www.mas-mutuelle.fr Open in urlscan Pro
141.0.206.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mas-mutuelle.fr/
Effective URL:
https://www.mas-mutuelle.fr/
Submission: On October 14 via automatic, source certstream-suspicious (October 14th 2024, 10:53:28 pm UTC) — Scanned from FR

Summary HTTP 40 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 40 HTTP transactions. The main IP is 141.0.206.34, located in Toulouse, France and belongs to FULLSAVE-AS, FR. The main domain is www.mas-mutuelle.fr.
TLS certificate: Issued by R10 on August 27th 2024. Valid for: 3 months.

This is the only time www.mas-mutuelle.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	141.0.206.34 141.0.206.34	39405 (FULLSAVE-AS) (FULLSAVE-AS)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
9	2606:4700:10:... 2606:4700:10::6816:3b5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	141.0.206.35 141.0.206.35	39405 (FULLSAVE-AS) (FULLSAVE-AS)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
2	54.194.192.40 54.194.192.40	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
40	12

14 141.0.206.34 (Toulouse, France) 1 redirects

ASN39405 (FULLSAVE-AS, FR)
PTR: app-00001-bloom.fullsave.info

mas-mutuelle.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mas-mutuelle.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:3b5b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.0.206.35 (Toulouse, France)

ASN39405 (FULLSAVE-AS, FR)
PTR: fs-141-0-206-35.fullsave.info

matomo-analytics.bloom.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.192.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-192-40.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	mas-mutuelle.fr 1 redirects mas-mutuelle.fr www.mas-mutuelle.fr	722 KB
9	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 7163	78 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 maps.googleapis.com — Cisco Umbrella Rank: 445	107 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 7869	437 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
2	bloom.pro matomo-analytics.bloom.pro	22 KB
2	gstatic.com fonts.gstatic.com	84 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	64 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	115 KB
40	10

	Domain	Requested by
13	www.mas-mutuelle.fr	www.mas-mutuelle.fr
9	cdn-cookieyes.com	www.googletagmanager.com cdn-cookieyes.com
4	fonts.googleapis.com	www.mas-mutuelle.fr
2	www.facebook.com	www.mas-mutuelle.fr
2	log.cookieyes.com	cdn-cookieyes.com
2	connect.facebook.net	www.mas-mutuelle.fr connect.facebook.net
2	matomo-analytics.bloom.pro	www.mas-mutuelle.fr matomo-analytics.bloom.pro
2	fonts.gstatic.com	fonts.googleapis.com
2	maps.googleapis.com	www.mas-mutuelle.fr maps.googleapis.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	www.googletagmanager.com	www.mas-mutuelle.fr
1	mas-mutuelle.fr	1 redirects
40	12

This site contains links to these domains. Also see Links.

Domain
www.cookieyes.com
www.groupe-entis.fr
www.souscription.mas-mutuelle.fr
mas.entis-cms.bloom.pro
www.bloom-multimedia.fr

Subject Issuer	Validity	Valid
mas.entis-ms-mf.bloom.pro R10	`2024-08-27` - `2024-11-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
cdn-cookieyes.com WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
matomo-analytics.bloom.pro ZeroSSL RSA Domain Secure Site CA	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-24` - `2024-10-22`	3 months	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2024-03-26` - `2025-04-25`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.mas-mutuelle.fr/
Frame ID: B5A48AFADFDDEF07D6C6B0EE72A01DF6
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Accueil | Mutuelle d'Assurance Solidaire

Page URL History Show full URLs

https://mas-mutuelle.fr/ HTTP 302
https://www.mas-mutuelle.fr/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

40
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

12
IPs

4
Countries

1204 kB
Transfer

2421 kB
Size

2
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookieyes.com/product/cookie-consent

