bank-assur.fr Open in urlscan Pro
172.66.0.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bank-assur.fr/
Effective URL:
https://bank-assur.fr/
Submission: On October 08 via api (October 8th 2024, 12:46:27 pm UTC) from LU — Scanned from FR

Summary HTTP 62 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 17 domains to perform 62 HTTP transactions. The main IP is 172.66.0.42, located in United States and belongs to CLOUDFLARENET, US. The main domain is bank-assur.fr.
TLS certificate: Issued by WR1 on September 5th 2024. Valid for: 3 months.

This is the only time bank-assur.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	172.66.0.42 172.66.0.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
12	2606:4700:440... 2606:4700:4400::ac40:9494	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.219.229 172.65.219.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:320... 2a06:98c1:3200::90:3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	104.16.184.241 104.16.184.241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.156.2.23 108.156.2.23	16509 (AMAZON-02) (AMAZON-02)
62	19

25 172.66.0.42 (United States)

ASN13335 (CLOUDFLARENET, US)

bank-assur.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::ac40:9494 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.durable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.durable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.219.229 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3200::90:3 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.184.241 (None, )

ASN13335 (CLOUDFLARENET, US)

ipv4.icanhazip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.2.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-23.mxp63.r.cloudfront.net

static.thenounproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	bank-assur.fr bank-assur.fr	447 KB
12	durable.co cdn.durable.co — Cisco Umbrella Rank: 839797 api.durable.co — Cisco Umbrella Rank: 721223	51 KB
4	gstatic.com fonts.gstatic.com	93 KB
3	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 16099	27 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
2	thenounproject.com static.thenounproject.com — Cisco Umbrella Rank: 58449	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
1	hubspot.com track-eu1.hubspot.com — Cisco Umbrella Rank: 16632	1 KB
1	icanhazip.com ipv4.icanhazip.com — Cisco Umbrella Rank: 11296	343 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
1	usemessages.com js-eu1.usemessages.com — Cisco Umbrella Rank: 35948	26 KB
1	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 26896	25 KB
1	hsadspixel.net js-eu1.hsadspixel.net — Cisco Umbrella Rank: 23208	4 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 16335	25 KB
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 15665	890 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
62	17

	Domain	Requested by
25	bank-assur.fr	bank-assur.fr
8	cdn.durable.co	bank-assur.fr
4	api.durable.co	bank-assur.fr
4	fonts.gstatic.com	fonts.googleapis.com
3	js-eu1.hs-banner.com	js-eu1.hs-scripts.com js-eu1.hs-banner.com
3	fonts.googleapis.com	bank-assur.fr js-eu1.hs-banner.com
2	static.thenounproject.com
2	www.facebook.com	bank-assur.fr
2	connect.facebook.net	bank-assur.fr connect.facebook.net
1	track-eu1.hubspot.com
1	ipv4.icanhazip.com	bank-assur.fr
1	region1.google-analytics.com	www.googletagmanager.com
1	js-eu1.usemessages.com	js-eu1.hs-scripts.com
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	js-eu1.hsadspixel.net	js-eu1.hs-scripts.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hs-scripts.com	bank-assur.fr
1	www.googletagmanager.com	bank-assur.fr
62	18

This site contains links to these domains. Also see Links.

Domain
facebook.com
instagram.com
linkedin.com
tiktok.com

Subject Issuer	Validity	Valid
bank-assur.fr WR1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
cdn.durable.co E6	`2024-09-03` - `2024-12-02`	3 months	crt.sh
hs-scripts.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-17` - `2024-10-15`	3 months	crt.sh
hs-analytics.net WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
hs-banner.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
hsadspixel.net WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
hscollectedforms.net WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
usemessages.com WE1	`2024-10-06` - `2025-01-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.durable.co E6	`2024-09-25` - `2024-12-24`	3 months	crt.sh
icanhazip.com WE1	`2024-08-31` - `2024-11-29`	3 months	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
thenounproject.com Amazon RSA 2048 M03	`2024-02-08` - `2025-03-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bank-assur.fr/
Frame ID: 99BCBEDFA530F95DB96B237B2ACA6493
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🇫🇷 1er réseau Bank et Assur de France

Page URL History Show full URLs

http://bank-assur.fr/ HTTP 307
https://bank-assur.fr/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Zip (Payment processors) Expand

Overall confidence: 100%
Detected patterns

zip\.co

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

62
Requests

100 %
HTTPS

33 %
IPv6

17
Domains

18
Subdomains

19
IPs

3
Countries

887 kB
Transfer

2545 kB
Size

9
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/profile.php?id=61559573249752

Search URL Search Domain Scan URL

URL: https://instagram.com/bankassur.fr1?igsh=MWZua2xxZ2I2a2k2Mg%3D%3D&utm_source=qr

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/bank-assur-fr

Search URL Search Domain Scan URL

URL: https://tiktok.com/@bankassur?is_from_webapp=1&sender_device=pc

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bank-assur.fr/ HTTP 307
https://bank-assur.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bank-assur.fr/
Redirect Chain

http://bank-assur.fr/
https://bank-assur.fr/

61 KB
15 KB

637ms
182ms

Document
text/html

172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

8a419a4aa4b29277f8020d843e0b35b40423bf9a40ab3133f743104825a274e8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8cf63bbade48b8f4-AMS
content-encoding: br
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
date: Tue, 08 Oct 2024 12:46:22 GMT
permissions-policy: fullscreen=*
referrer-policy: origin
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

Location: https://bank-assur.fr/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 152ms
59ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LV5V14ZF82

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c940c06e2262b0cad9d8e4094b561d71cddf73d94c28379f922ad704f601751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 08 Oct 2024 12:46:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109525
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 image
bank-assur.fr/_next/ 29 KB
30 KB 82ms
79ms Image
image/webp 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank-assur.fr/_next/image?url=https%3A%2F%2Fcdn.durable.co%2Fblocks%2F35LFLtuWKY4RhZahGe3yUVGtsxJ0A78wvLjm3VQZFzKhyHglCCNNN0HgEoulUOpK.png&w=1920&q=90

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccbed1faaf00867a47f6814373a715c4127fbb49189db0c6f055a7d225d167d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

cf-cache-status: DYNAMIC
etag: zL7R+q8AhnpH9oFDc6cVxBJ-u0kYnbDG8FWn0iXRZ9k=
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="35LFLtuWKY4RhZahGe3yUVGtsxJ0A78wvLjm3VQZFzKhyHglCCNNN0HgEoulUOpK.webp"
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbc083db8f4-AMS
permissions-policy: fullscreen=*
cross-origin-embedder-policy: unsafe-none
content-length: 30118
x-nextjs-cache: HIT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 8b8fe1547a2d496f.css
bank-assur.fr/_next/static/css/ 75 KB
14 KB 81ms
77ms Stylesheet
text/css 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/css/8b8fe1547a2d496f.css

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc91c024c565b7b7c22c291446e3406cd6b75cc97e988960c542c50ad7bdcb2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"12d37-192544c4ab8"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbc0834b8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 6ad5f70cb56137d7.css
bank-assur.fr/_next/static/css/ 11 KB
2 KB 130ms
126ms Stylesheet
text/css 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/css/6ad5f70cb56137d7.css

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f8546390c488a41f694e4a6377a9f6ab72cc9490451f2f6d36305812072fb38

