urlscan.io logo urlscan.io
SecurityTrails logo

app.qonto.com Open in urlscan Pro
2600:9000:21c7:6e00:0:7942:c340:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6...
Effective URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Submission: On September 14 via api from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 45 HTTP transactions. The main IP is 2600:9000:21c7:6e00:0:7942:c340:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.qonto.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 26th 2023. Valid for: a year.
This is the only time app.qonto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:238d:2600:1b:92cd:8400:93a1 (United States)

ASN16509 (AMAZON-02, US)
email.qonto.com
21    2600:9000:21c7:6e00:0:7942:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.qonto.com
3    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
8    104.18.10.238 (None, )

ASN13335 (CLOUDFLARENET, US)
api.qonto.com
1    13.224.189.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-74.fra2.r.cloudfront.net
widget.intercom.io
2    18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net
js.intercomcdn.com
3    2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2.17.186.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-186-40.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
3    2600:9000:20b4:9e00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2a00:1450:4001:80e::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.219.170.210 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
qonto-assets.s3.eu-central-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
30 qonto.com
email.qonto.com
app.qonto.com
api.qonto.com — Cisco Umbrella Rank: 962463
2 MB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6439
150 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 33
117 KB
3 sentry.io
sentry.io — Cisco Umbrella Rank: 184
443 B
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2749
267 KB
1 amazonaws.com
qonto-assets.s3.eu-central-1.amazonaws.com
10 KB
1 gstatic.com
fonts.gstatic.com
27 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 663
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3958
17 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2178
3 KB
45 10
Domain Requested by
21 app.qonto.com app.qonto.com
8 api.qonto.com app.qonto.com
3 sdk.privacy-center.org app.qonto.com
sdk.privacy-center.org
3 accounts.google.com app.qonto.com
accounts.google.com
3 sentry.io app.qonto.com
2 js.intercomcdn.com widget.intercom.io
1 qonto-assets.s3.eu-central-1.amazonaws.com app.qonto.com
1 fonts.gstatic.com app.qonto.com
1 csp.withgoogle.com app.qonto.com
1 appleid.cdn-apple.com app.qonto.com
1 widget.intercom.io app.qonto.com
1 email.qonto.com 1 redirects
45 12

This site contains links to these domains. Also see Links.

Domain
qonto.com
welcome.qonto.com
Subject Issuer Validity Valid
*.qonto.com
Amazon RSA 2048 M02		 2023-04-26 -
2024-05-24		 a year crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2024-09-07		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-29		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2023-05-03 -
2023-10-29		 6 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.s3.eu-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2024-01-14		 9 months crt.sh

This page contains 3 frames:

Primary Page: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Frame ID: 9B94DD04D884E16B5803FF04BF8C6028
Requests: 36 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.d90179e5.js
Frame ID: EC61AE046B4AD3460E3B938F791597FD
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=continue_with&shape=square&logo_alignment=center&width=350&client_id=528595174513-3lfm8f4bi5190vtqdhqgfr89qbjfougu.apps.googleusercontent.com&iframe_id=gsi_780687_683896&as=1g%2FWxfNphtJHLu8jBksSJg&hl=en
Frame ID: EBA1ED93C89D3D1FF07A9B81F1656210
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qonto

Page URL History Show full URLs

  1. https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0i... HTTP 302
    https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organiz... Page URL
  2. https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-292... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js

