urlscan.io logo urlscan.io
SecurityTrails logo

app.qonto.com Open in urlscan Pro
2600:9000:225e:2600:0:7942:c340:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6...
Effective URL: https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Submission: On September 04 via api from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 45 HTTP transactions. The main IP is 2600:9000:225e:2600:0:7942:c340:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.qonto.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 26th 2023. Valid for: a year.
This is the only time app.qonto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:223f:2e00:1b:92cd:8400:93a1 (United States)

ASN16509 (AMAZON-02, US)
email.qonto.com
21    2600:9000:225e:2600:0:7942:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.qonto.com
3    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
8    104.18.11.238 (None, )

ASN13335 (CLOUDFLARENET, US)
api.qonto.com
1    13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net
widget.intercom.io
3    2a00:1450:4001:82b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    104.102.23.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-23-137.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
3    2600:9000:20b4:7600:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
2    18.66.147.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-5.fra60.r.cloudfront.net
js.intercomcdn.com
1    52.219.169.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
qonto-assets.s3.eu-central-1.amazonaws.com
1    2a00:1450:4001:82a::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
30 qonto.com
email.qonto.com
app.qonto.com
api.qonto.com — Cisco Umbrella Rank: 971213
2 MB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6508
150 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 34
116 KB
3 sentry.io
sentry.io — Cisco Umbrella Rank: 177
443 B
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2393
220 KB
1 gstatic.com
fonts.gstatic.com
27 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 595
1 amazonaws.com
qonto-assets.s3.eu-central-1.amazonaws.com
10 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3561
17 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1849
3 KB
45 10
Domain Requested by
21 app.qonto.com app.qonto.com
8 api.qonto.com app.qonto.com
3 sdk.privacy-center.org app.qonto.com
sdk.privacy-center.org
3 accounts.google.com app.qonto.com
accounts.google.com
3 sentry.io app.qonto.com
2 js.intercomcdn.com widget.intercom.io
1 fonts.gstatic.com app.qonto.com
1 csp.withgoogle.com app.qonto.com
1 qonto-assets.s3.eu-central-1.amazonaws.com app.qonto.com
1 appleid.cdn-apple.com app.qonto.com
1 widget.intercom.io app.qonto.com
1 email.qonto.com 1 redirects
45 12

This site contains links to these domains. Also see Links.

Domain
qonto.com
welcome.qonto.com
Subject Issuer Validity Valid
*.qonto.com
Amazon RSA 2048 M02		 2023-04-26 -
2024-05-24		 a year crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2024-09-07		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2023-05-03 -
2023-10-29		 6 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-29		 a year crt.sh
*.s3.eu-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2024-01-14		 9 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Frame ID: 0FFB2BBB93163218FB85AD97703F31D7
Requests: 36 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.1de18075.js
Frame ID: A150E39C0EDEF7B84F73DB1532C30B08
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=continue_with&shape=square&logo_alignment=center&width=350&client_id=528595174513-3lfm8f4bi5190vtqdhqgfr89qbjfougu.apps.googleusercontent.com&iframe_id=gsi_950230_43794&as=uyG8ilf7c5kfY5ooDzCDAQ&hl=en
Frame ID: 11A1F9B3F1D76E3373EC6F58EA5AB83B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qonto

Page URL History Show full URLs

  1. https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0i... HTTP 302
    https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug... Page URL
  2. https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js