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"2b2f-19266f52060"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Oct 2024 12:29:53 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbca8ebb8f4-AMS
permissions-policy: fullscreen=*
cross-origin-embedder-policy: unsafe-none
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 6383.0f35b7b0ab4f12c2.js Show response
bank-assur.fr/_next/static/chunks/ 9 KB
3 KB 130ms
127ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/6383.0f35b7b0ab4f12c2.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9b74f3b1733e53998e90f35667f7148e6a6118b404216f5a6a53f3003cc65a4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"258d-19266f52064"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 12:29:53 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbca8edb8f4-AMS
permissions-policy: fullscreen=*
cross-origin-embedder-policy: unsafe-none
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 866.2118f9e639af3dc7.js Show response
bank-assur.fr/_next/static/chunks/ 6 KB
2 KB 88ms
85ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/866.2118f9e639af3dc7.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b33664d617db24c53a87bb694811462be3958629eb952efbb20666aa4a4225

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"17ec-192544c4abc"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbca8f0b8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 3509.2613e2113b0ee162.js Show response
bank-assur.fr/_next/static/chunks/ 12 KB
4 KB 85ms
81ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/3509.2613e2113b0ee162.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61608997b52e17e8a258cd310111dcc12ca60fbd39f2f77e0e21326a3f4dc697

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"31be-192544c4abc"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbca8f4b8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 94726e6d.7f2b3b7a2ac48163.js Show response
bank-assur.fr/_next/static/chunks/ 50 KB
20 KB 100ms
97ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/94726e6d.7f2b3b7a2ac48163.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fd5df8ddb178ec29f88d5ee0ab5d4fdc08206b345a873a300ffad34e48fc37b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"c95a-192544c4ac0"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbca8f5b8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 4715.f9edd631f6d53dab.js Show response
bank-assur.fr/_next/static/chunks/ 19 KB
8 KB 128ms
125ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/4715.f9edd631f6d53dab.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

506eea7c6d866ec0c8f42d78ae169809ad6c059b2191e9aa5c05c7ba4a50f84e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"4bca-192544c4ac0"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbca8f7b8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 925.e9eded1a553c1968.js Show response
bank-assur.fr/_next/static/chunks/ 11 KB
3 KB 129ms
126ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/925.e9eded1a553c1968.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f3267ba80d5879583bff78de8cecd6a1be404d2bdc87e8400df60576d3f028e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"2c43-192544c4abc"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbca8f8b8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 webpack-fefd2bd5227e5e68.js Show response
bank-assur.fr/_next/static/chunks/ 6 KB
3 KB 90ms
87ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/webpack-fefd2bd5227e5e68.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

155c4be15e6e97fb67f7ee09308e36e1640e5dd71aad38754768ab67172dd4e7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"1989-192544c4ab8"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbca8fab8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 framework-d805b48c0466ba30.js Show response
bank-assur.fr/_next/static/chunks/ 127 KB
42 KB 91ms
89ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/framework-d805b48c0466ba30.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb62819483372cbdc1a8c3ecfe97992226ab8481113fb9c5615cce42d484c079

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"1fbd2-192544c4ac0"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbca8fbb8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 main-d23a437884bebb8d.js Show response
bank-assur.fr/_next/static/chunks/ 122 KB
37 KB 128ms
126ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/main-d23a437884bebb8d.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1acc61b82103ea212459000b3b17d6bd28d21d8570861035f9dd29748e1cb351

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"1e749-192544c4ab8"
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=124745
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbca8fcb8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 _app-e4dda47183cac0dc.js Show response
bank-assur.fr/_next/static/chunks/pages/ 71 KB
22 KB 130ms
127ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/pages/_app-e4dda47183cac0dc.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbd5733811de096a626d68b4e272aa51533344104049733ff7f151e00cf9e60a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"11ddb-192544c4ab8"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbcc924b8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 4590-37574b96b82ab0c6.js Show response
bank-assur.fr/_next/static/chunks/ 602 KB
156 KB 143ms
141ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/4590-37574b96b82ab0c6.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5c97ca631e5a28f10edf5a320a869cd0838a732a9c074f83249dc2cbca71fa9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"9678e-192544c4ac0"
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=616334
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbcc928b8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 1942-f16aa213ae5f7dfd.js Show response
bank-assur.fr/_next/static/chunks/ 94 KB
23 KB 131ms
129ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/1942-f16aa213ae5f7dfd.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e343e724490310a6ed0d676253cb58246e8bcf6c8288317b87ea926cbcef5939

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"17963-19266f5206c"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 12:29:53 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbcc92ab8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 %5B%5B...slug%5D%5D-68e3651b391dff0e.js Show response
bank-assur.fr/_next/static/chunks/pages/ 28 KB
8 KB 143ms
141ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/pages/%5B%5B...slug%5D%5D-68e3651b391dff0e.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e646965171901bf0eb7d0a5204e10d8ab881a283f01837666ee2d227a53d3eae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6f72-19266f52060"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 12:29:53 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbcc92db8f4-AMS
permissions-policy: fullscreen=*
cross-origin-embedder-policy: unsafe-none
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 _buildManifest.js Show response
bank-assur.fr/_next/static/wAHJeEohJIixgsec6i0Bk/ 2 KB
862 B 170ms
168ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/wAHJeEohJIixgsec6i0Bk/_buildManifest.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32a6d0fc9a12301ada5a6ffb88517641c0decaa4928fa0a2743052c708943a74

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"7ee-19266f52060"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 12:29:53 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbcc932b8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 _ssgManifest.js Show response
bank-assur.fr/_next/static/wAHJeEohJIixgsec6i0Bk/ 77 B
133 B 130ms
128ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/wAHJeEohJIixgsec6i0Bk/_ssgManifest.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"4d-19266f52060"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 12:29:53 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbcc934b8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 4GLOvpG5SoaqOnLY1Ic5fyRirjQ75Wgp6q9w6SiawygDTzU8mzg23kjqLHrKHgSi.png
cdn.durable.co/blocks/ 6 KB
6 KB 151ms
79ms Image
image/png 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.durable.co/blocks/4GLOvpG5SoaqOnLY1Ic5fyRirjQ75Wgp6q9w6SiawygDTzU8mzg23kjqLHrKHgSi.png

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ea20b69c21a3080b894e2d2a487c475bb04bece462879f14d7224e1a6175ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status: REVALIDATED
etag: "9361db50f4e05470d614554df035d6bd"
date: Tue, 08 Oct 2024 12:46:22 GMT
x-rgw-object-type: Normal
content-type: image/png
last-modified: Sat, 11 May 2024 00:48:04 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: e1386e29-283d-40df-a2a6-b537035cae92
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx000009befb7bd3e5380c5-0066fc98ea-52724838-sfo3a
cf-ray: 8cf63bbd0bc0d120-CDG
accept-ranges: bytes
content-length: 5699
server: cloudflare

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

Content-Type: image/gif

GET
H2 200 267rkzgtBYpMxpwQpse2NfdbvS1itEaUtdfIX4YwvNqrAu2BsNo3hcioWZvf48E6.jpg
cdn.durable.co/blocks/ 11 KB
11 KB 149ms
78ms Image
image/jpeg 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.durable.co/blocks/267rkzgtBYpMxpwQpse2NfdbvS1itEaUtdfIX4YwvNqrAu2BsNo3hcioWZvf48E6.jpg

