epargnant.epargne-salariale.labanquepostale.fr Open in urlscan Pro
158.191.172.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://epargnant.epargne-salariale.labanquepostale.fr/
Submission: On July 03 via automatic, source certstream-suspicious (July 3rd 2024, 9:44:31 pm UTC) — Scanned from FR

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 48 HTTP transactions. The main IP is 158.191.172.36, located in France and belongs to Credit Agricole, FR. The main domain is epargnant.epargne-salariale.labanquepostale.fr.
TLS certificate: Issued by DigiCert EV RSA CA G2 on August 28th 2023. Valid for: a year.

This is the only time epargnant.epargne-salariale.labanquepostale.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	158.191.172.36 158.191.172.36	9159 (Credit Ag...) (Credit Agricole)
2	172.67.72.50 172.67.72.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.229.233.55 192.229.233.55	15133 (EDGECAST) (EDGECAST)
1	18.239.36.45 18.239.36.45	16509 (AMAZON-02) (AMAZON-02)
1	35.180.217.105 35.180.217.105	16509 (AMAZON-02) (AMAZON-02)
1	18.66.210.236 18.66.210.236	16509 (AMAZON-02) (AMAZON-02)
48	7

41 158.191.172.36 (France)

ASN9159 (Credit Agricole, FR)

epargnant.epargne-salariale.labanquepostale.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.72.50 (United States)

ASN13335 (CLOUDFLARENET, US)

wtrjtk5pyg.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mkto89zsya.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.233.55 (United States)

ASN15133 (EDGECAST, US)

cdn.tagcommander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.trustcommander.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.36.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-45.ams58.r.cloudfront.net

tag.aticdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.180.217.105 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-180-217-105.eu-west-3.compute.amazonaws.com

privacy.trustcommander.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.210.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-210-236.mxp63.r.cloudfront.net

tftjngl.pa-cd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	labanquepostale.fr epargnant.epargne-salariale.labanquepostale.fr	2 MB
2	trustcommander.net cdn.trustcommander.net — Cisco Umbrella Rank: 42805 privacy.trustcommander.net — Cisco Umbrella Rank: 72041	22 KB
2	kameleoon.eu wtrjtk5pyg.kameleoon.eu mkto89zsya.kameleoon.eu	678 KB
1	pa-cd.com tftjngl.pa-cd.com	347 B
1	aticdn.net tag.aticdn.net — Cisco Umbrella Rank: 15789	24 KB
1	tagcommander.com cdn.tagcommander.com — Cisco Umbrella Rank: 15113	20 KB
48	6

	Domain	Requested by
41	epargnant.epargne-salariale.labanquepostale.fr	epargnant.epargne-salariale.labanquepostale.fr
1	tftjngl.pa-cd.com	tag.aticdn.net
1	mkto89zsya.kameleoon.eu
1	privacy.trustcommander.net	cdn.trustcommander.net
1	cdn.trustcommander.net	cdn.tagcommander.com
1	tag.aticdn.net	cdn.tagcommander.com
1	cdn.tagcommander.com	epargnant.epargne-salariale.labanquepostale.fr
1	wtrjtk5pyg.kameleoon.eu	epargnant.epargne-salariale.labanquepostale.fr
48	8

This site contains no links.

Subject Issuer	Validity	Valid
epargnant.epargne-salariale.labanquepostale.fr DigiCert EV RSA CA G2	`2023-08-28` - `2024-09-09`	a year	crt.sh
kameleoon.eu GTS CA 1P5	`2024-05-29` - `2024-08-27`	3 months	crt.sh
cdn.tagcommander.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-23` - `2025-03-25`	a year	crt.sh
tag.aticdn.net Thawte RSA CA 2018	`2024-01-15` - `2025-01-23`	a year	crt.sh
*.trustcommander.net Thawte TLS RSA CA G1	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.pa-cd.com Thawte TLS RSA CA G1	`2023-08-23` - `2024-09-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://epargnant.epargne-salariale.labanquepostale.fr/
Frame ID: C6241E0902F55232327F0F5BF355DFC6
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connexion | ESR

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

TagCommander (Tag managers) Expand

Overall confidence: 100%
Detected patterns

\.tagcommander\.com

Page Statistics

48
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

2372 kB
Transfer

7315 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
epargnant.epargne-salariale.labanquepostale.fr/ 5 KB
4 KB 168ms
33ms Document
text/html 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

d527973bc62f3dedf1c6d66684368eb6982aa5bb76d80e656dffba71ed34290d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1801
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 03 Jul 2024 21:44:25 GMT
ETag: "1459-61c2adcddee00-gzip"
Expect-CT: max-age=86400, enforce
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 01 Jul 2024 07:51:20 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