Search URL Search Domain Scan URL

URL: https://www.groupe-entis.fr/
Title: Une mutuelle du Groupe Entis

Search URL Search Domain Scan URL

URL: https://www.souscription.mas-mutuelle.fr/
Title: Souscrire en ligne

Search URL Search Domain Scan URL

URL: https://www.souscription.mas-mutuelle.fr/resiliation
Title: Résilier un contrat

Search URL Search Domain Scan URL

URL: https://mas.entis-cms.bloom.pro/
Title: ©

Search URL Search Domain Scan URL

URL: http://www.bloom-multimedia.fr/
Title: 2015 Bloom Multimédia

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mas-mutuelle.fr/ HTTP 302
https://www.mas-mutuelle.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.mas-mutuelle.fr/
Redirect Chain

https://mas-mutuelle.fr/
https://www.mas-mutuelle.fr/

30 KB
6 KB

206ms
74ms

Document
text/html

141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mas-mutuelle.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

c954ade272f6b408f5a8e9cc73a7a9d5e6a5fe5986be779cd60464acb3b27fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5737
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Oct 2024 22:53:23 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=15768000
Vary: Host,Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 294
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 14 Oct 2024 22:53:23 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.mas-mutuelle.fr/
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=15768000

GET
H/1.1 200
OK 693da3de.main.css
www.mas-mutuelle.fr/template/styles/ 193 KB
34 KB 41ms
40ms Stylesheet
text/css 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mas-mutuelle.fr/template/styles/693da3de.main.css

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

78b65c6eb36dbde5ae9f118e8dc3e3e59ca9ae925b1978752d8da54168b2018e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
ETag: "303ee-61c54205ade77-gzip"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 34072
Keep-Alive: timeout=5, max=99
Date: Mon, 14 Oct 2024 22:53:23 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 09:05:05 GMT
Vary: Host,Accept-Encoding
Server: Apache/2.4.10 (Debian)
Content-Type: text/css
X-Frame-Options: sameorigin

GET
H2 200 css
fonts.googleapis.com/ 4 KB
842 B 114ms
42ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,700

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17507a18a0e418e29ad7c02da3d1fd03510491b186ee99b6fb6a3ffe8b464294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 14 Oct 2024 22:53:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 22:53:23 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 14 Oct 2024 21:06:18 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 111ms
40ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19ec2571387a93f601d2b7ba570dcfaa8e60d9c1d343b4954830cda458d05357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 14 Oct 2024 22:53:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 22:53:23 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 14 Oct 2024 21:25:13 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK logo.png
www.mas-mutuelle.fr/bibliotheque/mas/Image/logo/ 4 KB
4 KB 101ms
33ms Image
image/png 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mas-mutuelle.fr/bibliotheque/mas/Image/logo/logo.png

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

de53580d5c17455d98bd9763c462bda6b50db40bc6c9de839757b52a05dec873

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

Strict-Transport-Security: max-age=15768000
ETag: "f2b-537ea5d8219f5"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 3883
Keep-Alive: timeout=5, max=100
Date: Mon, 14 Oct 2024 22:53:23 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 18 Jul 2016 15:10:14 GMT
Content-Type: image/png
Server: Apache/2.4.10 (Debian)
X-Frame-Options: sameorigin

GET
H/1.1 200
OK slider-auto-intemporel.jpg
www.mas-mutuelle.fr/bibliotheque/mas/Image/slider/ 168 KB
168 KB 102ms
35ms Image
image/jpeg 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mas-mutuelle.fr/bibliotheque/mas/Image/slider/slider-auto-intemporel.jpg

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

d4e437429ffa047841bd5e62363239beaf66b3ecbd635ace3871949f701dabf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

Strict-Transport-Security: max-age=15768000
ETag: "29fd4-61eaefc8a8fdb"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 171988
Keep-Alive: timeout=5, max=100
Date: Mon, 14 Oct 2024 22:53:23 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 02 Aug 2024 08:19:30 GMT
Content-Type: image/jpeg
Server: Apache/2.4.10 (Debian)
X-Frame-Options: sameorigin