Page Statistics

45
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

2706 kB
Transfer

14111 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6Ly9hcHAucW9udG8uY29tL2RldGVjdGFwcC5odG1sP2FwcFVybD1kZWVwbGlua3MlM0ZhY3Rpb24lM0RyZWNlaXZhYmxlLWludm9pY2VzLm5ldyUyNm9yZ2FuaXphdGlvbl9zbHVnJTNEbGVzZWNxLWF1cm9yZS0yOTI2JTI2YmxvY2tfMSUzRGN0YSIsImludGVybmFsIjoiZDdkYjA1MTVmMzYwZTQ5YTI3IiwibGlua19pZCI6ODU4OX0/2afd7e09b8014a3f9b211a44b0adc61efbee4bddd2d05df4701c1b55c242857d HTTP 302
    https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta Page URL
  2. https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6Ly9hcHAucW9udG8uY29tL2RldGVjdGFwcC5odG1sP2FwcFVybD1kZWVwbGlua3MlM0ZhY3Rpb24lM0RyZWNlaXZhYmxlLWludm9pY2VzLm5ldyUyNm9yZ2FuaXphdGlvbl9zbHVnJTNEbGVzZWNxLWF1cm9yZS0yOTI2JTI2YmxvY2tfMSUzRGN0YSIsImludGVybmFsIjoiZDdkYjA1MTVmMzYwZTQ5YTI3IiwibGlua19pZCI6ODU4OX0/2afd7e09b8014a3f9b211a44b0adc61efbee4bddd2d05df4701c1b55c242857d HTTP 302
  • https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
detectapp.html
app.qonto.com/
Redirect Chain
  • https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6Ly9hcHAucW9udG8uY29tL2RldGVjdGFwcC5odG1sP2FwcFVybD1kZWVwbGlua3MlM0ZhY3Rpb24lM...
  • https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
716 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2ed03089377d17c425b4036eba9716a30bdde90b38ae3a4a1171e5d1efa03d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
716
content-security-policy
frame-ancestors 'none'
content-type
text/html
date
Thu, 14 Sep 2023 14:46:14 GMT
etag
"0009a3c55bd7b5abfc64b54fdbf006a5"
last-modified
Thu, 14 Sep 2023 14:44:11 GMT
server
AmazonS3
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-id
gPJUGI8Jzmw65fuZFWIdWfqJ_M5fPa0kLpumVFi42GdgSDmReE8Buw==
x-amz-cf-pop
AMS54-C1
x-amz-id-2
YAr+5vNZkmwihCWNSEh4XqzufmodXe03ru+cxwEf2+BzInBYwx59q1DYKb1hXuKtZ3GUiiusiWE=
x-amz-request-id
FVVMCN4BJ1KNYP38
x-amz-server-side-encryption
AES256
x-amz-version-id
BPD5IZKjGABFp9WxY1aU20l0X_id9Uab
x-cache
Miss from cloudfront