GET
H/1.1 200
OK bootstrap.min.css
epargnant.epargne-salariale.labanquepostale.fr/assets/css/ 190 KB
26 KB 47ms
46ms Stylesheet
text/css 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/assets/css/bootstrap.min.css

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

c74338fe4c64b933bf9d56f00c5b99303a99792e1865c1915c38cd9f0e6e8127

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 24937
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK bowser-2.5.3.min.js Show response
epargnant.epargne-salariale.labanquepostale.fr/assets/js/ 24 KB
7 KB 90ms
35ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/assets/js/bowser-2.5.3.min.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

34945a7c33d0b328426193243ebbae66e1660ef731777dab70c605c6c670ab35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 5511
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK popper.min.js Show response
epargnant.epargne-salariale.labanquepostale.fr/assets/js/ 19 KB
9 KB 91ms
36ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/assets/js/popper.min.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 6911
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK bootstrap.min.js Show response
epargnant.epargne-salariale.labanquepostale.fr/assets/js/ 59 KB
17 KB 94ms
39ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/assets/js/bootstrap.min.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 15940
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK styles.7e2c3c39e1cbcbf7.css
epargnant.epargne-salariale.labanquepostale.fr/ 262 KB
28 KB 97ms
44ms Stylesheet
text/css 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/styles.7e2c3c39e1cbcbf7.css

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

49f526b91709614a7ca7dc05becf0cfd8867a780742a50e9ec7d7f2f5d6b3d6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 26544
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK runtime.44de70c356163a7a.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 6 KB
5 KB 87ms
33ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

921a7215d8c9344a65e6eb3a359e9b9e592fdf90f3847e3c8d29c29b50ada9bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 3346
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK polyfills.bf8c9acc2cb7775b.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 33 KB
14 KB 126ms
35ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/polyfills.bf8c9acc2cb7775b.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

e29fa186ac14e6d44bddf8cab88bb7c568e114136c80471d142964441c0f6e75

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 11981
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK vendor.c6e07b535c40b8c6.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 3 MB
917 KB 141ms
50ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/vendor.c6e07b535c40b8c6.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

aa019966eb8c1d8f3cd380b24c677ae51908628e902a1442dcf5a7aed002c7f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK main.744018e83b24ff49.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 2 MB
392 KB 139ms
48ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/main.744018e83b24ff49.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

bd2e1f0a9dbe099cf53cf00033a45514c0cbde98d64d342b2c11b07ae3d8de82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK 9119.d4ea71bc8ef56985.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 2 KB
3 KB 32ms
32ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/9119.d4ea71bc8ef56985.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

3924f224f8958b91da0a879be4ef7ee749dff49cc889d74829059bd0392a6007

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 669
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK 4292.92c78477b4b3a073.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 879 B
2 KB 32ms
32ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/4292.92c78477b4b3a073.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

c564af2437fd9f865be44b7f7d0b89f3681fa9296aa1eea8690383945259282a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 421
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK 2554.2c47446b0b006521.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 5 KB
4 KB 32ms
32ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/2554.2c47446b0b006521.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

b906d9e3e38210c7b481486a08d337977413ce782073e4583e76a26335db7837

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 2250
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK 3117.100cf98ade5cb244.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 228 B
2 KB 33ms
33ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/3117.100cf98ade5cb244.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

5682f52fbfac25ef6181ec38ddbe1d1f384c45f5ac79bbf19075bc83c885b1a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 186
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK kameleoon_prd.js Show response
epargnant.epargne-salariale.labanquepostale.fr/kameleoon/ 3 KB
3 KB 32ms
31ms XHR
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/kameleoon/kameleoon_prd.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/polyfills.bf8c9acc2cb7775b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

7ac47c09139c563ca229823d5563afc7043f8913c3efc24cd08e7b04b5960014

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 1037
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK common.46a4514eee7ddd7b.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 19 KB
8 KB 34ms
33ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/common.46a4514eee7ddd7b.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

527eb0b0db66b5d58ff943192c1077c9a692d6ff859adf128d1d705c0a9b5e40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 6437
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK 1964.4fcd76cbddf117e0.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 6 KB
4 KB 49ms
33ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/1964.4fcd76cbddf117e0.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

66d6c96fc3c9aaf735ba75e95ade3c5122826bdd5944fb1221a9b8d3131cef77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 1732
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK 6178.f87180e07548aa9d.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 94 KB
25 KB 55ms
40ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/6178.f87180e07548aa9d.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

