here</a></body>

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Location: https://www.crif.it/tomorrow-speaks/
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Length: 159
Date: Sun, 11 Jan 2026 23:13:43 GMT
Connection: close
Set-Cookie: X-Mapping-cnaaejcl=B1F1169192C2733B51B6CB09FA1E76AC; path=/
Strict-Transport-Security: max-age=86400

Page title: Document Moved

<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="https://www.crif.it/tomorrow-speaks/">here</a></body>

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://financemeeting.crif.com/
Date: Sun, 11 Jan 2026 23:14:24 GMT
Connection: close

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://www.financemeeting.crif.com/
Date: Sun, 11 Jan 2026 23:12:35 GMT
Connection: close

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Location: https://www.crif.it/tomorrow-speaks/
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Length: 159
Date: Sun, 11 Jan 2026 23:11:54 GMT
Connection: close
Set-Cookie: X-Mapping-cnaaejcl=386672CA3DE04F7A24BE9613E098F0AF; path=/
Strict-Transport-Security: max-age=86400

Page title: Document Moved

<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="https://www.crif.it/tomorrow-speaks/">here</a></body>

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://www.financemeeting.crif.com/
Date: Sun, 11 Jan 2026 23:12:35 GMT
Connection: close

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Location: https://www.crif.it/tomorrow-speaks/
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Length: 159
Date: Sun, 11 Jan 2026 23:11:54 GMT
Connection: close
Set-Cookie: X-Mapping-cnaaejcl=386672CA3DE04F7A24BE9613E098F0AF; path=/
Strict-Transport-Security: max-age=86400

Page title: Document Moved

<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="https://www.crif.it/tomorrow-speaks/">here</a></body>

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Location: https://www.crif.com/
Content-Length: 0
Date: Sun, 11 Jan 2026 15:20:03 GMT
Connection: close
Strict-Transport-Security: max-age=86400

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://crif.com/
Date: Sun, 11 Jan 2026 15:20:44 GMT
Connection: close

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://crif.com/
Date: Sun, 11 Jan 2026 15:20:45 GMT
Connection: close

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Location: https://www.crif.com/
Content-Length: 0
Date: Sun, 11 Jan 2026 15:20:02 GMT
Connection: close
Strict-Transport-Security: max-age=86400

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Date: Sun, 11 Jan 2026 15:14:49 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding
Set-Cookie: X-Mapping-edenaaei=B19E5B5E9BC8512936D839566494B3D6; path=/
Strict-Transport-Security: max-age=86400

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://www.crif.com/
Date: Sun, 11 Jan 2026 15:15:30 GMT
Connection: close

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Date: Sun, 11 Jan 2026 15:14:48 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding
Set-Cookie: X-Mapping-edenaaei=DE067BDA48672B48F80DEA3D2DFF1A83; path=/
Strict-Transport-Security: max-age=86400

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://www.crif.com/
Date: Sun, 11 Jan 2026 15:15:30 GMT
Connection: close

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Sun, 11 Jan 2026 00:03:15 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Sun, 11 Jan 2026 00:03:15 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Sun, 11 Jan 2026 00:03:14 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Sun, 11 Jan 2026 00:03:14 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 308 Permanent Redirect
content-security-policy-report-only: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: Authorization, Authentication, X-Auth-Token
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Host: easycaice.crif.com
Location: web/portal
x-xss-protection: 0
access-control-allow-origin: https://easycaice.crif.com
x-content-type-options: nosniff
Connection: close
set-cookie: fcf3f9b9169af422d376e25c880d6e63=d47d33996bb8f45920ca18c82b69f0de; path=/; HttpOnly
Set-Cookie: flag3=true
referrer-policy: no-referrer
permissions-policy: geolocation=(), camera=(), microphone=()
Content-Length: 0

HTTP/1.1 401 
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Sat, 10 Jan 2026 00:49:33 GMT
set-cookie: 61c4ba5a4a8223c9b3ad12cde81f284a=e770437135aa062c08d8d4cfea73536f; path=/; HttpOnly
connection: close
Strict-Transport-Security: max-age=16070400; includeSubDomains
Set-Cookie: TS01d90829=01182a6105002dad406b7c2c0cca3271ae9e6d6998c7d558da4dc6681a0147a12bb0b00db35d9c5a651da495f680dd453ffeeed85f69ba14f4068c5097ab7c0c7003c564ec; Path=/
Transfer-Encoding: chunked


{"message":"authentication is null"}

HTTP/1.1 404 Not Found
Date: Fri, 09 Jan 2026 14:51:29 GMT
Connection: close
Transfer-Encoding: chunked

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html
Last-Modified: Thu, 18 Dec 2025 13:41:58 GMT
Accept-Ranges: bytes
ETag: "0178a142470dc1:0"
X-Content-Type-Options: nosniff
Date: Fri, 09 Jan 2026 14:29:11 GMT
Connection: close
Content-Length: 2098
Strict-Transport-Security: max-age=86400; includeSubdomains

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-CaQ7Rv48.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 404 Not Found
Date: Fri, 09 Jan 2026 14:25:46 GMT
Connection: close
Transfer-Encoding: chunked

HTTP/1.1 200 OK
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-eval' https://*.usercentrics.eu https://crif.matomo.cloud https://browser-update.org https://maps.googleapis.com https://*.productfruits.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://*.typekit.net https://*.googleapis.com https://*.productfruits.com ; font-src 'self' https://*.typekit.net https://*.googleapis.com https://fonts.gstatic.com; connect-src 'self' https://*.usercentrics.eu https://*.googleapis.com https://*.matomo.cloud https://*.productfruits.com wss://ws2.productfruits.com; img-src 'self' data: https://*.usercentrics.eu https://*.googleapis.com https://*.gstatic.com https://cdn-assets.productfruits.com; object-src 'none'; form-action 'none'; frame-src 'self' https://www.youtube.com https://youtu.be https://www.google.com
cache-control: no-cache
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jan 2026 13:49:39 GMT
accept-ranges: bytes
etag: "691b2ccc-832"
X-Content-Type-Options: nosniff
Connection: close
set-cookie: d1f6c455fc7ed436dd123eb1f606651c=51d62348379db8ede66f5b9a0e8a3542; path=/; HttpOnly
last-modified: Mon, 17 Nov 2025 14:10:20 GMT
Referrer-Policy: strict-origin-when-cross-origin
content-length: 2098
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-BoV9ocYN.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 403 
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
content-length: 0
date: Fri, 09 Jan 2026 10:48:26 GMT
set-cookie: 1dddc2cf4ffd291fc3807fac4ed6fe6d=fdcf4a524334f45141da503841f571a3; path=/; HttpOnly
connection: close
Strict-Transport-Security: max-age=16070400; includeSubDomains
Set-Cookie: TS01d90829=01182a610580ff6048be98c944be8bed5caec5025f1477ef3243227c42e9d11aa6d0b656c3be9a6202c7c821a08bfc9fbee878fe63237b83e75b8c050b9e54c8c4c47b1e22; Path=/

HTTP/1.1 200 OK
server: istio-envoy
cache-control: no-cache
content-type: text/html; charset=utf-8
Strict-Transport-Security: max-age=31536000; includeSubDomains
date: Fri, 09 Jan 2026 10:13:53 GMT
expires: Fri, 09 Jan 2026 10:13:52 GMT
x-envoy-upstream-service-time: 1
accept-ranges: bytes
etag: "695e7d6a-1ee8"
x-content-type-options: nosniff
Connection: close
set-cookie: cde10909e10b5e7662ea3ff69f8f6388=b3816cba29cdf898433331ba03960fbb; path=/; HttpOnly
last-modified: Wed, 07 Jan 2026 15:36:10 GMT
content-length: 7912

