urlscan.io logo urlscan.io
SecurityTrails logo

frbsfemployeecare.yournextstep.com Open in urlscan Pro
18.207.31.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r.mailer.yournextstep.com/tr/cl/Iv0qyQj6Tzx7QYAeD17_eTi2sVC0iPWlp-m-Ka8lUK58eE2UEc6IPiiIFLjn6viU54IQeOOl4VMVGtvx0oK4Aiz0x6...
Effective URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig...
Submission: On January 06 via manual from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 65 HTTP transactions. The main IP is 18.207.31.200, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is frbsfemployeecare.yournextstep.com.
TLS certificate: Issued by Amazon on September 13th 2022. Valid for: a year.
This is the only time frbsfemployeecare.yournextstep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 1.179.112.197 396982 (GOOGLE-CL...)
8 18.207.31.200 14618 (AMAZON-AES)
9 18.66.15.106 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.219.107.73 16509 (AMAZON-02)
1 52.219.109.44 16509 (AMAZON-02)
1 18.211.153.139 14618 (AMAZON-AES)
18 2600:9000:248... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
18 18.66.15.59 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.37 16509 (AMAZON-02)
1 2a04:4e42::485 54113 (FASTLY)
1 52.219.105.122 16509 (AMAZON-02)
1 54.82.139.21 14618 (AMAZON-AES)
65 14
1    1.179.112.197 (Paris, France)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: m1179112197.mailinblue.me
r.mailer.yournextstep.com
8    18.207.31.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-31-200.compute-1.amazonaws.com
frbsfemployeecare.yournextstep.com
9    18.66.15.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-106.vie50.r.cloudfront.net
consent.trustarc.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.219.107.73 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com
s3.us-east-2.amazonaws.com
1    52.219.109.44 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-w.us-east-2.amazonaws.com
www-yournextstep-com.s3.amazonaws.com
1    18.211.153.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-153-139.compute-1.amazonaws.com
submit-irm.trustarc.com
18    2600:9000:248c:3000:b:3d6d:6c40:21 (United States)

ASN16509 (AMAZON-02, US)
d19t87v9ruil69.cloudfront.net
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
18    18.66.15.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-59.vie50.r.cloudfront.net
consent-pref.trustarc.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    65.9.66.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-37.fra56.r.cloudfront.net
consent-st.trustarc.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    52.219.105.122 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
www-yournextstep-com.s3.us-east-2.amazonaws.com
1    54.82.139.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-139-21.compute-1.amazonaws.com
prefmgr-cookie.truste-svc.net
Apex Domain
Subdomains		 Transfer
29 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3998
submit-irm.trustarc.com — Cisco Umbrella Rank: 581664
consent-pref.trustarc.com — Cisco Umbrella Rank: 20552
consent-st.trustarc.com — Cisco Umbrella Rank: 38085
302 KB
18 cloudfront.net
d19t87v9ruil69.cloudfront.net
1 MB
9 yournextstep.com
r.mailer.yournextstep.com
frbsfemployeecare.yournextstep.com
1 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
20 KB
3 amazonaws.com
s3.us-east-2.amazonaws.com
www-yournextstep-com.s3.amazonaws.com
www-yournextstep-com.s3.us-east-2.amazonaws.com
143 KB
1 truste-svc.net
prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 39213
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
37 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
452 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
45 KB
65 9
Domain Requested by
18 consent-pref.trustarc.com consent.trustarc.com
consent-pref.trustarc.com
prefmgr-cookie.truste-svc.net
frbsfemployeecare.yournextstep.com
18 d19t87v9ruil69.cloudfront.net frbsfemployeecare.yournextstep.com
9 consent.trustarc.com frbsfemployeecare.yournextstep.com
consent.trustarc.com
consent-pref.trustarc.com
8 frbsfemployeecare.yournextstep.com frbsfemployeecare.yournextstep.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
frbsfemployeecare.yournextstep.com
1 prefmgr-cookie.truste-svc.net frbsfemployeecare.yournextstep.com
1 www-yournextstep-com.s3.us-east-2.amazonaws.com frbsfemployeecare.yournextstep.com
1 cdn.jsdelivr.net frbsfemployeecare.yournextstep.com
1 consent-st.trustarc.com consent-pref.trustarc.com
1 stats.g.doubleclick.net www.google-analytics.com
1 submit-irm.trustarc.com frbsfemployeecare.yournextstep.com
1 www-yournextstep-com.s3.amazonaws.com frbsfemployeecare.yournextstep.com
1 s3.us-east-2.amazonaws.com frbsfemployeecare.yournextstep.com
1 www.googletagmanager.com frbsfemployeecare.yournextstep.com
1 r.mailer.yournextstep.com 1 redirects
65 15

This site contains links to these domains. Also see Links.