GET
H/1.1 200
OK bloc-mas-2.png
www.mas-mutuelle.fr/bibliotheque/mas/Image/_masters_/homepage-blocs/ 160 KB
161 KB 34ms
33ms Image
image/png 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mas-mutuelle.fr/bibliotheque/mas/Image/_masters_/homepage-blocs/bloc-mas-2.png

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

8d8bd100981161f5fcb58052b13b1fe19694edfcc58de9cd3e09d6e83a133879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

Strict-Transport-Security: max-age=15768000
ETag: "2813f-5bc8f54050675"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 164159
Keep-Alive: timeout=5, max=99
Date: Mon, 14 Oct 2024 22:53:23 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Mar 2021 15:24:19 GMT
Content-Type: image/png
Server: Apache/2.4.10 (Debian)
X-Frame-Options: sameorigin

GET
H/1.1 200
OK Bloc%20Home%20Page%20MAS%20Assurance%20Scolaire.png
www.mas-mutuelle.fr/bibliotheque/mas/Image/ 210 KB
211 KB 36ms
35ms Image
image/png 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mas-mutuelle.fr/bibliotheque/mas/Image/Bloc%20Home%20Page%20MAS%20Assurance%20Scolaire.png

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

4c8cd1ca4ed764ec1198623964659acc3b58e2754d491f831bf1433be8c9184b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

Strict-Transport-Security: max-age=15768000
ETag: "34864-601c52c7fa6bc"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 215140
Keep-Alive: timeout=5, max=98
Date: Mon, 14 Oct 2024 22:53:23 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 31 Jul 2023 09:37:07 GMT
Content-Type: image/png
Server: Apache/2.4.10 (Debian)
X-Frame-Options: sameorigin

GET
H/1.1 200
OK 9e1b9033.logo_groupe_entis_line.png
www.mas-mutuelle.fr/template/images/ 4 KB
4 KB 104ms
36ms Image
image/png 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mas-mutuelle.fr/template/images/9e1b9033.logo_groupe_entis_line.png

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

7b95d46638822658af754626fc89d29cdfd95587e56cb2e753c2c4eb5ae6ee89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

Strict-Transport-Security: max-age=15768000
ETag: "eff-61c5420517831"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 3839
Keep-Alive: timeout=5, max=100
Date: Mon, 14 Oct 2024 22:53:23 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 09:05:05 GMT
Vary: Host
Server: Apache/2.4.10 (Debian)
Content-Type: image/png
X-Frame-Options: sameorigin

GET
H/1.1 200
OK c9376a86.commun.js Show response
www.mas-mutuelle.fr/template/scripts/ 160 KB
52 KB 141ms
43ms Script
application/javascript 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mas-mutuelle.fr/template/scripts/c9376a86.commun.js

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

3436b4eaa281216c56da27360d83196d07680a8978908742c34f17133d7fb405

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
ETag: "27ff5-61c54204bf9ee-gzip"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 53023
Keep-Alive: timeout=5, max=99
Date: Mon, 14 Oct 2024 22:53:23 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 09:05:04 GMT
Vary: Host,Accept-Encoding
Server: Apache/2.4.10 (Debian)
Content-Type: application/javascript
X-Frame-Options: sameorigin

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 317 KB
104 KB 148ms
70ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyBtmylyE6lLX594UteOqgkkc7e6zAGZoME&libraries=places

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

718063af9c9e125cc711de483c21d57affbf681b64699a2e33642e54c2060b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: fbf2a6d7
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106052
date: Mon, 14 Oct 2024 22:53:23 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK 338f56cc.home.js Show response
www.mas-mutuelle.fr/template/scripts/ 616 B
866 B 136ms
34ms Script
application/javascript 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mas-mutuelle.fr/template/scripts/338f56cc.home.js