7b43c36ba9efdb0b405e855601a38124740c74cda977bed47a0658ee8c1cd238

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 23263
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK 8135.be2bd592a3a5f264.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 1 KB
3 KB 33ms
32ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/8135.be2bd592a3a5f264.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

678a1fa2e9971133dba2743dbd11e1962e2143e2c84f0dea22dfc3bbdc04f835

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 621
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H3 200 kameleoon.js Show response
wtrjtk5pyg.kameleoon.eu/ 260 KB
56 KB 85ms
39ms Script
application/javascript 172.67.72.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wtrjtk5pyg.kameleoon.eu/kameleoon.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a6f0484d5c9b37299e2654b286ce0bacba36a249b1437dbeb137488b1ee769d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 21:44:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2981
alt-svc: h3=":443"; ma=86400
cdn-cache-control: max-age=5400; public; stale-if-error=604800; stale-while-revalidate=604800
last-modified: Sun, 23 Jun 2024 12:17:04 GMT
server: cloudflare
etag: W/"66781240-40f83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1HEaSJeBLBQRmkFTEGyWmoRxJhwB1SBRZvSeQkzqAPonje9JzXpAU4XrWh7J4LePxqV1AAEjVTyl0E%2FdQcQnjv3HwKjfKy5naQnRa0%2FOwa7JR2KYjCHvMD%2FGKKTKPa%2FrGJferiWh7l3j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=5400
cf-ray: 89da0e8e592476e4-LHR
expires: Wed, 03 Jul 2024 22:16:56 GMT

GET
H2 200 tc_AMUNDIESM_20.js Show response
cdn.tagcommander.com/5744/ 71 KB
20 KB 100ms
22ms Script
application/javascript 192.229.233.55
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tagcommander.com/5744/tc_AMUNDIESM_20.js
Requested by: Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/main.744018e83b24ff49.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.55 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F8F) /
Resource Hash: 34ba88ee6eb98115bd9b7248a8e16e419b42aad420f63433fc1bcc1b4225b16f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 21:44:26 GMT
content-encoding: gzip
x-cdn: edgio
age: 22541
x-amz-request-id: 3323KMZRNPAZYF1V
x-cache: HIT
content-length: 20395
x-amz-id-2: NH377HHR+RDC+YiVY4UeJh5VhEKoZ9gh1OE/R1QWKv8GHOHW4IRQNQ/nW5/tPpn8slAULaJqvQs=
last-modified: Thu, 20 Jun 2024 15:26:54 GMT
server: ECS (pab/6F8F)
etag: "138ddfeb80f9435140be77529ec09598+gzip"
access-control-max-age: 31536000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
vary: Accept-Encoding

GET
H/1.1 200
OK default Show response
epargnant.epargne-salariale.labanquepostale.fr/public/translations/fr-FR/ 41 KB
15 KB 108ms
108ms XHR
application/json 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/public/translations/fr-FR/default

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/polyfills.bf8c9acc2cb7775b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

0e2017b6541b55325b8775fb7a80f9bdcfd5ae091cba5b2fa177def5979ebf16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 12799
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 21:44:26 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: application/json
Cache-Control: must-revalidate, private, max-age=0, no-cache, no-store, must-revalidate
Keep-Alive: timeout=5, max=97
Expires: Mon, 01 Jul 2024 22:00:00 GMT

GET
H2 200 piano-analytics.js Show response
tag.aticdn.net/ 80 KB
24 KB 90ms
25ms Script
application/javascript 18.239.36.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.aticdn.net/piano-analytics.js
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/5744/tc_AMUNDIESM_20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-45.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18a2f00d63a8da9719a5a407a65ac9d5e1f20d8c7540225930ef76338e115bff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: UjV9MqLhEmN0Ra89tDJx6ZWpge1eBJov
content-encoding: br
via: 1.1 809aab597f9b26cadc42a1c11dd373d8.cloudfront.net (CloudFront)
date: Wed, 03 Jul 2024 21:29:10 GMT
x-amz-cf-pop: AMS58-P2
age: 917
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 20 Jun 2024 14:20:47 GMT
server: AmazonS3
etag: W/"83ce6e2b8d1fd52491770342eed44bf6"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
x-amz-cf-id: qTwqVu1-kvpQBDsTnjTr4nHstv6RRaP3epZ-4c2nvdnX06CcOUzbow==