Domain
submit-irm.trustarc.com
Subject Issuer Validity Valid
*.yournextstep.com
Amazon		 2022-09-13 -
2023-10-12		 a year crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.s3.us-east-2.amazonaws.com
Amazon		 2022-09-21 -
2023-08-31		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.truste-svc.net
Amazon		 2022-05-23 -
2023-06-21		 a year crt.sh

This page contains 5 frames:

Primary Page: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Frame ID: 57C338B2C17A7D31905B9B77D8742248
Requests: 40 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Frame ID: A57596713B96A79E9E2DEADD65BCF423
Requests: 22 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Frame ID: A28FDB039064AE95E0D0920FA53FBB53
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 9D9611418D6944E172F1CBE93BD88920
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: DE407C9AE6DEC2E30A37F21F419E79E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Help Center | Federal Reserve Bank of San Francisco Employee Care

Page URL History Show full URLs

  1. http://r.mailer.yournextstep.com/tr/cl/Iv0qyQj6Tzx7QYAeD17_eTi2sVC0iPWlp-m-Ka8lUK58eE2UEc6IPiiIFLjn6viU54IQeO... HTTP 302
    https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_inv... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment-timezone(?:-data)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

65
Requests

100 %
HTTPS

33 %
IPv6

9
Domains

15
Subdomains

14
IPs

4
Countries

3208 kB
Transfer

4110 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r.mailer.yournextstep.com/tr/cl/Iv0qyQj6Tzx7QYAeD17_eTi2sVC0iPWlp-m-Ka8lUK58eE2UEc6IPiiIFLjn6viU54IQeOOl4VMVGtvx0oK4Aiz0x61Be8o7qyx9FvRmfNqpQPeglLs80wF7tQV3_hpRA_9aKBwJqAvXG1T1V87paPQpjBL2nnuL1BZfSoJ9CbdKPIAUCIIYSugIGgt4DSr6N9h9sYnk3Y27ZPksRqmdavJjcz_Mgb-2GDZSGwOqPg8gH4Lg6KUs8yFCzAzYGm8NLpqqqhDsUa3USZPenP3cEBrMC0nzWHTt6cHqlnDBRwn0oPlaFjhrIRStWdNc7koI7gCyjdbxI0ZVxCqXbcFkk-rR7PuUR8ovmNVgHwrvKhFhfbjz358Km3boL1BflrMILkIz2pC1mDcjdb2haPPsqC-M7p8voe6aIEvEZ34OB5-hyoPLpsl5xiioUeljnCoeaYu1ROIN HTTP 302
    https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request help
frbsfemployeecare.yournextstep.com/
Redirect Chain
  • http://r.mailer.yournextstep.com/tr/cl/Iv0qyQj6Tzx7QYAeD17_eTi2sVC0iPWlp-m-Ka8lUK58eE2UEc6IPiiIFLjn6viU54IQeOOl4VMVGtvx0oK4Aiz0x61Be8o7qyx9FvRmfNqpQPeglLs80wF7tQV3_hpRA_9aKBwJqAvXG1T1V87paPQpjBL2nn...
  • https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.31.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-31-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ff1835ccc2a63d7fd9ba65598867826bb4e9e7a6d314100eaf568724607a89c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 06 Jan 2023 00:15:23 GMT
etag
W/"ff1835ccc2a63d7fd9ba65598867826b"
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains max-age=63072000; includeSubdomains
x-content-type-options
nosniff nosniff
x-env
Production
x-frame-options
SAMEORIGIN
x-request-id
7a9b73a3-4d6d-4619-9a61-cde9a50f9aa2
x-runtime
1.779823
x-xss-protection
1; mode=block