Page Statistics

45
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

2649 kB
Transfer

13862 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6Ly9hcHAucW9udG8uY29tL2RldGVjdGFwcC5odG1sP2FwcFVybD1kZWVwbGlua3MlM0ZhY3Rpb24lM0RyZWZlcnJhbC5zaG93JTI2b3JnYW5pemF0aW9uX3NsdWclM0RsZXNlY3EtYXVyb3JlLTI5MjYiLCJpbnRlcm5hbCI6ImQ3ZGIwNTE1ZjM2MGU0OWEyNyIsImxpbmtfaWQiOjI1Mn0/3dd9637a5f9aead5eaa8cfeef437cca9f5cadd36408c74741d38e711aa32b65e HTTP 302
    https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926 Page URL
  2. https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6Ly9hcHAucW9udG8uY29tL2RldGVjdGFwcC5odG1sP2FwcFVybD1kZWVwbGlua3MlM0ZhY3Rpb24lM0RyZWZlcnJhbC5zaG93JTI2b3JnYW5pemF0aW9uX3NsdWclM0RsZXNlY3EtYXVyb3JlLTI5MjYiLCJpbnRlcm5hbCI6ImQ3ZGIwNTE1ZjM2MGU0OWEyNyIsImxpbmtfaWQiOjI1Mn0/3dd9637a5f9aead5eaa8cfeef437cca9f5cadd36408c74741d38e711aa32b65e HTTP 302
  • https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
detectapp.html
app.qonto.com/
Redirect Chain
  • https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6Ly9hcHAucW9udG8uY29tL2RldGVjdGFwcC5odG1sP2FwcFVybD1kZWVwbGlua3MlM0ZhY3Rpb24lM...
  • https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
716 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2ed03089377d17c425b4036eba9716a30bdde90b38ae3a4a1171e5d1efa03d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
716
content-security-policy
frame-ancestors 'none'
content-type
text/html
date
Mon, 04 Sep 2023 15:55:48 GMT
etag
"0009a3c55bd7b5abfc64b54fdbf006a5"
last-modified
Mon, 04 Sep 2023 15:35:55 GMT
server
AmazonS3
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-id
yfFY4eBxpGJm9xx4OYXA9MydFcscZW8MzvlEEpxJxb-KmIumuQ14Vg==
x-amz-cf-pop
FRA60-P4
x-amz-id-2
UbK9UEYWEKwh5c6eIuYU54XkiF+9PGwgp3wJ1nqPNieePF8FIODT7bm5Q2N2sBeI5GvtRJdj3Q4=
x-amz-request-id
9SSPG3BVTKX2SHM9
x-amz-server-side-encryption
AES256
x-amz-version-id
hSdsc2w7wE8d6tjNday.Ua1LCVsznFS3
x-cache
Miss from cloudfront