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b6a64b7d11fdd3c7698bcd097e998680ef78e840057850fd7aca450f3ca81c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: h2pri
etag: "daaf42d3aad855b33ea6f1bfc7f3587d"
cf-cache-status: REVALIDATED
date: Tue, 08 Oct 2024 12:46:22 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
last-modified: Sun, 12 May 2024 20:20:38 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: e1386e29-283d-40df-a2a6-b537035cae92
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx0000076ed33d042166e00-0066f4cba9-5289b483-sfo3a
cf-ray: 8cf63bbd0bc1d120-CDG
accept-ranges: bytes
content-length: 11362
server: cloudflare

GET
H2 200 40PaamMpQavx7kiwVEmN7XyatXs3zk0pk1HpLPe7PxpPNMyYF2q97TuHxk6nCK6n.jpg
cdn.durable.co/blocks/ 24 KB
25 KB 146ms
75ms Image
image/jpeg 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.durable.co/blocks/40PaamMpQavx7kiwVEmN7XyatXs3zk0pk1HpLPe7PxpPNMyYF2q97TuHxk6nCK6n.jpg

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6ebcd1329ba06d9f64cf35b497fb03efb13a8e0b57df93515f3c91f0b6cb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: h2pri
etag: "589c1a6e015671142036bb4c9d003361"
cf-cache-status: REVALIDATED
date: Tue, 08 Oct 2024 12:46:22 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
last-modified: Sun, 12 May 2024 20:23:04 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: e1386e29-283d-40df-a2a6-b537035cae92
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx000001983d4ad55f09e79-0066edca82-5289b3d4-sfo3a
cf-ray: 8cf63bbd0bc2d120-CDG
accept-ranges: bytes
content-length: 24885
server: cloudflare

GET
H2 200 1cliIUUJxReseV6Cf67WCRiDdAxI1nbnHHITW8vcUV0a2rMvcZ4TuPNU9NELAVIz.png
cdn.durable.co/blocks/ 7 KB
7 KB 170ms
99ms Image
image/png 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.durable.co/blocks/1cliIUUJxReseV6Cf67WCRiDdAxI1nbnHHITW8vcUV0a2rMvcZ4TuPNU9NELAVIz.png

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8de7bcf910cc9defa3572b67f1bd864cda69a5c214727fe6b23d511e979388a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status: REVALIDATED
etag: "e32309bb768ec72c0c9d6e40b36c54a6"
date: Tue, 08 Oct 2024 12:46:22 GMT
x-rgw-object-type: Normal
content-type: image/png
last-modified: Sun, 12 May 2024 20:29:29 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: e1386e29-283d-40df-a2a6-b537035cae92
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx0000037f8fbba16c9ae79-0066e728ca-5289b42e-sfo3a
cf-ray: 8cf63bbd0bc5d120-CDG
accept-ranges: bytes
content-length: 7287
server: cloudflare

GET
H2 200 144648425.js Show response
js-eu1.hs-scripts.com/ 2 KB
890 B 97ms
34ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hs-scripts.com/144648425.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0574783729224382cd004ecf343086850ef25fdd1f561c27e56add6043c4128c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

access-control-max-age: 3600
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 2793
x-content-type-options: nosniff
cf-polished: origSize=2538
date: Tue, 08 Oct 2024 12:46:22 GMT
x-hubspot-correlation-id: 8ce4d9e6-2065-4e69-b21c-e7da8dd2105a
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:59:49 GMT
access-control-allow-credentials: true
cf-ray: 8cf63bbcfa100405-CDG
access-control-allow-origin: https://bank-assur.fr
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 149ms
72ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/_next/static/css/8b8fe1547a2d496f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e837688b9ff5f3dc1ec85b214419e153f924d7464df38dcb677f0ede8ef64e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 12:46:22 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 12:46:22 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 82ms
28ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4437, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: +9g7JQEdFE3ly6sN+WT1QQAhAzMS+Lq/j/KlDex2SdsXgxAAmH0ojloWonNesWtSiw8/JVM0Ek0WwMYPUxiSzw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 144648425.js Show response
js-eu1.hs-analytics.net/analytics/1728388500000/ 69 KB
25 KB 147ms
58ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1728388500000/144648425.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144648425.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db84da255c3051dae4a839cfdefd03f1288bf8adfcfd7632f9e326ebee6ecde5