Redirect headers

content-length
192
content-type
text/html; charset=utf-8
date
Fri, 06 Jan 2023 00:15:21 GMT
location
https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
x-content-type-options
nosniff
x-sib-server
gke-gke-public-clust-gke-public-clust-68c94d10-7jw1
x-xss-protection
1
application-7e1a09a368ed2d6c6311fec2400aa96e8fed3b56ca73f7f8a82e0471d01f2f8e.css
frbsfemployeecare.yournextstep.com/assets/ 		722 KB
723 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frbsfemployeecare.yournextstep.com/assets/application-7e1a09a368ed2d6c6311fec2400aa96e8fed3b56ca73f7f8a82e0471d01f2f8e.css
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.31.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-31-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7e1a09a368ed2d6c6311fec2400aa96e8fed3b56ca73f7f8a82e0471d01f2f8e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:15:23 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
last-modified
Wed, 04 Jan 2023 15:56:31 GMT
server
nginx
etag
"63b5a1af-b47ba"
content-type
text/css
accept-ranges
bytes
content-length
739258
internal-mobility-styles.css
frbsfemployeecare.yournextstep.com/ 		19 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frbsfemployeecare.yournextstep.com/internal-mobility-styles.css?called_from=home&company_id=538
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.31.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-31-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
34d6c38d6fa92ae918ae7986c598904694472c3e8c9c6dd23549e4b1f7a62b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-runtime
0.031396
date
Fri, 06 Jan 2023 00:15:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains, max-age=63072000; includeSubdomains
x-content-type-options
nosniff, nosniff
server
nginx
etag
W/"34d6c38d6fa92ae918ae7986c5989046"
x-frame-options
SAMEORIGIN
x-env
Production
content-type
text/css; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-xss-protection
1; mode=block
x-request-id
d1db86c4-0927-4461-a4e5-ba1afa65ee04
application-fc3cf06d3fc9a4d90f11fc66e769da83993236624a7a967c3af625d03600bcd1.js
frbsfemployeecare.yournextstep.com/assets/ 		366 KB
366 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frbsfemployeecare.yournextstep.com/assets/application-fc3cf06d3fc9a4d90f11fc66e769da83993236624a7a967c3af625d03600bcd1.js
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.31.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-31-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fc3cf06d3fc9a4d90f11fc66e769da83993236624a7a967c3af625d03600bcd1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:15:23 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
last-modified
Thu, 05 Jan 2023 19:40:31 GMT
server
nginx
etag
"63b727af-5b696"
content-type
application/javascript
accept-ranges
bytes
content-length
374422
notice
consent.trustarc.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=intoo.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-106.vie50.r.cloudfront.net
Software
/
Resource Hash
d8557ed8c932762768bd0cfc9c98f1a052b79408df31cc58ec7ba29cbdfc2b18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://frbsfemployeecare.yournextstep.com/
Origin
https://frbsfemployeecare.yournextstep.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:14:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
78
x-cache
Hit from cloudfront
cloudfront-viewer-country
FR
content-length
4148
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600
timing-allow-origin
*
x-amz-cf-id
lT2MxA5S1kl3gmBUXsMr_ONH6O2PVG77HS1NSIUWBNxFtJ4YH-mf0w==
expires
Fri, 06 Jan 2023 01:14:06 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-63893315-1
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f5077bd941c380e2eaf59a4ba03ee7cfa4045ff3dd30ccfed55b78b547079c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:15:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45338
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Jan 2023 00:15:24 GMT
logo_2_original.png
s3.us-east-2.amazonaws.com/www-yournextstep-com/production/internal-mobility/internal_mobility_settings/logo/5/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-2.amazonaws.com/www-yournextstep-com/production/internal-mobility/internal_mobility_settings/logo/5/logo_2_original.png
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.107.73 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
b00e315762efbbc87be061ec9d27b360198df8b160d82b0a9a313ab52d885a8d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 00:15:25 GMT
x-amz-version-id
3D1Rd23jFapkb9fyh_bOVnI0bhp5V2Gp
Last-Modified
Thu, 30 Jun 2022 12:10:40 GMT
Server
AmazonS3
x-amz-request-id
6NAXXVF877ZHRXHV
ETag
"5bcae99e2a4003292a0976064f27b2d5"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-replication-status
FAILED
Accept-Ranges
bytes
Content-Length
33077
x-amz-id-2
42jRz6JAHojLJS7paZxPe9YZ72sOKdSyIRCX/kH60nPwuIofwgd3qZJEGgJIZNUO0Ti/VdyC+Ds=
logo_Intoo_powered-by_170.png
www-yournextstep-com.s3.amazonaws.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-yournextstep-com.s3.amazonaws.com/images/logo_Intoo_powered-by_170.png
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.109.44 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
08ff74c19e8e21982935e7993945cc29bd6ea1df481f9f848c8745f1bbdf5ccb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 00:15:25 GMT
x-amz-version-id
OPSi54NvUfhNocp1SuRqOquXn1tA6Crw
Last-Modified
Thu, 10 Sep 2020 22:07:26 GMT
Server
AmazonS3
x-amz-request-id
6NAGYC8T3J399VQY
ETag
"e3ef22532222b984adfa902ecfe6b894"
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
5815
x-amz-id-2
WEryy7UE4+0IBitxT8owT1P0h+E6T8BGajPAkcLnI1QcX5/CESuVLJoYuiKNxA4sS0L2ivTEJGw=
image
submit-irm.trustarc.com/services/validation/9847e67e-3b74-4738-80df-dd7eaac1483a/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://submit-irm.trustarc.com/services/validation/9847e67e-3b74-4738-80df-dd7eaac1483a/image
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.153.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-153-139.compute-1.amazonaws.com
Software
/
Resource Hash
aa88d6c3c203336bbc9d38e147cde648a25a0501d508fbdade86a136e4bf82d2
Security Headers
Name Value
Content-Security-Policy object-src 'none'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:15:24 GMT
content-security-policy
object-src 'none'; upgrade-insecure-requests; block-all-mixed-content;
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cross-origin-opener-policy
cross-origin
cross-origin-embedder-policy
unsafe-none
expect-ct
enforce, max-age=60
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/svg+xml
x-permitted-cross-domain-policies
none
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
cross-origin-resource-policy
cross-origin
content-length
7479
require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
frbsfemployeecare.yournextstep.com/assets/lib/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.31.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-31-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:15:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 19:47:27 GMT
server
nginx
etag
"5f611a4f-454a"
content-type
application/javascript
accept-ranges
bytes
content-length
17738
gotham_book-webfont.woff
d19t87v9ruil69.cloudfront.net/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/fonts/gotham_book-webfont.woff
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/application-7e1a09a368ed2d6c6311fec2400aa96e8fed3b56ca73f7f8a82e0471d01f2f8e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
553cf3fa6f4df74d5befd5550ac406502f9849d7edd210a4fba2176b16dc2473