Page title: Open Banking - Connect your accounts

<!DOCTYPE html><html lang="en"><head>
    <meta charset="utf-8">
    <title>Open Banking - Connect your accounts</title>
    <base href="/">
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
    <link rel="icon" type="image/x-icon" href="favicon.ico">
<style>.spinner-border.custom-spinner{width:4rem;height:4rem;border-color:#343a40;border-right-color:transparent;border-width:.5em}.preloader{position:fixed;top:0;left:0;width:100%;height:100%;overflow:hidden;background-color:#fff;z-index:9999;transition:opacity .65s}.preloader-progress{position:absolute;top:0;left:0;bottom:0;right:0;margin:auto;overflow:auto;align-content:center;text-align:center}:root{--fa-style-family-brands:"Font Awesome 6 Brands";--fa-font-brands:normal 400 1em/1 "Font Awesome 6 Brands"}@font-face{font-family:"Font Awesome 6 Brands";font-style:normal;font-weight:400;font-display:block;src:url(fa-brands-400.87587a681474fe69.woff2) format("woff2"),url(fa-brands-400.5d18d427c08f12c3.ttf) format("truetype")}:root{--fa-style-family-classic:"Font Awesome 6 Free";--fa-font-regular:normal 400 1em/1 "Font Awesome 6 Free"}@font-face{font-family:"Font Awesome 6 Free";font-style:normal;font-weight:400;font-display:block;src:url(fa-regular-400.3ccdbd3d093918cb.woff2) format("woff2"),url(fa-regular-400.81482cd4d93fbfd4.ttf) format("truetype")}:root{--fa-style-family-classic:"Font Awesome 6 Free";--fa-font-solid:normal 900 1em/1 "Font Awesome 6 Free"}@font-face{font-family:"Font Awesome 6 Free";font-style:normal;font-weight:900;font-display:block;src:url(fa-solid-900.0b0cc8a6df2a4fc7.woff2) format("woff2"),url(fa-solid-900.69d3141ae4b2f721.ttf) format("truetype")}.sr-only{position:absolute;width:1px;height:1px;padding:0;margin:-1px;overflow:hidden;clip:rect(0,0,0,0);white-space:nowrap;border-width:0}@charset "UTF-8";:root{--bs-blue:#016fd0;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#e30101;--bs-orange:#fb9711;--bs-yellow:#ffd500;--bs-green:#48ad73;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-black:#000;--bs-white:#fff;--bs-gray:#979797;--bs-gray-dark:#595959;--bs-gray-100:#f6f6f6;--bs-gray-200:#e9e9e9;--bs-gray-300:#dddddd;--bs-gray-400:#cecece;--bs-gray-500:#adadad;--bs-gray-600:#979797;--bs-gray-700:#6c6c6c;--bs-gray-800:#595959;--bs-gray-900:#222222;--bs-primary:#003671;--bs-secondary:#6c6c6c;--bs-success:#1a9850;--bs-info:#016fd0;--bs-warning:#ffd500;--bs-danger:#e30101;--bs-light:#f6f6f6;--bs-dark:#222222;--bs-primary-rgb:0, 54, 113;--bs-secondary-rgb:108, 108, 108;--bs-success-rgb:26, 152, 80;--bs-info-rgb:1, 111, 208;--bs-warning-rgb:255, 213, 0;--bs-danger-rgb:227, 1, 1;--bs-light-rgb:246, 246, 246;--bs-dark-rgb:34, 34, 34;--bs-primary-text-emphasis:#00162d;--bs-secondary-text-emphasis:#2b2b2b;--bs-success-text-emphasis:#0a3d20;--bs-info-text-emphasis:#002c53;--bs-warning-text-emphasis:#665500;--bs-danger-text-emphasis:#5b0000;--bs-light-text-emphasis:#6c6c6c;--bs-dark-text-emphasis:#6c6c6c;--bs-primary-bg-subtle:#ccd7e3;--bs-secondary-bg-subtle:#e2e2e2;--bs-success-bg-subtle:#d1eadc;--bs-info-bg-subtle:#cce2f6;--bs-warning-bg-subtle:#fff7cc;--bs-danger-bg-subtle:#f9cccc;--bs-light-bg-subtle:#fbfbfb;--bs-dark-bg-subtle:#cecece;--bs-primary-border-subtle:#99afc6;--bs-secondary-border-subtle:#c4c4c4;--bs-success-border-subtle:#a3d6b9;--bs-info-border-subtle:#99c5ec;--bs-warning-border-subtle:#ffee99;--bs-danger-border-subtle:#f49999;--bs-light-border-subtle:#e9e9e9;--bs-dark-border-subtle:#adadad;--bs-white-rgb:255, 255, 255;--bs-black-rgb:0, 0, 0;--bs-font-sans-serif:"Open Sans", system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", "Noto Sans", "Liberation Sans", Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";--bs-font-monospace:SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace;--bs-gradient:linear-gradient(180deg, rgba(255, 255, 255, .15), rgba(255, 255, 255, 0));--bs-body-font-family:var(--bs-font-sans-serif);--bs-body-font-size:.875rem;--bs-body-font-weight:400;--bs-body-line-height:1.5;--bs-body-color:#2

HTTP/1.1 403 Forbidden
server: istio-envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
Strict-Transport-Security: max-age=31536000; includeSubDomains
date: Fri, 09 Jan 2026 10:13:53 GMT
expires: 0
x-xss-protection: 0
pragma: no-cache
x-envoy-upstream-service-time: 2
x-content-type-options: nosniff
Connection: close
set-cookie: 6033869746a74134db72cd123445a8db=b3816cba29cdf898433331ba03960fbb; path=/; HttpOnly
x-frame-options: DENY
content-length: 0

HTTP/1.1 403 
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
Strict-Transport-Security: max-age=31536000; includeSubDomains
date: Fri, 09 Jan 2026 09:57:23 GMT
expires: 0
x-xss-protection: 0
pragma: no-cache
x-content-type-options: nosniff
Connection: close
set-cookie: 7a21caab1e7d8d8cbd12a5bf788edea1=fe97ce0dcbbad71d857a91e043018437; path=/; HttpOnly
x-frame-options: DENY
content-length: 0

HTTP/1.1 200 OK
server: nginx/1.27.5
cache-control: no-cache
content-type: text/html; charset=utf-8
Strict-Transport-Security: max-age=31536000; includeSubDomains
date: Fri, 09 Jan 2026 09:57:22 GMT
expires: Fri, 09 Jan 2026 09:57:21 GMT
accept-ranges: bytes
etag: "69455fb0-1ee8"
x-content-type-options: nosniff
Connection: close
set-cookie: b05cac81b5d1b0bc8daa7e331981b9e1=2e577f25ecf392f98af75397a723e5b6; path=/; HttpOnly
last-modified: Fri, 19 Dec 2025 14:22:40 GMT
content-length: 7912

Page title: Open Banking - Connect your accounts

<!DOCTYPE html><html lang="en"><head>
    <meta charset="utf-8">
    <title>Open Banking - Connect your accounts</title>
    <base href="/">
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
    <link rel="icon" type="image/x-icon" href="favicon.ico">
<style>.spinner-border.custom-spinner{width:4rem;height:4rem;border-color:#343a40;border-right-color:transparent;border-width:.5em}.preloader{position:fixed;top:0;left:0;width:100%;height:100%;overflow:hidden;background-color:#fff;z-index:9999;transition:opacity .65s}.preloader-progress{position:absolute;top:0;left:0;bottom:0;right:0;margin:auto;overflow:auto;align-content:center;text-align:center}:root{--fa-style-family-brands:"Font Awesome 6 Brands";--fa-font-brands:normal 400 1em/1 "Font Awesome 6 Brands"}@font-face{font-family:"Font Awesome 6 Brands";font-style:normal;font-weight:400;font-display:block;src:url(fa-brands-400.87587a681474fe69.woff2) format("woff2"),url(fa-brands-400.5d18d427c08f12c3.ttf) format("truetype")}:root{--fa-style-family-classic:"Font Awesome 6 Free";--fa-font-regular:normal 400 1em/1 "Font Awesome 6 Free"}@font-face{font-family:"Font Awesome 6 Free";font-style:normal;font-weight:400;font-display:block;src:url(fa-regular-400.3ccdbd3d093918cb.woff2) format("woff2"),url(fa-regular-400.81482cd4d93fbfd4.ttf) format("truetype")}:root{--fa-style-family-classic:"Font Awesome 6 Free";--fa-font-solid:normal 900 1em/1 "Font Awesome 6 Free"}@font-face{font-family:"Font Awesome 6 Free";font-style:normal;font-weight:900;font-display:block;src:url(fa-solid-900.0b0cc8a6df2a4fc7.woff2) format("woff2"),url(fa-solid-900.69d3141ae4b2f721.ttf) format("truetype")}.sr-only{position:absolute;width:1px;height:1px;padding:0;margin:-1px;overflow:hidden;clip:rect(0,0,0,0);white-space:nowrap;border-width:0}@charset "UTF-8";:root{--bs-blue:#016fd0;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#e30101;--bs-orange:#fb9711;--bs-yellow:#ffd500;--bs-green:#48ad73;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-black:#000;--bs-white:#fff;--bs-gray:#979797;--bs-gray-dark:#595959;--bs-gray-100:#f6f6f6;--bs-gray-200:#e9e9e9;--bs-gray-300:#dddddd;--bs-gray-400:#cecece;--bs-gray-500:#adadad;--bs-gray-600:#979797;--bs-gray-700:#6c6c6c;--bs-gray-800:#595959;--bs-gray-900:#222222;--bs-primary:#003671;--bs-secondary:#6c6c6c;--bs-success:#1a9850;--bs-info:#016fd0;--bs-warning:#ffd500;--bs-danger:#e30101;--bs-light:#f6f6f6;--bs-dark:#222222;--bs-primary-rgb:0, 54, 113;--bs-secondary-rgb:108, 108, 108;--bs-success-rgb:26, 152, 80;--bs-info-rgb:1, 111, 208;--bs-warning-rgb:255, 213, 0;--bs-danger-rgb:227, 1, 1;--bs-light-rgb:246, 246, 246;--bs-dark-rgb:34, 34, 34;--bs-primary-text-emphasis:#00162d;--bs-secondary-text-emphasis:#2b2b2b;--bs-success-text-emphasis:#0a3d20;--bs-info-text-emphasis:#002c53;--bs-warning-text-emphasis:#665500;--bs-danger-text-emphasis:#5b0000;--bs-light-text-emphasis:#6c6c6c;--bs-dark-text-emphasis:#6c6c6c;--bs-primary-bg-subtle:#ccd7e3;--bs-secondary-bg-subtle:#e2e2e2;--bs-success-bg-subtle:#d1eadc;--bs-info-bg-subtle:#cce2f6;--bs-warning-bg-subtle:#fff7cc;--bs-danger-bg-subtle:#f9cccc;--bs-light-bg-subtle:#fbfbfb;--bs-dark-bg-subtle:#cecece;--bs-primary-border-subtle:#99afc6;--bs-secondary-border-subtle:#c4c4c4;--bs-success-border-subtle:#a3d6b9;--bs-info-border-subtle:#99c5ec;--bs-warning-border-subtle:#ffee99;--bs-danger-border-subtle:#f49999;--bs-light-border-subtle:#e9e9e9;--bs-dark-border-subtle:#adadad;--bs-white-rgb:255, 255, 255;--bs-black-rgb:0, 0, 0;--bs-font-sans-serif:"Open Sans", system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", "Noto Sans", "Liberation Sans", Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";--bs-font-monospace:SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace;--bs-gradient:linear-gradient(180deg, rgba(255, 255, 255, .15), rgba(255, 255, 255, 0));--bs-body-font-family:var(--bs-font-sans-serif);--bs-body-font-size:.875rem;--bs-body-font-weight:400;--bs-body-line-height:1.5;--bs-body-color:#2