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

908895dc50d3649fb40bf20cdb1aa846bb745637ee814e1ffb10f2206f5115e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
ETag: "268-61c54204c962f-gzip"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 372
Keep-Alive: timeout=5, max=99
Date: Mon, 14 Oct 2024 22:53:23 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 09:05:04 GMT
Vary: Host,Accept-Encoding
Server: Apache/2.4.10 (Debian)
Content-Type: application/javascript
X-Frame-Options: sameorigin

GET
H2 200 css
fonts.googleapis.com/ 9 KB
809 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:300,700,100,400

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/template/styles/693da3de.main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3bd9e8014f9e93f71dd366f7c0575583db1e6f53e1699aaa8de4f6e6c869048a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 14 Oct 2024 22:53:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 22:53:23 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 14 Oct 2024 22:53:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 7 KB
779 B 42ms
41ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/template/styles/693da3de.main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e6a06d2689dfb3ef55c8699b1842e7b1f31354d85396a4f8bc1f5c637fa0fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 14 Oct 2024 22:53:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 22:53:23 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 14 Oct 2024 22:51:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 379 KB
115 KB 142ms
64ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXV6RM94

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef0ffeaf483a3d9015a07db2fd691344e140c5360c54b42b4c8309b40af3e616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 14 Oct 2024 22:53:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 22:53:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 22:14:37 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 116629
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK ee4b0b9c.arrow-secondary-menu.png
www.mas-mutuelle.fr/template/images/ 2 KB
2 KB 84ms
34ms Image
image/png 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mas-mutuelle.fr/template/images/ee4b0b9c.arrow-secondary-menu.png

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/template/styles/693da3de.main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

f592aa4712816b0cb0516e7d02edc106a696c5d51c475845874c28b202609ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/template/styles/693da3de.main.css

Response headers

Strict-Transport-Security: max-age=15768000
ETag: "628-61c5420516891"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 1576
Keep-Alive: timeout=5, max=100
Date: Mon, 14 Oct 2024 22:53:23 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 09:05:05 GMT
Vary: Host
Server: Apache/2.4.10 (Debian)
Content-Type: image/png
X-Frame-Options: sameorigin

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 72ms
32ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mas-mutuelle.fr
Referer: https://fonts.googleapis.com/

Response headers

age: 572344
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 07:54:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 07:54:19 GMT
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51404
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK icomoon.ttf
www.mas-mutuelle.fr/template/fonts/ 59 KB
60 KB 82ms
34ms Font
application/font-sfnt 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mas-mutuelle.fr/template/fonts/icomoon.ttf?i67wt7

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/template/styles/693da3de.main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

1d5cf66bfd945bc585b171b2fe62c8f86866944ddca30a4e378aeace8868da26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mas-mutuelle.fr
Referer: https://www.mas-mutuelle.fr/template/styles/693da3de.main.css

Response headers

Strict-Transport-Security: max-age=15768000
ETag: "edd8-61c54205187d2"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 60888
Keep-Alive: timeout=5, max=100
Date: Mon, 14 Oct 2024 22:53:23 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 09:05:05 GMT
Vary: Host
Server: Apache/2.4.10 (Debian)
Content-Type: application/font-sfnt
X-Frame-Options: sameorigin

GET
H3 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 34 KB
34 KB 77ms
36ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300,700,100,400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mas-mutuelle.fr
Referer: https://fonts.googleapis.com/

Response headers

age: 576726
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 06:41:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 06:41:17 GMT
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34328
x-xss-protection: 0
server: sffe

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 111ms
47ms XHR
application/json 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyBtmylyE6lLX594UteOqgkkc7e6zAGZoME&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.mas-mutuelle.fr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Mon, 14 Oct 2024 22:53:23 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/ 96 KB
34 KB 94ms
34ms Script
application/javascript 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/script.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXV6RM94
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c790816f3021b38a77924f6edd6f488698e888871fc834412d27d9cf5e6efa5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: "1809e-6237da81f6e8c-gzip"
age: 468247
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d2b252f2ea16f17-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34153
date: Mon, 14 Oct 2024 22:53:23 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 12:34:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK matomo.js Show response
matomo-analytics.bloom.pro/analytics/ 64 KB
22 KB 147ms
39ms Script
application/javascript 141.0.206.35
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matomo-analytics.bloom.pro/analytics/matomo.js