Request headers

Referer
https://frbsfemployeecare.yournextstep.com/
Origin
https://frbsfemployeecare.yournextstep.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:14:08 GMT
x-amz-version-id
frR7pFSdGs9PKJQPoKWBByKlfp47m7jz
via
1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-P1
age
77
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
21564
last-modified
Fri, 30 Oct 2020 14:37:59 GMT
server
AmazonS3
etag
"8bb544c32d6e470df920e6937f9769e5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
SyotoiPt9MqefVtI3aI3PrFSSLZHM1yMR_xe6OyFsg0eYqvVka6GbA==
Elusive-Icons.woff
d19t87v9ruil69.cloudfront.net/fonts/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/fonts/Elusive-Icons.woff?v=3
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/application-7e1a09a368ed2d6c6311fec2400aa96e8fed3b56ca73f7f8a82e0471d01f2f8e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd62a29e542980034d9edb632282dd081df86babe0b7bdaf8e1a0cb9e21857a3

Request headers

Referer
https://frbsfemployeecare.yournextstep.com/
Origin
https://frbsfemployeecare.yournextstep.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:14:08 GMT
x-amz-version-id
3Hazi.Nm5mVDF0gjdnYO9lBaRhX3sxlX
via
1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-P1
age
77
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
61716
last-modified
Fri, 30 Oct 2020 20:55:02 GMT
server
AmazonS3
etag
"ade81352bebec250802727b2d385e2f2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
lMaIO60lgA7eCzzj0-KRc7RyFRT0mzj1EnBLauRDsntb16VbTe8FXA==
init-7dccb99a1595e7edcb27efa8d69930c442c0e5f42e204e00d8946164b24f5396.js
frbsfemployeecare.yournextstep.com/assets/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frbsfemployeecare.yournextstep.com/assets/init-7dccb99a1595e7edcb27efa8d69930c442c0e5f42e204e00d8946164b24f5396.js
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.31.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-31-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7dccb99a1595e7edcb27efa8d69930c442c0e5f42e204e00d8946164b24f5396
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:15:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
last-modified
Wed, 04 Jan 2023 15:56:31 GMT
server
nginx
etag
"63b5a1af-672c"
content-type
application/javascript
accept-ranges
bytes
content-length
26412
v1.7-1971
consent.trustarc.com/asset/notice.js/v/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-1971
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=intoo.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-106.vie50.r.cloudfront.net
Software
/
Resource Hash
ff774d95f711e4f81369f6128f8751fe3d0dc3b880bdbbf6d5bf8edb846f5269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://frbsfemployeecare.yournextstep.com/
Origin
https://frbsfemployeecare.yournextstep.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 23:19:10 GMT
content-encoding
gzip
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
3374
x-cache
Hit from cloudfront
pragma
public
last-modified
Mon, 19 Dec 2022 02:10:31 GMT
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Z06iW2K1sOdAqqxHBAg_jvZiCNjxyJhy7vK2kYvIohEimBvcivzGdw==
expires
Sat, 04 Feb 2023 23:19:10 GMT
log
consent.trustarc.com/ 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=intoo.com&country=fr&state=&behavior=expressed&c=e932
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-106.vie50.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 00:15:24 GMT
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
aA2gr7miITLCYPqV7E8mpZanTsL0QZ5OFCfn7JCMuUVoEhtkt59GCw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
js.cookie.js
d19t87v9ruil69.cloudfront.net/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/js.cookie.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8b01da72738036b926a4b9cc52542e84178661fbb3376b736a76fcf8f8ec1b1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
JA58YavJLP_mlqjg_4hMIEHzaIRIoN0G
content-encoding
gzip
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
date
Thu, 05 Jan 2023 12:25:24 GMT
last-modified
Thu, 10 Sep 2020 15:27:19 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
42601
etag
"18eee5729d9216137c2bd36c2b2ac8d4"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1005
x-amz-cf-id
6IfwHDBFWBY3oMBXD7CHhBcbx7qciomYapqWacyBTIJ0mi5m7aAy0A==
core_patches.js
d19t87v9ruil69.cloudfront.net/js/ 		317 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/core_patches.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e37308afefcf73bdf14ad51b41ab4c15718bf1c0e754ac76ae3da1cf54c09da