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
date
Thu, 14 Sep 2023 14:46:12 GMT
location
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
via
1.1 google, 1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
x-amz-cf-id
ELCKcNHEUrlQp0ijBO_j5zgLYhrZm2HDDwqAES2_mkPmgjkosTT9dw==
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
chunk.7085c0573e3aa58e364e.js
app.qonto.com/assets/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.7085c0573e3aa58e364e.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
219fb6cae6f5c1cedcb80148e240632646803354f644a2a55eb08cf5334b671f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
dDNow3W6pL2KgP_4oqqxC3zdsA7rlW4c
content-encoding
br
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 22:35:10 GMT
last-modified
Tue, 29 Aug 2023 16:27:17 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
390270
x-amz-server-side-encryption
AES256
etag
W/"24382005caab74b3a595955647edaf67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
_tbqdMBd5dGlMhy85a8Eq_9WN7hEgXCR128y5RtMVsdDb066bWxEkg==
detectapp.b7da05d43c8b5148a6798b62b4b28110.css
app.qonto.com/ 		1 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/detectapp.b7da05d43c8b5148a6798b62b4b28110.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f113d06a10439a44df2fab3ed14628b4443ddf10e4de8c9e96a0ca720f4f4af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
dNtMzNUCc1DtS.Gw53QoMkh9_KeyUNLV
content-encoding
br
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
date
Thu, 14 Sep 2023 14:45:27 GMT
last-modified
Mon, 28 Aug 2023 14:03:27 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
47
x-amz-server-side-encryption
AES256
etag
W/"b7da05d43c8b5148a6798b62b4b28110"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
6kZpERGXN1h5qITzThyUzl9XqQp8IFMSG3SOFOJN0RvlHaJSe4nxQQ==
qonto-logo.svg
app.qonto.com/illustrations/app/ 		734 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.qonto.com/illustrations/app/qonto-logo.svg
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:40:57 GMT
x-amz-version-id
VhP8mm2qh4mQdYbmm_Yxx6kWNnPMS9EO
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
last-modified
Fri, 08 Sep 2023 15:42:44 GMT
server
AmazonS3
x-amz-cf-pop
AMS54-C1
age
471917
etag
"35b31ae0bb9ec6d7240ee58ec494c4bc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
734
x-amz-cf-id
KeXETQRdr8dupdISdZyC5d4CcPLJWJ1gO7Pjed1cAfQRtYVq7TrojA==
external-link-alt.svg
app.qonto.com/icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.qonto.com/icon/external-link-alt.svg
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad4055657c7f23ed9ab414393ae75720aa46e2c57cff42954cc5984d4687291d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 20:32:48 GMT
x-amz-version-id
7KlPrBiHF.TW87hm_1S8x6eH9f30rctj
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
last-modified
Fri, 08 Sep 2023 15:42:42 GMT
server
AmazonS3
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"a1084858db19e2c456b57fcbb8bc3afb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
age
324806
x-amz-cf-id
QndFg5sN5EKFNXJBHf0ya1Ho5b7AUZB8bqfBeaf3FE7FX9nvKYZLxQ==
Primary Request deeplinks
app.qonto.com/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.7085c0573e3aa58e364e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84f0af7baeb38fa51d9c2e25817effd92a712a63103aa846c2c56f3a66354bcb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
7877
content-security-policy
frame-ancestors 'none'
content-type
text/html
date
Thu, 14 Sep 2023 14:46:14 GMT
etag
"4d40cc44e94c4454dcbfe189122517b6"
last-modified
Thu, 14 Sep 2023 14:44:11 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-id
kAHdMeUSAddGiKKl3CYIFMtiVx8GXBfgYgeo0sp-VPMxXyskym2kWw==
x-amz-cf-pop
AMS54-C1
x-amz-id-2
2b7bsleRZwTwY7Gtz+oPpQq9z1Yvfy0x6R2YAfgnXwxJCMmzaZv+xzS4xysIUd1xscClw4dtIYw=
x-amz-request-id
FVVR6SD7B8Q4BA67
x-amz-server-side-encryption
AES256
x-amz-version-id
7_tlCLyw4VplOA6J5ROL_Tc04B.4CONQ
x-cache
Error from cloudfront
polysans-neutral.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-neutral.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbe7ffb622175ae830af0bbe0d29673470fe728f9df47fb850094ebfbf930cf3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
a4Pj1e8hhF88ZBspQvv_iMtskHBywZSQ
date
Thu, 14 Sep 2023 14:45:27 GMT
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
50
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25484
last-modified
Thu, 10 Aug 2023 07:57:33 GMT
server
AmazonS3
etag
"a19c4c179b08653db697a55d8b218512"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
CTfjUw3VrGFMc1FP3Vge76FxBB7w1mwhkTIcZvP-n_FeDWog_81DJw==
polysans-median.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-median.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
692f6f15f66235cf41b8646d5d75b9f609028832e0ad9f569483819d2694e655
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
U.uQQojltGqWpwslfYWx3BCRXrUb.6pc
date
Thu, 14 Sep 2023 14:45:27 GMT
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
47
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26516
last-modified
Thu, 10 Aug 2023 16:04:25 GMT
server
AmazonS3
etag
"f41f8b7109964b649e2e6c028eda3144"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
wufR6vQo1p4WgpA7nD2NfzEqGrIpr9TfatPstrrYgmeblv8JoTaEhg==
polysans-slim.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-slim.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f23e103734fedf6e937f8cefe3598bb7a9d65989e96664ec85a03c3e5c81c213
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
UrnzYc196CUdm0rVHgPPAO8pV_UQR3tX
date
Thu, 14 Sep 2023 14:45:27 GMT
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
59
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25428
last-modified
Fri, 11 Aug 2023 16:02:30 GMT
server
AmazonS3
etag
"130f1af8644734f23dd97252d3db7b11"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
ouLk16yiQ0dSHCcRGn4zWrH84P4ScKkbXs4xr-BgCg9AXlO50ODf-w==
vendor.58b2be94723e4ebfc91ca768d34cc00b.css
app.qonto.com/assets/ 		160 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/vendor.58b2be94723e4ebfc91ca768d34cc00b.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81ff11fd1f4acd5527fbedf0e9dfe3f9504b0230f4f66d5ddab563c6baeb0fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
wl3.PgA_Zlf5wuhySoV2NXgixTXvz7Yq
content-encoding
gzip
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
date
Thu, 14 Sep 2023 06:20:50 GMT
last-modified
Thu, 31 Aug 2023 06:14:39 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
30656
x-amz-server-side-encryption
AES256
etag
W/"58b2be94723e4ebfc91ca768d34cc00b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
ZFXiSuWhA4gb6WV05PZ84tOQCOhFXbsOw8BmDmZwtJBjv_fAgGf9pw==
qonto.64559536f97a7e92e5fe9518e01c9cc2.css
app.qonto.com/assets/ 		379 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/qonto.64559536f97a7e92e5fe9518e01c9cc2.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0f3a7a138cb81aa844f842479c27de9104a08503985a7b34bde46cb99e20d70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:41:07 GMT
x-amz-version-id
MGUkjmbnwDMCEsSxFu.ku7Ibkzl22Fqf
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Thu, 14 Sep 2023 14:40:46 GMT
server
AmazonS3
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"64559536f97a7e92e5fe9518e01c9cc2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
307
x-amz-cf-id
_92ZpvMK-n2YXZztSd57sA2h59zztPl5_YFSLiV587PtaAXWKSjedw==
chunk.65c518f839aeff80131b.css
app.qonto.com/assets/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.65c518f839aeff80131b.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee8985588fc84ac825a86904f1a38513a6e2eb9c1c5377ab691dfb880bc45b7f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 11:06:16 GMT
x-amz-version-id
_Fi124U5ZRjNQ4uPcC6yoaHjwOcE.ed6
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Thu, 14 Sep 2023 11:05:41 GMT
server
AmazonS3
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"a218a269c3b350986b07c4fa8d301687"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
13198
x-amz-cf-id
HYUqxQ9PR9GduDTgFR4J3ZpRsRVRte28eQx893bPMBh9cEIiqYWAJw==
vendor.3330d5cea76b9c29b86877969b2803d6.js
app.qonto.com/assets/ 		543 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/vendor.3330d5cea76b9c29b86877969b2803d6.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dea3380a2bb70f3adf1e985da92fead733ded524ce08841914cae229475f645
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
Yyu_.scr4n._z9Tb6uUj_VuYTkxOfUer
content-encoding
gzip
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
date
Sun, 10 Sep 2023 08:08:34 GMT
last-modified
Fri, 01 Sep 2023 16:15:40 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
369460
x-amz-server-side-encryption
AES256
etag
W/"3330d5cea76b9c29b86877969b2803d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ZHN8fxUa_KlWX9_Bv6G-ip1isqreAUY9sRvp9LCjCVmniA1Y2iHB7Q==
chunk.1e79753260aef93eafc5.js
app.qonto.com/assets/ 		2 MB
543 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.1e79753260aef93eafc5.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a79d2845eddb980e929d627a2121a1fe9458af6b769eb46c1d774722f26ded68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 11:06:16 GMT
x-amz-version-id
g_qobmfVzEcR1HU3SPvD5dIPqeJeiu56
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Thu, 14 Sep 2023 11:05:38 GMT
server
AmazonS3
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"fa526358fad3c774b09045813f204d16"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
13198
x-amz-cf-id
Q-rzpPZIB9sbxONuTu3Tgi1ijkhew-bHwGAqD9LRcGaE5cpRBsFnng==
chunk.d9b195692e7964de3907.js
app.qonto.com/assets/ 		7 MB
922 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.d9b195692e7964de3907.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1a0b2419580f2fb37a34a95c8646512c89d01a9900057189f7f780eafd8f928
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:44:12 GMT
x-amz-version-id
ugZgG3OdjTyaCA4Ft0SszNNMAYoajJ3J
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Thu, 14 Sep 2023 14:43:45 GMT
server
AmazonS3
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"6e48c689258559dac06b3eda5d49489d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
122
x-amz-cf-id
lfQJaqxDI0CrdT785pqyA_S4CUJ_XB7GknDLnCcJJfEr7I9CT6qkiQ==
/
sentry.io/api/160009/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.1e79753260aef93eafc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Sep 2023 14:46:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
2
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/goals/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Launchdarkly-User-Agent
access-control-allow-methods
GET
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
80696b203d912f95-MAD
content-length
0
date
Thu, 14 Sep 2023 14:46:16 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
r0qk2mbw
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/r0qk2mbw
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/vendor.3330d5cea76b9c29b86877969b2803d6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-74.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59d6139a7a98d93867431a33474665300c301cbefd518ebb8a0c25a8a9d64463