HTTP/1.1 403 
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
Strict-Transport-Security: max-age=31536000; includeSubDomains
date: Fri, 09 Jan 2026 09:47:25 GMT
expires: 0
x-xss-protection: 0
pragma: no-cache
x-content-type-options: nosniff
Connection: close
set-cookie: 7576384ccbdfb7a51004722e85a9b175=30f246f8cd6bcde875cb2e1d0a398d64; path=/; HttpOnly
x-frame-options: DENY
content-length: 0

HTTP/1.1 200 OK
server: nginx/1.27.5
cache-control: no-cache
content-type: text/html; charset=utf-8
Strict-Transport-Security: max-age=31536000; includeSubDomains
date: Fri, 09 Jan 2026 09:47:24 GMT
expires: Fri, 09 Jan 2026 09:47:23 GMT
accept-ranges: bytes
etag: "695f69c4-1ee8"
x-content-type-options: nosniff
Connection: close
set-cookie: 0f6112b4b606b2cb3fc296329eb8c3b2=6c86be2a94e8666c69baac209e5c0827; path=/; HttpOnly
last-modified: Thu, 08 Jan 2026 08:24:36 GMT
content-length: 7912

Page title: Open Banking - Connect your accounts

<!DOCTYPE html><html lang="en"><head>
    <meta charset="utf-8">
    <title>Open Banking - Connect your accounts</title>
    <base href="/">
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
    <link rel="icon" type="image/x-icon" href="favicon.ico">
<style>.spinner-border.custom-spinner{width:4rem;height:4rem;border-color:#343a40;border-right-color:transparent;border-width:.5em}.preloader{position:fixed;top:0;left:0;width:100%;height:100%;overflow:hidden;background-color:#fff;z-index:9999;transition:opacity .65s}.preloader-progress{position:absolute;top:0;left:0;bottom:0;right:0;margin:auto;overflow:auto;align-content:center;text-align:center}:root{--fa-style-family-brands:"Font Awesome 6 Brands";--fa-font-brands:normal 400 1em/1 "Font Awesome 6 Brands"}@font-face{font-family:"Font Awesome 6 Brands";font-style:normal;font-weight:400;font-display:block;src:url(fa-brands-400.87587a681474fe69.woff2) format("woff2"),url(fa-brands-400.5d18d427c08f12c3.ttf) format("truetype")}:root{--fa-style-family-classic:"Font Awesome 6 Free";--fa-font-regular:normal 400 1em/1 "Font Awesome 6 Free"}@font-face{font-family:"Font Awesome 6 Free";font-style:normal;font-weight:400;font-display:block;src:url(fa-regular-400.3ccdbd3d093918cb.woff2) format("woff2"),url(fa-regular-400.81482cd4d93fbfd4.ttf) format("truetype")}:root{--fa-style-family-classic:"Font Awesome 6 Free";--fa-font-solid:normal 900 1em/1 "Font Awesome 6 Free"}@font-face{font-family:"Font Awesome 6 Free";font-style:normal;font-weight:900;font-display:block;src:url(fa-solid-900.0b0cc8a6df2a4fc7.woff2) format("woff2"),url(fa-solid-900.69d3141ae4b2f721.ttf) format("truetype")}.sr-only{position:absolute;width:1px;height:1px;padding:0;margin:-1px;overflow:hidden;clip:rect(0,0,0,0);white-space:nowrap;border-width:0}@charset "UTF-8";:root{--bs-blue:#016fd0;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#e30101;--bs-orange:#fb9711;--bs-yellow:#ffd500;--bs-green:#48ad73;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-black:#000;--bs-white:#fff;--bs-gray:#979797;--bs-gray-dark:#595959;--bs-gray-100:#f6f6f6;--bs-gray-200:#e9e9e9;--bs-gray-300:#dddddd;--bs-gray-400:#cecece;--bs-gray-500:#adadad;--bs-gray-600:#979797;--bs-gray-700:#6c6c6c;--bs-gray-800:#595959;--bs-gray-900:#222222;--bs-primary:#003671;--bs-secondary:#6c6c6c;--bs-success:#1a9850;--bs-info:#016fd0;--bs-warning:#ffd500;--bs-danger:#e30101;--bs-light:#f6f6f6;--bs-dark:#222222;--bs-primary-rgb:0, 54, 113;--bs-secondary-rgb:108, 108, 108;--bs-success-rgb:26, 152, 80;--bs-info-rgb:1, 111, 208;--bs-warning-rgb:255, 213, 0;--bs-danger-rgb:227, 1, 1;--bs-light-rgb:246, 246, 246;--bs-dark-rgb:34, 34, 34;--bs-primary-text-emphasis:#00162d;--bs-secondary-text-emphasis:#2b2b2b;--bs-success-text-emphasis:#0a3d20;--bs-info-text-emphasis:#002c53;--bs-warning-text-emphasis:#665500;--bs-danger-text-emphasis:#5b0000;--bs-light-text-emphasis:#6c6c6c;--bs-dark-text-emphasis:#6c6c6c;--bs-primary-bg-subtle:#ccd7e3;--bs-secondary-bg-subtle:#e2e2e2;--bs-success-bg-subtle:#d1eadc;--bs-info-bg-subtle:#cce2f6;--bs-warning-bg-subtle:#fff7cc;--bs-danger-bg-subtle:#f9cccc;--bs-light-bg-subtle:#fbfbfb;--bs-dark-bg-subtle:#cecece;--bs-primary-border-subtle:#99afc6;--bs-secondary-border-subtle:#c4c4c4;--bs-success-border-subtle:#a3d6b9;--bs-info-border-subtle:#99c5ec;--bs-warning-border-subtle:#ffee99;--bs-danger-border-subtle:#f49999;--bs-light-border-subtle:#e9e9e9;--bs-dark-border-subtle:#adadad;--bs-white-rgb:255, 255, 255;--bs-black-rgb:0, 0, 0;--bs-font-sans-serif:"Open Sans", system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", "Noto Sans", "Liberation Sans", Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";--bs-font-monospace:SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace;--bs-gradient:linear-gradient(180deg, rgba(255, 255, 255, .15), rgba(255, 255, 255, 0));--bs-body-font-family:var(--bs-font-sans-serif);--bs-body-font-size:.875rem;--bs-body-font-weight:400;--bs-body-line-height:1.5;--bs-body-color:#2

HTTP/1.1 200 OK
server: nginx/1.27.5
cache-control: no-cache
content-type: text/html; charset=utf-8
Strict-Transport-Security: max-age=31536000; includeSubDomains
date: Fri, 09 Jan 2026 09:38:18 GMT
expires: Fri, 09 Jan 2026 09:38:17 GMT
accept-ranges: bytes
etag: "695e7232-3d4e"
x-content-type-options: nosniff
Connection: close
set-cookie: 5825d548e8895b11085de6729aabd905=5677e47e1aa30c2846cc8e77e23e2913; path=/; HttpOnly
last-modified: Wed, 07 Jan 2026 14:48:18 GMT
content-length: 15694