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
q9GpOcrqBxjL_QZ3VSZQ.I4vzMJKehJ9
content-encoding
gzip
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
date
Thu, 05 Jan 2023 12:25:24 GMT
last-modified
Thu, 10 Sep 2020 15:27:18 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
42601
etag
"206c6e8f31b4d06854d1eaceebda8d39"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
246
x-amz-cf-id
-VsdbwWWBVMSeRbzqbpaQHyNYGHJSCaM2vIFb_Uy_1puLMcYM68lbQ==
jquery-3.6.0.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		282 KB
283 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/jquery-3.6.0.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7a056abbbb2c17b32dcd8722f58fe0b3146599e13024fb32b9881dcadbfdc6f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
F.yXzTfXVovUSTzqvvl9ihyqfwWk6KSU
date
Thu, 05 Jan 2023 12:25:24 GMT
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 16:42:15 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
42601
x-amz-server-side-encryption
AES256
etag
"0f4700577b6ad8bf71abec0dd4dedafb"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
FAILED
accept-ranges
bytes
content-length
288579
x-amz-cf-id
p4dg473OzDrvK7v0NZk0Ki42yZahxbIQeFAgGWR4DA6-XRr4MoP4Mg==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-63893315-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 23:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1480
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 06 Jan 2023 01:50:44 GMT
/
consent-pref.trustarc.com/ Frame A575 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://frbsfemployeecare.yournextstep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
77
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 06 Jan 2023 00:14:07 GMT
etag
W/"5147-1668046884000"
expect-ct
max-age=86400; enforce;
last-modified
Thu, 10 Nov 2022 02:21:24 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-amz-cf-id
WMZTN5O-QfckZgFjO0RnqMu-dUkLnzv6syyinkXUBpjWOrDW_MRiDw==
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
noticemsg
consent.trustarc.com/ 		43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=intoo.com&behavior=expressed&country=fr&language=fr&rand=0.6370775002852977
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-106.vie50.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:15:24 GMT
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
cloudfront-viewer-country
FR
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
max-age=3600
timing-allow-origin
*
x-amz-cf-id
_fYobkXppEPk3doMqsg1qh38E5lNbfxQA74PztYOtRpI-xFnsJ6_Ng==
expires
Fri, 06 Jan 2023 01:15:24 GMT
collect
www.google-analytics.com/j/ 		2 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1554786043&t=pageview&_s=1&dl=https%3A%2F%2Ffrbsfemployeecare.yournextstep.com%2Fhelp%3Fca_t%3D38505956-7770-4c34-9cea-37d2791cae2a%26locale%3Den%26utm_campaign%3Dim_invite1%26utm_medium%3Dtrig%26utm_source%3Dem&ul=en-us&de=UTF-8&dt=Help%20Center%20%7C%20Federal%20Reserve%20Bank%20of%20San%20Francisco%20Employee%20Care&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1998701742&gjid=1186490330&cid=1401264850.1672964125&tid=UA-63893315-1&_gid=1924537183.1672964125&_r=1&gtm=2ou120&z=621750368
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://frbsfemployeecare.yournextstep.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 00:15:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://frbsfemployeecare.yournextstep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-63893315-1&cid=1401264850.1672964125&jid=1998701742&gjid=1186490330&_gid=1924537183.1672964125&_u=YEBAAUAAAAAAACAAI~&z=1211027955
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://frbsfemployeecare.yournextstep.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 06 Jan 2023 00:15:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://frbsfemployeecare.yournextstep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
defaultpreferencemanager.nocache.js
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A575 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
3175df97620413bf2ae297fbe578a8d2ef1e2b9a529cde14d3b74831d4e6b4b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:15:24 GMT
content-encoding
gzip
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:42 GMT
server
nginx
etag
W/"4867-1668046902000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
juumDBen8v8eiE-1b6BfQIJUDd4imdjOSkH6hy2vdh0m3ZBrQ_h8JQ==
expires
Fri, 06 Jan 2023 00:15:23 GMT
get
consent-st.trustarc.com/ Frame A575 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-37.fra56.r.cloudfront.net
Software
/
Resource Hash
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Wed, 04 Jan 2023 08:13:49 GMT
content-encoding
gzip
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C1
age
144094
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Jkij4qHMXOJnCaCmmLXcG1TB-PtiWV9OodoLXcil0gIKnjtLh1HL_A==
expires
Fri, 03 Feb 2023 08:13:49 GMT
loading.gif
consent-pref.trustarc.com/images/ Frame A575 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent-pref.trustarc.com/images/loading.gif
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 20:54:27 GMT
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
12057
x-cache
Hit from cloudfront
content-length
2608
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:24 GMT
server
nginx
etag
W/"2608-1668046884000"
expect-ct
max-age=86400; enforce;
vary
Origin
content-type
image/gif
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges
bytes
x-amz-cf-id
6KrGfS8CCcIDwJv8aYAkg3TMO-cq0sMB5O6leJBVViBx-49BBg4aZg==
jquery-ui.min.js
d19t87v9ruil69.cloudfront.net/js/lib/jQuery+UI+1.13/ 		249 KB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/jQuery+UI+1.13/jquery-ui.min.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
LR.GEe1MzoTgTzlOJy00HYeQpm5nRzxH
date
Thu, 05 Jan 2023 12:25:24 GMT
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 16:29:22 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
42601
etag
"842e3946fa938e62f185abb29ab00dc7"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
255082
x-amz-cf-id
tptXWzjJX5YVVQVfD-zCBMI8ishSWeeyBE_RwRcMhWnAB2nEN0U_ZA==
rails-upgrade.js
d19t87v9ruil69.cloudfront.net/js/lib/jquery-ujs/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/jquery-ujs/rails-upgrade.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0523f0355f9cd333395ef436edd0dd76b0b9c59fe0a4d7f26d7e7550f16c07d9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:51:03 GMT
x-amz-version-id
f.wpPnusYwieR0bD0sBqpdGlsUDRjBU3
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 20:47:35 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
73462
etag
"cb2c0edc2a2353b94a5964572eb99dda"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
FAILED
accept-ranges
bytes
content-length
21940
x-amz-cf-id
utU8Ok910EoN2uDkBdWAbpQQ17D4Zbb8hIUfDJjdKyRGvbIoTyq2Lg==
jquery.truncate.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/jquery.truncate.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccfe2815a6c895f9b76f9e5ebe0bb06bd452ebbb06436f7da321dc5f96aa6308