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
date
Mon, 04 Sep 2023 15:55:47 GMT
location
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
via
1.1 google, 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-id
rww_1Ug7Uj7aPfdt8UVSLDbUPGJ2d2eV46CrWlwAH7E3XcWvKiuL2Q==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
chunk.7085c0573e3aa58e364e.js
app.qonto.com/assets/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.7085c0573e3aa58e364e.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
219fb6cae6f5c1cedcb80148e240632646803354f644a2a55eb08cf5334b671f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
iD.mzeVKWUmAYRuDKSqnJ945oc208E9L
content-encoding
br
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
date
Tue, 29 Aug 2023 22:42:30 GMT
last-modified
Tue, 15 Aug 2023 16:22:18 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
494621
x-amz-server-side-encryption
AES256
etag
W/"24382005caab74b3a595955647edaf67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
H5Gj3bQNRVXi-Pm_kSMDtDvRU4bQgP6m4uZZ2dEA65jZmEDXjd9Zlg==
detectapp.b7da05d43c8b5148a6798b62b4b28110.css
app.qonto.com/ 		1 KB
914 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/detectapp.b7da05d43c8b5148a6798b62b4b28110.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f113d06a10439a44df2fab3ed14628b4443ddf10e4de8c9e96a0ca720f4f4af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
dNtMzNUCc1DtS.Gw53QoMkh9_KeyUNLV
content-encoding
br
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
date
Mon, 04 Sep 2023 15:55:13 GMT
last-modified
Mon, 28 Aug 2023 14:03:27 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
34
x-amz-server-side-encryption
AES256
etag
W/"b7da05d43c8b5148a6798b62b4b28110"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
uGdEREzfd5XubSkc71cwifVJuDz2HvNAfM3UhLysDuYYtBfF7SMwuw==
qonto-logo.svg
app.qonto.com/illustrations/app/ 		734 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.qonto.com/illustrations/app/qonto-logo.svg
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9d4c75a96068797accfa9976836988ff6cc9c848761dae72ae2875cc81b3810
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
t7EqmLboKGVRrE8Pu5zN9vuzgcUq2nTb
date
Sat, 02 Sep 2023 07:00:20 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
375188
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
734
last-modified
Fri, 18 Aug 2023 16:36:42 GMT
server
AmazonS3
etag
"35b31ae0bb9ec6d7240ee58ec494c4bc"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
UxS4QdA5FqMLdmyuE4o2WDwPVSm3cEMk0qrSDQD5oauAd9Q-9EjkOg==
external-link-alt.svg
app.qonto.com/icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.qonto.com/icon/external-link-alt.svg
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
CaDrp4KCWkzOOCbkFcZZyRaMKNZtR77y
content-encoding
gzip
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
date
Tue, 29 Aug 2023 05:30:43 GMT
last-modified
Mon, 21 Aug 2023 15:45:20 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
555965
x-amz-server-side-encryption
AES256
etag
W/"a1084858db19e2c456b57fcbb8bc3afb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
iv-ZqIy1YCs4tciCQzO7ARK-ZAi3baHpMkhyoV0NILUDOJTlA8QcGw==
Primary Request deeplinks
app.qonto.com/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.7085c0573e3aa58e364e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
552dccf08ec2b65c2ff7002850fb9893b0bc8d087841aa88a9672aa4ad9583be
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
7910
content-security-policy
frame-ancestors 'none'
content-type
text/html
date
Mon, 04 Sep 2023 15:55:48 GMT
etag
"9bccfbc843ffa275e0699a7df22a97e4"
last-modified
Mon, 04 Sep 2023 15:35:55 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-id
b7jPIFjDOsxJ8s5aMjzywfDhAUCulpPEUQHA_Rl35iX1x2uFN-Qhsg==
x-amz-cf-pop
FRA60-P4
x-amz-id-2
2LCF61rz5lthVnbbbOYYxNdNMxnrHVheY12HLD90tHKxjHauTkNu3FF7XNz4xm1gq8jZsVfgRaw=
x-amz-request-id
9SSSBW48C335SQ42
x-amz-server-side-encryption
AES256
x-amz-version-id
aqFq1kFrV4YDhJYcG3ssNAdGv0G9cS7l
x-cache
Error from cloudfront
polysans-neutral.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-neutral.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbe7ffb622175ae830af0bbe0d29673470fe728f9df47fb850094ebfbf930cf3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
a4Pj1e8hhF88ZBspQvv_iMtskHBywZSQ
date
Mon, 04 Sep 2023 15:55:23 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
26
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25484
last-modified
Thu, 10 Aug 2023 07:57:33 GMT
server
AmazonS3
etag
"a19c4c179b08653db697a55d8b218512"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
xZqBKqUk-wWzgQF_3tpIrHbpwIzT5SL1xO69iCvS1uRjHgqk90VwhQ==
polysans-median.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-median.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
692f6f15f66235cf41b8646d5d75b9f609028832e0ad9f569483819d2694e655
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
U.uQQojltGqWpwslfYWx3BCRXrUb.6pc
date
Mon, 04 Sep 2023 15:55:47 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26516
last-modified
Thu, 10 Aug 2023 16:04:25 GMT
server
AmazonS3
etag
"f41f8b7109964b649e2e6c028eda3144"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
8oAL8DXAEnlaUkzf7CJYMH2tWJBjxSbBEMVMkBE06IpSVVoEFsurgg==
polysans-slim.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-slim.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f23e103734fedf6e937f8cefe3598bb7a9d65989e96664ec85a03c3e5c81c213
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
UrnzYc196CUdm0rVHgPPAO8pV_UQR3tX