Page title: NEOS Portal

<!DOCTYPE html><html lang="en"><head><base href="/">
	<meta charset="utf-8">
	<title>NEOS Portal</title>
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<link rel="icon" type="image/x-icon" href="favicon.ico">
	<link rel="stylesheet" href="./assets/css/fonts/OpenSans.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="./assets/css/fonts/OpenSans.css"></noscript>
	<link rel="stylesheet" href="./assets/css/fonts/Poppins.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="./assets/css/fonts/Poppins.css"></noscript>
	<style>:root{--bs-blue:#016fd0;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#e30101;--bs-orange:#fb9711;--bs-yellow:#ffd500;--bs-green:#48ad73;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-black:#000;--bs-white:#fff;--bs-gray:#979797;--bs-gray-dark:#595959;--bs-gray-100:#f6f6f6;--bs-gray-200:#e9e9e9;--bs-gray-300:#dddddd;--bs-gray-400:#cecece;--bs-gray-500:#adadad;--bs-gray-600:#979797;--bs-gray-700:#6c6c6c;--bs-gray-800:#595959;--bs-gray-900:#222222;--bs-primary:#003671;--bs-secondary:#6c6c6c;--bs-success:#1a9850;--bs-info:#016fd0;--bs-warning:#ffd500;--bs-danger:#e30101;--bs-light:#f6f6f6;--bs-dark:#222222;--bs-primary-rgb:0, 54, 113;--bs-secondary-rgb:108, 108, 108;--bs-success-rgb:26, 152, 80;--bs-info-rgb:1, 111, 208;--bs-warning-rgb:255, 213, 0;--bs-danger-rgb:227, 1, 1;--bs-light-rgb:246, 246, 246;--bs-dark-rgb:34, 34, 34;--bs-primary-text-emphasis:#00162d;--bs-secondary-text-emphasis:#2b2b2b;--bs-success-text-emphasis:#0a3d20;--bs-info-text-emphasis:#002c53;--bs-warning-text-emphasis:#665500;--bs-danger-text-emphasis:#5b0000;--bs-light-text-emphasis:#6c6c6c;--bs-dark-text-emphasis:#6c6c6c;--bs-primary-bg-subtle:#ccd7e3;--bs-secondary-bg-subtle:#e2e2e2;--bs-success-bg-subtle:#d1eadc;--bs-info-bg-subtle:#cce2f6;--bs-warning-bg-subtle:#fff7cc;--bs-danger-bg-subtle:#f9cccc;--bs-light-bg-subtle:#fbfbfb;--bs-dark-bg-subtle:#cecece;--bs-primary-border-subtle:#99afc6;--bs-secondary-border-subtle:#c4c4c4;--bs-success-border-subtle:#a3d6b9;--bs-info-border-subtle:#99c5ec;--bs-warning-border-subtle:#ffee99;--bs-danger-border-subtle:#f49999;--bs-light-border-subtle:#e9e9e9;--bs-dark-border-subtle:#adadad;--bs-white-rgb:255, 255, 255;--bs-black-rgb:0, 0, 0;--bs-font-sans-serif:"Open Sans", system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", "Noto Sans", "Liberation Sans", Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";--bs-font-monospace:SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace;--bs-gradient:linear-gradient(180deg, rgba(255, 255, 255, 0.15), rgba(255, 255, 255, 0));--bs-body-font-family:var(--bs-font-sans-serif);--bs-body-font-size:0.875rem;--bs-body-font-weight:400;--bs-body-line-height:1.5;--bs-body-color:#222222;--bs-body-color-rgb:34, 34, 34;--bs-body-bg:#fff;--bs-body-bg-rgb:255, 255, 255;--bs-emphasis-color:#000;--bs-emphasis-color-rgb:0, 0, 0;--bs-secondary-color:rgba(34, 34, 34, 0.75);--bs-secondary-color-rgb:34, 34, 34;--bs-secondary-bg:#e9e9e9;--bs-secondary-bg-rgb:233, 233, 233;--bs-tertiary-color:rgba(34, 34, 34, 0.5);--bs-tertiary-color-rgb:34, 34, 34;--bs-tertiary-bg:#f6f6f6;--bs-tertiary-bg-rgb:246, 246, 246;--bs-heading-color:#003671;--bs-link-color:#016fd0;--bs-link-color-rgb:1, 111, 208;--bs-link-decoration:underline;--bs-link-hover-color:#0159a6;--bs-link-hover-color-rgb:1, 89, 166;--bs-code-color:#d63384;--bs-highlight-bg:#fff2b0;--bs-border-width:1px;--bs-border-style:solid;--bs-border-color:#dddddd;--bs-border-color-translucent:rgba(0, 0, 0, 0.175);--bs-border-radius:0.375rem;--bs-border-radius-sm:0.25rem;--bs-border-radius-lg:0.5rem;--bs-border-radius-xl:1rem;--bs-border-radius-xxl:2rem;--bs-border-radius-2xl:var(--bs-border-radius-xxl);--bs-border-radius-pill:50rem;--bs-box-shadow:0 0.5rem 1rem rgba(0, 0, 0, 0.15);--bs-box-shadow-sm:0 0.125rem 0.25rem rgba(0, 0, 0, 0.075);--bs-box-shadow-lg:0 1rem 3rem rgba(0, 0, 0, 0.175);--bs-box-shadow-inset:inset 0 1px 2px rgba(0, 0, 0, 0.075);--bs-fo

HTTP/1.1 401 
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
Strict-Transport-Security: max-age=31536000; includeSubDomains
date: Fri, 09 Jan 2026 09:38:17 GMT
expires: 0
x-xss-protection: 0
pragma: no-cache
transfer-encoding: chunked
x-content-type-options: nosniff
Connection: close
set-cookie: a0941165e481ba292ecf12498c300873=3a7c2c56abd6f3bdcf8afd50df08ec22; path=/; HttpOnly
x-frame-options: DENY


{"message":"authentication is null"}

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html
Last-Modified: Thu, 18 Dec 2025 14:46:40 GMT
Accept-Ranges: bytes
ETag: "048641e2d70dc1:0"
X-Content-Type-Options: nosniff
Date: Fri, 09 Jan 2026 08:43:32 GMT
Connection: close
Content-Length: 2098
Strict-Transport-Security: max-age=86400; includeSubdomains

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-CaQ7Rv48.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 200 OK
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-eval' https://*.usercentrics.eu https://crif.matomo.cloud https://browser-update.org https://maps.googleapis.com https://*.productfruits.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://*.typekit.net https://*.googleapis.com https://*.productfruits.com ; font-src 'self' https://*.typekit.net https://*.googleapis.com https://fonts.gstatic.com; connect-src 'self' https://*.usercentrics.eu https://*.googleapis.com https://*.matomo.cloud https://*.productfruits.com wss://ws2.productfruits.com; img-src 'self' data: https://*.usercentrics.eu https://*.googleapis.com https://*.gstatic.com https://cdn-assets.productfruits.com; object-src 'none'; form-action 'none'; frame-src 'self' https://www.youtube.com https://youtu.be https://www.google.com
cache-control: no-cache
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jan 2026 08:36:33 GMT
accept-ranges: bytes
etag: "691b2ccc-832"
X-Content-Type-Options: nosniff
Connection: close
set-cookie: cc9faaa3a84fd09a0943f71cb6c743b8=20f04807c6747ee6498b52ced11ba81e; path=/; HttpOnly
last-modified: Mon, 17 Nov 2025 14:10:20 GMT
Referrer-Policy: strict-origin-when-cross-origin
content-length: 2098
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-BoV9ocYN.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 308 Permanent Redirect
content-security-policy-report-only: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=31536000 ; includeSubDomains
location: web/portal
expires: 0
pragma: no-cache
x-xss-protection: 1 ; mode=block
x-content-type-options: nosniff
Connection: close
set-cookie: ff2bd0f6f6722035e69e6c72d6d9a02f=b7ee0611415379166ab16d99e1f0c8dc; path=/; HttpOnly
referrer-policy: no-referrer
content-length: 0

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 588
Connection: close
Date: Thu, 08 Jan 2026 23:17:34 GMT
Last-Modified: Fri, 19 Dec 2025 09:21:14 GMT
ETag: "4edac856ca7ae0fc1f63abdc8df40eac"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 8e2b9bc1b41cb69d67514a54937a01e6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P6
X-Amz-Cf-Id: 3HQMyyPw0LQSZ4duTDI0vHQ_vd6Lt5Ctqb1Jpwxli6zTla7LvKEFMw==

