assurances-privees.fr Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://assurances-privees.fr/
Submission: On April 10 via automatic, source certstream-suspicious (April 10th 2023, 5:07:13 am UTC) — Scanned from FR

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 10 domains to perform 43 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is assurances-privees.fr.
TLS certificate: Issued by E1 on April 10th 2023. Valid for: 3 months.

This is the only time assurances-privees.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:466	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	51.158.28.82 51.158.28.82	12876 (Online SAS) (Online SAS)
7	52.18.171.217 52.18.171.217	16509 (AMAZON-02) (AMAZON-02)
1	51.15.145.116 51.15.145.116	12876 (Online SAS) (Online SAS)
6	18.66.112.61 18.66.112.61	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2 2	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	35.157.13.156 35.157.13.156	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
43	11

15 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

assurances-privees.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:466 (United States)

ASN13335 (CLOUDFLARENET, US)

cache.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.158.28.82 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-82.rev.poneytelecom.eu

choices.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.18.171.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-171-217.eu-west-1.compute.amazonaws.com

www.devisprox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webservice.devisprox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.145.116 (France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-116.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.112.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-61.fra56.r.cloudfront.net

static.devisprox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.205.207.25 (Brussels, Belgium) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.13.156 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-13-156.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	assurances-privees.fr assurances-privees.fr	28 KB
13	devisprox.com www.devisprox.com webservice.devisprox.com static.devisprox.com	78 KB
6	consentframework.com cache.consentframework.com — Cisco Umbrella Rank: 44670 choices.consentframework.com — Cisco Umbrella Rank: 34517	136 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	92 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 323	871 B
2	avads.net 2 redirects ads.avads.net — Cisco Umbrella Rank: 23728	798 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	162 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	cookieless-data.com js.cookieless-data.com — Cisco Umbrella Rank: 58180	535 B
43	10

	Domain	Requested by
15	assurances-privees.fr	assurances-privees.fr
6	static.devisprox.com	webservice.devisprox.com static.devisprox.com
6	webservice.devisprox.com	www.devisprox.com static.devisprox.com webservice.devisprox.com
5	choices.consentframework.com	assurances-privees.fr choices.consentframework.com
3	connect.facebook.net	webservice.devisprox.com connect.facebook.net
2	x.bidswitch.net	1 redirects webservice.devisprox.com
2	ads.avads.net	2 redirects
2	www.googletagmanager.com	webservice.devisprox.com www.googletagmanager.com
1	www.facebook.com	webservice.devisprox.com
1	www.google-analytics.com	www.googletagmanager.com
1	js.cookieless-data.com	choices.consentframework.com
1	www.devisprox.com	assurances-privees.fr
1	cache.consentframework.com	assurances-privees.fr
43	13

This site contains no links.

Subject Issuer	Validity	Valid
*.assurances-privees.fr E1	`2023-04-10` - `2023-07-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-23` - `2023-05-23`	a year	crt.sh
*.consentframework.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-03-01` - `2024-03-20`	a year	crt.sh
*.devisprox.com Amazon RSA 2048 M02	`2023-02-10` - `2023-11-06`	9 months	crt.sh
*.cookieless-data.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-03-01` - `2024-03-21`	a year	crt.sh
static.devisprox.com Amazon RSA 2048 M01	`2023-02-23` - `2023-06-14`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-17` - `2023-04-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://assurances-privees.fr/
Frame ID: B4993DAE3ED9E13C459027EDC2C829FE
Requests: 21 HTTP requests in this frame

Frame: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
Frame ID: 22DD7AC017DC756C88B340E7923B2F95
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Assurances Privees

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

43
Requests

98 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

11
IPs

5
Countries

517 kB
Transfer

1671 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://ads.avads.net/v1/tracking?type=behavior&owner=devisprox&act=visit&market=FR&lang=fr-FR&url=https%3A%2F%2Fwebservice.devisprox.com%2Fformulaire.php%3Felementid%3DDevisProxContent%26partner%3D355998%26questionnaire%3D285%26c%3Dundefined%26ws_referer%3D%26 HTTP 302
https://ads.avads.net/v1/tracking?type=behavior&owner=devisprox&act=visit&market=FR&lang=fr-FR&url=https%3A%2F%2Fwebservice.devisprox.com%2Fformulaire.php%3Felementid%3DDevisProxContent%26partner%3D355998%26questionnaire%3D285%26c%3Dundefined%26ws_referer%3D%26&av_tc= HTTP 302
https://x.bidswitch.net/sync?a=1&dsp_id=352&user_id=8f48d9e0-fcff-4eff-9c7c-a20a1274fb1b&expires=2 HTTP 302
https://x.bidswitch.net/ul_cb/sync?a=1&dsp_id=352&user_id=8f48d9e0-fcff-4eff-9c7c-a20a1274fb1b&expires=2