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: d794545f-50f9-48cb-8cc5-e604a1cf4233
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"43d9e886fbfeceea790f8e96f69fb0e7"
expires: Tue, 08 Oct 2024 12:51:22 GMT
x-evy-trace-listener: listener_https
date: Tue, 08 Oct 2024 12:46:22 GMT
x-hubspot-correlation-id: d794545f-50f9-48cb-8cc5-e604a1cf4233
content-type: text/javascript
last-modified: Fri, 04 Oct 2024 18:01:21 GMT
vary: origin, Accept-Encoding
x-amz-id-2: YQ3wi3YjoLNnsIRh3Mx3tWlCW1PiPDpd+Cy/ZCyDS6g/hj5D6DRgu4gTaVvq/oD7E5lmbuG6pb8=
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-d5c664b49-kz8bn
x-envoy-upstream-service-time: 42
access-control-allow-credentials: false
x-amz-request-id: 30MAJ5SDQ5SMW7YK
cf-ray: 8cf63bbe2c5dd086-CDG
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/144648425/ 72 KB
27 KB 190ms
102ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/144648425/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144648425.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54f49734b6bb8b24cd5d0efd2cde3d637b186adaa15db9972776cc42c1ce808b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: ce348155-29b3-4742-83b1-7e7f483d167d
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"bfbfbceda00831f2f2857f6e7af2e091"
x-amz-version-id: ris8.3qXj9RXMZH_mVTm0.6GY3gBmTyj
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Tue, 08 Oct 2024 12:51:22 GMT
x-evy-trace-listener: listener_https
date: Tue, 08 Oct 2024 12:46:22 GMT
x-hubspot-correlation-id: ce348155-29b3-4742-83b1-7e7f483d167d
content-type: text/javascript; charset=UTF-8
last-modified: Fri, 04 Oct 2024 16:49:18 GMT
vary: origin, Accept-Encoding
x-amz-id-2: DiA+5xQHqgIdDgPI72gudbC9QSMa2EylLu/okKmqGf87xyaraqpJlUfs4spxqjxCP/fjlC9LDYw=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-d5c664b49-kz8bn
x-envoy-upstream-service-time: 115
access-control-allow-credentials: true
x-amz-request-id: 92ZDFBMK1SZHB3HC
cf-ray: 8cf63bbe288ed6be-CDG
access-control-allow-origin: https://bank-assur.fr
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fb.js Show response
js-eu1.hsadspixel.net/ 6 KB
4 KB 314ms
209ms Script
application/javascript 172.65.219.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsadspixel.net/fb.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144648425.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86687f3e5f5afdcf3625c8dde9300bb27a5715ae747f119a1a4c8f89064c254c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 84602666-3fb3-468d-af8b-69e4ed8d41e8
content-encoding: gzip
cf-cache-status: HIT
etag: W/"df55045bc18928673797ec8f36531ce2"
x-amz-version-id: fkDbXM_kB0FZ912HTkyCuMu2yw0VZYTm
age: 375
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-amz-cf-id: DKufD9hwQFYGrgamKQTcDGsKlgt7qTP3dBkbtFoA2J0IyyY5UfK4ug==
date: Tue, 08 Oct 2024 12:46:22 GMT
x-hubspot-correlation-id: 84602666-3fb3-468d-af8b-69e4ed8d41e8
content-type: application/javascript; charset=utf-8
last-modified: Wed, 02 Oct 2024 14:25:36 UTC
vary: Accept-Encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-f988b7d-xgh5b
x-envoy-upstream-service-time: 6
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.602/bundles/pixels-release.js&cfRay=8cf632940ab8d156-AMS
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cf-ray: 8cf63bbe4a290c2d-AMS
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: adsscriptloaderstatic/static-1.602/bundles/pixels-release.js
x-amz-cf-pop: FRA56-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 69 KB
25 KB 211ms
83ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hscollectedforms.net/collectedforms.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144648425.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77080938572095bddc311784e1c284e7cd12268f46946aff94d04a43a53dffc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Origin: https://bank-assur.fr
Referer: https://bank-assur.fr/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 66082ea9-806f-479c-a9e1-8414f1dae840
content-encoding: gzip
cf-cache-status: EXPIRED
etag: W/"48bb5c8a01043eceaf45e65d5c98950b"
x-amz-version-id: lfSnPi6du9uQQl9EfUkg_44QCbCVLa2H
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: _kFVQzHQ1UmBiLkG9tbCYL8Sd47ZTEdQKbvpK0jetT_OGZeOLoIEpg==
date: Tue, 08 Oct 2024 12:46:22 GMT
x-hubspot-correlation-id: 66082ea9-806f-479c-a9e1-8414f1dae840
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Sep 2024 08:47:39 UTC
vary: Accept-Encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-75dd7fb59f-qjgvg
x-envoy-upstream-service-time: 3
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.772/bundles/project.js&cfRay=8c1eed72ae2201ce-AMS
via: 1.1 b2340053ff948864db4d5e3c0ab3f3ea.cloudfront.net (CloudFront)
cf-ray: 8cf63bbe6c2f153d-CDG
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: collected-forms-embed-js/static-1.772/bundles/project.js
x-amz-cf-pop: FRA60-P6
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 conversations-embed.js Show response
js-eu1.usemessages.com/ 90 KB
26 KB 101ms
29ms Script
application/javascript 2a06:98c1:3200::90:3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.usemessages.com/conversations-embed.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144648425.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc0a3844574595578e1babeb7ff35d03d5b57f21fae3ca5d23b464d613bda33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 040a92d7-fc4f-4c20-ac1d-0137b2d051a6
content-encoding: gzip
cf-cache-status: HIT
etag: W/"f4a7c3be38aebfc93bbabac26a17711d"
x-amz-version-id: JWdsgkLPA6ZPx8O3AKEWCHJFpp9DhJBz
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
age: 376
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-amz-cf-id: _z0Dczhd_GBaE_b7JWHs7XXZJTQRsfg2jD_glbvzqkPw3kSKvZN7xw==
date: Tue, 08 Oct 2024 12:46:22 GMT
x-hubspot-correlation-id: 040a92d7-fc4f-4c20-ac1d-0137b2d051a6
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Oct 2024 19:53:43 UTC
vary: Accept-Encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-f988b7d-72d4g
x-envoy-upstream-service-time: 9
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18177/bundles/project.js&cfRay=8cbf0eedce4ab92a-AMS
via: 1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
cf-ray: 8cf63bbe2ca13c81-CDG
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: conversations-embed/static-1.18177/bundles/project.js
x-amz-cf-pop: FRA60-P6
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
47 KB 89ms
43ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Origin: https://bank-assur.fr
Referer: https://fonts.googleapis.com/

Response headers

age: 17011
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 08:02:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 08:02:51 GMT
last-modified: Mon, 29 Jul 2024 22:44:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48556
x-xss-protection: 0
server: sffe

GET
H2 200 get-info-by-business Show response
api.durable.co/office/ 531 B
1 KB 141ms
72ms XHR
application/json 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.durable.co/office/get-info-by-business?idBusiness=6626d81e4d9a53a431fd7a9d

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/_next/static/chunks/4590-37574b96b82ab0c6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bae0835fae5d3d1902629a4fe2ff1a57a5edde15fdcf334f4fd0b0dc5d94039

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Accept: application/json
Referer: https://bank-assur.fr/

Response headers

access-control-expose-headers: no-business,Transfer-Encoding,Connection,Keep-Alive,X-Accel-Buffering
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"213-iYwbGbPeJpQXl5iRILiQB9HcveY"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
x-ratelimit-reset: 1728391583
access-control-allow-credentials: true
x-download-options: noopen
x-ratelimit-remaining: 996
cross-origin-embedder-policy: require-corp
permissions-policy
cf-ray: 8cf63bbf5da8cd74-LHR
access-control-allow-origin: https://bank-assur.fr
referrer-policy: no-referrer
x-ratelimit-limit: 1000
origin-agent-cluster: ?1
x-xss-protection: 0
server: cloudflare

GET
H2 200 6216.7cbf5bb965f8c28b.js Show response
bank-assur.fr/_next/static/chunks/ 5 KB
2 KB 106ms
106ms Script
application/javascript 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/chunks/6216.7cbf5bb965f8c28b.js

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/_next/static/chunks/webpack-fefd2bd5227e5e68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7da7ca587940673943da9f860b5879f860480ac85eefa3beb15d63680d6d1214

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"1555-192544c4ab8"
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 21:32:19 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbefc10b8f4-AMS
cross-origin-embedder-policy: unsafe-none
permissions-policy: fullscreen=*
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
805 B 45ms
43ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:wght@400&family=Crimson+Pro:wght@400&family=Permanent+Marker:wght@400;500;600;700;800&display=swap

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/_next/static/chunks/main-d23a437884bebb8d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3dbfa928acd8dea3f2dcb3a5555e2033330f3965e458eaa5b6aa5f1c91170d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 12:46:22 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 12:46:22 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 4GLOvpG5SoaqOnLY1Ic5fyRirjQ75Wgp6q9w6SiawygDTzU8mzg23kjqLHrKHgSi.png
cdn.durable.co/blocks/ 6 KB
0 0ms
0ms Image
image/png 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.durable.co/blocks/4GLOvpG5SoaqOnLY1Ic5fyRirjQ75Wgp6q9w6SiawygDTzU8mzg23kjqLHrKHgSi.png
Requested by: Host: bank-assur.fr
URL: https://bank-assur.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ea20b69c21a3080b894e2d2a487c475bb04bece462879f14d7224e1a6175ec5

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-envoy-upstream-healthchecked-cluster
cache-control: max-age=3600
cf-cache-status: REVALIDATED
etag: "9361db50f4e05470d614554df035d6bd"
x-amz-request-id: tx000009befb7bd3e5380c5-0066fc98ea-52724838-sfo3a
cf-ray: 8cf63bbd0bc0d120-CDG
accept-ranges: bytes
content-length: 5699
date: Tue, 08 Oct 2024 12:46:22 GMT
x-rgw-object-type: Normal
content-type: image/png
last-modified: Sat, 11 May 2024 00:48:04 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
server: cloudflare
x-do-cdn-uuid: e1386e29-283d-40df-a2a6-b537035cae92