Page title: Safe Trade

<!doctype html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <!-- <link rel="icon" type="image/svg+xml" href="/abc.ico" /> -->
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Safe Trade</title>
     <!-- <link rel="stylesheet" href="/node_modules/crif-design-system-bootstrap5/styles/css/fonts/Poppins.css" />  -->
    <script type="module" crossorigin src="./assets/index-DofiyilM.js"></script>
    <link rel="stylesheet" crossorigin href="./assets/index-CVNwRM6O.css">
  </head>
  <body>
    <div id="root"></div>
  </body>
</html>

HTTP/1.1 401 
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Fri, 02 Jan 2026 19:11:36 GMT
set-cookie: 61c4ba5a4a8223c9b3ad12cde81f284a=688706e505a39c811cd7972aa2251e28; path=/; HttpOnly
connection: close
Strict-Transport-Security: max-age=16070400; includeSubDomains
Set-Cookie: TS01d90829=01182a6105a537d2b111e9d22998a13763b537cff0206f19cfe04ce77cc9b98332853817d90289f8df2fd804274ccb5b1f81fbb294e3dde28211cd41be2b53278b7ad6428c; Path=/
Transfer-Encoding: chunked


{"message":"authentication is null"}

HTTP/1.1 404 Not Found
Date: Fri, 02 Jan 2026 18:02:35 GMT
Connection: close
Transfer-Encoding: chunked

HTTP/1.1 308 Permanent Redirect
content-security-policy-report-only: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: Authorization, Authentication, X-Auth-Token
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Host: easycaice.crif.com
Location: web/portal
x-xss-protection: 0
access-control-allow-origin: https://easycaice.crif.com
x-content-type-options: nosniff
Connection: close
set-cookie: fcf3f9b9169af422d376e25c880d6e63=d47d33996bb8f45920ca18c82b69f0de; path=/; HttpOnly
Set-Cookie: flag3=true
referrer-policy: no-referrer
permissions-policy: geolocation=(), camera=(), microphone=()
Content-Length: 0

HTTP/1.1 404 Not Found
Date: Fri, 02 Jan 2026 15:10:46 GMT
Connection: close
Transfer-Encoding: chunked

HTTP/1.1 200 OK
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-eval' https://*.usercentrics.eu https://crif.matomo.cloud https://browser-update.org https://maps.googleapis.com https://*.productfruits.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://*.typekit.net https://*.googleapis.com https://*.productfruits.com ; font-src 'self' https://*.typekit.net https://*.googleapis.com https://fonts.gstatic.com; connect-src 'self' https://*.usercentrics.eu https://*.googleapis.com https://*.matomo.cloud https://*.productfruits.com wss://ws2.productfruits.com; img-src 'self' data: https://*.usercentrics.eu https://*.googleapis.com https://*.gstatic.com https://cdn-assets.productfruits.com; object-src 'none'; form-action 'none'; frame-src 'self' https://www.youtube.com https://youtu.be https://www.google.com
cache-control: no-cache
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jan 2026 13:30:19 GMT
accept-ranges: bytes
etag: "691b2ccc-832"
X-Content-Type-Options: nosniff
Connection: close
set-cookie: d1f6c455fc7ed436dd123eb1f606651c=51d62348379db8ede66f5b9a0e8a3542; path=/; HttpOnly
last-modified: Mon, 17 Nov 2025 14:10:20 GMT
Referrer-Policy: strict-origin-when-cross-origin
content-length: 2098
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-BoV9ocYN.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Date: Fri, 02 Jan 2026 10:27:24 GMT
Location: https://margolaunchpad.crif.com/
Connection: close
Content-Length: 0

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Date: Fri, 02 Jan 2026 10:27:24 GMT
Location: https://businessdirectory.crif.com/
Connection: close
Content-Length: 0

HTTP/1.1 200 OK
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-eval' https://*.usercentrics.eu https://crif.matomo.cloud https://browser-update.org https://maps.googleapis.com https://*.productfruits.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://*.typekit.net https://*.googleapis.com https://*.productfruits.com ; font-src 'self' https://*.typekit.net https://*.googleapis.com https://fonts.gstatic.com; connect-src 'self' https://*.usercentrics.eu https://*.googleapis.com https://*.matomo.cloud https://*.productfruits.com wss://ws2.productfruits.com; img-src 'self' data: https://*.usercentrics.eu https://*.googleapis.com https://*.gstatic.com https://cdn-assets.productfruits.com; object-src 'none'; form-action 'none'; frame-src 'self' https://www.youtube.com https://youtu.be https://www.google.com
cache-control: no-cache
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jan 2026 10:11:03 GMT
accept-ranges: bytes
etag: "691b2ccc-832"
X-Content-Type-Options: nosniff
Connection: close
set-cookie: cc9faaa3a84fd09a0943f71cb6c743b8=20f04807c6747ee6498b52ced11ba81e; path=/; HttpOnly
last-modified: Mon, 17 Nov 2025 14:10:20 GMT
Referrer-Policy: strict-origin-when-cross-origin
content-length: 2098
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-BoV9ocYN.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html
Last-Modified: Thu, 18 Dec 2025 14:46:40 GMT
Accept-Ranges: bytes
ETag: "048641e2d70dc1:0"
X-Content-Type-Options: nosniff
Date: Fri, 02 Jan 2026 09:50:16 GMT
Connection: close
Content-Length: 2098
Strict-Transport-Security: max-age=86400; includeSubdomains

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-CaQ7Rv48.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Fri, 02 Jan 2026 06:53:02 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Fri, 02 Jan 2026 06:53:04 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Fri, 02 Jan 2026 06:53:03 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Fri, 02 Jan 2026 06:53:03 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Fri, 02 Jan 2026 06:53:03 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Fri, 02 Jan 2026 06:53:03 GMT
Content-Type: text/html
Content-Length: 118
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

HTTP/1.1 308 Permanent Redirect
content-security-policy-report-only: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=31536000 ; includeSubDomains
location: web/portal
expires: 0
pragma: no-cache
x-xss-protection: 1 ; mode=block
x-content-type-options: nosniff
Connection: close
set-cookie: ff2bd0f6f6722035e69e6c72d6d9a02f=b7ee0611415379166ab16d99e1f0c8dc; path=/; HttpOnly
referrer-policy: no-referrer
content-length: 0

HTTP/1.1 403 
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
content-length: 0
date: Fri, 02 Jan 2026 04:18:21 GMT
set-cookie: 1dddc2cf4ffd291fc3807fac4ed6fe6d=92694113b6ae5f4fa763e69c888e7a03; path=/; HttpOnly
connection: close
Strict-Transport-Security: max-age=16070400; includeSubDomains
Set-Cookie: TS01d90829=01182a61058dbbc5bfe3a67b9e0faf747c5f28a8d8692f08e55af59f16b6053e1533af471a4fc3f6f48413cb0333a6897ccbe670d667f2414853bc06cab96c2da8e46b26e9; Path=/

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 588
Connection: close
Date: Thu, 01 Jan 2026 23:18:46 GMT
Last-Modified: Fri, 19 Dec 2025 09:21:14 GMT
ETag: "4edac856ca7ae0fc1f63abdc8df40eac"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 2f495c2a75817f316afd4d3bb437bf0a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P6
X-Amz-Cf-Id: cZ8ml03OwL5tHmPXqR5ZdowNZUSV2XVthmxp6wS077nvfTw-LF3Psw==

Page title: Safe Trade

<!doctype html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <!-- <link rel="icon" type="image/svg+xml" href="/abc.ico" /> -->
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Safe Trade</title>
     <!-- <link rel="stylesheet" href="/node_modules/crif-design-system-bootstrap5/styles/css/fonts/Poppins.css" />  -->
    <script type="module" crossorigin src="./assets/index-DofiyilM.js"></script>
    <link rel="stylesheet" crossorigin href="./assets/index-CVNwRM6O.css">
  </head>
  <body>
    <div id="root"></div>
  </body>
</html>

HTTP/1.1 308 Permanent Redirect
content-security-policy-report-only: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: Authorization, Authentication, X-Auth-Token
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Host: easycaice.crif.com
Location: web/portal
x-xss-protection: 0
access-control-allow-origin: https://easycaice.crif.com
x-content-type-options: nosniff
Connection: close
set-cookie: fcf3f9b9169af422d376e25c880d6e63=d47d33996bb8f45920ca18c82b69f0de; path=/; HttpOnly
Set-Cookie: flag3=true
referrer-policy: no-referrer
permissions-policy: geolocation=(), camera=(), microphone=()
Content-Length: 0

HTTP/1.1 404 Not Found
Date: Tue, 23 Dec 2025 08:41:11 GMT
Connection: close
Transfer-Encoding: chunked