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
assurances-privees.fr/ 13 KB
3 KB 129ms
75ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assurances-privees.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 148cb9c5d3d01011e55665f537e4cab829af78f056e31ae2b298d2cc338d096e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b5876ec2b54f854-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 10 Apr 2023 05:07:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReJY7tJt2lSutiZ7HR%2BJQIzPoeCeKcALeJDuLK26vYVJJa68LuI4U8vNPyfaxNWj6ba1BMQsMoWNKHujlb5TUROHEwj6p66YdUC9bkz5eP%2FMKkwK2vP%2BEMHPwG3PBkh5vwZFtUJ4P2kwpkdzHXeoaxVpB1c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
assurances-privees.fr/wp-content/themes/pure_gray/ 26 KB
5 KB 61ms
60ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc1c6aeac440b189ec21e553be834355d5c98c1838e33e6225be564540905d7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Apr 2015 09:05:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPEeqiMwdcPM8sKpJWzAkt3DoIEpFJ3lVY5YWBxVzAnteGuDeeTxZYyHVJxiPSdmtNWw%2BoQybO3yylKp7wYuNJu0nZHw7W84Tn%2BhkCEbZwcwqVMKVlL41Qozmc8Bc0zfUPRubF4bVPdqL%2FBROOV%2FfJxGwuE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b5876ecab8af854-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 script.js Show response
assurances-privees.fr/wp-content/themes/pure_gray/ 13 KB
4 KB 59ms
58ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/script.js
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 791be25e7a9df08d4eb26913c5f61bf56898f66864ebc5a3f4c8d3a162be7995

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Oct 2012 07:30:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zqubOUav9yZvXz2YV9W4U1X5KnlKtMKK9AneWI%2BZxqVnEDBsQeNPzEEYQ3ziXlSn9WFFyCCac1SNOrxeB2y1zIg8L4ksUI82f4cURTdQJlcb90NBL3yMIFJ4D2tKja%2Fv3B8YxUCrTo3uAtKA3u5x9ieLXs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b5876ecab8cf854-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 stub Show response
cache.consentframework.com/js/pa/1020/c/Y1Dhs/ 2 KB
1 KB 83ms
26ms Script
text/javascript 2606:4700:20::681a:466
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.consentframework.com/js/pa/1020/c/Y1Dhs/stub

Requested by

Host: assurances-privees.fr
URL: https://assurances-privees.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:466 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cca541a23d05f6de413291b10373940c7d7731bcd014006c87bec4dfeb58bce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Apr 2023 03:50:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2962
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvhTwB1OZr0zqgak8eVS%2FzQiRid4%2BSO0bGKPrClcQDGUTH00ioksyE8peotWS7VCL2T6vP7GB9ResRZTfkUNft6T82efTZ6Vena4ON%2FM%2FPmc7kOEM9IQQSHHQkJt67YPUwsfChFj%2BsLjRFs%2ByjcuuXsMN9FvxDbo"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600
cf-ray: 7b5876ecfe4d3c86-CDG

GET
H/1.1 200
OK cmp Show response
choices.consentframework.com/js/pa/1020/c/Y1Dhs/ 472 KB
134 KB 71ms
23ms Script
text/javascript 51.158.28.82
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/js/pa/1020/c/Y1Dhs/cmp

Requested by

Host: assurances-privees.fr
URL: https://assurances-privees.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-82.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

f361b6092cb951a2883bc4f11ae677c534b515ff582656a8f0ab4bba9a044002

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 05:07:09 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Connection: keep-alive

GET
H/1.1 200
OK jsloader.php Show response
www.devisprox.com/ 8 KB
8 KB 130ms
30ms Script
text/javascript 52.18.171.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.devisprox.com/jsloader.php
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.171.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-171-217.eu-west-1.compute.amazonaws.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 8b42da67206fe683363cbe4f28033e070ba92030947cf4d74ffd640d1f76357a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 05:07:09 GMT
Server: Apache/2.2.22 (Debian)
Transfer-Encoding: chunked
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Mon, 10 Apr 2023 06:07:09 GMT

GET
H3 200 page_sg.jpg
assurances-privees.fr/wp-content/themes/pure_gray/images/ 2 KB
2 KB 58ms
57ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/page_sg.jpg
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a024eda8eea0ba148ac95648d0e9c357f9e52c3caf21fda40e21bfd83c8b9a8d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 11:17:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phDXSZNbvzLZpko0Fit8SPnzlGaUiVpepj2gs8ekVpf5mxEQ%2F12bJJt%2F%2BM65WgigoQJF1GuE1Ag1rxcNFWqmV%2FxxGd%2FHCIHDT%2FRehuWnM2ZXRp%2Fn%2BV3EHeLCk6tTThxURlw8y4uE%2Ffw0rmd83g5hcVkoH1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed29733d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1586