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
spDYs2ROT8Os7WWyG79Px0gk.pB08yhA
content-encoding
gzip
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
date
Thu, 14 Sep 2023 14:34:04 GMT
x-amz-cf-pop
FRA2-C1
age
771
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2703
last-modified
Thu, 14 Sep 2023 13:48:38 GMT
server
AmazonS3
etag
"2dc99cf864513f8dbda02ccf85b84a97"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
7bYGncXNzr0mgYufb_OnrX1WLKpX0NiGx9-N6nvFppgpOeluYwoa2w==
chunk.856.96cf93a695a8e8b7059f.js
app.qonto.com/assets/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.856.96cf93a695a8e8b7059f.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.d9b195692e7964de3907.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56dad9307dfeb7810dd3f63d33b036804f419b7a7401b85166b9ccf16fcdead2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
uXcPBMzLBBcno7As3_aeSbIxAFdffBOs
content-encoding
gzip
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
date
Mon, 11 Sep 2023 08:48:34 GMT
last-modified
Mon, 04 Sep 2023 07:41:27 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
280718
x-amz-server-side-encryption
AES256
etag
W/"b02aefd5e278e24a982d1020acd1c2df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
FQawyyeqfFiW0FF4n_vZTwsLoZUAkxko7jF65Ib54ASaxPvnXiruBg==
chunk.257.94897c28d0afb9840fd9.js
app.qonto.com/assets/ 		245 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.257.94897c28d0afb9840fd9.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.d9b195692e7964de3907.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f126281035207e19c5665cd472b2c44997f9548802e945c3f3d3ec4a2e1202f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
xXdGxZQ8yfmqQBGuq2CcEtU51TpH.1CN
content-encoding
gzip
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
date
Sun, 10 Sep 2023 22:28:04 GMT
last-modified
Fri, 01 Sep 2023 16:15:23 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
318646
x-amz-server-side-encryption
AES256
etag
W/"d519fe8a966a2cf8d772f47a9988266e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
RoSa1rLNAs_2NcH4PzFzc5DXfneni_otPoe3H6XKqwvwof5QiE1vUw==
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/sdk/goals/ 		2 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/goals/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.1e79753260aef93eafc5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:46:16 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-par-lfpg1960077-PAR
server
cloudflare
x-timer
S1694702777.513808,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
x-varied-accept-encoding
gzip
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
cache-control
max-age=0
access-control-allow-credentials
true
x-ratelimit-reset
0
vary
Origin, Accept-Encoding
x-ratelimit-limit
0
accept-ranges
bytes
cf-ray
80696b210f252f95-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
x-ratelimit-remaining
0
x-cache-hits
1280
chunk.asset-manifest.82cb2797f38cc23aa7b4.js
app.qonto.com/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.asset-manifest.82cb2797f38cc23aa7b4.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.d9b195692e7964de3907.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
544530ac3f61c93c73c5ec2a92fb1d6d8cb2d8ae86d8750d2623bfd5c259ede5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:44:12 GMT
x-amz-version-id
8VjoUqYxB1iZJukzviD.GI5yFF1iAAeE
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Thu, 14 Sep 2023 14:43:44 GMT
server
AmazonS3
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"b8f791e14a5fb17f9006e57fac754739"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
125
x-amz-cf-id
94bGYuoiJfNMi8tKpC2Dql715QGueGDp51xQQ_6nh7jnwR9cX4sd0w==
chunk.locale.en-json.3addc348a7aa5d69e339.js
app.qonto.com/assets/ 		487 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.locale.en-json.3addc348a7aa5d69e339.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.d9b195692e7964de3907.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd25c33eec524499b20c7d2f4e0dc7032cf4c66cd4cec6d3a2740df01bd51542
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:41:09 GMT
x-amz-version-id
41CjJAFeZtmESZthFhhjlRrTrOrkM34y
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Thu, 14 Sep 2023 14:40:40 GMT
server
AmazonS3
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"c94b660c05eeec2ab8280b48038e38a7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
308
x-amz-cf-id
s-ej9en1jr8A3VCWc1G7xKuN7s_jPLfxQrn5ZiamVpXlF6ZJpJZdHw==
eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.1e79753260aef93eafc5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7e323e76c45faf4cc3255f4f4f903c17ed3b99e59b0732b0b8378032a7150f
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:46:16 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
vary
Origin
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
80696b210f272f95-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
x-ratelimit-remaining
0
eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Launchdarkly-User-Agent
access-control-allow-methods
GET
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
80696b203d952f95-MAD
content-length
0
date
Thu, 14 Sep 2023 14:46:16 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
frame-modern.d90179e5.js
js.intercomcdn.com/ Frame EC61 		505 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.d90179e5.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r0qk2mbw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
519714ad13d4bc7d6c6f279860b0f924241a125a3d1b181b88f320e5694d789e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 13:48:41 GMT
content-encoding
gzip
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-version-id
IIoU8XhyWdjQG5MG2TYQ3veLtCBQV47o
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
3456
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
143081
last-modified
Thu, 14 Sep 2023 13:47:41 GMT
server
AmazonS3
etag
"7a25290545cebacecb365965ab8c6034"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
PGbbZMoQoedKYcLmMkCw6UEQW1uSMaPcqnIROkeEc1pIEhtOVjR4Mw==
vendor-modern.bfc8f97c.js
js.intercomcdn.com/ Frame EC61 		410 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.bfc8f97c.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r0qk2mbw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04db74a8de33650433f75db6d315ba43051344c79a28bb4e1954bc3b26798900
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
D0VBeYkyNscdhrYlSxMUOebzywgOitPW
content-encoding
gzip
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date
Thu, 14 Sep 2023 13:25:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
4851
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
128547
last-modified
Wed, 13 Sep 2023 14:14:46 GMT
server
AmazonS3
etag
"146875812b8158f1469502f59587b658"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
0M0PsOtcxVuTXNgiVkOHchNebagioQePcBsdaf9bfcurvClCYX860g==
/
sentry.io/api/160009/envelope/ 		2 B
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.1e79753260aef93eafc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Sep 2023 14:46:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
sentry.io/api/160009/envelope/ 		2 B
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.1e79753260aef93eafc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Sep 2023 14:46:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
client
accounts.google.com/gsi/ 		197 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.d9b195692e7964de3907.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
81466cdfc40e74ea6ca7c304d208df16019336ec1b304ed62d214ff06be64f2d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-KerpF0SWnMjdB_Dps0ZQGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:46:20 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-KerpF0SWnMjdB_Dps0ZQGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 14 Sep 2023 14:46:20 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.d9b195692e7964de3907.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-186-40.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Thu, 14 Sep 2023 14:46:20 GMT
Last-Modified
Tue, 12 Sep 2023 19:49:49 GMT
Server
Apple
ETag
W/"43171-1694548189000"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
loader.js
sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/loader.js?target_type=notice&target=DCLrVU69
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.d9b195692e7964de3907.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:9e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
18345a574b8f58872bcdb8b1e71c4adf1df234a777ffbe3039132855a2ca8c2d