date
Mon, 04 Sep 2023 15:55:23 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
26
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25428
last-modified
Fri, 11 Aug 2023 16:02:30 GMT
server
AmazonS3
etag
"130f1af8644734f23dd97252d3db7b11"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
KCxTK6gd1GJhfZrY6G7xslWEOO-9And-2Ve11VXaC0VF8EFhxXj2uQ==
vendor.58b2be94723e4ebfc91ca768d34cc00b.css
app.qonto.com/assets/ 		160 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/vendor.58b2be94723e4ebfc91ca768d34cc00b.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81ff11fd1f4acd5527fbedf0e9dfe3f9504b0230f4f66d5ddab563c6baeb0fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 06:14:56 GMT
x-amz-version-id
wl3.PgA_Zlf5wuhySoV2NXgixTXvz7Yq
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Thu, 31 Aug 2023 06:14:39 GMT
server
AmazonS3
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"58b2be94723e4ebfc91ca768d34cc00b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
380452
x-amz-cf-id
9BA_Edg8T9iN8ja0yTKqTHZcvtH7YEaEbqqWI0v7WgKlC8oxjX4hTg==
qonto.35f4a0943d168c97984c83ec24b77fcc.css
app.qonto.com/assets/ 		377 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/qonto.35f4a0943d168c97984c83ec24b77fcc.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8871013838a023166bfa385e5106487ee8d964e3fbaaf58d137411b78c7c13d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:35:56 GMT
x-amz-version-id
JnA03huVx87B7O21FilPHOIiQOLF6.lJ
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Mon, 04 Sep 2023 15:35:40 GMT
server
AmazonS3
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"35f4a0943d168c97984c83ec24b77fcc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
1192
x-amz-cf-id
nXxkBBCKCWaZAlbZ4DhKqut1OKUQGE0V31-FTSUFIpQRay5V1ZdgzQ==
chunk.bfcef5357bff1203b98b.css
app.qonto.com/assets/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.bfcef5357bff1203b98b.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e05ee9917a2953ed573f55fc3bb5145b2a77c5d815e82e145fa095d10b1933d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:07:38 GMT
x-amz-version-id
gnzKP869cAfoedXud_EVIsA78QwyC6Tf
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Mon, 04 Sep 2023 15:07:11 GMT
server
AmazonS3
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"36bd6cf83e8177f73f17dbb065d8ce2a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
2890
x-amz-cf-id
aifPlqL8oE59oeTcAHeK0CeDfJCHZYtqD-v5Lp0J164WbMgsFWxFJg==
vendor.3330d5cea76b9c29b86877969b2803d6.js
app.qonto.com/assets/ 		543 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/vendor.3330d5cea76b9c29b86877969b2803d6.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dea3380a2bb70f3adf1e985da92fead733ded524ce08841914cae229475f645
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
.Zh0WJXMTpMKso2WhcPq8MOR8T3pLgUp
content-encoding
br
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
date
Sat, 02 Sep 2023 00:27:54 GMT
last-modified
Fri, 25 Aug 2023 17:00:39 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
228516
x-amz-server-side-encryption
AES256
etag
W/"3330d5cea76b9c29b86877969b2803d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
gSblMY_gZRIHlk43fBeK-8-lREHg7LgOIa3qvTg4yG2vfg-q7LFEsA==
chunk.911caafb2bfe52870bec.js
app.qonto.com/assets/ 		2 MB
536 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.911caafb2bfe52870bec.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
433479c270ee823190a8cd48e7ab16cb6cdebb0abfb031889b00939127214707
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:07:38 GMT
x-amz-version-id
P9mgs5VJooXYtJ_xnzyUykGFjp4nUz4e
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Mon, 04 Sep 2023 15:07:10 GMT
server
AmazonS3
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"03c90d6a3ec8d2b25ad13aaefcaa42da"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
2890
x-amz-cf-id
LvL7YLXHqRBPWbH80xFWLyWR5mXs3tgS6OEFMKz2WjOo9X3HT7XlwQ==
chunk.31f17e82e8f90f9aa6c4.js
app.qonto.com/assets/ 		7 MB
912 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.31f17e82e8f90f9aa6c4.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=referral.show&organization_slug=lesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de6f21a418c764885e15dc9e4a8c08338e0e32d712ac41ab32f6d82ad0e03ba5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:35:56 GMT
x-amz-version-id
2cCkb_Lim_X.ZicM3aXxzI5598E54jU1
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Mon, 04 Sep 2023 15:35:27 GMT
server
AmazonS3
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"07cc423877a13437dec44788b8cc4fb6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
1192
x-amz-cf-id
l1QX9geMOzQkdarU_pwTLyYW-Lu0hEXgq7gNH5DNe98pbxDqbUe7Xw==
/
sentry.io/api/160009/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.911caafb2bfe52870bec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 15:55:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/goals/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Launchdarkly-User-Agent
access-control-allow-methods
GET
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
80176b3e6eb1216b-MAD
content-length
0
date
Mon, 04 Sep 2023 15:55:48 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
r0qk2mbw
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/r0qk2mbw
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/vendor.3330d5cea76b9c29b86877969b2803d6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-49.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
681b835e370d09ca1c52c96c97fb800324d10aaea5db3488ac44727794be84fa