GET
H3 200 page_g.jpg
assurances-privees.fr/wp-content/themes/pure_gray/images/ 2 KB
2 KB 64ms
62ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/page_g.jpg
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a024eda8eea0ba148ac95648d0e9c357f9e52c3caf21fda40e21bfd83c8b9a8d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 11:17:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FJWOUoNulxXSTb1x2WZfXTMuwiS69kXcwTHnmdIs4bM8VBZI3e%2B%2BmLxxVLcEGzEwQad5Jk7VFsrg2L%2FFwxP5AA2FDmC73HyQEMxKeqDB338Fdowe5xc%2FqpblCtKcY0wg0cOPAabnLNs0h22b4zrRisqmEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed39743d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1586

GET
H3 200 menuitem.png
assurances-privees.fr/wp-content/themes/pure_gray/images/ 795 B
1 KB 60ms
58ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/menuitem.png
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51441a190af8971a9617134d3772e95c4b2adcf1f66922777ed347aa9c10399e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 11:17:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbMUTYD7orIUUNqe0XH8heidw8IxHr%2FYaFFnNqN6BBt2q2gTL1xycXf12dzk3o3lbMrnxuG1UyyXYsXBYq2oc8o%2BwyAWdlHfXRknZhYv8qhK9VicGdxhgxhZNpjlhpkvhgVLBDuVq%2B0P3DATzs%2BXhwVzx3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed39753d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 795

GET
H3 200 post_s.png
assurances-privees.fr/wp-content/themes/pure_gray/images/ 214 B
690 B 60ms
59ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/post_s.png
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e6830c216feec3c8e94506414fc1a4dd7217dbf1f3e47c560110ef899ca9bb7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 11:17:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAqK6iZTguJiUi67JZKj0FvBg2v5aL%2FjvNgKy1AP5E23j%2FulRc3yrYQ2m6ImX8BvjDlPE9%2F8o2WBAkgR8tPUN%2B7WBuDV%2FTgoX6orI4V1ohQTIxsOh34gt4QEWpt0tXtAywmqXNIWs5XTJOK7Qk0DKqW1j%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed39763d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 214

GET
H3 200 post_h.png
assurances-privees.fr/wp-content/themes/pure_gray/images/ 159 B
632 B 61ms
59ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/post_h.png
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e534b0ce6b4af365c113f29cfb0707fcf80727a774345850a51a7a9c1d4ff9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 11:17:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DinmFnnUP5MEns0goi1kvWzaV7yFZ4%2FUp5xphM517vCWDF5cs6nDIdxbfQJfFTVxKLtRL7Gofbuiz8hcfMKqlXTZe58aOGe9t2Wi4T87H%2F5gt7NQC%2BmjqP7ySTsY88kkjjJO5T2EbLi%2BJMmeCXf79TShDug%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed39773d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 159

GET
H3 200 post_v.png
assurances-privees.fr/wp-content/themes/pure_gray/images/ 186 B
661 B 65ms
63ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/post_v.png
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6aaa191a566c6d73949114ed74ed6c1b2781cc0ed9d20d626058a8012090496

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 11:17:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfg3LjChRH7ZmcyzSWAf1GL%2Bj%2BBxhd9lxqbw5gSU3Akfrxl4lmtkLFYr7SWyAytFe2UpnNGBQ8wolBRdM3SJuSzctS%2FXuO2UxbEfQymbsYa5xFTeAxbJieNTIxjKeaqZHPHQp%2B6bx0XINp963l2StDO%2B09o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed39783d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 186

GET
H3 200 block_s.png
assurances-privees.fr/wp-content/themes/pure_gray/images/ 214 B
686 B 66ms
65ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/block_s.png
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5ef7f47111d1e829dfe2dd2b3f2e434609a53be3840160d6b4a8a5cc3f5cc63

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 11:17:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BQNLYhIpeC4X%2BymXQBHpX1ef1iyuLsQ6p4fYzGmwqKl0w8U%2BcRQa4WGEo6XackoGwjyXBiO7LDSREpgDzv0ERkENNEhReOrUtr2pa8sq6A%2BNcXJd0WvafDktEiVVoWrRkBSELGklL9nMcLMip7Ie5RW5sg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed397a3d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 214

GET
H3 200 block_h.png
assurances-privees.fr/wp-content/themes/pure_gray/images/ 160 B
635 B 73ms
72ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/block_h.png
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b5c5e27d0b9994ffa7fd4dd9541e045b87f7d4e29e4b68f8e811533202a3ac7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 11:17:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X38EbM2oW9oyGWZF5H6bld2vnqRY%2BznsXze%2BeuMgs5Aln2DDVZWXgejuN%2Bwb1hFlvm0no2inuHSKv4b%2FFLN5Fl%2FSFqZ%2B627zKClMO1GsmZ2WinHOAcIEeB6KzDhtfIb3mLovMxBjHGFg2gvgkWkN2n2AQgA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed397b3d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 160