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:00:12 GMT
content-encoding
gzip
x-didomi-remote-config-metadata
multiReg:false;legacyGlobalGdpr:true
x-didomi-remote-config-source
Lambda
via
1.1 d1b1cc661d55a3f8a88f240826e4f38c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P4
age
2768
etag
"dc72aed535cf0605bb0657ae1408ec79"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
10777
x-amz-cf-id
WNJagGLM32dMl74_Pph40GNYSb4YK1ui_8LEba8JCJSoI1eaHWQq3A==
chunk.981.4f9c80f39cbc5e3f952f.js
app.qonto.com/assets/ 		289 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.981.4f9c80f39cbc5e3f952f.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.d9b195692e7964de3907.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
000d79c60a825b427f49f0de80ffb25600dd0c709c6d363045b4ae8e7851939f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
AbQJRklVe9JLJ.46pxSMWHcAMC4MHCso
content-encoding
gzip
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
date
Mon, 11 Sep 2023 11:13:52 GMT
last-modified
Mon, 04 Sep 2023 10:30:37 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
271949
x-amz-server-side-encryption
AES256
etag
W/"c02f1e9e9e63e24c663a5260b486afae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
HdmOC6Krl2dcilS_EcY4XI7jRG2Mk3ib-P0jHzydfzNjBXEBWZnfeA==
sdk.805c27e03fb4eb13dfe44b6bbd275f1dc9e265d1.js
sdk.privacy-center.org/sdk/805c27e03fb4eb13dfe44b6bbd275f1dc9e265d1/modern/ 		335 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/805c27e03fb4eb13dfe44b6bbd275f1dc9e265d1/modern/sdk.805c27e03fb4eb13dfe44b6bbd275f1dc9e265d1.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/loader.js?target_type=notice&target=DCLrVU69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:9e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae2b03b0e61223da2e8a12f30daa21565aa67cda298120a1816fa01a7d51cf36