GET
H2 200 267rkzgtBYpMxpwQpse2NfdbvS1itEaUtdfIX4YwvNqrAu2BsNo3hcioWZvf48E6.jpg
cdn.durable.co/blocks/ 11 KB
0 0ms
0ms Image
image/jpeg 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.durable.co/blocks/267rkzgtBYpMxpwQpse2NfdbvS1itEaUtdfIX4YwvNqrAu2BsNo3hcioWZvf48E6.jpg
Requested by: Host: bank-assur.fr
URL: https://bank-assur.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b6a64b7d11fdd3c7698bcd097e998680ef78e840057850fd7aca450f3ca81c7

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: h2pri
etag: "daaf42d3aad855b33ea6f1bfc7f3587d"
cf-cache-status: REVALIDATED
date: Tue, 08 Oct 2024 12:46:22 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
last-modified: Sun, 12 May 2024 20:20:38 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: e1386e29-283d-40df-a2a6-b537035cae92
cache-control: max-age=3600
x-amz-request-id: tx0000076ed33d042166e00-0066f4cba9-5289b483-sfo3a
cf-ray: 8cf63bbd0bc1d120-CDG
accept-ranges: bytes
content-length: 11362
server: cloudflare

GET
H2 200 40PaamMpQavx7kiwVEmN7XyatXs3zk0pk1HpLPe7PxpPNMyYF2q97TuHxk6nCK6n.jpg
cdn.durable.co/blocks/ 24 KB
0 10ms
10ms Image
image/jpeg 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.durable.co/blocks/40PaamMpQavx7kiwVEmN7XyatXs3zk0pk1HpLPe7PxpPNMyYF2q97TuHxk6nCK6n.jpg
Requested by: Host: bank-assur.fr
URL: https://bank-assur.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e6ebcd1329ba06d9f64cf35b497fb03efb13a8e0b57df93515f3c91f0b6cb55

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: h2pri
etag: "589c1a6e015671142036bb4c9d003361"
cf-cache-status: REVALIDATED
date: Tue, 08 Oct 2024 12:46:22 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
last-modified: Sun, 12 May 2024 20:23:04 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: e1386e29-283d-40df-a2a6-b537035cae92
cache-control: max-age=3600
x-amz-request-id: tx000001983d4ad55f09e79-0066edca82-5289b3d4-sfo3a
cf-ray: 8cf63bbd0bc2d120-CDG
accept-ranges: bytes
content-length: 24885
server: cloudflare

GET
H2 200 1cliIUUJxReseV6Cf67WCRiDdAxI1nbnHHITW8vcUV0a2rMvcZ4TuPNU9NELAVIz.png
cdn.durable.co/blocks/ 7 KB
0 27ms
27ms Image
image/png 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.durable.co/blocks/1cliIUUJxReseV6Cf67WCRiDdAxI1nbnHHITW8vcUV0a2rMvcZ4TuPNU9NELAVIz.png
Requested by: Host: bank-assur.fr
URL: https://bank-assur.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8de7bcf910cc9defa3572b67f1bd864cda69a5c214727fe6b23d511e979388a2

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-envoy-upstream-healthchecked-cluster
cache-control: max-age=3600
cf-cache-status: REVALIDATED
etag: "e32309bb768ec72c0c9d6e40b36c54a6"
x-amz-request-id: tx0000037f8fbba16c9ae79-0066e728ca-5289b42e-sfo3a
cf-ray: 8cf63bbd0bc5d120-CDG
accept-ranges: bytes
content-length: 7287
date: Tue, 08 Oct 2024 12:46:22 GMT
x-rgw-object-type: Normal
content-type: image/png
last-modified: Sun, 12 May 2024 20:29:29 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
server: cloudflare
x-do-cdn-uuid: e1386e29-283d-40df-a2a6-b537035cae92

GET
H2 200 image
bank-assur.fr/_next/ 12 KB
12 KB 118ms
117ms Image
image/webp 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank-assur.fr/_next/image?url=https%3A%2F%2Fcdn.durable.co%2Fblocks%2F2NNknAz4fLO0V832l6YhGKkKyZHCXkUEdbI87ClPXDP3cAq409wpMuYbXVzlpiwQ.png&w=1920&q=90

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42a9a299bff558936ea53aca71ead1f0a5520ae7db25c47fe2be0ad9cf0ed11d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

cf-cache-status: DYNAMIC
etag: Qqmimb-1WJNupTrKcerR8KVSCufbJcR-4r4K2c8O0R0=
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="2NNknAz4fLO0V832l6YhGKkKyZHCXkUEdbI87ClPXDP3cAq409wpMuYbXVzlpiwQ.webp"
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbffd3cb8f4-AMS
permissions-policy: fullscreen=*
cross-origin-embedder-policy: unsafe-none
content-length: 12146
x-nextjs-cache: HIT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 image
bank-assur.fr/_next/ 16 KB
16 KB 80ms
79ms Image
image/webp 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank-assur.fr/_next/image?url=https%3A%2F%2Fcdn.durable.co%2Fblocks%2FeGUl4deyxfjAkdqOPHu3emAI5TBjlKqCYLtZbg4oHD4LzPFen0LwhBcJwP9V6F7l.png&w=1920&q=90

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5102ee22a44916b73d1bc370a36e67682fb7009880291fd6ddb500fa005d4880

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

cf-cache-status: DYNAMIC
etag: UQLuIqRJFrc9G8Nwo25naC+3AJiAKR-W3bUA+gBdSIA=
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="eGUl4deyxfjAkdqOPHu3emAI5TBjlKqCYLtZbg4oHD4LzPFen0LwhBcJwP9V6F7l.webp"
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbffd3fb8f4-AMS
permissions-policy: fullscreen=*
cross-origin-embedder-policy: unsafe-none
content-length: 16230
x-nextjs-cache: HIT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 image
bank-assur.fr/_next/ 15 KB
15 KB 163ms
163ms Image
image/webp 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank-assur.fr/_next/image?url=https%3A%2F%2Fcdn.durable.co%2Fblocks%2F8bLNR2fHLOwCKK68BIHeu4Lrh28RT9Na08IhKYlot5kcIa2qH5DiVVtZJmLaAqil.png&w=1920&q=90

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

440397343f80002bcf2266248d9346971f21645ee9a53c19d8e7e83fe57eaa1f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

cf-cache-status: DYNAMIC
etag: RAOXND+AACvPImYkjZNGlx8hZF7ppTwZ2OfoP+V+qh8=
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="8bLNR2fHLOwCKK68BIHeu4Lrh28RT9Na08IhKYlot5kcIa2qH5DiVVtZJmLaAqil.webp"
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbffd40b8f4-AMS
permissions-policy: fullscreen=*
cross-origin-embedder-policy: unsafe-none
content-length: 15200
x-nextjs-cache: HIT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 image
bank-assur.fr/_next/ 8 KB
8 KB 148ms
148ms Image
image/webp 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank-assur.fr/_next/image?url=https%3A%2F%2Fcdn.durable.co%2Fblocks%2F18A3At190UoFA7qusRrM8ZxW6Y6oOndcbTnZLXr4oJ94oT9KjcFPmD33kMOJ2FoA.png&w=1920&q=90

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52d61bcc2683730581e1a2aa158125cbcc03d0e1207ab680d91c407e6dd04f00