GET
H3 200 block_v.png
assurances-privees.fr/wp-content/themes/pure_gray/images/ 186 B
662 B 63ms
62ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/block_v.png
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a49067c92dc1ca7a5443151803005e338031ccfcf24e06350434c946a6c18c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 11:17:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYua5awJXnJR5zI0TCdsIVC0L6IeX4HMToeg%2FgUdD3jeJVcFgmyOt4Ce%2FINi2tTPnIVy%2F%2FNSyNRw3DeUAoX48Bro81b%2FyYMVWngraSBr9Pm09Y3vXJml8MqlcA4%2Bi9S9LkdhUm079HGCUpQSHlpMViJv9ww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed397c3d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 186

GET
H3 200 blockheader.png
assurances-privees.fr/wp-content/themes/pure_gray/images/ 1 KB
1 KB 65ms
64ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/blockheader.png
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cde33e383a38f423072ef1cc7f357358c88b41e603a4a540894d11d5c03b77d7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 11:17:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVxkPYGoZiYxo9kLTBPValKzAgPP%2FJyf395a5V%2B0Kxly2s8RPveSw7zB8aYHAg%2B0J9HOU0HH1trq0hrrpNsFvedcs3vB8ZFRVLPr%2FZ2BK%2FPCRHBPtP9j%2FhpjyQ1fssG04hH6xs1g9J1KQ3UIfZlKgt4E5GI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed397d3d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1038

GET
H3 200 button.png
assurances-privees.fr/wp-content/themes/pure_gray/images/ 4 KB
4 KB 65ms
65ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/button.png
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a93e6aa3a420964d239a2cbffcca24bfd35c02c864f3cf5410118ac7ce1a537

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 12:35:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELfIE0gn5QW2gA%2BYWgrcmQrsVxJCl1T4YSC%2BIQ8t%2Ficpuny70%2Be78e6RHnj6KLDSp4wcPWkk5fYrK96%2BYGVKoVAATSQIpOKle1fht0CU0gsVXhIv7RAdU1quHfaDLMO7iK5rgQqSIIgviRyjCBG4EoDfEuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed397e3d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4068

GET
H3 200 menuseparator.png
assurances-privees.fr/wp-content/themes/pure_gray/images/ 128 B
601 B 64ms
64ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assurances-privees.fr/wp-content/themes/pure_gray/images/menuseparator.png
Requested by: Host: assurances-privees.fr
URL: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50a900f112c91cf43af2f04d17bdc3daef5fc3c55aa85ac471e7a58e3a9dd1e7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/wp-content/themes/pure_gray/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2011 11:17:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FYkOocVKrXEApM7sRuGEs2FSKkQA0SgVrbVSAVgILtcG%2BBzILCvFnEHLQ4zMzzRND9VQqKWrWbOuyXi9QdAFA9DKDKeyVI80EUPkmB9W7HjuiuTW566SlwNxc7hcJoa23qo2p8pxz9cz%2FNKb%2FumrSjga3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5876ed49823d13-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 128

OPTIONS
H/1.1 200
OK consent-string
choices.consentframework.com/api/v1/public/ Frame 0
0 58ms
19ms Preflight 51.158.28.82
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/api/v1/public/consent-string

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-82.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://assurances-privees.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Mon, 10 Apr 2023 05:07:09 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload

POST
H/1.1 200
OK consent-string Show response
choices.consentframework.com/api/v1/public/ 161 B
480 B 32ms
31ms Fetch
application/json 51.158.28.82
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/api/v1/public/consent-string

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/1020/c/Y1Dhs/cmp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-82.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

9795c76cbdb599db158776c3a22ff182be258e8b34970d5103aadf9fdbbd2dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://assurances-privees.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 10 Apr 2023 05:07:09 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 161

GET
H/1.1 200
OK GS.d Show response
js.cookieless-data.com/ 0
535 B 96ms
22ms Script
text/plain 51.15.145.116
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=1020&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fassurances-privees.fr%2F&r=&rand=1681103229147&gdpr=1&gdpr_consent=CPqAS8APqAS8ABcAIBFRC_CgAAAAAH_AAAqIIyQAARkgNgALAAeABUADIAIIAaABqAEQAMQAfgBCAD9AIGAQgAiwBHQCrgF1AMCAaIA14BtAEegJiAXmAwQBkgDlAAA&globalscope=false&cookieless_optout=0&tbp=true

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/1020/c/Y1Dhs/cmp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.145.116 , France, ASN12876 (Online SAS, FR),

Reverse DNS

51-15-145-116.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assurances-privees.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Apr 2023 05:07:09 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK user-action Show response
choices.consentframework.com/api/v1/public/ 0
270 B 19ms
19ms Fetch 51.158.28.82
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/api/v1/public/user-action

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/1020/c/Y1Dhs/cmp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-82.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://assurances-privees.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 10 Apr 2023 05:07:09 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