GET
H2 200 privacy_v2_14.js Show response
cdn.trustcommander.net/privacy/5744/ 75 KB
21 KB 22ms
19ms Script
application/javascript 192.229.233.55
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustcommander.net/privacy/5744/privacy_v2_14.js
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/5744/tc_AMUNDIESM_20.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.55 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FA5) /
Resource Hash: 2bc115951f33304340234c72be22e647ce83cad3f5c7cd519eff16be32f5a919

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 21:44:26 GMT
content-encoding: gzip
x-cdn: edgio
age: 14223
x-amz-request-id: JHVRYSK7GVK6XTCG
x-cache: HIT
content-length: 21556
x-amz-id-2: M14NwzHwl8dBn19QA0ZwltAIgcQCk8BHSflWadW66CLITJiVUFP8Cbah0dE/saJx8p8/woSZeII=
last-modified: Thu, 28 Mar 2024 17:44:12 GMT
server: ECS (pab/6FA5)
etag: "ea3344655fd7412eb2afcb4a9ed1fdfe+gzip"
access-control-max-age: 31536000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
vary: Accept-Encoding

POST
H/1.1 200
OK /
privacy.trustcommander.net/privacy-consent/ 43 B
563 B 136ms
29ms Ping
image/gif 35.180.217.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy.trustcommander.net/privacy-consent/
Requested by: Host: cdn.trustcommander.net
URL: https://cdn.trustcommander.net/privacy/5744/privacy_v2_14.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.180.217.105 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-180-217-105.eu-west-3.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: private
Date: Wed, 03 Jul 2024 21:44:26 GMT
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Type: image/gif
access-control-allow-origin: https://epargnant.epargne-salariale.labanquepostale.fr
cache-control: private, max-age=486000, pre-check=486000
access-control-allow-credentials: true
Connection: keep-alive
access-control-allow-headers: Content-Type
Content-Length: 43
expires: Tue, 01 Oct 2024 21:44:26 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 096f7f4e1114967f2e7102e883edebe113db4cb492889621dc120ffa4d60a256

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK theme Show response
epargnant.epargne-salariale.labanquepostale.fr/public/ 54 KB
12 KB 78ms
78ms XHR
text/css 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/public/theme

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/polyfills.bf8c9acc2cb7775b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

5af0d39458f18edae5d274c3a65332f34fa160e9d3ebbfa391db0e746804a6e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 10479
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 21:44:26 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: text/css; charset=UTF-8
Cache-Control: must-revalidate, private, max-age=0, no-cache, no-store, must-revalidate
Keep-Alive: timeout=5, max=96
Expires: Mon, 01 Jul 2024 22:00:00 GMT

GET
H/1.1 200
OK 56.288be28651df765f.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 29 KB
10 KB 37ms
36ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/56.288be28651df765f.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

c0a2e790c33eb70cc3f57c618224e010c2d6d1c29798b6f25fdea26c7332926f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 8224
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK 9492.951ba3ea8c461b3f.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 148 KB
32 KB 49ms
49ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/9492.951ba3ea8c461b3f.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

c68b629f1ab8d566ce5d7cfa3b2d3d8e566595d52300818f292e41c61d45fa23

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 30603
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK 1635.0da11ed578623aa4.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 3 KB
3 KB 32ms
32ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/1635.0da11ed578623aa4.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

4d0da9542f1b243b22a4f6d9fae53bba81b69df3d987be328af819d63d4249af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 1154
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK roboto-v27-latin-regular.woff2
epargnant.epargne-salariale.labanquepostale.fr/fonts/ 15 KB
17 KB 33ms
32ms Font
font/woff2 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/fonts/roboto-v27-latin-regular.woff2

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://epargnant.epargne-salariale.labanquepostale.fr/
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 15711
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Mon, 01 Jul 2024 07:51:20 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "3d48-61c2adcddee00"
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: font/woff2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK 7632.45db52039b5f93b1.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 1 KB
2 KB 32ms
32ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/7632.45db52039b5f93b1.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

f10c246cda193a65df2bca5984621f0920be807d366f8af84ae43c92fa5b8e19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 484
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94

GET
H/1.1 200
OK info_trafic Show response
epargnant.epargne-salariale.labanquepostale.fr/public/external/ 0
2 KB 110ms
110ms XHR
text/html 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/public/external/info_trafic?locale=fr-FR&target=web

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/polyfills.bf8c9acc2cb7775b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Pragma: no-cache
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Referer
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 21:44:27 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: text/html; charset=UTF-8
Cache-Control: must-revalidate, private, max-age=0, no-cache, no-store, must-revalidate
Keep-Alive: timeout=5, max=96
Expires: Mon, 01 Jul 2024 22:00:00 GMT