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 12:43:45 GMT
content-encoding
gzip
via
1.1 d1b1cc661d55a3f8a88f240826e4f38c.cloudfront.net (CloudFront)
last-modified
Thu, 14 Sep 2023 12:43:32 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
age
7356
etag
W/"33e7855cc0036b6ecfc97d27f5739af8-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
BKKieuh910BaQxHE_ygH5ZFNdN97uh95MmG0mzopdhrspoWjthe7og==
style
accounts.google.com/gsi/ 		533 B
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-EtaZSl7w0cTvLiMP9snebw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:46:20 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-EtaZSl7w0cTvLiMP9snebw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 14 Sep 2023 14:46:20 GMT
button
accounts.google.com/gsi/ Frame EBA1 		109 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=continue_with&shape=square&logo_alignment=center&width=350&client_id=528595174513-3lfm8f4bi5190vtqdhqgfr89qbjfougu.apps.googleusercontent.com&iframe_id=gsi_780687_683896&as=1g%2FWxfNphtJHLu8jBksSJg&hl=en
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c5bd40d4946d51dc078ed26056ee7ffbf18e5b48133650d46979e694ee01be6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-u6kA9UHTSu0wUDHLsW257Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.qonto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-u6kA9UHTSu0wUDHLsW257Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 14:46:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
first-screen-mint.json
app.qonto.com/lotties/ 		676 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/lotties/first-screen-mint.json
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.1e79753260aef93eafc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6e00:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f1adf42b2098b21db5df4ba13a6f5eedc207dfaa5aaa95d60b5b257705316c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
baggage
sentry-environment=production,sentry-release=7d4914da05,sentry-public_key=fa86b669a6ac4c4fa3dfc79ddda2a514,sentry-trace_id=2f5af5b7a6cb4ae69489cc67bf3ab8bc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
sentry-trace
2f5af5b7a6cb4ae69489cc67bf3ab8bc-aea55c620763ee6b-0