OPTIONS
H/1.1 200
OK user-action
choices.consentframework.com/api/v1/public/ Frame 0
0 62ms
24ms Preflight 51.158.28.82
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/api/v1/public/user-action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-82.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://assurances-privees.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Mon, 10 Apr 2023 05:07:09 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload

GET
H/1.1 200
OK formulaire.php Show response
webservice.devisprox.com/ Frame 22DD 113 KB
15 KB 224ms
86ms Document
text/html 52.18.171.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
Requested by: Host: www.devisprox.com
URL: https://www.devisprox.com/jsloader.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.171.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-171-217.eu-west-1.compute.amazonaws.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: eff81808bef757da3402227fc75178443d8de6c7d058be11df7fdea34b92d8e6

Request headers

Referer: https://assurances-privees.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: private, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 10 Apr 2023 05:07:09 GMT
Server: Apache/2.2.22 (Debian)
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
p3p: CP='ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV'

GET
H2 200 spinner_large-1342013614.gif
static.devisprox.com/img/v2/questionnaire/ Frame 22DD 7 KB
8 KB 121ms
24ms Image
image/gif 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.devisprox.com/img/v2/questionnaire/spinner_large-1342013614.gif
Requested by: Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-61.fra56.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 2fcd5410ba1b6b734ecb6fe56db265910136dc82219a69d090b1effb8c46bfc0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 09:05:20 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jul 2012 13:33:34 GMT
server: Apache/2.2.22 (Debian)
x-amz-cf-pop: FRA56-P5
age: 7070509
etag: "68215-1cc4-4c48de4bf0780"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=28512000
accept-ranges: bytes
content-length: 7364
x-amz-cf-id: xba7Ss6xBv_l0iIT6Y8qYtFHHdtpNm08CzfhpSQknjUVcD15DE_5Rg==
expires: Thu, 14 Dec 2023 09:05:20 GMT

GET
H2 200 questionnaire_manager.min-1529673433.css
static.devisprox.com/css/q_v3/ Frame 22DD 20 KB
3 KB 122ms
26ms Stylesheet
text/css 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.devisprox.com/css/q_v3/questionnaire_manager.min-1529673433.css
Requested by: Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-61.fra56.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 9b13a9ad4f2b5bcbc2923823008617f8cb8856dd1bae7274fe0ff27231672e21

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 08:00:27 GMT
content-encoding: gzip
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Fri, 22 Jun 2018 13:17:13 GMT
server: Apache/2.2.22 (Debian)
x-amz-cf-pop: FRA56-P5
age: 6815202
etag: "e65e7-4ee2-56f3ad998a840"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=28512000
accept-ranges: bytes
content-length: 2896
x-amz-cf-id: RoSkRxbUWr1kj-t-lFbuM_Yes9ajRez1oQbT5buKJvUOccpN43vMGQ==
expires: Sun, 17 Dec 2023 08:00:27 GMT

GET
H2 200 js.min-1462971374.js Show response
static.devisprox.com/js/ Frame 22DD 35 KB
10 KB 123ms
29ms Script
application/javascript 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.devisprox.com/js/js.min-1462971374.js
Requested by: Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-61.fra56.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: a0bdde5e7d392c569457f39dbe9dc8fc7e85bb50c60ca8a3aa27d065b696f7da

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 04:18:43 GMT
content-encoding: gzip
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Wed, 11 May 2016 12:56:14 GMT
server: Apache/2.2.22 (Debian)
x-amz-cf-pop: FRA56-P5
age: 24022106
etag: "70af7-8c3e-5329091105780"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=28512000
accept-ranges: bytes
content-length: 9704
x-amz-cf-id: BqsXWMCAxdufwxCnJ-CD-zxBK6-Kr46XQEm8kOG7AeS2Z8SAdtiR2A==
expires: Thu, 01 Jun 2023 04:18:43 GMT

GET
H2 200 js_q_v3.min-1529663512.js Show response
static.devisprox.com/js/ Frame 22DD 70 KB
18 KB 138ms
44ms Script
application/javascript 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.devisprox.com/js/js_q_v3.min-1529663512.js
Requested by: Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-61.fra56.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 102329224618c771db023483117f2392a3cbbd7e608bd4032a80cd09f7548058

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 06:02:11 GMT
content-encoding: gzip
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Fri, 22 Jun 2018 10:31:52 GMT
server: Apache/2.2.22 (Debian)
x-amz-cf-pop: FRA56-P5
age: 13993498
etag: "700c8-118af-56f388a423600"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=28512000
accept-ranges: bytes
content-length: 18074
x-amz-cf-id: ejpBxsOVrZEJGV1_w0byOZl4TunK7rSpqPZYufQURVKbMcP_SsWijw==
expires: Mon, 25 Sep 2023 06:02:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 22DD 246 KB
79 KB 105ms
44ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K72ZNXK