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

cf-cache-status: DYNAMIC
etag: UtYbzCaDcwWB4aKqFYEly8wD0OEgeraA2RxAfm3QTwA=
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="18A3At190UoFA7qusRrM8ZxW6Y6oOndcbTnZLXr4oJ94oT9KjcFPmD33kMOJ2FoA.webp"
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbffd41b8f4-AMS
permissions-policy: fullscreen=*
cross-origin-embedder-policy: unsafe-none
content-length: 7938
x-nextjs-cache: HIT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 q5uUsoa5M_tv7IihmnkabC5XiXCAlXGks1WZzm1MP5s-dta4yA.woff2
fonts.gstatic.com/s/crimsonpro/v24/ 18 KB
18 KB 50ms
49ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/crimsonpro/v24/q5uUsoa5M_tv7IihmnkabC5XiXCAlXGks1WZzm1MP5s-dta4yA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400&family=Crimson+Pro:wght@400&family=Permanent+Marker:wght@400;500;600;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

35be45a36239a131961dd64ba4ef42846b1a9915d6067cd512fadb4b292a6938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Origin: https://bank-assur.fr
Referer: https://fonts.googleapis.com/

Response headers

age: 17027
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 08:02:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 08:02:35 GMT
last-modified: Wed, 13 Sep 2023 22:38:27 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18328
x-xss-protection: 0
server: sffe

GET
H3 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v20/ 14 KB
14 KB 48ms
48ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400&family=Crimson+Pro:wght@400&family=Permanent+Marker:wght@400;500;600;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

c0bc26da9499372e6b55886d4f2040de764391ecc9cefdd8a5df0284a345120e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Origin: https://bank-assur.fr
Referer: https://fonts.googleapis.com/

Response headers

age: 53218
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 21:59:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 21:59:24 GMT
last-modified: Wed, 27 Apr 2022 17:00:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14124
x-xss-protection: 0
server: sffe

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 143ms
31ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LV5V14ZF82&gtm=45je4a20v9194083629za200&_p=1728391582160&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1318203226.1728391583&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728391582&sct=1&seg=0&dl=https%3A%2F%2Fbank-assur.fr%2F&dt=%F0%9F%87%AB%F0%9F%87%B7%201er%20r%C3%A9seau%20Bank%20et%20Assur%20de%20France&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1351
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LV5V14ZF82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bank-assur.fr
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 436567655668984 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 183ms
183ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/436567655668984?v=2.9.170&r=stable&domain=bank-assur.fr&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

cc0eaba6a9aa207cf7bf43212417efc4b03f678eb07cd6a230e6196705059a19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=68, mss=1232, tbw=67267, tp=63, tpl=0, uplat=153, ullat=0
pragma: public
x-fb-debug: Z5hYMzsdjzW+7SY4FndpLJSTMkRQXlSNtB2pMUXFL6chjcjdky+P7p/gJnP8M4gRkGj2SGjfcKlT+KFv0ZNwDQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 markup-local-business-images Show response
api.durable.co/seo/ 78 B
211 B 247ms
245ms XHR
application/json 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.durable.co/seo/markup-local-business-images?idBusiness=6626d81e4d9a53a431fd7a9d

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/_next/static/chunks/4590-37574b96b82ab0c6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2161dce017ed2425a0765af0da54937b2f043fa76eedd23a082a7a2b3c9007d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Accept: application/json
Referer: https://bank-assur.fr/

Response headers

access-control-expose-headers: no-business,Transfer-Encoding,Connection,Keep-Alive,X-Accel-Buffering
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"4e-uplWGmkikHI2QjoId8fLTmxZkV4"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:23 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
x-ratelimit-reset: 1728391584
access-control-allow-credentials: true
x-download-options: noopen
x-ratelimit-remaining: 996
cross-origin-embedder-policy: require-corp
permissions-policy
cf-ray: 8cf63bc0af22cd74-LHR
access-control-allow-origin: https://bank-assur.fr
referrer-policy: no-referrer
x-ratelimit-limit: 1000
origin-agent-cluster: ?1
x-xss-protection: 0
server: cloudflare

OPTIONS
H2 200 view
js-eu1.hs-banner.com/v2/activity/ 0
0 146ms
59ms Preflight
application/octet-stream 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bank-assur.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://bank-assur.fr
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 8cf63bc1bd0a0e18-AMS
content-length: 0
content-type: application/octet-stream
date: Tue, 08 Oct 2024 12:46:23 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 1
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-d5c664b49-vtrg6
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 9c26af36-68ab-4052-a52a-92983d2ea033
x-request-id: 9c26af36-68ab-4052-a52a-92983d2ea033

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
468 B 60ms
59ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: js-eu1.hs-banner.com
URL: https://js-eu1.hs-banner.com/v2/144648425/banner.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

afef9fd6b0841e1ee02b7b91bf8772aac0d3236d0353740fc9714a1a2fbc8cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 12:46:22 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 12:46:22 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 204 view
js-eu1.hs-banner.com/v2/activity/ 0
0 66ms
62ms Fetch 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hs-banner.com/v2/activity/view

Requested by

Host: js-eu1.hs-banner.com
URL: https://js-eu1.hs-banner.com/v2/144648425/banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/json
Referer: https://bank-assur.fr/

Response headers

access-control-max-age: 604800
x-request-id: e06c7f79-dc73-4637-ac27-09a7f2bbd685
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-listener: listener_http, listener_https
date: Tue, 08 Oct 2024 12:46:23 GMT
x-hubspot-correlation-id: e06c7f79-dc73-4637-ac27-09a7f2bbd685
vary: origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator, envoyset-translator
x-evy-trace-served-by-pod: fra04/private-hubapi-td/envoy-proxy-5574dc56-4ttg2, fra04/analytics-js-proxy-td/envoy-proxy-d5c664b49-rwjtm
timing-allow-origin: *
x-envoy-upstream-service-time: 22
access-control-allow-credentials: true
cf-ray: 8cf63bc20d830e18-AMS
access-control-allow-origin: https://bank-assur.fr
x-evy-trace-route-configuration: listener_http/all, listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all, all

GET
H3 200 / Show response
ipv4.icanhazip.com/ 14 B
343 B 136ms
45ms XHR
text/plain 104.16.184.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv4.icanhazip.com/
Requested by: Host: bank-assur.fr
URL: https://bank-assur.fr/_next/static/chunks/6216.7cbf5bb965f8c28b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.184.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebdaa50ab81af44cfe363c0a2b5fef45777f90c524797f536a459e2fc4f62f39

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

access-control-allow-methods: GET
cf-ray: 8cf63bc1da219fbe-AMS
access-control-allow-origin: *
content-length: 14
date: Tue, 08 Oct 2024 12:46:23 GMT
content-type: text/plain
vary: Accept-Encoding
server: cloudflare

GET
H3 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ 14 KB
14 KB 53ms
53ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Origin: https://bank-assur.fr
Referer: https://fonts.googleapis.com/

Response headers

age: 16535
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 08:10:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 08:10:47 GMT
last-modified: Tue, 02 May 2023 15:17:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13980
x-xss-protection: 0
server: sffe

GET
H2 200 6ad5f70cb56137d7.css Show response
bank-assur.fr/_next/static/css/ 11 KB
0 1ms
0ms Fetch
text/css 172.66.0.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank-assur.fr/_next/static/css/6ad5f70cb56137d7.css

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/_next/static/chunks/main-d23a437884bebb8d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f8546390c488a41f694e4a6377a9f6ab72cc9490451f2f6d36305812072fb38