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:51:03 GMT
x-amz-version-id
q2UxOvZ9pMClwZn_.6G0_b40rxhcHBkF
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Thu, 10 Sep 2020 15:28:14 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
73462
etag
"cd100e9e4b33bdbd251e5ffaf19ad795"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
6037
x-amz-cf-id
TcECH0xl08yGUB9sUZizpxt80_63OgYQDRoko0IVkBsE2Ls6k7dtEg==
moment-timezone.min.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		175 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/moment-timezone.min.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
662bc4b6bf1fdbe5018c3346dd2de1af29ee837e5a10ca25a7698f86eca96ac9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
U7sJFyNZS1SO2r8hnxdffaCYm2f5C5DR
date
Thu, 05 Jan 2023 10:44:51 GMT
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Fri, 30 Oct 2020 14:46:46 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
48634
x-amz-server-side-encryption
AES256
etag
"7eedb12a83ee3e653e173eb487ffec28"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
179524
x-amz-cf-id
8UQgzc0r2dIy5R7cHv7yciZxNipGV1AoUmf58Zs_9YXfanlnf0xYXg==
jquery.iframe-transport-upgrade.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/jquery.iframe-transport-upgrade.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88cdffeef676151ef6bcb7d5aed142c26332d6757628298c63ad8f385cc4b623

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
7tqRT1zVRS4zStPn212Nle8VlaImCI_S
date
Thu, 05 Jan 2023 10:44:51 GMT
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jun 2022 14:23:47 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
48634
x-amz-server-side-encryption
AES256
etag
"025a1bbfc84364ee51abe3f44ba1720f"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
FAILED
accept-ranges
bytes
content-length
1832
x-amz-cf-id
oxPEx7gbLguUykV78nl84EIxzQUTNthNhVibIwLE_bblvuJejgnQ7Q==
summernote.min.js
cdn.jsdelivr.net/npm/summernote@0.8.18/dist/ 		148 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/summernote@0.8.18/dist/summernote.min.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a0e221bfa30fc6e21f967f0837b9b072dea7ad486cec6d73bc898a431c242f4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 06 Jan 2023 00:15:24 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5084621
x-jsd-version
0.8.18
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
37330
x-served-by
cache-fra-eddf8230025-FRA, cache-cdg20770-CDG
x-jsd-version-type
version
etag
W/"24e34-M/WLqERyV9A/SJoljsGHQrrsReQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
E386C51EAEB40FABD3D67271C058D97E.cache.html
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A28F 		139 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
cf4573f1ed1f560de87f77d9aa1fdf34956f13c657e7cba7c0ab6b156dd59be6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
4223214
cache-control
max-age=315360000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 18 Nov 2022 03:08:30 GMT
etag
W/"142492-1668046902000"
expect-ct
max-age=86400; enforce;
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Thu, 10 Nov 2022 02:21:42 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-amz-cf-id
js8rDMCtDic7GlulvlQmKLJRZ2R0nI-Y8XbdTYo6HYcDSQ9tvAABPA==
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
bootstrap3-4-1.min.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/bootstrap3-4-1.min.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
NxxH3a_HaXPPyBl8wknOj1v7nMcqp_rW
date
Thu, 05 Jan 2023 16:56:34 GMT
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Tue, 20 Dec 2022 17:32:58 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
26331
x-amz-server-side-encryption
AES256
etag
"2f34b630ffe30ba2ff2b91e3f3c322a1"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
39680
x-amz-cf-id
n-nn2XHvBoxndkW_2QwsDGHzRj_G0M7DOX8i9qL5vpj7A6sJibwcSQ==
company-connections.js
frbsfemployeecare.yournextstep.com/assets/widgets/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frbsfemployeecare.yournextstep.com/assets/widgets/company-connections.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.31.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-31-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4a0c59eedd723f190c5e362a172e326af23733e1de2bf4bd582d75f59e6b58e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-runtime
0.002202
date
Fri, 06 Jan 2023 00:15:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains, max-age=63072000; includeSubdomains
x-content-type-options
nosniff
server
nginx
etag
"4a0c59eedd723f190c5e362a172e326af23733e1de2bf4bd582d75f59e6b58e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate
content-length
2412
x-request-id
d915ed4c-a941-4735-ad38-bbeccd9efa59
ranked-list-upgrade.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/ranked-list-upgrade.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85e3053c4a113ec65c3f7cabc8b7b5ac5be71902795b61ddbe50624df6c49423

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
RKnck9JvkOSyEsuqr_WUgKhliB819tmH
date
Thu, 05 Jan 2023 10:44:52 GMT
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 20:06:07 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
48633
x-amz-server-side-encryption
AES256
etag
"f410b33b6a482f7bfe51d347540f81ca"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
FAILED
accept-ranges
bytes
content-length
4831
x-amz-cf-id
P7sQNpafMV916MO8_QovXaN7iI_NhbjnZ0AwTngQFRZw1fmhlKsqzw==
jquery.remotipart-upgrade.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/jquery.remotipart-upgrade.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fda6439bf3bc4af7d51491ab43b70b588d17aeea035eec34357eb0cdabb9e754