Requested by

Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26e6aa01ca272ed017d4ca09b4e3e0bddec1264003108a60ea06a4e616eedbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80845
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Apr 2023 05:07:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 22DD 107 KB
28 KB 73ms
24ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Apr 2023 05:07:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: mxXJcAUOPUBvAjDqct5Aacl1DGBwiOYff0wXlC8W816wu8SwYZwd2llciour9oNp5oAee/fUf43sBV7wnomg+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 712457908836773 Show response
connect.facebook.net/signals/config/ Frame 22DD 151 KB
42 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/712457908836773?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abd40c2d3528163a09eda7b38c94de772f3627e2f9e26bb575de2502228b553b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Apr 2023 05:07:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42811
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: D/4tBafjvWmj6AzGMsixcT20zBrE5w8H5TN9PODr5ONe1B3nQub4MEGCo5ZrOfwFPEmqC4ckuccByJ49vnP+SA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ Frame 22DD 72 KB
22 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Apr 2023 05:07:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: syXLIYpVbLU9GvK89ZVEzwJ/OIBRvZE2qozreSf5h7sJPP4STstSbN0IZnDl278KEcBIL/F+gZKdq/3xodB9OA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK ajax_dispatch.php Show response
webservice.devisprox.com/ Frame 22DD 259 B
725 B 49ms
48ms XHR
text/html 52.18.171.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://webservice.devisprox.com/ajax_dispatch.php
Requested by: Host: static.devisprox.com
URL: https://static.devisprox.com/js/js.min-1462971374.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.171.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-171-217.eu-west-1.compute.amazonaws.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: d789cccd25bf1f88a1f2e84e3aee4a8fcddbd1b47d2f02e4c362ab4add1f5535

Request headers

Referer: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 10 Apr 2023 05:07:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Apr 2023 05:07:09 GMT
Server: Apache/2.2.22 (Debian)
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 homme-0000002001.png
static.devisprox.com/img/v2/forms_icons/ Frame 22DD 1007 B
1 KB 23ms
23ms Image
image/png 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.devisprox.com/img/v2/forms_icons/homme-0000002001.png
Requested by: Host: static.devisprox.com
URL: https://static.devisprox.com/css/q_v3/questionnaire_manager.min-1529673433.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-61.fra56.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: af65c4cba585d994433b6fc706f066a4b78ccb08a3117ae3d61d7f3595669aa9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://static.devisprox.com/css/q_v3/questionnaire_manager.min-1529673433.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 17:27:23 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jul 2012 13:33:13 GMT
server: Apache/2.2.22 (Debian)
x-amz-cf-pop: FRA56-P5
age: 4102786
etag: "6825b-3ef-4c48de37e9840"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=28512000
accept-ranges: bytes
content-length: 1007
x-amz-cf-id: Lj3Tv7kG6G8KXjNEuqYUpEjt8ni0IvLseY2gY05NaacbsugTJmETaw==
expires: Wed, 17 Jan 2024 17:27:23 GMT

GET
H2 200 femme-0000002001.png
static.devisprox.com/img/v2/forms_icons/ Frame 22DD 1 KB
1 KB 24ms
24ms Image
image/png 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.devisprox.com/img/v2/forms_icons/femme-0000002001.png
Requested by: Host: static.devisprox.com
URL: https://static.devisprox.com/css/q_v3/questionnaire_manager.min-1529673433.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-61.fra56.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: f71391c1bbf548ced846d9fc53d4441e050ab2e312e2ed31852fddc9fc3fe8e5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://static.devisprox.com/css/q_v3/questionnaire_manager.min-1529673433.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 17:27:23 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jul 2012 13:33:13 GMT
server: Apache/2.2.22 (Debian)
x-amz-cf-pop: FRA56-P5
age: 4102786
etag: "68254-45e-4c48de37e9840"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=28512000
accept-ranges: bytes
content-length: 1118
x-amz-cf-id: t03ct6icZRqNuK_8hYttcLd_AEiRurgQjuxRAMl3Oed0z459JEkifQ==
expires: Wed, 17 Jan 2024 17:27:23 GMT

GET
H/1.1 200
OK spinner_large.gif
webservice.devisprox.com/img/v2/questionnaire/ Frame 22DD 7 KB
8 KB 75ms
30ms Image
image/gif 52.18.171.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webservice.devisprox.com/img/v2/questionnaire/spinner_large.gif
Requested by: Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.171.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-171-217.eu-west-1.compute.amazonaws.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 2fcd5410ba1b6b734ecb6fe56db265910136dc82219a69d090b1effb8c46bfc0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 05:07:09 GMT
Last-Modified: Wed, 11 Jul 2012 13:33:34 GMT
Server: Apache/2.2.22 (Debian)
ETag: "3521c1-1cc4-4c48de4bf0780"
Content-Type: image/gif
Cache-Control: max-age=28512000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7364
Expires: Tue, 05 Mar 2024 05:07:09 GMT