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"2b2f-19266f52060"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:22 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Oct 2024 12:29:53 GMT
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-security-policy: default-src * data: blob: http: https: 'self' https://*.durable.co 'unsafe-inline' *.durable.co 'unsafe-eval';
cache-control: public, max-age=31536000, immutable
cross-origin-opener-policy: cross-origin
cross-origin-resource-policy: cross-origin
referrer-policy: origin
cf-ray: 8cf63bbca8ebb8f4-AMS
permissions-policy: fullscreen=*
cross-origin-embedder-policy: unsafe-none
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 116ms
30ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=436567655668984&ev=PageView&dl=https%3A%2F%2Fbank-assur.fr&rl=&if=false&ts=1728391583010&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12316&fbp=fb.1.1728391583009.545009830476191560&pm=1&hrl=849f30&ler=empty&cdl=API_unavailable&it=1728391582781&coo=false&cs_cc=1&rqm=GET

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=10, mss=1297, tbw=2940, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 08 Oct 2024 12:46:23 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 213ms
128ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=436567655668984&ev=PageView&dl=https%3A%2F%2Fbank-assur.fr&rl=&if=false&ts=1728391583010&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12316&fbp=fb.1.1728391583009.545009830476191560&pm=1&hrl=849f30&ler=empty&cdl=API_unavailable&it=1728391582781&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 08 Oct 2024 12:46:23 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: J+qKBZQAEpIUbIG+TUAubjhz8X0LccEpIGt0YAgC7zHIhg1leqHmRrL2zubU2uEMj+l0jQ71X1IEv4am8ohnzA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=17, mss=1297, tbw=3258, tp=-1, tpl=-1, uplat=98, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0

POST
H2 200 register-user-action Show response
api.durable.co/website/ 41 B
161 B 210ms
203ms XHR
application/json 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.durable.co/website/register-user-action

Requested by

Host: bank-assur.fr
URL: https://bank-assur.fr/_next/static/chunks/4590-37574b96b82ab0c6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98b412ad08fcf0f8e00533e92d1ac3bebad1c412015c6d34b382ebdf36678672

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bank-assur.fr/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Accept: application/json, multipart/form-data
Content-Type: application/json

Response headers

access-control-expose-headers: no-business,Transfer-Encoding,Connection,Keep-Alive,X-Accel-Buffering
cf-cache-status: DYNAMIC
etag: W/"29-2sCioQeHs7Iwsxo7RhcJb7dZhDI"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 12:46:23 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
x-ratelimit-reset: 1728391585
access-control-allow-credentials: true
x-download-options: noopen
x-ratelimit-remaining: 999
cross-origin-embedder-policy: require-corp
permissions-policy
cf-ray: 8cf63bc3eb40cd74-LHR
access-control-allow-origin: https://bank-assur.fr
content-length: 41
referrer-policy: no-referrer
x-ratelimit-limit: 1000
origin-agent-cluster: ?1
x-xss-protection: 0
server: cloudflare

OPTIONS
H2 200 register-user-action
api.durable.co/website/ 0
0 281ms
164ms Preflight 2606:4700:4400::ac40:9494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.durable.co/website/register-user-action
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:4400::ac40:9494 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bank-assur.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,DELETE,PUT,OPTIONS,PATCH
access-control-allow-origin: https://bank-assur.fr
access-control-expose-headers: no-business,Transfer-Encoding,Connection,Keep-Alive,X-Accel-Buffering
access-control-max-age: 10
cf-cache-status: DYNAMIC
cf-ray: 8cf63bc2da8199c0-CDG
content-length: 0
date: Tue, 08 Oct 2024 12:46:23 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1728391584

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
1 KB 217ms
125ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fr-fr&bfp=3304812050&v=1.1&a=144648425&pu=https%3A%2F%2Fbank-assur.fr%2F&t=%F0%9F%87%AB%F0%9F%87%B7+1er+r%C3%A9seau+Bank+et+Assur+de+France&cts=1728391583232&rv=1&vi=d220d04b2799489fd1408c08b13d1055&nc=true&ce=false&cc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

x-robots-tag: none
x-request-id: 3e5bdce7-5399-4601-8a73-7d436f0c168b
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbbVssw%2Bvy5KkxbndfP4tH8pLmFcRvutZ07VI3evJrUaVUm0WadZNQJCJhgNLZxNMeSLX8P02kMr3QsEvw6V7RonLmSclun2HJ%2BUuAhUbFrfs2YfIucRFvB%2F7LhZyLfSWvclHeHOdg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Tue, 08 Oct 2024 12:46:23 GMT
x-hubspot-correlation-id: 3e5bdce7-5399-4601-8a73-7d436f0c168b
content-type: image/gif
last-modified: Tue, 08 Oct 2024 12:46:23 GMT
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-994754b9f-pp2s5
x-envoy-upstream-service-time: 4
access-control-allow-credentials: false
cf-ray: 8cf63bc3eac90e32-AMS
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 137697-200.png
static.thenounproject.com/png/ 2 KB
3 KB 157ms
49ms Other
image/png 108.156.2.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thenounproject.com/png/137697-200.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-23.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b2cd79c6da79c75cd946f9efb38b84b16ee3f911a16bb3fe13492ff90b02c90

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

cache-control: max-age=604800, public
etag: "3f3ecdf8d7b44ce99f42b8b3337370ed"
x-amz-version-id: null
age: 232273
via: 1.1 636189476c3cc1fef2a81208622a3b7a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2426
x-amz-cf-id: bh2TMj32_QYuSEXmht3O3FPZJGLeF30-EOoEyOjyJZJSfYTnBDX89w==
date: Sat, 05 Oct 2024 20:15:11 GMT
content-type: image/png
last-modified: Fri, 07 Aug 2015 20:16:03 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P4

GET
H2 200 137697-200.png
static.thenounproject.com/png/ 2 KB
0 0ms
0ms Other
image/png 108.156.2.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thenounproject.com/png/137697-200.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-23.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b2cd79c6da79c75cd946f9efb38b84b16ee3f911a16bb3fe13492ff90b02c90

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer: https://bank-assur.fr/

Response headers

cache-control: max-age=604800, public
etag: "3f3ecdf8d7b44ce99f42b8b3337370ed"
x-amz-version-id: null
age: 232273
via: 1.1 636189476c3cc1fef2a81208622a3b7a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2426
x-amz-cf-id: bh2TMj32_QYuSEXmht3O3FPZJGLeF30-EOoEyOjyJZJSfYTnBDX89w==
date: Sat, 05 Oct 2024 20:15:11 GMT
content-type: image/png
last-modified: Fri, 07 Aug 2015 20:16:03 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P4