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:35:46 GMT
content-encoding
gzip
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-version-id
95CILOohW8Pe3ZUERZLFvioULnBA3Nwf
x-amz-cf-pop
FRA2-C1
age
1203
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2704
last-modified
Mon, 04 Sep 2023 15:35:44 GMT
server
AmazonS3
etag
"dd98fe5215d105abc1f55bc65380c4a4"
vary
Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
evT4WGYx6Ei-R2GTwNGWVk9R-fKuIZW1is1HeN_6Zsegqbrsntc3ig==
chunk.856.96cf93a695a8e8b7059f.js
app.qonto.com/assets/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.856.96cf93a695a8e8b7059f.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.31f17e82e8f90f9aa6c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56dad9307dfeb7810dd3f63d33b036804f419b7a7401b85166b9ccf16fcdead2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
AlVxYJd31fS_me32dpPJO8xguiSHqUWK
content-encoding
gzip
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
date
Fri, 01 Sep 2023 23:14:08 GMT
last-modified
Thu, 17 Aug 2023 09:25:53 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
232987
x-amz-server-side-encryption
AES256
etag
W/"b02aefd5e278e24a982d1020acd1c2df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
WQPRCHknxXTRFG8tMKuvXc84DApsOEyMtXaaref6zeWpF8bIKkGo0A==
chunk.257.94897c28d0afb9840fd9.js
app.qonto.com/assets/ 		245 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.257.94897c28d0afb9840fd9.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.31f17e82e8f90f9aa6c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f126281035207e19c5665cd472b2c44997f9548802e945c3f3d3ec4a2e1202f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
WksaXpLbHvR2z1FJc2qy92EGpt2I9pGH
content-encoding
gzip
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
date
Sat, 02 Sep 2023 01:59:58 GMT
last-modified
Fri, 25 Aug 2023 17:00:24 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
329134
x-amz-server-side-encryption
AES256
etag
W/"d519fe8a966a2cf8d772f47a9988266e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
x8e4j90931PWDfQqzyD-lSe3vPcf7iEISsSg2jvldyzQj_maU4WBoQ==
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/sdk/goals/ 		2 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/goals/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.911caafb2bfe52870bec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:55:49 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-par-lfpg1960045-PAR
server
cloudflare
x-timer
S1693842949.981920,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
x-varied-accept-encoding
gzip
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
cache-control
max-age=0
access-control-allow-credentials
true
x-ratelimit-reset
0
vary
Origin, Accept-Encoding
x-ratelimit-limit
0
accept-ranges
bytes
cf-ray
80176b3efff6216b-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
x-ratelimit-remaining
0
x-cache-hits
6332
chunk.asset-manifest.6c35e79a27b5139cd0aa.js
app.qonto.com/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.asset-manifest.6c35e79a27b5139cd0aa.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.31f17e82e8f90f9aa6c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea38258f65d0df7ab2f74f68ed6d9eed47fb936901d3c18b335ab934713477da
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:35:56 GMT
x-amz-version-id
vbarS_h.fyxW.Z9RUwFNQqSpFcvNQfh4
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Mon, 04 Sep 2023 15:35:32 GMT
server
AmazonS3
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"ea0d538fa997c35d11c1e7048a7a729d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
1193
x-amz-cf-id
bfoDmJXBmuK76JPHt1_2NehXkNNm42Xv9C4is-RyoW9qAEZXITLpgg==
chunk.locale.en-json.bb96850666cc89d18d57.js
app.qonto.com/assets/ 		483 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.locale.en-json.bb96850666cc89d18d57.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.31f17e82e8f90f9aa6c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
631a463e7344ff248dcec8d50027eb25ed0f9c9a76e538b78dab9c6f94bdb4e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:35:57 GMT
x-amz-version-id
XZ07dC4rM7OSPK_NeSgzzIs4H2rsiv7E
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Mon, 04 Sep 2023 15:35:34 GMT
server
AmazonS3
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"b39f53a561860eeece6e8a6977fea615"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
1192
x-amz-cf-id
N3i9BUR-uRNPt74xHeRO2ewKXJ7QoDblvHsT3utDD2IztB2tIz54_w==
eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.911caafb2bfe52870bec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2dbbceab90658d3b9de2730017ce2240398d97cebd5b1d2771dbdfe6c370d3
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:55:48 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
vary
Origin
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
80176b3efffe216b-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
x-ratelimit-remaining
0
eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Launchdarkly-User-Agent
access-control-allow-methods
GET
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
80176b3e6eb3216b-MAD
content-length
0
date
Mon, 04 Sep 2023 15:55:48 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
sentry.io/api/160009/envelope/ 		2 B
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.911caafb2bfe52870bec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 15:55:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
sentry.io/api/160009/envelope/ 		2 B
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.911caafb2bfe52870bec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 15:55:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
2
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
client
accounts.google.com/gsi/ 		194 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.31f17e82e8f90f9aa6c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2abf1d6db8a2a60dd7249a72decb61f8590abb1edbbcaa57991e49c49534d698
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-6oiPEyE_DN2EcYNLlZlcCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:55:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-6oiPEyE_DN2EcYNLlZlcCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 04 Sep 2023 15:55:49 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.31f17e82e8f90f9aa6c4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.23.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-23-137.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Mon, 04 Sep 2023 15:55:49 GMT
Last-Modified
Fri, 25 Aug 2023 00:22:32 GMT
Server
Apple
ETag
W/"43171-1692922952982"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
loader.js
sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/loader.js?target_type=notice&target=DCLrVU69
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.31f17e82e8f90f9aa6c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:7600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ba67a971462f1c9f88b216baf881d30e757815ba7d7249257fd190e79aa1c36e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:14:19 GMT
content-encoding
gzip
x-didomi-remote-config-metadata
multiReg:false;legacyGlobalGdpr:true
x-didomi-remote-config-source
Lambda
via
1.1 eb78cbb81a4ab555c78ae1168deff6e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P4
age
2490
etag
"e9eff8e9e3876f55a43606589ef2967f"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
10774
x-amz-cf-id
xY9luJUTiUkw80REojA7KoBGhIX5CPweCAPF-DNGuORAfC1E1i8QlA==
chunk.981.4f9c80f39cbc5e3f952f.js
app.qonto.com/assets/ 		289 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.981.4f9c80f39cbc5e3f952f.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.31f17e82e8f90f9aa6c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
000d79c60a825b427f49f0de80ffb25600dd0c709c6d363045b4ae8e7851939f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
dW1EDilSJOx2CcjvLtVJvNqHt_zKzlel
content-encoding
gzip
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
date
Fri, 01 Sep 2023 13:44:27 GMT
last-modified
Mon, 14 Aug 2023 15:15:05 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
267085
x-amz-server-side-encryption
AES256
etag
W/"c02f1e9e9e63e24c663a5260b486afae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
WEJw_2_TbhaG6bJ7Jzl-8o3Uo2W66qKY1vHr9QmpigRB_iP-CzPH5Q==
frame-modern.1de18075.js
js.intercomcdn.com/ Frame A150 		489 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.1de18075.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r0qk2mbw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b21c8a5510da072dd3bcc1b12d7298a24ebf164da4fae76a9cf1693cb95c094b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:35:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
9LuNWTDIyZRKZqeRpf6lU6SVDhM0BFAM
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
1203
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
139354
last-modified
Mon, 04 Sep 2023 15:34:16 GMT
server
AmazonS3
etag
"c99a562bfbf858c84b820f410edcf6f0"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
GBb2O4JuRGtsbimT8PLv7-bEindwon-KhvOXrjjQU6lfpMmr1q0NYw==
vendor-modern.585e5941.js
js.intercomcdn.com/ Frame A150 		267 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.585e5941.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r0qk2mbw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99755425c264fc16bfc57c97cb1d1fe82b565f7b45c9004a9e4dd975c5851090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
D.pYbUTSIFZ3PNSba3bAU04LwU5Ze4c0
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
date
Mon, 04 Sep 2023 14:45:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
4238
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
84421
last-modified
Wed, 30 Aug 2023 12:42:58 GMT
server
AmazonS3
etag
"4f999761c7f9cbf29f2653b089c41698"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
7yAeykRVMdSLp1KOOaUVl6L487UinHNuUFKmbQVGTCtoPxTqTMPTPw==
first-screen-peach.json
app.qonto.com/lotties/ 		676 KB
57 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/lotties/first-screen-peach.json
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.911caafb2bfe52870bec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4285401243d9d05baebf8b423e1b19e8242f41533b90f92fca3ae659b925394
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
baggage
sentry-environment=production,sentry-release=ff6aabfcfd,sentry-public_key=fa86b669a6ac4c4fa3dfc79ddda2a514,sentry-trace_id=a757697a3cb540bda82a093e0dcb9c29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
sentry-trace
a757697a3cb540bda82a093e0dcb9c29-bbc4fbc0173dceee-0