GET
H/1.1 200
OK config Show response
epargnant.epargne-salariale.labanquepostale.fr/public/ 2 KB
3 KB 188ms
188ms XHR
application/json 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/public/config?site=m1st&manufacturer=Google%20Inc.&model=Windows%20NT%2010.0&platform=web&uuid=744a4fc9-66cb-4ca3-bc7c-8849da2b93ab&country=&city=&version=Windows%2010&navigateur=chrome&navigateurVersion=126.0.0

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/polyfills.bf8c9acc2cb7775b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

24ffa917d43e2e39a84729f0f5fa281f857cce386a1545c42dba853b9451d605

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Pragma: no-cache
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Referer
X-noee-device-id: 744a4fc9-66cb-4ca3-bc7c-8849da2b93ab
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 1002
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 21:44:27 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: application/json
Cache-Control: must-revalidate, private, max-age=0, no-cache, no-store, must-revalidate
Keep-Alive: timeout=5, max=94
Expires: Mon, 01 Jul 2024 22:00:00 GMT

GET
H/1.1 200
OK favicon.ico
epargnant.epargne-salariale.labanquepostale.fr/ 1014 B
3 KB 77ms
76ms Other
image/gif 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

32fcadfa172f0a1365f99d6100a98f9ed232350469b5cba7b95d730782828132

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 741
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 21:44:27 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: image/gif
Cache-Control: must-revalidate, private, max-age=0, no-cache, no-store, must-revalidate
Keep-Alive: timeout=5, max=93
Expires: Mon, 01 Jul 2024 22:00:00 GMT

GET
H/1.1 200
OK favicon.ico
epargnant.epargne-salariale.labanquepostale.fr/ 1014 B
3 KB 82ms
81ms Other
image/gif 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

32fcadfa172f0a1365f99d6100a98f9ed232350469b5cba7b95d730782828132

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 741
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 21:44:27 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: image/gif
Cache-Control: must-revalidate, private, max-age=0, no-cache, no-store, must-revalidate
Keep-Alive: timeout=5, max=92
Expires: Mon, 01 Jul 2024 22:00:00 GMT

GET
H/1.1 200
OK favicon.ico
epargnant.epargne-salariale.labanquepostale.fr/ 1014 B
3 KB 153ms
74ms Other
image/gif 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

32fcadfa172f0a1365f99d6100a98f9ed232350469b5cba7b95d730782828132

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 741
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 21:44:27 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: image/gif
Cache-Control: must-revalidate, private, max-age=0, no-cache, no-store, must-revalidate
Keep-Alive: timeout=5, max=98
Expires: Mon, 01 Jul 2024 22:00:00 GMT

GET
H/1.1 200
OK favicon.ico
epargnant.epargne-salariale.labanquepostale.fr/ 1014 B
3 KB 230ms
77ms Other
image/gif 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

32fcadfa172f0a1365f99d6100a98f9ed232350469b5cba7b95d730782828132

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 741
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 21:44:27 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: image/gif
Cache-Control: must-revalidate, private, max-age=0, no-cache, no-store, must-revalidate
Keep-Alive: timeout=5, max=91
Expires: Mon, 01 Jul 2024 22:00:00 GMT

GET
H/1.1 200
OK favicon.gif
epargnant.epargne-salariale.labanquepostale.fr/assets/fav/lbp/ 1010 B
3 KB 32ms
32ms Other
image/gif 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/assets/fav/lbp/favicon.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

89cbd93efe090bb12af40187b609a0dc9f32735cf5f7a22ed08e710858fa1293

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 1010
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: image/gif
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK connexion Show response
epargnant.epargne-salariale.labanquepostale.fr/public/translations/fr-FR/ 18 KB
7 KB 101ms
101ms XHR
application/json 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/public/translations/fr-FR/connexion

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/polyfills.bf8c9acc2cb7775b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

9a3f5fc459d57f2493c9a000ff7119fdbb2ee6bc7aebb06e22c836e7a0cf1567

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=500; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 5180
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 21:44:27 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: application/json
Cache-Control: must-revalidate, private, max-age=0, no-cache, no-store, must-revalidate
Keep-Alive: timeout=5, max=92
Expires: Mon, 01 Jul 2024 22:00:00 GMT

GET
H/1.1 200
OK favicon.gif
epargnant.epargne-salariale.labanquepostale.fr/assets/fav/lbp/ 1010 B
3 KB 32ms
31ms Other
image/gif 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/assets/fav/lbp/favicon.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