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
zOd8YBHrB6cTSbMpG22kIjsjpt_6Vh94
date
Thu, 05 Jan 2023 08:00:10 GMT
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jun 2022 14:24:27 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
58515
x-amz-server-side-encryption
AES256
etag
"bd78535120c77d0daf04f65cbbd79e44"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
FAILED
accept-ranges
bytes
content-length
1045
x-amz-cf-id
WZ0Q1wlvhK4-I4xig9JYW4X2arRxDoReOzNysRFiU8AvBb5aqKU_ZA==
moment.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		341 KB
342 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/moment.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d4f12c26650a8f09295fbf5ba1901d086d977fb35c609371f1252629b6dbd63

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:51:08 GMT
x-amz-version-id
ME4w0IWFRtnCOsCrhEp_58IoEAPpDLdr
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Fri, 30 Oct 2020 14:46:47 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
73457
etag
"671617f4a6aaaf075b783f645d53c0f4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
348978
x-amz-cf-id
gOuOhvSXwPc8iOHhMlAoxYNSiV-ZBkMHDg1nEGYkBARLyVb7N-9XBA==
bootstrap-datepicker-upgrade.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/bootstrap-datepicker-upgrade.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff5c2e6f3f2830c556d2ef49129a6fd37cbd38b00a39a59af84dc5c0eed21fd5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
nUg5vyGhvUQ9Zq0KwNqn_F7DVoJzZEqb
date
Thu, 05 Jan 2023 12:25:25 GMT
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 16:37:59 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
42600
x-amz-server-side-encryption
AES256
etag
"3a503fa8d2699ce50517a0830ae545c7"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
FAILED
accept-ranges
bytes
content-length
46827
x-amz-cf-id
3qrnCsZ2N3VSn9bgvzxflTdD6EFCpOSGkbcOplpPIktThVLK31I9vA==
datetimepicker.js
www-yournextstep-com.s3.us-east-2.amazonaws.com/js/ 		104 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www-yournextstep-com.s3.us-east-2.amazonaws.com/js/datetimepicker.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.105.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
725ab31066f4ff0af2ed52e1e29103617bcdf4f69bf0a03e846daf018f1dc5f2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 00:15:26 GMT
x-amz-version-id
pfX7CPHYXppsmihROMowgNXp3FAlrDbG
Last-Modified
Mon, 07 Nov 2022 15:44:51 GMT
Server
AmazonS3
x-amz-request-id
3BVQJ67P2J5CXX54
ETag
"7af9b07464cde5cd9c45529a32586d09"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
106566
x-amz-id-2
w5yz3WTZNcI5CkmW1gCX/lOeJczG4R0f/PO42/1mrD5G2wmBe6x9Ar+Fh9fGSqXw1JKTyIeOnLc=
bootstrap-multiselect.js
frbsfemployeecare.yournextstep.com/javascripts/ 		79 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frbsfemployeecare.yournextstep.com/javascripts/bootstrap-multiselect.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.31.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-31-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
396adb6c8ff4bc3d801d9bc7681bada78b6d9a9d632771c357fa07efe7574b0d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:15:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
last-modified
Wed, 12 Oct 2022 22:13:09 GMT
server
nginx
etag
"63473bf5-13d78"
content-type
application/javascript
accept-ranges
bytes
content-length
81272
bootstrap-formhelpers.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		287 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/bootstrap-formhelpers.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0059164d73c26a15a999512ba9e1ccde23cc33ee8b3d732b3f58e34bbfac36b9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
B_7R4bCpAww9Z_WHQWif526B3fPuwre7
content-encoding
gzip
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
date
Thu, 05 Jan 2023 10:44:53 GMT
last-modified
Thu, 10 Sep 2020 15:27:24 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
48632
etag
"8a71342e37c0384196f2f8ae0a904287"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
71486
x-amz-cf-id
Rn7n52EPCCTfGBcDN3JvCpokvprj-GqOmgBsop5gybzlXjKNclHbjg==
typeahead-bundle-upgrade.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		67 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/typeahead-bundle-upgrade.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
547ce05266cfe4cf1763dca5862bb7ef4bcf603f759690ab63a9dabf397e49eb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
HewAQVSskUduM0RFBeeI5VRrsxpP8mRd
date
Thu, 05 Jan 2023 08:00:11 GMT
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jun 2022 15:49:27 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
58514
x-amz-server-side-encryption
AES256
etag
"fab59f6091e864d6e3517bcdd94f90ff"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
FAILED
accept-ranges
bytes
content-length
68537
x-amz-cf-id
EwyqJvBvzFOHa4gFnmfv90LZBBAyauLq4QdHB0fHlBAbQ-MjmJL0KA==
bootstrap-switch-upgrade.js
d19t87v9ruil69.cloudfront.net/js/lib/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19t87v9ruil69.cloudfront.net/js/lib/bootstrap-switch-upgrade.js?v=2023010600
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/assets/lib/require-f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248c:3000:b:3d6d:6c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9824c69ee340e8b6ad683e52862f6697338c276faca3db2b360e6c6343b3481