Response headers

x-amz-version-id
SAXBFFVf57zCyJkdEP_jX3A6DOrvUHmO
content-encoding
gzip
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
date
Mon, 04 Sep 2023 15:55:26 GMT
last-modified
Fri, 18 Aug 2023 16:36:47 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
51
x-amz-server-side-encryption
AES256
etag
W/"7d3e7bcb4cea2428242d2eb1abb14727"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
x-amz-cf-id
KHqkGq7NQ8mysI8DjWguTACPrzNpKOYEokllkMmqE8nFpt1pQmcKHA==
sdk.c62a3c5fce5f8dd60daa9fed140701ce25e7604f.js
sdk.privacy-center.org/sdk/c62a3c5fce5f8dd60daa9fed140701ce25e7604f/modern/ 		352 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/c62a3c5fce5f8dd60daa9fed140701ce25e7604f/modern/sdk.c62a3c5fce5f8dd60daa9fed140701ce25e7604f.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/loader.js?target_type=notice&target=DCLrVU69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:7600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7db8610883574b52f49dd4f06ae97c20371f9fe3f648b6de3c5884114611f21f

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:39:27 GMT
content-encoding
gzip
via
1.1 eb78cbb81a4ab555c78ae1168deff6e2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 14:39:22 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
age
4584
etag
W/"b04e69b36808a94a0557f7e96ecfebc2-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
jLTsN24--DhnmM5efXY97VEBBuFlssfXkE1gqTiITpJsiJWfWhCntA==
ui-gdpr-en-web.c62a3c5fce5f8dd60daa9fed140701ce25e7604f.js
sdk.privacy-center.org/sdk/c62a3c5fce5f8dd60daa9fed140701ce25e7604f/modern/ 		235 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/c62a3c5fce5f8dd60daa9fed140701ce25e7604f/modern/ui-gdpr-en-web.c62a3c5fce5f8dd60daa9fed140701ce25e7604f.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/c62a3c5fce5f8dd60daa9fed140701ce25e7604f/modern/sdk.c62a3c5fce5f8dd60daa9fed140701ce25e7604f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:7600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
464d8fb67d48a1afb705235bded479b46c9d46ca1b2663fc8c18c6e56e9a7356