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

141.0.206.35 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

fs-141-0-206-35.fullsave.info

Software

Apache /

Resource Hash

d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

Content-Encoding: gzip
ETag: "10132-60b4d6b8c325f-gzip"
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Date: Mon, 14 Oct 2024 22:53:23 GMT
Last-Modified: Wed, 29 Nov 2023 16:56:45 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: SAMEORIGIN
Upgrade: h2,h2c
Strict-Transport-Security: max-age=15768000
Connection: Upgrade, Keep-Alive
Referrer-Policy: strict-origin
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Content-Length: 21441
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
58 KB 72ms
32ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

91aff3588efba0074124bbd204b45de0da882a853f29a1d73f7ec132291c5651

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 22:53:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4473, tp=10, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: KaMnegpMDzBBLv2838ivoi4rvdYh9UKqGkPCqFEmi7/9silEpTR4L7QRtjbcyy1yzJg2NEJXGMLDh1fd78UUOA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
219 B 116ms
37ms Ping
text/plain 54.194.192.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.192.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-192-40.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQNxYFbcmZmROG9hA
Referer: https://www.mas-mutuelle.fr/

Response headers

x-robots-tag: noindex, nofollow
link: <https://www.cookieyes.com>; rel="canonical"
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-origin: *
content-length: 2
date: Mon, 14 Oct 2024 22:53:23 GMT
content-type: text/plain; charset=utf-8
x-powered-by: Express

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/ 101 KB
33 KB 31ms
31ms Script
application/javascript 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/banner.js
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd1f78270a3559eb92f9bef377aa4fe46514f2325e9ff053a6faf9ffe17cd933

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: "19231-6237da81f6e8c-gzip"
age: 468246
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d2b252f7ec76f17-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33668
date: Mon, 14 Oct 2024 22:53:23 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 12:34:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 325658656619590 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 86ms
86ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/325658656619590?v=2.9.171&r=stable&domain=www.mas-mutuelle.fr&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

c6bd31beb33c9946bfc11ba40614078ee140ea86e62fea3813c4dd11b56a2a19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 22:53:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=74, mss=1232, tbw=67607, tp=65, tpl=0, uplat=54, ullat=0
pragma: public
x-fb-debug: hu64kWdLdDMDuVfRnjlM0obVUHstw/DCUNr68BRtlOSe8itrQO8Bn3BUKgyAaq+1ZZXX2ptahzH1M8vR/D7UUQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H/1.1 204
No Response matomo.php
matomo-analytics.bloom.pro/analytics/ 0
544 B 104ms
103ms Ping
text/plain 141.0.206.35
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matomo-analytics.bloom.pro/analytics/matomo.php?action_name=Accueil%20%7C%20Mutuelle%20d%27Assurance%20Solidaire&idsite=4&rec=1&r=941494&h=0&m=53&s=23&url=https%3A%2F%2Fwww.mas-mutuelle.fr%2F&_id=6661b4aa7bfdf32f&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=PfavSI&pf_net=131&pf_srv=73&pf_tfr=2&pf_dm1=390&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Requested by

Host: matomo-analytics.bloom.pro
URL: https://matomo-analytics.bloom.pro/analytics/matomo.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

141.0.206.35 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

fs-141-0-206-35.fullsave.info

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://www.mas-mutuelle.fr/

Response headers

Strict-Transport-Security: max-age=15768000
Connection: Keep-Alive
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Access-Control-Allow-Origin: https://www.mas-mutuelle.fr
Keep-Alive: timeout=5, max=99
Date: Mon, 14 Oct 2024 22:53:23 GMT
X-XSS-Protection: 1; mode=block
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 102ms
32ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=325658656619590&ev=PageView&dl=https%3A%2F%2Fwww.mas-mutuelle.fr&rl=&if=false&ts=1728946403860&sw=1600&sh=1200&v=2.9.171&r=stable&a=tmgoogletagmanager&ec=0&o=12316&fbp=fb.1.1728946403858.235876930373509370&pm=1&hrl=022164&ler=empty&cdl=API_unavailable&it=1728946403757&coo=false&cs_cc=1&cas=7359887314097190&rqm=GET