89cbd93efe090bb12af40187b609a0dc9f32735cf5f7a22ed08e710858fa1293

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 1010
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: image/gif
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92

GET
H/1.1 200
OK 9176.6ca56a124947a4a8.js Show response
epargnant.epargne-salariale.labanquepostale.fr/ 26 KB
8 KB 34ms
33ms Script
application/javascript 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/9176.6ca56a124947a4a8.js

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/runtime.44de70c356163a7a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

b43e01dfe63954d2d488a29c1cd7384da74a8655ed12d11791ac0b0ee011ff0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 5844
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Download-Options: noopen
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK logo_lbp.svg
epargnant.epargne-salariale.labanquepostale.fr/assets/images/ 3 KB
3 KB 33ms
32ms Image
image/svg+xml 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/assets/images/logo_lbp.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

c260e0af031a1446f93b77e1c9ef710c9f305599b4219611185a86136ac2d06a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 1482
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: image/svg+xml
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93

GET
H3 200 162452-d9845da9-3ee7-4edd-bc21-3c7282af6579.jpg
mkto89zsya.kameleoon.eu/images/ 620 KB
622 KB 49ms
37ms Image
image/jpeg 172.67.72.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mkto89zsya.kameleoon.eu/images/162452-d9845da9-3ee7-4edd-bc21-3c7282af6579.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3de9a8ea827903c2e3ce0ff92b8d2c14532963432f777260bc60952a0ee9903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://epargnant.epargne-salariale.labanquepostale.fr/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 21:44:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4705
alt-svc: h3=":443"; ma=86400
content-length: 635355
cdn-cache-control: max-age=5400; public; stale-if-error=604800; stale-while-revalidate=604800
cf-bgj: h2pri
last-modified: Mon, 02 Jan 2023 16:12:31 GMT
server: cloudflare
etag: "63b3026f-9b1db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, PUT, DELETE
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bf4rVkY3qsCc%2FOO4o7shivDXNg3G3owF6oHhohKFS7p17E%2BACO4ty5pKjQs7QU8xS0TJ62iRy4BdyKif1FdTXYfBOWcLyeLKLI9GkFKJzzbVt%2BAVvg2Fgx7nkHhnvrxbLAoxGs%2B07YQf"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600, s-maxage=5400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89da0e933bf876e4-LHR
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRF-Token,csftoken,authorization
expires: Wed, 03 Jul 2024 21:36:02 GMT

GET
H/1.1 200
OK roboto-v27-latin-500.woff2
epargnant.epargne-salariale.labanquepostale.fr/fonts/ 16 KB
18 KB 37ms
37ms Font
font/woff2 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/fonts/roboto-v27-latin-500.woff2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://epargnant.epargne-salariale.labanquepostale.fr/
Origin: https://epargnant.epargne-salariale.labanquepostale.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 15943
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Mon, 01 Jul 2024 08:02:30 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "3e30-61c2b04cd5180"
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: font/woff2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK login.svg Show response
epargnant.epargne-salariale.labanquepostale.fr/assets/icons/ 597 B
2 KB 32ms
31ms Fetch
image/svg+xml 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/assets/icons/login.svg

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/polyfills.bf8c9acc2cb7775b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

61c96fff794b02b71731e02ab86ab5e257bdf228ab8246e89ffa7af30da72bad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 340
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: image/svg+xml
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK help.svg Show response
epargnant.epargne-salariale.labanquepostale.fr/assets/icons/ 590 B
2 KB 32ms
32ms Fetch
image/svg+xml 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/assets/icons/help.svg

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/polyfills.bf8c9acc2cb7775b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

3dccce5dc1d6eb292800a119b1ea7aeb3a58a8ea338b3bd3aecb44c8dc421ad8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 351
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: image/svg+xml
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92

GET
H/1.1 200
OK arrow_simple_next.svg Show response
epargnant.epargne-salariale.labanquepostale.fr/assets/icons/ 384 B
2 KB 33ms
32ms Fetch
image/svg+xml 158.191.172.36
Credit Agricole

General

Check archive.org

Show headers Download Go to

Full URL

https://epargnant.epargne-salariale.labanquepostale.fr/assets/icons/arrow_simple_next.svg

Requested by

Host: epargnant.epargne-salariale.labanquepostale.fr
URL: https://epargnant.epargne-salariale.labanquepostale.fr/polyfills.bf8c9acc2cb7775b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.191.172.36 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