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:41:00 GMT
content-encoding
gzip
via
1.1 eb78cbb81a4ab555c78ae1168deff6e2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 14:39:23 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
age
4491
etag
W/"0e600e71eea89173c66cf081788a95b4-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
BhISzFkea3_6hGjDh8C_bM3WiLASqVCPO7ydIERgSa_5LZV9RXzjEQ==
style
accounts.google.com/gsi/ 		533 B
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TSVDAyxdYSp7pbSSS3a4XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:55:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-TSVDAyxdYSp7pbSSS3a4XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 04 Sep 2023 15:55:50 GMT
button
accounts.google.com/gsi/ Frame 11A1 		109 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=continue_with&shape=square&logo_alignment=center&width=350&client_id=528595174513-3lfm8f4bi5190vtqdhqgfr89qbjfougu.apps.googleusercontent.com&iframe_id=gsi_950230_43794&as=uyG8ilf7c5kfY5ooDzCDAQ&hl=en
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed72a8fb276489e014fa2254502f5081059ddf4b71d6438a0f3c4f5f4b722a1a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--D_myx9lrL1QPWHMK8cZVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.qonto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--D_myx9lrL1QPWHMK8cZVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 15:55:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
logo_qonto_2022.jpg
qonto-assets.s3.eu-central-1.amazonaws.com/logos/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qonto-assets.s3.eu-central-1.amazonaws.com/logos/logo_qonto_2022.jpg
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/signin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.169.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2bb2a9c3b2a75f82899f568fc6459120a9a120f6cedf235016fea046ce682a23

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:55:51 GMT
x-amz-meta-server-side-encryption
AES256
x-amz-version-id
mzk_qXrLzA_d7o1a.eFYJ1sfmtHXwsO1
Last-Modified
Thu, 17 Feb 2022 13:00:17 GMT
Server
AmazonS3
x-amz-request-id
ZGX03Z597XDD4Z3F
ETag
"8bb168ebf4aee766a9f0d698e195a760"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
x-amz-meta-version-id
Hm_nNe8LPJle6pFLjN_1ZIqj2kUPgbJe
Accept-Ranges
bytes
Content-Length
9718
x-amz-id-2
57oQLRC2C4gpJv1kfiS/9qUZ6W5vV4vLB4yJuR+QQ7BcEFkOkqiVVhXFIPUhHgB/4oHW/73/uYM=
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 11A1 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreferral.show%26organization_slug%3Dlesecq-aurore-2926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers
4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 11A1 		51 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
Origin
https://accounts.google.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27431
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:43:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Sep 2024 04:49:03 GMT
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/diagnostic/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Launchdarkly-User-Agent
access-control-allow-methods
POST
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
80176b490d9c216b-MAD
content-length
0
date
Mon, 04 Sep 2023 15:55:50 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/diagnostic/ 		0
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/diagnostic/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.911caafb2bfe52870bec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 15:55:50 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
300
vary
Origin
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
x-ratelimit-remaining
0
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
80176b49aede216b-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
content-length
0
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/bulk/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/bulk/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.911caafb2bfe52870bec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
X-LaunchDarkly-Payload-ID
866d2e80-4b3b-11ee-b4ba-131e30bba507
X-LaunchDarkly-Event-Schema
4
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 15:55:52 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-length
0
server
cloudflare
x-ratelimit-remaining
0
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
vary
Origin
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
80176b56394d216b-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/bulk/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Launchdarkly-Event-Schema, X-Launchdarkly-Payload-Id, X-Launchdarkly-User-Agent
access-control-allow-methods
POST
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
80176b559fb8216b-MAD
content-length
0
date
Mon, 04 Sep 2023 15:55:52 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| loader function| define function| requireModule function| require function| requirejs boolean| runningTests boolean| preferNative object| EmberENV object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| ProgressBar object| webpackChunkqonto object| __SENTRY__ object| __sentryEmberConfig function| Intercom object| intlTelInputGlobals object| intlTelInputUtils object| __LD__ object| didomiOnReady object| didomiEventListeners object| didomiConfig boolean| gdprAppliesGlobally function| __tcfapi function| __intercomAssignLocation function| __intercomReloadLocation object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| AppleID object| webpackChunkDidomi object| Didomi object| dataLayer object| default_gsi object| google object| closure_lm_158735 object| __G_ID_CLIENT__ object| didomiState object| DidomiSanitizing