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=10, mss=1297, tbw=2918, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 14 Oct 2024 22:53:23 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 254ms
185ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=325658656619590&ev=PageView&dl=https%3A%2F%2Fwww.mas-mutuelle.fr&rl=&if=false&ts=1728946403860&sw=1600&sh=1200&v=2.9.171&r=stable&a=tmgoogletagmanager&ec=0&o=12316&fbp=fb.1.1728946403858.235876930373509370&pm=1&hrl=022164&ler=empty&cdl=API_unavailable&it=1728946403757&coo=false&cs_cc=1&cas=7359887314097190&rqm=FGET

Requested by

Host: www.mas-mutuelle.fr
URL: https://www.mas-mutuelle.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425768259536500388"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 22:53:24 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 8Amc1hT/52G8Gb7EMDjpoCp+L8qrJqT0kyX/E5ERQgRAAz0WrzHAzwXxvpVYQ0cCp7HbOPN4vnOlCdWbH1GatQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425768259536500388", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1297, tbw=3236, tp=-1, tpl=-1, uplat=150, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 2Xwvwryg.json Show response
cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/ 44 B
336 B 85ms
37ms Fetch
application/json 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/2Xwvwryg.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bf63589511b80d93b010b60a9b4514299286b0cc1c2c49126fbb1aa2384cccf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"2c-6237da81f5eec"
age: 315900
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d2b25321da9d40c-CDG
access-control-allow-origin: *
date: Mon, 14 Oct 2024 22:53:24 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
last-modified: Wed, 02 Oct 2024 12:34:18 GMT

GET
H/1.1 200
OK favicon.png
www.mas-mutuelle.fr/bibliotheque/mas/Image/favicons/ 599 B
1023 B 35ms
35ms Other
image/png 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mas-mutuelle.fr/bibliotheque/mas/Image/favicons/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

254064c94e30eed608dc5746b15d39e0be0efe330805aad4759a7dcdd32e0650

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

Strict-Transport-Security: max-age=15768000
ETag: "257-57a01a8fc19c6"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 599
Keep-Alive: timeout=5, max=99
Date: Mon, 14 Oct 2024 22:53:24 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 06 Nov 2018 16:40:32 GMT
Content-Type: image/png
Server: Apache/2.4.10 (Debian)
X-Frame-Options: sameorigin

GET
H/1.1 200
OK favicon.ico
www.mas-mutuelle.fr/bibliotheque/mas/Image/favicons/ 17 KB
18 KB 35ms
35ms Other
image/vnd.microsoft.icon 141.0.206.34
FULLSAVE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mas-mutuelle.fr/bibliotheque/mas/Image/favicons/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.206.34 Toulouse, France, ASN39405 (FULLSAVE-AS, FR),

Reverse DNS

app-00001-bloom.fullsave.info

Software

Apache/2.4.10 (Debian) /

Resource Hash

1610c48f2eb8e93fe3dfdad35b4561fefc0e7693bcff73df67d5c8e7562f91ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

Strict-Transport-Security: max-age=15768000
ETag: "4486-57a01a9186bd8"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 17542
Keep-Alive: timeout=5, max=98
Date: Mon, 14 Oct 2024 22:53:24 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 06 Nov 2018 16:40:34 GMT
Content-Type: image/vnd.microsoft.icon
Server: Apache/2.4.10 (Debian)
X-Frame-Options: sameorigin

GET
H2 200 Mlx4-dOt.json Show response
cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/config/ 33 KB
6 KB 31ms
31ms Fetch
application/json 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/config/Mlx4-dOt.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 797c4a2119436c0c80f0448925f17d888c9582b019c5cb3c4dafbf2cd370ce50