GET
H/1.1 200
OK here.gif
webservice.devisprox.com/img/v2/questionnaire/ Frame 22DD 60 B
391 B 85ms
31ms Image
image/gif 52.18.171.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webservice.devisprox.com/img/v2/questionnaire/here.gif
Requested by: Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.171.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-171-217.eu-west-1.compute.amazonaws.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: ab63be89e1d0f52ccffafeb26bfb81382ed95299526e920927eb3005cbcac992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 05:07:09 GMT
Last-Modified: Wed, 11 Jul 2012 13:33:34 GMT
Server: Apache/2.2.22 (Debian)
ETag: "3521b2-3c-4c48de4bf0780"
Content-Type: image/gif
Cache-Control: max-age=28512000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60
Expires: Tue, 05 Mar 2024 05:07:09 GMT

GET
H/1.1 200
OK close.png
webservice.devisprox.com/img/sites_v4/icons/ Frame 22DD 2 KB
2 KB 84ms
30ms Image
image/png 52.18.171.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webservice.devisprox.com/img/sites_v4/icons/close.png
Requested by: Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.171.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-171-217.eu-west-1.compute.amazonaws.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: b6e50abba6c3fccf3f42e90890b3a8d118ee06fa84d8a438ba6903422fb04fdf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 05:07:09 GMT
Last-Modified: Wed, 16 May 2018 13:50:23 GMT
Server: Apache/2.2.22 (Debian)
ETag: "332535-617-56c530014c5c0"
Content-Type: image/png
Cache-Control: max-age=28512000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1559
Expires: Tue, 05 Mar 2024 05:07:09 GMT

GET
H/1.1 200
OK spinner.gif
webservice.devisprox.com/img/v2/questionnaire/ Frame 22DD 2 KB
2 KB 89ms
32ms Image
image/gif 52.18.171.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webservice.devisprox.com/img/v2/questionnaire/spinner.gif
Requested by: Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.171.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-171-217.eu-west-1.compute.amazonaws.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 933ff16b42f8bc92603b880ec9135e163a559fbf2b2dc21692c576c1461bde7c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 05:07:09 GMT
Last-Modified: Wed, 11 Jul 2012 13:33:33 GMT
Server: Apache/2.2.22 (Debian)
ETag: "3521af-755-4c48de4afc540"
Content-Type: image/gif
Cache-Control: max-age=28512000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1877
Expires: Tue, 05 Mar 2024 05:07:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 22DD 49 KB
20 KB 59ms
18ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K72ZNXK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Apr 2023 03:12:07 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6902
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 10 Apr 2023 05:12:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 22DD 243 KB
82 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QBZ01Q814N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K72ZNXK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3e1a57cabc4b272eebd1a3be0d81d91f073c2f5197c6d4724da69a94f73e132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84162
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 10 Apr 2023 05:07:09 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 22DD
Redirect Chain

https://ads.avads.net/v1/tracking?type=behavior&owner=devisprox&act=visit&market=FR&lang=fr-FR&url=https%3A%2F%2Fwebservice.devisprox.com%2Fformulaire.php%3Felementid%3DDevisProxContent%26partner%3...
https://ads.avads.net/v1/tracking?type=behavior&owner=devisprox&act=visit&market=FR&lang=fr-FR&url=https%3A%2F%2Fwebservice.devisprox.com%2Fformulaire.php%3Felementid%3DDevisProxContent%26partner%3...
https://x.bidswitch.net/sync?a=1&dsp_id=352&user_id=8f48d9e0-fcff-4eff-9c7c-a20a1274fb1b&expires=2
https://x.bidswitch.net/ul_cb/sync?a=1&dsp_id=352&user_id=8f48d9e0-fcff-4eff-9c7c-a20a1274fb1b&expires=2

43 B
344 B

30ms
30ms

Image
image/gif

35.157.13.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?a=1&dsp_id=352&user_id=8f48d9e0-fcff-4eff-9c7c-a20a1274fb1b&expires=2
Requested by: Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&
Protocol: H2
Server: 35.157.13.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-13-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 05:07:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?a=1&dsp_id=352&user_id=8f48d9e0-fcff-4eff-9c7c-a20a1274fb1b&expires=2
date: Mon, 10 Apr 2023 05:07:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 22DD 0
185 B 74ms
23ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=712457908836773&ev=PageView&dl=https%3A%2F%2Fwebservice.devisprox.com%2Fformulaire.php%3Felementid%3DDevisProxContent%26partner%3D355998%26questionnaire%3D285%26c%3Dundefined%26ws_referer%3D%26&rl=https%3A%2F%2Fassurances-privees.fr%2F&if=true&ts=1681103229657&cd[site]=devisprox.com&cd[pays]=fr&cd[affid]=355998&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=28&cs_est=true&it=1681103229524&coo=false&tm=1&rqm=GET