260268fa4e106b7a3d0f23419924c1bc63391c993f01ee08a57db34c9fc92476

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:44:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com *.zencdn.net *.brightcove.com *.brightcove.net *.labanquepostale.fr *.google-analytics.com *.kameleoon.eu *.kameleoon.com *.kameleoon.io *.gstatic.com *.cloudflare.com *.google.com *.tagcommander.com *.tagcommander.net *.trustcommander.com *.trustcommander.net *.aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.labanquepostale.fr *.google.com;connect-src 'self' https: ip-api.com *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.trustcommander.net *.commander1.com *.xiti.com;img-src 'self' data: blob: https: *.akamaihd.net *.boltdns.net *.zencdn.net *.brightcove.com *.brightcove.net *.xiti.com;media-src 'self' blob: https: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: *.brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' *.wesave.fr *.paybox.com *.eventvr.fr
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Content-Length: 257
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Expect-CT: max-age=86400, enforce
X-Frame-Options: DENY
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: image/svg+xml
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90

POST
H2 204 event
tftjngl.pa-cd.com/ 0
347 B 171ms
66ms Ping
text/plain 18.66.210.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tftjngl.pa-cd.com/event?s=605719&idclient=ly6d8cdejikv3yoc

Requested by

Host: tag.aticdn.net
URL: https://tag.aticdn.net/piano-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.210.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-210-236.mxp63.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jul 2024 21:44:28 GMT
strict-transport-security: max-age=15768000
via: 1.1 4c153ff0feed1a45db2039ce118ec77e.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P2
access-control-max-age: 600
x-cache: Miss from cloudfront
access-control-allow-origin: https://epargnant.epargne-salariale.labanquepostale.fr
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: uepaNevEv-lKMcflaZ38UCscVo83H9htUw6NGc87XAid9j793X7tqg==