Response headers

x-amz-version-id
6Aq5ODegRF_RFw1OOl_WTQ6Mx3.zreua
content-encoding
br
via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
date
Thu, 14 Sep 2023 14:46:15 GMT
last-modified
Wed, 09 Aug 2023 16:31:03 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
52
x-amz-server-side-encryption
AES256
etag
W/"d3831a228e8863ee5489d3d344b7052d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
x-amz-cf-id
d769gGAdYYxYVtdcmlYk2-oUqwc2XXG_tU6R5tQ6-JKLfZy3LujTxg==
ui-gdpr-en-web.805c27e03fb4eb13dfe44b6bbd275f1dc9e265d1.js
sdk.privacy-center.org/sdk/805c27e03fb4eb13dfe44b6bbd275f1dc9e265d1/modern/ 		252 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/805c27e03fb4eb13dfe44b6bbd275f1dc9e265d1/modern/ui-gdpr-en-web.805c27e03fb4eb13dfe44b6bbd275f1dc9e265d1.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/805c27e03fb4eb13dfe44b6bbd275f1dc9e265d1/modern/sdk.805c27e03fb4eb13dfe44b6bbd275f1dc9e265d1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:9e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
115b04cd9844137bb2f540fd7b75fbf8f156ce8880138331607b7bde22fa73b2

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 12:44:08 GMT
content-encoding
gzip
via
1.1 d1b1cc661d55a3f8a88f240826e4f38c.cloudfront.net (CloudFront)
last-modified
Thu, 14 Sep 2023 12:43:34 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
age
7334
etag
W/"6d8a40bfa79570b56fc0cf216f5298c3-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
o6vtA0nzC7Bf6_iT2zrkbsQxqyfAkbKzUhVvbfAF3uPbY0dA2EgRjA==
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame EBA1 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/csp-report

Response headers
4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame EBA1 		51 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
Origin
https://accounts.google.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 04:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27431
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:43:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Sep 2024 04:49:03 GMT
logo_qonto_2022.jpg
qonto-assets.s3.eu-central-1.amazonaws.com/logos/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qonto-assets.s3.eu-central-1.amazonaws.com/logos/logo_qonto_2022.jpg
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/signin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.170.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2bb2a9c3b2a75f82899f568fc6459120a9a120f6cedf235016fea046ce682a23

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 14:46:22 GMT
x-amz-meta-server-side-encryption
AES256
x-amz-version-id
mzk_qXrLzA_d7o1a.eFYJ1sfmtHXwsO1
Last-Modified
Thu, 17 Feb 2022 13:00:17 GMT
Server
AmazonS3
x-amz-request-id
NRBKP9D4ZXBMHXHF
ETag
"8bb168ebf4aee766a9f0d698e195a760"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
x-amz-meta-version-id
Hm_nNe8LPJle6pFLjN_1ZIqj2kUPgbJe
Accept-Ranges
bytes
Content-Length
9718
x-amz-id-2
sCl6SaW8aPL8w5Q7XF4An4R428Tilkmmpv1Od/5MD79MLrlV50YIRDUYOfD8oXRni7D5O5DErTo=
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/diagnostic/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Launchdarkly-User-Agent
access-control-allow-methods
POST
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
80696b44dfaa2f95-MAD
content-length
0
date
Thu, 14 Sep 2023 14:46:22 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/diagnostic/ 		0
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/diagnostic/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.1e79753260aef93eafc5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Sep 2023 14:46:22 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
300
vary
Origin
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
x-ratelimit-remaining
0
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
80696b4568a62f95-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
content-length
0
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/bulk/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Launchdarkly-Event-Schema, X-Launchdarkly-Payload-Id, X-Launchdarkly-User-Agent
access-control-allow-methods
POST
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
80696b5159c32f95-MAD
content-length
0
date
Thu, 14 Sep 2023 14:46:24 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/bulk/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/bulk/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.1e79753260aef93eafc5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
X-LaunchDarkly-Payload-ID
7a05ba20-530d-11ee-a81c-f94be9367778
X-LaunchDarkly-Event-Schema
4
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Sep 2023 14:46:24 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-length
0
server
cloudflare
x-ratelimit-remaining
0
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
vary
Origin
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
80696b51da922f95-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| loader function| define function| requireModule function| require function| requirejs boolean| runningTests boolean| preferNative object| EmberENV object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| ProgressBar object| webpackChunkqonto object| __SENTRY__ object| __sentryEmberConfig function| Intercom object| intlTelInputGlobals function| __intercomAssignLocation function| __intercomReloadLocation object| __LD__ object| intlTelInputUtils object| didomiOnReady object| didomiEventListeners object| didomiConfig boolean| gdprAppliesGlobally function| __tcfapi object| AppleID object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| default_gsi object| google object| closure_lm_847771 object| __G_ID_CLIENT__ object| webpackChunkDidomi object| Didomi object| dataLayer object| didomiState object| DidomiSanitizing