HTTP/1.1 404 Not Found
Date: Tue, 23 Dec 2025 05:56:19 GMT
Connection: close
Transfer-Encoding: chunked

HTTP/1.1 200 OK
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-eval' https://*.usercentrics.eu https://crif.matomo.cloud https://browser-update.org https://maps.googleapis.com https://*.productfruits.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://*.typekit.net https://*.googleapis.com https://*.productfruits.com ; font-src 'self' https://*.typekit.net https://*.googleapis.com https://fonts.gstatic.com; connect-src 'self' https://*.usercentrics.eu https://*.googleapis.com https://*.matomo.cloud https://*.productfruits.com wss://ws2.productfruits.com; img-src 'self' data: https://*.usercentrics.eu https://*.googleapis.com https://*.gstatic.com https://cdn-assets.productfruits.com; object-src 'none'; form-action 'none'; frame-src 'self' https://www.youtube.com https://youtu.be https://www.google.com
cache-control: no-cache
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Dec 2025 05:19:49 GMT
accept-ranges: bytes
etag: "691b2ccc-832"
X-Content-Type-Options: nosniff
Connection: close
set-cookie: cc9faaa3a84fd09a0943f71cb6c743b8=20f04807c6747ee6498b52ced11ba81e; path=/; HttpOnly
last-modified: Mon, 17 Nov 2025 14:10:20 GMT
Referrer-Policy: strict-origin-when-cross-origin
content-length: 2098
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-BoV9ocYN.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 308 Permanent Redirect
content-security-policy-report-only: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=31536000 ; includeSubDomains
location: web/portal
expires: 0
pragma: no-cache
x-xss-protection: 1 ; mode=block
x-content-type-options: nosniff
Connection: close
set-cookie: ff2bd0f6f6722035e69e6c72d6d9a02f=b7ee0611415379166ab16d99e1f0c8dc; path=/; HttpOnly
referrer-policy: no-referrer
content-length: 0

HTTP/1.1 403 
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
content-length: 0
date: Mon, 22 Dec 2025 19:53:42 GMT
set-cookie: 1dddc2cf4ffd291fc3807fac4ed6fe6d=53a008625327bd737fcd2bdae3cec85b; path=/; HttpOnly
connection: close
Strict-Transport-Security: max-age=16070400; includeSubDomains
Set-Cookie: TS01d90829=01182a6105fb181f3e745cbba35a9f4ae60dabd0345973f554d74c130d8c238983ba4d72265ad03ae41c181fb69adb67bcb4881389dab9e01bf597e3dc2bca8da87f22644e; Path=/

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html
Last-Modified: Thu, 18 Dec 2025 14:46:40 GMT
Accept-Ranges: bytes
ETag: "048641e2d70dc1:0"
X-Content-Type-Options: nosniff
Date: Mon, 22 Dec 2025 17:31:05 GMT
Connection: close
Content-Length: 2098
Strict-Transport-Security: max-age=86400; includeSubdomains

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-CaQ7Rv48.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html
Last-Modified: Thu, 18 Dec 2025 13:41:58 GMT
Accept-Ranges: bytes
ETag: "0178a142470dc1:0"
X-Content-Type-Options: nosniff
Date: Mon, 22 Dec 2025 15:03:25 GMT
Connection: close
Content-Length: 2098
Strict-Transport-Security: max-age=86400; includeSubdomains

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-CaQ7Rv48.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>

HTTP/1.1 401 
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Mon, 22 Dec 2025 13:17:32 GMT
set-cookie: 61c4ba5a4a8223c9b3ad12cde81f284a=688706e505a39c811cd7972aa2251e28; path=/; HttpOnly
connection: close
Strict-Transport-Security: max-age=16070400; includeSubDomains
Set-Cookie: TS01d90829=01182a61051f90a17fea30b79f64bc466824293b5f7ef26014c14abd686a71c162c93c2c86eca25e2b1b81ea64010822b19458b18775eab4a14e2aefc44fbb95d7559111bc; Path=/
Transfer-Encoding: chunked


{"message":"authentication is null"}

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 588
Connection: close
Date: Mon, 22 Dec 2025 11:19:00 GMT
Last-Modified: Fri, 19 Dec 2025 09:21:14 GMT
ETag: "4edac856ca7ae0fc1f63abdc8df40eac"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 46c3758fe9f61dd7b7147a33bc20d9ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P6
X-Amz-Cf-Id: DLges_pYc6vX15I5Mmn_Y9eubodzLsMmrl5O8E3Ma93JyV-fywQF2A==

Page title: Safe Trade

<!doctype html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <!-- <link rel="icon" type="image/svg+xml" href="/abc.ico" /> -->
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Safe Trade</title>
     <!-- <link rel="stylesheet" href="/node_modules/crif-design-system-bootstrap5/styles/css/fonts/Poppins.css" />  -->
    <script type="module" crossorigin src="./assets/index-DofiyilM.js"></script>
    <link rel="stylesheet" crossorigin href="./assets/index-CVNwRM6O.css">
  </head>
  <body>
    <div id="root"></div>
  </body>
</html>

HTTP/1.1 405 Not Allowed
Server: CloudFront
Date: Mon, 22 Dec 2025 06:25:48 GMT
Content-Length: 2521
Connection: close
x-amzn-waf-action: captcha
Cache-Control: no-store, max-age=0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: OPTIONS,GET,POST
Access-Control-Expose-Headers: x-amzn-waf-action
X-Cache: Error from cloudfront
Via: 1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P8
X-Amz-Cf-Id: l1XH3cjf32J2SxWe_Dy9PcAgdJkFPA6yUCf89YtvCRvb1WYbtdmriw==

Page title: Human Verification

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Human Verification</title>
    <style>
        body {
            font-family: "Arial";
        }
    </style>
    <script type="text/javascript">
    window.awsWafCookieDomainList = [];
    window.gokuProps = {
"key":"AQIDAHjcYu/GjX+QlghicBgQ/7bFaQZ+m5FKCMDnO+vTbNg96AH3LnuSRS5fsDUdjWjdt2DeAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM0ng5HDE5K1MwF7LWAgEQgDsTm4cKMSpdPCuvDpgFMgKLOnh1l0BAiOVdpKBw9+M70N0ocmVuVuQ6A2sQbOM2FwOuy09YZAixOsd6Ow==",
          "iv":"EkQrKQGB7gAACbb/",
          "context":"TS2ktCCekC6CVfYyUh2PWjBhBAXET6WUfZ7pOh+IWJozdnHjMUok9MnencHkVx5jutIYKG0rEE92/gRyLud+Jiq8VBxdNDjXkinI0YDAr7McEhOuaujcJo1hvyRuJEQ46gFKpxIqRWT4ImnvvaqlTKY7oipCPTXiEbM/HaDlrFKwCtJ0XosYBUirckxwdEKIM0aFW7dqeI74baQskX2ZR+LK6uE0SRVAxsv5yOWECx9y7g/VyFkIbySBZkwowNRH/lvc5KhSZHWIX9/WBOpcQNPToVIZh7jcbIjwbMaLFSpQ3aUFzFg3a+4cP+rJYBqmeKl6jQQfV7SSYCbonG0n047JeBkVrGPEUKcp48ch+tr1c+rIGb/Fp0QNCpZ7FLlc24ctzMw4UVgTWhO/pnHFElmnggo9fQya/+EsIBm+EkBTPJWi54r7oAq1ui86SUriKDBicAKfXR3qJ+dPy06ixo6sKmoY5PO+hxMZcPdahqT4ol61iyqYu50h2sf4LiIfEVk8wpUDHJ4By7z1XRZSYGR8D8AO5g4+1lzbx2WGVX8Qd23SGPLlmWVdNddFeyc1VsQ6JJ8MomLSxXDexSVneFHB3P2R5ggs45hajNPbV/Rnp9y+/ffRb5ZzWOR5/1JtJGub2MWeCCwfeOA+bqCvnJO7LMYB2Z2rOjhgLoFiPQhvEtgKzydcUBOqCZG2dSp5SJbm5Kwa5MTgJR1qFsK/fIXpBJcKH6sG6A2RPdFxty0nf6NDKFV3tTP83VLOoVnUmqoontjARLS+DYQ9yQ=="
};
    </script>
    <script src="https://83e1c8a2a7fe.c99c2121.eu-central-1.token.awswaf.com/83e1c8a2a7fe/b3ec4898eb3f/341b27ccd9c3/challenge.js"></script>
    <script src="https://83e1c8a2a7fe.c99c2121.eu-central-1.captcha.awswaf.com/83e1c8a2a7fe/b3ec4898eb3f/341b27ccd9c3/captcha.js"></script>
</head>
<body>
    <div id="captcha-container"></div>
    <script type="text/javascript">
        AwsWafIntegration.saveReferrer();
        window.addEventListener("load", function() {
          const container = document.querySelector("#captcha-container");
          CaptchaScript.renderCaptcha(container, async (voucher) => {
              await ChallengeScript.submitCaptcha(voucher);
              window.location.reload(true);
          }
      );
    });
    </script>
    <noscript>
        <h1>JavaScript is disabled</h1>
        In order to continue, you need to verify that you're not a robot by solving a CAPTCHA puzzle.
         The CAPTCHA puzzle requires JavaScript. Enable JavaScript and then reload the page.
    </noscript>
</body>
</html>