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8342-6237da81f6e8c"
age: 315900
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d2b25325db9d40c-CDG
access-control-allow-origin: *
date: Mon, 14 Oct 2024 22:53:24 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
last-modified: Wed, 02 Oct 2024 12:34:18 GMT

GET
H2 200 XIOvzpGt.json Show response
cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/translations/ 2 KB
975 B 34ms
33ms Fetch
application/json 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/translations/XIOvzpGt.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb03ad7162c4a6e8852807a9d515cfa27adca083a2374a308929572491fd1e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"868-6237da81f6e8c"
age: 464432
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d2b25329dc6d40c-CDG
access-control-allow-origin: *
date: Mon, 14 Oct 2024 22:53:24 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
last-modified: Wed, 02 Oct 2024 12:34:18 GMT

GET
H2 200 YZh_UTAI.json Show response
cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/audit-table/ 4 KB
1 KB 32ms
32ms Fetch
application/json 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/audit-table/YZh_UTAI.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12d748b38662eb8f8899a4840ef15ec079c3c8490cca887a5b5298bafae7d33e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1027-6237da81f6e8c"
age: 464432
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d2b2532cdead40c-CDG
access-control-allow-origin: *
date: Mon, 14 Oct 2024 22:53:24 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
last-modified: Wed, 02 Oct 2024 12:34:18 GMT

GET
H2 200 revisit.svg
cdn-cookieyes.com/assets/images/ 2 KB
1 KB 30ms
29ms Image
image/svg+xml 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/revisit.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

cache-control: max-age=0, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"923-5da3a668dacc0"
age: 407997
cf-ray: 8d2b253308906f17-CDG
access-control-allow-origin: *
date: Mon, 14 Oct 2024 22:53:24 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 15 Mar 2022 04:40:47 GMT

GET
H2 200 close.svg
cdn-cookieyes.com/assets/images/ 1 KB
773 B 32ms
32ms Image
image/svg+xml 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

cache-control: max-age=0, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"541-5da3a66c769d4"
age: 553029
cf-ray: 8d2b253308916f17-CDG
access-control-allow-origin: *
date: Mon, 14 Oct 2024 22:53:24 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 15 Mar 2022 04:40:50 GMT

GET
H2 200 poweredbtcky.svg
cdn-cookieyes.com/assets/images/ 4 KB
2 KB 34ms
34ms Image
image/svg+xml 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

cache-control: max-age=0, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"eb2-5da3a68c50d09"
age: 45679
cf-ray: 8d2b253308926f17-CDG
access-control-allow-origin: *
date: Mon, 14 Oct 2024 22:53:24 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 15 Mar 2022 04:41:24 GMT

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
218 B 39ms
37ms Ping
text/plain 54.194.192.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7259eeb88f311f40f542c7f9/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.192.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-192-40.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarySoJvD23G9YVH5Uhu
Referer: https://www.mas-mutuelle.fr/

Response headers

x-robots-tag: noindex, nofollow
link: <https://www.cookieyes.com>; rel="canonical"
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-origin: *
content-length: 2
date: Mon, 14 Oct 2024 22:53:24 GMT
content-type: text/plain; charset=utf-8
x-powered-by: Express

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 107ms
43ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13q3q3q2q5l1&tag_exp=101529665~101686685&rnd=20342882.1728946404&url=https%3A%2F%2Fwww.mas-mutuelle.fr%2F&dma_cps=-&dma=1&npa=1&gtm=45He4a90n91TXV6RM94v9186946168za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXV6RM94

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mas-mutuelle.fr/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 22:53:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.mas-mutuelle.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: qkch2438qu33r1ukk8fiqn5q47
			.mas-mutuelle.fr/	1970-01-21 09:01:22	Name: cookieyes-consent Value: consentid:VUtmczVHRlRVcGRhRTJiR0pnWkJ5QjlkN21iRFVMWmU,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no,other:no