3 Cookies

Domain/Path Name / Value
.qonto.com/ Name: deviceId
Value: f9729299-9e90-41df-a571-4ef48daaa4e9
.qonto.com/ Name: ember_simple_auth-session
Value: %7B%22authenticated%22%3A%7B%7D%7D
.qonto.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMThhNjBlODQtODFiMS02YzhmLTgyNGEtZDI5NjA1ZjljOTdjIiwiY3JlYXRlZCI6IjIwMjMtMDktMDRUMTU6NTU6NTAuMjA3WiIsInVwZGF0ZWQiOiIyMDIzLTA5LTA0VDE1OjU1OjUwLjIwN1oiLCJ2ZXJzaW9uIjpudWxsfQ==

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
javascript error URL: https://app.qonto.com/assets/chunk.911caafb2bfe52870bec.js(Line 1)
Message:
Refused to get unsafe header "date"
javascript error URL: https://app.qonto.com/assets/chunk.911caafb2bfe52870bec.js(Line 1)
Message:
Refused to get unsafe header "date"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.qonto.com
app.qonto.com
appleid.cdn-apple.com
csp.withgoogle.com
email.qonto.com
fonts.gstatic.com
js.intercomcdn.com
qonto-assets.s3.eu-central-1.amazonaws.com
sdk.privacy-center.org
sentry.io
widget.intercom.io
104.102.23.137
104.18.11.238
13.224.189.49
18.66.147.5
2600:9000:20b4:7600:5:b7cc:d3c0:93a1
2600:9000:223f:2e00:1b:92cd:8400:93a1
2600:9000:225e:2600:0:7942:c340:93a1
2a00:1450:4001:82a::2011
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200d
35.186.247.156
52.219.169.218
000d79c60a825b427f49f0de80ffb25600dd0c709c6d363045b4ae8e7851939f
0dea3380a2bb70f3adf1e985da92fead733ded524ce08841914cae229475f645
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1f2dbbceab90658d3b9de2730017ce2240398d97cebd5b1d2771dbdfe6c370d3
219fb6cae6f5c1cedcb80148e240632646803354f644a2a55eb08cf5334b671f
2abf1d6db8a2a60dd7249a72decb61f8590abb1edbbcaa57991e49c49534d698
2bb2a9c3b2a75f82899f568fc6459120a9a120f6cedf235016fea046ce682a23
433479c270ee823190a8cd48e7ab16cb6cdebb0abfb031889b00939127214707
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464d8fb67d48a1afb705235bded479b46c9d46ca1b2663fc8c18c6e56e9a7356
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
552dccf08ec2b65c2ff7002850fb9893b0bc8d087841aa88a9672aa4ad9583be
56dad9307dfeb7810dd3f63d33b036804f419b7a7401b85166b9ccf16fcdead2
631a463e7344ff248dcec8d50027eb25ed0f9c9a76e538b78dab9c6f94bdb4e2
681b835e370d09ca1c52c96c97fb800324d10aaea5db3488ac44727794be84fa
692f6f15f66235cf41b8646d5d75b9f609028832e0ad9f569483819d2694e655
7db8610883574b52f49dd4f06ae97c20371f9fe3f648b6de3c5884114611f21f
7f113d06a10439a44df2fab3ed14628b4443ddf10e4de8c9e96a0ca720f4f4af
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
8871013838a023166bfa385e5106487ee8d964e3fbaaf58d137411b78c7c13d7
99755425c264fc16bfc57c97cb1d1fe82b565f7b45c9004a9e4dd975c5851090
b21c8a5510da072dd3bcc1b12d7298a24ebf164da4fae76a9cf1693cb95c094b
ba67a971462f1c9f88b216baf881d30e757815ba7d7249257fd190e79aa1c36e
c81ff11fd1f4acd5527fbedf0e9dfe3f9504b0230f4f66d5ddab563c6baeb0fa
d2ed03089377d17c425b4036eba9716a30bdde90b38ae3a4a1171e5d1efa03d6
dbe7ffb622175ae830af0bbe0d29673470fe728f9df47fb850094ebfbf930cf3
de6f21a418c764885e15dc9e4a8c08338e0e32d712ac41ab32f6d82ad0e03ba5
e05ee9917a2953ed573f55fc3bb5145b2a77c5d815e82e145fa095d10b1933d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4285401243d9d05baebf8b423e1b19e8242f41533b90f92fca3ae659b925394
ea38258f65d0df7ab2f74f68ed6d9eed47fb936901d3c18b335ab934713477da
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ed72a8fb276489e014fa2254502f5081059ddf4b71d6438a0f3c4f5f4b722a1a
f126281035207e19c5665cd472b2c44997f9548802e945c3f3d3ec4a2e1202f7
f23e103734fedf6e937f8cefe3598bb7a9d65989e96664ec85a03c3e5c81c213
f9d4c75a96068797accfa9976836988ff6cc9c848761dae72ae2875cc81b3810