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 22 Dec 2025 06:25:47 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: https://status.crif.com/
X-Cache: Redirect from cloudfront
Via: 1.1 2146d75cb402f16f98928cb19acf5ff6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P8
X-Amz-Cf-Id: tqjk2i4vfQRccCu2Ii3-udUvWfdp9RZMhbVOveSumgIZvPvxGbQHkA==

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>CloudFront</center>
</body>
</html>

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 22 Dec 2025 06:25:48 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: https://status.crif.com/
X-Cache: Redirect from cloudfront
Via: 1.1 e030504e72fa75d92c1856a58b964932.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P8
X-Amz-Cf-Id: V7p4SZRl4uSLMrVpk7DFvmpdrtYglB9YJheccRb9QoclymxGosHfrg==

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>CloudFront</center>
</body>
</html>

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 22 Dec 2025 06:25:48 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: https://status.crif.com/
X-Cache: Redirect from cloudfront
Via: 1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P8
X-Amz-Cf-Id: vv586zMnVIeOAZsvQbNMdnPUUcPPwCiE6i0VIcM-vXwZscffj5Zpvw==

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>CloudFront</center>
</body>
</html>

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 22 Dec 2025 06:25:47 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: https://status.crif.com/
X-Cache: Redirect from cloudfront
Via: 1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P8
X-Amz-Cf-Id: zFOTMuxfx3FscaRTx9f1RDkPqMSgusSxK9oTIdyYFQ2bYXTlpXbyKA==

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>CloudFront</center>
</body>
</html>

HTTP/1.1 405 Not Allowed
Server: CloudFront
Date: Mon, 22 Dec 2025 06:25:47 GMT
Content-Length: 2521
Connection: close
x-amzn-waf-action: captcha
Cache-Control: no-store, max-age=0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: OPTIONS,GET,POST
Access-Control-Expose-Headers: x-amzn-waf-action
X-Cache: Error from cloudfront
Via: 1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P8
X-Amz-Cf-Id: TWC_vprPqcBt95faWl1NgobCz8KBgd-gsnu7mRmNUKWDUWkYs7Hozw==

Page title: Human Verification

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Human Verification</title>
    <style>
        body {
            font-family: "Arial";
        }
    </style>
    <script type="text/javascript">
    window.awsWafCookieDomainList = [];
    window.gokuProps = {
"key":"AQIDAHjcYu/GjX+QlghicBgQ/7bFaQZ+m5FKCMDnO+vTbNg96AH3LnuSRS5fsDUdjWjdt2DeAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM0ng5HDE5K1MwF7LWAgEQgDsTm4cKMSpdPCuvDpgFMgKLOnh1l0BAiOVdpKBw9+M70N0ocmVuVuQ6A2sQbOM2FwOuy09YZAixOsd6Ow==",
          "iv":"EkQrNgCRlwAAAAly",
          "context":"0UG616mgprXe0naPiG7v20lKh83UPod54zJ4wHgGBrFOBf5WwzvC21NoZvutxHH/v7UhNAG0FPxo5zKHyq4hXleOUp7y0poUtFVoqJPV+Q6Vs/ZB4mjECTfh3Boj7TLfbl4D+3ZpPSubpsTe7bsGa3QuMRSR5enamUTN7g6hzDyoFIJLo9VONUFiJFwCI80GgqrhCAo4M+plDo27JdJ+sjgo8hSeY3jMfSO2yfqQ6aj7lzeUD/ue+85WIoVRyL9xeh4LXUBbT1Cn6IbLyrz6du/rxSc4wiMTACMjUhkYNxdNwUduWYyfD35e3k2mKmIcvSvLUPlT5zA0dfC0R52mi7VEDCkfO57gzcS2FHMY0+HgpPce0lUkU9DXHp+0WnUQorJPVxAmxO9vELuXeUANYtuaGrcs9w0azVaCW+R9vHO2nAbKe+IYsOPIV94mAJOZB1PHp+vXo/xabi6GZ/RFMRwq2ozAo57kFJ2WquqERgogO1XTvmT/+FRTB3LY28JAjiyAOq7ffjj10LV886WwldQcDRU3xk0rp+8hoUDQAxGUI3pohyJR5i4FKE8WEvUUR/0mGeH24eYYC3oXZAQjZ+1p7NfmoxQ6QkIa9yCvN2igp8VOe54jjQgg96KSFBpHpbN1a9X/NNjVBCjJ2n0hLaREFFfUDJBgECiUI1gtCxW6QG59wbsRyvhbVcBjZ55anHsdMd5TqZdAFxTGYbXH3KU6Fi23ZJ8pmToaATESSu1Ltf1WdKVfFDhpuXdPxvuskdqcyJ2p8en4ebf4Og=="
};
    </script>
    <script src="https://83e1c8a2a7fe.c99c2121.eu-central-1.token.awswaf.com/83e1c8a2a7fe/b3ec4898eb3f/341b27ccd9c3/challenge.js"></script>
    <script src="https://83e1c8a2a7fe.c99c2121.eu-central-1.captcha.awswaf.com/83e1c8a2a7fe/b3ec4898eb3f/341b27ccd9c3/captcha.js"></script>
</head>
<body>
    <div id="captcha-container"></div>
    <script type="text/javascript">
        AwsWafIntegration.saveReferrer();
        window.addEventListener("load", function() {
          const container = document.querySelector("#captcha-container");
          CaptchaScript.renderCaptcha(container, async (voucher) => {
              await ChallengeScript.submitCaptcha(voucher);
              window.location.reload(true);
          }
      );
    });
    </script>
    <noscript>
        <h1>JavaScript is disabled</h1>
        In order to continue, you need to verify that you're not a robot by solving a CAPTCHA puzzle.
         The CAPTCHA puzzle requires JavaScript. Enable JavaScript and then reload the page.
    </noscript>
</body>
</html>

HTTP/1.1 405 Not Allowed
Server: CloudFront
Date: Mon, 22 Dec 2025 06:25:48 GMT
Content-Length: 2521
Connection: close
x-amzn-waf-action: captcha
Cache-Control: no-store, max-age=0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: OPTIONS,GET,POST
Access-Control-Expose-Headers: x-amzn-waf-action
X-Cache: Error from cloudfront
Via: 1.1 9eb1733bea847c3a8f4910adebcc8146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P8
X-Amz-Cf-Id: 5WY7yLm1KHvIoGgZ8q8w9fy82eh2Dgz9WsBie1okAQml10_tQIGBqQ==