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bank-assur.fr/	1970-01-21 00:06:33	Name: __cf_bm Value: 3Km2maOD1Or2Xzc2VS_2j8iC0M5WOgaBwa3eubRwPCo-1728391582-1.0.1.1-PaJkbNJclYYocVuaJruXwXyGMgDKj5wG8fzwpm53jlAmbUen5OTn_L74GD1YU2Sy31ohIKbe.nLDonJDAg9nYA
bank-assur.fr/	1970-01-21 00:07:54	Name: __cflb Value: 02DiuH2r6T5i4sjob6QVCZZ79L4uYcDGbLdGtcmFCH8Ri
.durable.co/	1970-01-21 00:06:33	Name: __cf_bm Value: zZFjUYbzEl2iwAaZbdaqOBmrrzXWEOffZ5_T1VUdcY8-1728391582-1.0.1.1-WBGTAYdZB6cAJ4ImwUWssPjp4TMOUHZTZ_2DI6yOhTCm_sAE2zrK6sg18oplUlBWlL5zERPZ0w2t6KlQ2O_cfg
api.durable.co/	1970-01-21 00:06:33	Name: __cflb Value: 0H28ustWbfGUSHkyDDk5xA5Ni9ic9WRAfVddGQd6UYM
.bank-assur.fr/	1970-01-21 09:42:31	Name: _ga Value: GA1.1.1318203226.1728391583
.bank-assur.fr/	1970-01-21 09:42:31	Name: _ga_LV5V14ZF82 Value: GS1.1.1728391582.1.0.1728391582.0.0.0
.bank-assur.fr/	1970-01-21 02:16:07	Name: _fbp Value: fb.1.1728391583009.545009830476191560
.hubspot.com/	1970-01-21 00:06:33	Name: __cf_bm Value: 8sCnw4Dw1GKk5.LHyMgxCbmTv6D0NRnMCudOL.VYm.4-1728391583-1.0.1.1-2gNl6CthS6rtfcoEbetbmcjSG9mYYAh7_Xsr0J9H.QmXUXv77ZDOIpFPuk.ku8zopi6UT3Eqw27viEuegSTlXA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: _66q1cT7uP4ENv8N2_37lDXYeXR6jTB.4MPDSiONLaQ-1728391583434-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: blob: http: https: 'self' https://.durable.co 'unsafe-inline' .durable.co 'unsafe-eval';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.durable.co
bank-assur.fr
cdn.durable.co
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
ipv4.icanhazip.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hsadspixel.net
js-eu1.hscollectedforms.net
js-eu1.usemessages.com
region1.google-analytics.com
static.thenounproject.com
track-eu1.hubspot.com
www.facebook.com
www.googletagmanager.com
104.16.184.241
108.156.2.23
142.250.185.131
142.250.186.42
157.240.253.1
172.65.192.122
172.65.202.201
172.65.208.22
172.65.219.229
172.65.238.60
172.65.240.166
172.66.0.42
2001:4860:4802:34::36
2606:4700:4400::ac40:9494
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3200::90:3
0574783729224382cd004ecf343086850ef25fdd1f561c27e56add6043c4128c
07b33664d617db24c53a87bb694811462be3958629eb952efbb20666aa4a4225
0e837688b9ff5f3dc1ec85b214419e153f924d7464df38dcb677f0ede8ef64e7
155c4be15e6e97fb67f7ee09308e36e1640e5dd71aad38754768ab67172dd4e7
1acc61b82103ea212459000b3b17d6bd28d21d8570861035f9dd29748e1cb351
1f3267ba80d5879583bff78de8cecd6a1be404d2bdc87e8400df60576d3f028e
1fd5df8ddb178ec29f88d5ee0ab5d4fdc08206b345a873a300ffad34e48fc37b
2b2cd79c6da79c75cd946f9efb38b84b16ee3f911a16bb3fe13492ff90b02c90
32a6d0fc9a12301ada5a6ffb88517641c0decaa4928fa0a2743052c708943a74
35be45a36239a131961dd64ba4ef42846b1a9915d6067cd512fadb4b292a6938
3dbfa928acd8dea3f2dcb3a5555e2033330f3965e458eaa5b6aa5f1c91170d7d
3e6ebcd1329ba06d9f64cf35b497fb03efb13a8e0b57df93515f3c91f0b6cb55
42a9a299bff558936ea53aca71ead1f0a5520ae7db25c47fe2be0ad9cf0ed11d
440397343f80002bcf2266248d9346971f21645ee9a53c19d8e7e83fe57eaa1f
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4f8546390c488a41f694e4a6377a9f6ab72cc9490451f2f6d36305812072fb38
506eea7c6d866ec0c8f42d78ae169809ad6c059b2191e9aa5c05c7ba4a50f84e
5102ee22a44916b73d1bc370a36e67682fb7009880291fd6ddb500fa005d4880
52d61bcc2683730581e1a2aa158125cbcc03d0e1207ab680d91c407e6dd04f00
54f49734b6bb8b24cd5d0efd2cde3d637b186adaa15db9972776cc42c1ce808b
5b6a64b7d11fdd3c7698bcd097e998680ef78e840057850fd7aca450f3ca81c7
5c940c06e2262b0cad9d8e4094b561d71cddf73d94c28379f922ad704f601751
5ea20b69c21a3080b894e2d2a487c475bb04bece462879f14d7224e1a6175ec5
61608997b52e17e8a258cd310111dcc12ca60fbd39f2f77e0e21326a3f4dc697
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
77080938572095bddc311784e1c284e7cd12268f46946aff94d04a43a53dffc9
7da7ca587940673943da9f860b5879f860480ac85eefa3beb15d63680d6d1214
86687f3e5f5afdcf3625c8dde9300bb27a5715ae747f119a1a4c8f89064c254c
8a419a4aa4b29277f8020d843e0b35b40423bf9a40ab3133f743104825a274e8
8de7bcf910cc9defa3572b67f1bd864cda69a5c214727fe6b23d511e979388a2
98b412ad08fcf0f8e00533e92d1ac3bebad1c412015c6d34b382ebdf36678672
9bae0835fae5d3d1902629a4fe2ff1a57a5edde15fdcf334f4fd0b0dc5d94039
9cc0a3844574595578e1babeb7ff35d03d5b57f21fae3ca5d23b464d613bda33
a5c97ca631e5a28f10edf5a320a869cd0838a732a9c074f83249dc2cbca71fa9
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afef9fd6b0841e1ee02b7b91bf8772aac0d3236d0353740fc9714a1a2fbc8cff
c0bc26da9499372e6b55886d4f2040de764391ecc9cefdd8a5df0284a345120e
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
cb62819483372cbdc1a8c3ecfe97992226ab8481113fb9c5615cce42d484c079
cc0eaba6a9aa207cf7bf43212417efc4b03f678eb07cd6a230e6196705059a19
cc91c024c565b7b7c22c291446e3406cd6b75cc97e988960c542c50ad7bdcb2b
ccbed1faaf00867a47f6814373a715c4127fbb49189db0c6f055a7d225d167d9
d2161dce017ed2425a0765af0da54937b2f043fa76eedd23a082a7a2b3c9007d
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
db84da255c3051dae4a839cfdefd03f1288bf8adfcfd7632f9e326ebee6ecde5
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e343e724490310a6ed0d676253cb58246e8bcf6c8288317b87ea926cbcef5939
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e646965171901bf0eb7d0a5204e10d8ab881a283f01837666ee2d227a53d3eae
ebdaa50ab81af44cfe363c0a2b5fef45777f90c524797f536a459e2fc4f62f39
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9b74f3b1733e53998e90f35667f7148e6a6118b404216f5a6a53f3003cc65a4
fbd5733811de096a626d68b4e272aa51533344104049733ff7f151e00cf9e60a

bank-assur.fr Open in urlscan Pro 172.66.0.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

33 %IPv6

17 Domains

18 Subdomains

19 IPs

3 Countries

887 kBTransfer

2545 kBSize

9 Cookies

4 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bank-assur.fr Open in urlscan Pro
172.66.0.42 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

33 %
IPv6

17
Domains

18
Subdomains

19
IPs

3
Countries

887 kB
Transfer

2545 kB
Size

9
Cookies

62 HTTP transactions
1 data transactions