Requested by

Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=355998&questionnaire=285&c=undefined&ws_referer=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webservice.devisprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Apr 2023 05:07:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ads.avads.net/	1970-01-20 10:58:25	Name: av-sess-id-299 Value: 856b56f8-56f2-4910-994d-5d818ee86d34
.ads.avads.net/	1970-01-20 20:28:37	Name: av-mid Value: 8f48d9e0-fcff-4eff-9c7c-a20a1274fb1b
.ads.avads.net/	1970-01-20 11:01:16	Name: av-tp-bsw Value: 1
.bidswitch.net/	1970-01-20 19:43:59	Name: tuuid Value: 2f07c6e6-1bc4-4203-8b77-b8523424ec81
.bidswitch.net/	1970-01-20 19:43:59	Name: c Value: 1681103229
.bidswitch.net/	1970-01-20 19:43:59	Name: tuuid_lu Value: 1681103229

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avads.net
assurances-privees.fr
cache.consentframework.com
choices.consentframework.com
connect.facebook.net
js.cookieless-data.com
static.devisprox.com
webservice.devisprox.com
www.devisprox.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
18.66.112.61
2001:4860:4802:38::178
2606:4700:20::681a:466
2a00:1450:4001:812::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3120::3
35.157.13.156
35.205.207.25
51.15.145.116
51.158.28.82
52.18.171.217
0e6830c216feec3c8e94506414fc1a4dd7217dbf1f3e47c560110ef899ca9bb7
102329224618c771db023483117f2392a3cbbd7e608bd4032a80cd09f7548058
148cb9c5d3d01011e55665f537e4cab829af78f056e31ae2b298d2cc338d096e
26e6aa01ca272ed017d4ca09b4e3e0bddec1264003108a60ea06a4e616eedbc1
2fcd5410ba1b6b734ecb6fe56db265910136dc82219a69d090b1effb8c46bfc0
3b5c5e27d0b9994ffa7fd4dd9541e045b87f7d4e29e4b68f8e811533202a3ac7
4a93e6aa3a420964d239a2cbffcca24bfd35c02c864f3cf5410118ac7ce1a537
50a900f112c91cf43af2f04d17bdc3daef5fc3c55aa85ac471e7a58e3a9dd1e7
51441a190af8971a9617134d3772e95c4b2adcf1f66922777ed347aa9c10399e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
791be25e7a9df08d4eb26913c5f61bf56898f66864ebc5a3f4c8d3a162be7995
80e534b0ce6b4af365c113f29cfb0707fcf80727a774345850a51a7a9c1d4ff9
8b42da67206fe683363cbe4f28033e070ba92030947cf4d74ffd640d1f76357a
933ff16b42f8bc92603b880ec9135e163a559fbf2b2dc21692c576c1461bde7c
9795c76cbdb599db158776c3a22ff182be258e8b34970d5103aadf9fdbbd2dda
9b13a9ad4f2b5bcbc2923823008617f8cb8856dd1bae7274fe0ff27231672e21
a024eda8eea0ba148ac95648d0e9c357f9e52c3caf21fda40e21bfd83c8b9a8d
a0bdde5e7d392c569457f39dbe9dc8fc7e85bb50c60ca8a3aa27d065b696f7da
a8a49067c92dc1ca7a5443151803005e338031ccfcf24e06350434c946a6c18c
ab63be89e1d0f52ccffafeb26bfb81382ed95299526e920927eb3005cbcac992
abd40c2d3528163a09eda7b38c94de772f3627e2f9e26bb575de2502228b553b
af65c4cba585d994433b6fc706f066a4b78ccb08a3117ae3d61d7f3595669aa9
b3e1a57cabc4b272eebd1a3be0d81d91f073c2f5197c6d4724da69a94f73e132
b5ef7f47111d1e829dfe2dd2b3f2e434609a53be3840160d6b4a8a5cc3f5cc63
b6e50abba6c3fccf3f42e90890b3a8d118ee06fa84d8a438ba6903422fb04fdf
bcc1c6aeac440b189ec21e553be834355d5c98c1838e33e6225be564540905d7
cca541a23d05f6de413291b10373940c7d7731bcd014006c87bec4dfeb58bce0
cde33e383a38f423072ef1cc7f357358c88b41e603a4a540894d11d5c03b77d7
d789cccd25bf1f88a1f2e84e3aee4a8fcddbd1b47d2f02e4c362ab4add1f5535
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eff81808bef757da3402227fc75178443d8de6c7d058be11df7fdea34b92d8e6
f361b6092cb951a2883bc4f11ae677c534b515ff582656a8f0ab4bba9a044002
f6aaa191a566c6d73949114ed74ed6c1b2781cc0ed9d20d626058a8012090496
f71391c1bbf548ced846d9fc53d4441e050ab2e312e2ed31852fddc9fc3fe8e5

assurances-privees.fr Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

50 %IPv6

10 Domains

13 Subdomains

11 IPs

5 Countries

517 kBTransfer

1671 kBSize

6 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

assurances-privees.fr Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

11
IPs

5
Countries

517 kB
Transfer

1671 kB
Size

6
Cookies

43 HTTP transactions
0 data transactions