Page title: Human Verification

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Human Verification</title>
    <style>
        body {
            font-family: "Arial";
        }
    </style>
    <script type="text/javascript">
    window.awsWafCookieDomainList = [];
    window.gokuProps = {
"key":"AQIDAHjcYu/GjX+QlghicBgQ/7bFaQZ+m5FKCMDnO+vTbNg96AH3LnuSRS5fsDUdjWjdt2DeAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM0ng5HDE5K1MwF7LWAgEQgDsTm4cKMSpdPCuvDpgFMgKLOnh1l0BAiOVdpKBw9+M70N0ocmVuVuQ6A2sQbOM2FwOuy09YZAixOsd6Ow==",
          "iv":"EkQrMAAKHwAAClab",
          "context":"pR/DvHZygSl43S5IA+i97ki1uD0YpK9rktivDH4U44LZp06W2geKJpGuTYBeT6nTbHRsNkAA8Wzc1QkFbDreb0Cb+IXCd17MitidheuKJbiCCCDpNiMH3WpZ/QzRsdrx9oj3Foj5RjV2aYEhLe55pyeGnZzu55V+Lqaib0GjsAh2Op61/SHSfhG+RXD1YdCsHty5VJlfdJV3eyXLmrY4LiYsfkXsL4AUcj9IB2DuLPOT5LlIisP62dOmHb4LqK9Myfxq5m1WgT+BdoXmoany2S9XzQO3Q5GgRKVo8Cv+wFGIz5jurys+MFGqV+hFEv1N1WM4A6PfmLhcPcdh8V5Kwb6+TkmrrVj74OmTRNKcYVJk5cFv7CNocMy2v7qQPlwTojpFa9V1jYeI3jZ7i59TvRwa6ADqsXmAwfZuXMdgrqu++BV9mcqY2rpa2FUEdiraCMYdUfS3GhC2aTKvuAUV7uDVEOKfCyP7txZiTQoNvxtYMi1FrC8t5PxTPykxmCTC3w4swDxye7b2vI/Td9uD1ORmRioirceIDXK8Av3mUFfgQT7fq+3Zpx+bQOVtu9jOsCHx7rS5IL9a2Aq2xKqgmJQRL5+JnZ6D+ZKmAuTfMbyKDYUEBtz6SuacCLpSF3l9ntx4En1aUjOICWqaYK3qmdXQy/unHC6C0JdcHy4woHfv+xfv2DoNRuCAoYDgA73Dn/WSbCTkxpyzC4LXCEbKfaLacX1qk0dFOfy+SMK6E4nJLeOV3jznADUDzVEDdDso26iQWw5KEYYmU2MYCw=="
};
    </script>
    <script src="https://83e1c8a2a7fe.c99c2121.eu-central-1.token.awswaf.com/83e1c8a2a7fe/b3ec4898eb3f/341b27ccd9c3/challenge.js"></script>
    <script src="https://83e1c8a2a7fe.c99c2121.eu-central-1.captcha.awswaf.com/83e1c8a2a7fe/b3ec4898eb3f/341b27ccd9c3/captcha.js"></script>
</head>
<body>
    <div id="captcha-container"></div>
    <script type="text/javascript">
        AwsWafIntegration.saveReferrer();
        window.addEventListener("load", function() {
          const container = document.querySelector("#captcha-container");
          CaptchaScript.renderCaptcha(container, async (voucher) => {
              await ChallengeScript.submitCaptcha(voucher);
              window.location.reload(true);
          }
      );
    });
    </script>
    <noscript>
        <h1>JavaScript is disabled</h1>
        In order to continue, you need to verify that you're not a robot by solving a CAPTCHA puzzle.
         The CAPTCHA puzzle requires JavaScript. Enable JavaScript and then reload the page.
    </noscript>
</body>
</html>

HTTP/1.1 405 Not Allowed
Server: CloudFront
Date: Mon, 22 Dec 2025 06:25:48 GMT
Content-Length: 2521
Connection: close
x-amzn-waf-action: captcha
Cache-Control: no-store, max-age=0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: OPTIONS,GET,POST
Access-Control-Expose-Headers: x-amzn-waf-action
X-Cache: Error from cloudfront
Via: 1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P8
X-Amz-Cf-Id: 59RrLrU9YDkq1ltZFJp3FKrj2mP2B02OFqPCe69ooWA8eYTdgiI_tQ==

Page title: Human Verification

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Human Verification</title>
    <style>
        body {
            font-family: "Arial";
        }
    </style>
    <script type="text/javascript">
    window.awsWafCookieDomainList = [];
    window.gokuProps = {
"key":"AQIDAHjcYu/GjX+QlghicBgQ/7bFaQZ+m5FKCMDnO+vTbNg96AH3LnuSRS5fsDUdjWjdt2DeAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM0ng5HDE5K1MwF7LWAgEQgDsTm4cKMSpdPCuvDpgFMgKLOnh1l0BAiOVdpKBw9+M70N0ocmVuVuQ6A2sQbOM2FwOuy09YZAixOsd6Ow==",
          "iv":"EkQrLACPXQAAAAok",
          "context":"woax1oF/c8r6FL8PWiS4wh+AaAgw/QSD0Ak9fGHcNsAKt7t0hMjukOkVinh9AsLD9grSeteMhGMMB4ZLnHATkajmUVQkAfxxttaca1jDi5PD2Y16Hx+4Rj2nJfHYDIRR+L4vOYeJyiRtvhMEy7a5v6jrMHpda60TmEV1qxfY3ly2giGFYGz60UD+n4gorQa3cuzZuEjvISWfQjOYPzf3wf2OJNLc0lbxqO1wS1ICpDtqYm+7Y4d7lArikDwWntVXFpInNuqaF2KnR0bknptx08HCNoBssyAUWQ+LxYMZdWHhjFT33UYEvvgd2Rlml/8v2ABiGWk4r7svfH1xwgx4Lodn99AklHT/A6mHq6/v2mreN6qCsL8iRhtMnakP+J4PzhxnRYgpP+SDpfV63pTZvVN0c7RmsZlNeGJgGBTPBEU2YqJZTdCAOscAwq4wel+hmw5EDxRX5mDx1g5lo/5BEbDYcIe6QBUfJZUVWxBUp8zzlZQGuK+R1gnkITJv41Jnj5irTqSeYyQZ5/ik7U1kjJLVRPRCxHlxKSd0foxsM1NPmFvFP33hGoz9yotbNHr05hvey/tIVVrEhtSytqvwn5HTBnq+yyUKvmOPJuMJC7x+4XyngW5CGNpKamFwCuTNFLuo4x/SShW77grcb5keUK/pQF+Y3vQv/x2UXYRyPj2BsOWaeFYDdad2LlxIlIR7Chx2QmhIPeU9G/G4P3LjZbST4k7MMa8e7R/694w9JQUHLgQZSy5UfSC22NMxfx4HTwk64sMPO4GAaSXClg=="
};
    </script>
    <script src="https://83e1c8a2a7fe.c99c2121.eu-central-1.token.awswaf.com/83e1c8a2a7fe/b3ec4898eb3f/341b27ccd9c3/challenge.js"></script>
    <script src="https://83e1c8a2a7fe.c99c2121.eu-central-1.captcha.awswaf.com/83e1c8a2a7fe/b3ec4898eb3f/341b27ccd9c3/captcha.js"></script>
</head>
<body>
    <div id="captcha-container"></div>
    <script type="text/javascript">
        AwsWafIntegration.saveReferrer();
        window.addEventListener("load", function() {
          const container = document.querySelector("#captcha-container");
          CaptchaScript.renderCaptcha(container, async (voucher) => {
              await ChallengeScript.submitCaptcha(voucher);
              window.location.reload(true);
          }
      );
    });
    </script>
    <noscript>
        <h1>JavaScript is disabled</h1>
        In order to continue, you need to verify that you're not a robot by solving a CAPTCHA puzzle.
         The CAPTCHA puzzle requires JavaScript. Enable JavaScript and then reload the page.
    </noscript>
</body>
</html>

HTTP/1.1 200 OK
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-eval' https://*.usercentrics.eu https://crif.matomo.cloud https://browser-update.org https://maps.googleapis.com https://*.productfruits.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://*.typekit.net https://*.googleapis.com https://*.productfruits.com ; font-src 'self' https://*.typekit.net https://*.googleapis.com https://fonts.gstatic.com; connect-src 'self' https://*.usercentrics.eu https://*.googleapis.com https://*.matomo.cloud https://*.productfruits.com wss://ws2.productfruits.com; img-src 'self' data: https://*.usercentrics.eu https://*.googleapis.com https://*.gstatic.com https://cdn-assets.productfruits.com; object-src 'none'; form-action 'none'; frame-src 'self' https://www.youtube.com https://youtu.be https://www.google.com
cache-control: no-cache
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 20 Dec 2025 21:55:10 GMT
accept-ranges: bytes
etag: "691b2ccc-832"
X-Content-Type-Options: nosniff
Connection: close
set-cookie: d1f6c455fc7ed436dd123eb1f606651c=51d62348379db8ede66f5b9a0e8a3542; path=/; HttpOnly
last-modified: Mon, 17 Nov 2025 14:10:20 GMT
Referrer-Policy: strict-origin-when-cross-origin
content-length: 2098
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()

Page title: Margò

<!doctype html>
<html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <link rel="shortcut icon" href="/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
    <meta name="theme-color" content="#000000" />
    <!--
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
    <link rel="manifest" href="/manifest.json" />
    <link href="https://use.typekit.net/ggi0wff.css" rel="stylesheet" crossorigin="anonymous" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
      Only files inside the `public` folder can be referenced from the HTML.

      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
      work correctly both with client-side routing and a non-root public URL.
      Learn how to configure a non-root public URL by running `npm run build`.
    -->
    <title>Margò</title>
    <meta http-equiv="X-XSS-Protection" content="1; mode=block" />
    <meta http-equiv="X-Content-Type-Options" content="nosniff" />
    <add name="X-Frame-Options" value="SAMEORIGIN" />
    <script type="module" crossorigin src="/assets/index-BoV9ocYN.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-B-vXrW_w.css">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root"></div>

    <!--
      This HTML file is a template.
      If you open it directly in the browser, you will see an empty page.

      You can add webfonts, meta tags, or analytics to this file.
      The build step will place the bundled scripts into the <body> tag.

      To begin the development, run `npm start` or `yarn start`.
      To create a production bundle, use `npm run build` or `yarn build`.
    -->
  </body>
</html>