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-cookieyes.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
log.cookieyes.com
maps.googleapis.com
mas-mutuelle.fr
matomo-analytics.bloom.pro
pagead2.googlesyndication.com
www.facebook.com
www.googletagmanager.com
www.mas-mutuelle.fr
141.0.206.34
141.0.206.35
142.250.184.194
142.250.186.67
157.240.251.9
172.217.18.10
2606:4700:10::6816:3b5b
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a03:2880:f176:181:face:b00c:0:25de
54.194.192.40
12d748b38662eb8f8899a4840ef15ec079c3c8490cca887a5b5298bafae7d33e
1610c48f2eb8e93fe3dfdad35b4561fefc0e7693bcff73df67d5c8e7562f91ba
17507a18a0e418e29ad7c02da3d1fd03510491b186ee99b6fb6a3ffe8b464294
19ec2571387a93f601d2b7ba570dcfaa8e60d9c1d343b4954830cda458d05357
1d5cf66bfd945bc585b171b2fe62c8f86866944ddca30a4e378aeace8868da26
254064c94e30eed608dc5746b15d39e0be0efe330805aad4759a7dcdd32e0650
2fb03ad7162c4a6e8852807a9d515cfa27adca083a2374a308929572491fd1e8
3436b4eaa281216c56da27360d83196d07680a8978908742c34f17133d7fb405
3bd9e8014f9e93f71dd366f7c0575583db1e6f53e1699aaa8de4f6e6c869048a
4c8cd1ca4ed764ec1198623964659acc3b58e2754d491f831bf1433be8c9184b
4e6a06d2689dfb3ef55c8699b1842e7b1f31354d85396a4f8bc1f5c637fa0fc5
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c790816f3021b38a77924f6edd6f488698e888871fc834412d27d9cf5e6efa5
718063af9c9e125cc711de483c21d57affbf681b64699a2e33642e54c2060b26
78b65c6eb36dbde5ae9f118e8dc3e3e59ca9ae925b1978752d8da54168b2018e
797c4a2119436c0c80f0448925f17d888c9582b019c5cb3c4dafbf2cd370ce50
7b95d46638822658af754626fc89d29cdfd95587e56cb2e753c2c4eb5ae6ee89
8d8bd100981161f5fcb58052b13b1fe19694edfcc58de9cd3e09d6e83a133879
908895dc50d3649fb40bf20cdb1aa846bb745637ee814e1ffb10f2206f5115e5
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
91aff3588efba0074124bbd204b45de0da882a853f29a1d73f7ec132291c5651
9bf63589511b80d93b010b60a9b4514299286b0cc1c2c49126fbb1aa2384cccf
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c6bd31beb33c9946bfc11ba40614078ee140ea86e62fea3813c4dd11b56a2a19
c954ade272f6b408f5a8e9cc73a7a9d5e6a5fe5986be779cd60464acb3b27fca
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d4e437429ffa047841bd5e62363239beaf66b3ecbd635ace3871949f701dabf0
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
de53580d5c17455d98bd9763c462bda6b50db40bc6c9de839757b52a05dec873
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
ef0ffeaf483a3d9015a07db2fd691344e140c5360c54b42b4c8309b40af3e616
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f592aa4712816b0cb0516e7d02edc106a696c5d51c475845874c28b202609ad7
fd1f78270a3559eb92f9bef377aa4fe46514f2325e9ff053a6faf9ffe17cd933

www.mas-mutuelle.fr Open in urlscan Pro 141.0.206.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

42 %IPv6

10 Domains

12 Subdomains

12 IPs

4 Countries

1204 kBTransfer

2421 kBSize

2 Cookies

6 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mas-mutuelle.fr Open in urlscan Pro
141.0.206.34 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

12
IPs

4
Countries

1204 kB
Transfer

2421 kB
Size

2
Cookies

40 HTTP transactions
0 data transactions