3 Cookies

Domain/Path Name / Value
.qonto.com/ Name: deviceId
Value: 6dd54625-5ea4-49c7-8cc2-fd45d9715f58
.qonto.com/ Name: ember_simple_auth-session
Value: %7B%22authenticated%22%3A%7B%7D%7D
.qonto.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMThhOTQyODQtMjI2NC02YjIxLThkMTMtMTg3YTE1MWZkYWZlIiwiY3JlYXRlZCI6IjIwMjMtMDktMTRUMTQ6NDY6MjEuMTQwWiIsInVwZGF0ZWQiOiIyMDIzLTA5LTE0VDE0OjQ2OjIxLjE0MFoiLCJ2ZXJzaW9uIjpudWxsfQ==

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
javascript error URL: https://app.qonto.com/assets/chunk.1e79753260aef93eafc5.js(Line 1)
Message:
Refused to get unsafe header "date"
javascript error URL: https://app.qonto.com/assets/chunk.1e79753260aef93eafc5.js(Line 1)
Message:
Refused to get unsafe header "date"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.qonto.com
app.qonto.com
appleid.cdn-apple.com
csp.withgoogle.com
email.qonto.com
fonts.gstatic.com
js.intercomcdn.com
qonto-assets.s3.eu-central-1.amazonaws.com
sdk.privacy-center.org
sentry.io
widget.intercom.io
104.18.10.238
13.224.189.74
18.66.147.3
2.17.186.40
2600:9000:20b4:9e00:5:b7cc:d3c0:93a1
2600:9000:21c7:6e00:0:7942:c340:93a1
2600:9000:238d:2600:1b:92cd:8400:93a1
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2011
2a00:1450:4001:828::200d
35.186.247.156
52.219.170.210
000d79c60a825b427f49f0de80ffb25600dd0c709c6d363045b4ae8e7851939f
04db74a8de33650433f75db6d315ba43051344c79a28bb4e1954bc3b26798900
0dea3380a2bb70f3adf1e985da92fead733ded524ce08841914cae229475f645
115b04cd9844137bb2f540fd7b75fbf8f156ce8880138331607b7bde22fa73b2
18345a574b8f58872bcdb8b1e71c4adf1df234a777ffbe3039132855a2ca8c2d
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
219fb6cae6f5c1cedcb80148e240632646803354f644a2a55eb08cf5334b671f
2bb2a9c3b2a75f82899f568fc6459120a9a120f6cedf235016fea046ce682a23
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
519714ad13d4bc7d6c6f279860b0f924241a125a3d1b181b88f320e5694d789e
544530ac3f61c93c73c5ec2a92fb1d6d8cb2d8ae86d8750d2623bfd5c259ede5
56dad9307dfeb7810dd3f63d33b036804f419b7a7401b85166b9ccf16fcdead2
59d6139a7a98d93867431a33474665300c301cbefd518ebb8a0c25a8a9d64463
692f6f15f66235cf41b8646d5d75b9f609028832e0ad9f569483819d2694e655
6f7e323e76c45faf4cc3255f4f4f903c17ed3b99e59b0732b0b8378032a7150f
7f113d06a10439a44df2fab3ed14628b4443ddf10e4de8c9e96a0ca720f4f4af
81466cdfc40e74ea6ca7c304d208df16019336ec1b304ed62d214ff06be64f2d
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
84f0af7baeb38fa51d9c2e25817effd92a712a63103aa846c2c56f3a66354bcb
8c5bd40d4946d51dc078ed26056ee7ffbf18e5b48133650d46979e694ee01be6
a79d2845eddb980e929d627a2121a1fe9458af6b769eb46c1d774722f26ded68
ad4055657c7f23ed9ab414393ae75720aa46e2c57cff42954cc5984d4687291d
ae2b03b0e61223da2e8a12f30daa21565aa67cda298120a1816fa01a7d51cf36
b1a0b2419580f2fb37a34a95c8646512c89d01a9900057189f7f780eafd8f928
bd25c33eec524499b20c7d2f4e0dc7032cf4c66cd4cec6d3a2740df01bd51542
c81ff11fd1f4acd5527fbedf0e9dfe3f9504b0230f4f66d5ddab563c6baeb0fa
d2ed03089377d17c425b4036eba9716a30bdde90b38ae3a4a1171e5d1efa03d6
dbe7ffb622175ae830af0bbe0d29673470fe728f9df47fb850094ebfbf930cf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ee8985588fc84ac825a86904f1a38513a6e2eb9c1c5377ab691dfb880bc45b7f
f0f3a7a138cb81aa844f842479c27de9104a08503985a7b34bde46cb99e20d70
f126281035207e19c5665cd472b2c44997f9548802e945c3f3d3ec4a2e1202f7
f23e103734fedf6e937f8cefe3598bb7a9d65989e96664ec85a03c3e5c81c213
f6f1adf42b2098b21db5df4ba13a6f5eedc207dfaa5aaa95d60b5b257705316c