Verdicts & Comments Add Verdict or Comment

223 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.labanquepostale.fr/	1970-01-21 07:13:18	Name: TCPID Value: 124732344269480317219
.labanquepostale.fr/	1970-01-21 07:16:11	Name: _pprv Value: eyJjb25zZW50Ijp7IjAiOnsibW9kZSI6ImVzc2VudGlhbCJ9LCI3Ijp7Im1vZGUiOiJvcHQtaW4ifX0sInB1cnBvc2VzIjp7IjAiOiJBTSIsIjciOiJETCJ9LCJfdCI6Im1kdXM1dHBofGx5NmQ4Y2RoIn0%3D
.labanquepostale.fr/	1970-01-21 07:16:11	Name: _pcid Value: %7B%22browserId%22%3A%22ly6d8cdejikv3yoc%22%2C%22_t%22%3A%22mdus5unl%7Cly6d8dbl%22%7D
.labanquepostale.fr/	1970-01-21 07:16:11	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXSwH18yBbVpACsYJKgA%2BqAJ4A2VgA5WAI1QgAvkA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';script-src 'wasm-unsafe-eval' 'self' blob: ip-api.com .zencdn.net .brightcove.com .brightcove.net .labanquepostale.fr .google-analytics.com .kameleoon.eu .kameleoon.com .kameleoon.io .gstatic.com .cloudflare.com .google.com .tagcommander.com .tagcommander.net .trustcommander.com .trustcommander.net .aticdn.net 'unsafe-inline' 'unsafe-eval';frame-src 'self' .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .labanquepostale.fr .google.com;connect-src 'self' https: ip-api.com .boltdns.net .zencdn.net .brightcove.com .brightcove.net .trustcommander.net .commander1.com .xiti.com;img-src 'self' data: blob: https: .akamaihd.net .boltdns.net .zencdn.net .brightcove.com .brightcove.net .xiti.com;media-src 'self' blob: https: .brightcovecdn.com .boltdns.net .media.brightcove.com .llnw.net .llnwd.net .akafms.net .akamaihd.net .cf.brightcove.com;script-src-attr 'unsafe-hashes' 'unsafe-inline';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';style-src 'self' https: .brightcode.net 'unsafe-inline';upgrade-insecure-requests;worker-src 'self' blob:;child-src blob:;form-action 'self' .wesave.fr .paybox.com *.eventvr.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tagcommander.com
cdn.trustcommander.net
epargnant.epargne-salariale.labanquepostale.fr
mkto89zsya.kameleoon.eu
privacy.trustcommander.net
tag.aticdn.net
tftjngl.pa-cd.com
wtrjtk5pyg.kameleoon.eu
158.191.172.36
172.67.72.50
18.239.36.45
18.66.210.236
192.229.233.55
35.180.217.105
096f7f4e1114967f2e7102e883edebe113db4cb492889621dc120ffa4d60a256
0a6f0484d5c9b37299e2654b286ce0bacba36a249b1437dbeb137488b1ee769d
0e2017b6541b55325b8775fb7a80f9bdcfd5ae091cba5b2fa177def5979ebf16
18a2f00d63a8da9719a5a407a65ac9d5e1f20d8c7540225930ef76338e115bff
24ffa917d43e2e39a84729f0f5fa281f857cce386a1545c42dba853b9451d605
260268fa4e106b7a3d0f23419924c1bc63391c993f01ee08a57db34c9fc92476
2bc115951f33304340234c72be22e647ce83cad3f5c7cd519eff16be32f5a919
32fcadfa172f0a1365f99d6100a98f9ed232350469b5cba7b95d730782828132
34945a7c33d0b328426193243ebbae66e1660ef731777dab70c605c6c670ab35
34ba88ee6eb98115bd9b7248a8e16e419b42aad420f63433fc1bcc1b4225b16f
3924f224f8958b91da0a879be4ef7ee749dff49cc889d74829059bd0392a6007
3dccce5dc1d6eb292800a119b1ea7aeb3a58a8ea338b3bd3aecb44c8dc421ad8
49f526b91709614a7ca7dc05becf0cfd8867a780742a50e9ec7d7f2f5d6b3d6f
4d0da9542f1b243b22a4f6d9fae53bba81b69df3d987be328af819d63d4249af
527eb0b0db66b5d58ff943192c1077c9a692d6ff859adf128d1d705c0a9b5e40
5682f52fbfac25ef6181ec38ddbe1d1f384c45f5ac79bbf19075bc83c885b1a5
5af0d39458f18edae5d274c3a65332f34fa160e9d3ebbfa391db0e746804a6e2
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
61c96fff794b02b71731e02ab86ab5e257bdf228ab8246e89ffa7af30da72bad
66d6c96fc3c9aaf735ba75e95ade3c5122826bdd5944fb1221a9b8d3131cef77
678a1fa2e9971133dba2743dbd11e1962e2143e2c84f0dea22dfc3bbdc04f835
7ac47c09139c563ca229823d5563afc7043f8913c3efc24cd08e7b04b5960014
7b43c36ba9efdb0b405e855601a38124740c74cda977bed47a0658ee8c1cd238
89cbd93efe090bb12af40187b609a0dc9f32735cf5f7a22ed08e710858fa1293
921a7215d8c9344a65e6eb3a359e9b9e592fdf90f3847e3c8d29c29b50ada9bb
9a3f5fc459d57f2493c9a000ff7119fdbb2ee6bc7aebb06e22c836e7a0cf1567
a3de9a8ea827903c2e3ce0ff92b8d2c14532963432f777260bc60952a0ee9903
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
aa019966eb8c1d8f3cd380b24c677ae51908628e902a1442dcf5a7aed002c7f1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43e01dfe63954d2d488a29c1cd7384da74a8655ed12d11791ac0b0ee011ff0f
b906d9e3e38210c7b481486a08d337977413ce782073e4583e76a26335db7837
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd2e1f0a9dbe099cf53cf00033a45514c0cbde98d64d342b2c11b07ae3d8de82
c0a2e790c33eb70cc3f57c618224e010c2d6d1c29798b6f25fdea26c7332926f
c260e0af031a1446f93b77e1c9ef710c9f305599b4219611185a86136ac2d06a
c564af2437fd9f865be44b7f7d0b89f3681fa9296aa1eea8690383945259282a
c68b629f1ab8d566ce5d7cfa3b2d3d8e566595d52300818f292e41c61d45fa23
c74338fe4c64b933bf9d56f00c5b99303a99792e1865c1915c38cd9f0e6e8127
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d527973bc62f3dedf1c6d66684368eb6982aa5bb76d80e656dffba71ed34290d
e29fa186ac14e6d44bddf8cab88bb7c568e114136c80471d142964441c0f6e75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f10c246cda193a65df2bca5984621f0920be807d366f8af84ae43c92fa5b8e19

epargnant.epargne-salariale.labanquepostale.fr Open in urlscan Pro 158.191.172.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

0 %IPv6

6 Domains

8 Subdomains

7 IPs

2 Countries

2372 kBTransfer

7315 kBSize

4 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

epargnant.epargne-salariale.labanquepostale.fr Open in urlscan Pro
158.191.172.36 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

2372 kB
Transfer

7315 kB
Size

4
Cookies

48 HTTP transactions
1 data transactions