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
D1aWyhqaWdi80sKTS2rVy_s0FTIc5ipu
date
Thu, 05 Jan 2023 19:12:40 GMT
via
1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 16:39:44 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P1
age
18165
x-amz-server-side-encryption
AES256
etag
"f55f9e38a385bba7f97e5d777bd4cb8d"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
FAILED
accept-ranges
bytes
content-length
20219
x-amz-cf-id
lEFDCRb_G7ycPGqQeJmJHZKn-ijGglz2lvLRadqBgClTfPXHiSMg8g==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A575 		969 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
E386C51EAEB40FABD3D67271C058D97E
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Fri, 06 Jan 2023 00:15:24 GMT
content-encoding
gzip
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
468
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
z9oBDmURk4nFdkv50N_Uc7dkx2KBf-dFtKqowgJ9lscS_Z5Af0AG1A==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A575 		48 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
d242145f3dc9ea8974f3686f23451c994b472e579c711d94b3aca9684601062b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
E386C51EAEB40FABD3D67271C058D97E
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Fri, 06 Jan 2023 00:15:24 GMT
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
48
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
Ydwsr6BMyqTQCdIqt9cUeaI8zUCVgjLt98AYtwI_A-DrtHrNSBkhaA==
EuPreferenceManager.css
consent-pref.trustarc.com/ Frame A575 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 00:15:25 GMT
content-encoding
gzip
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
x-cache
RefreshHit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:24 GMT
server
nginx
etag
W/"29043-1668046884000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
no-cache
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
y4QCCafBSVGJcssTnKN7nGyJQfhxTEdpP9bff1BXTt_AB3ek44ZuEg==
expires
Fri, 06 Jan 2023 00:15:24 GMT
10.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/ Frame A575 		254 KB
87 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/10.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
bf7a61b50946b58216061cd1b0ad91e1d400246dc5f1299b7c17748bf0aabc33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:08:53 GMT
content-encoding
gzip
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
4223192
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:42 GMT
server
nginx
etag
W/"259619-1668046902000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
MMyIkgN-47zF4KYXGmWipt5gAXv7Exaw201bzSt3mDILdPNp4nANRw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/ Frame A575 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/1.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:09:54 GMT
content-encoding
gzip
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
4223131
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:42 GMT
server
nginx
etag
W/"19787-1668046902000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
8ZDrEXr4qk4MctuR91VIICSB6LoDvpJGFVlRJx_d2_9NfCDLyu6Yww==
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie_iframe.html
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 9D96 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.139.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-139-21.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 00:15:25 GMT
etag
W/"5014-1657163800000"
expect-ct
max-age=31536000
last-modified
Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy
geolocation=(), microphone=(), payment=()
referrer-policy
origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A575 		799 B
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
f6d4c0f72a8df13e9745df24b1cd7e367025eb65ed755506c06c67b3b4e19463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
E386C51EAEB40FABD3D67271C058D97E
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Fri, 06 Jan 2023 00:15:25 GMT
content-encoding
gzip
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
363
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
e_F9MVVWq9opdI3EaZ2LfAVEKCsfBRPHbEQsllsmaCrKtYhJQJIjVA==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A575 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
efeddaa4242283115cd137f42e2861228aa50ac9ac96d264c53f807abc38fdff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
E386C51EAEB40FABD3D67271C058D97E
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Fri, 06 Jan 2023 00:15:25 GMT
content-encoding
gzip
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
4975
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
rzxmw_FguZKjtWGE_jVN6mC-NSedq-vzDKNuGP2pHGzZ5Q-1_ChJaA==
get
consent.trustarc.com/ Frame A575 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/get?name=Powered-By-TrustArc.png
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-106.vie50.r.cloudfront.net
Software
/
Resource Hash
407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Jan 2023 23:34:03 GMT
content-encoding
gzip
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
2482
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
tlhYc5ZzDpCPtbf0lpXolb-X7DQsoQ2HYQkcchuJ5JdSWFlidVCn9w==
expires
Sat, 04 Feb 2023 23:34:03 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1554786043&t=event&_s=2&dl=https%3A%2F%2Ffrbsfemployeecare.yournextstep.com%2Fhelp%3Fca_t%3D38505956-7770-4c34-9cea-37d2791cae2a%26locale%3Den%26utm_campaign%3Dim_invite1%26utm_medium%3Dtrig%26utm_source%3Dem&ul=en-us&de=UTF-8&dt=Help%20Center%20%7C%20Federal%20Reserve%20Bank%20of%20San%20Francisco%20Employee%20Care&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Help%20Center&ea=View&el=&ev=0&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1401264850.1672964125&tid=UA-63893315-1&_gid=1924537183.1672964125&gtm=2ou120&z=936522976
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://frbsfemployeecare.yournextstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 04:44:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70255
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie_inneriframe.html
consent-pref.trustarc.com/ Frame DE40 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/cookie_inneriframe.html
Requested by
Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
85179
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 00:35:45 GMT
etag
W/"2008-1668046884000"
expect-ct
max-age=86400; enforce;
last-modified
Thu, 10 Nov 2022 02:21:24 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-amz-cf-id
vYcQuO93tPj3mWGZAnvkzE0IT41HjrYXI0C538Oo75R2RSXXw5O5Xg==
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
4.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/ Frame A575 		43 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/4.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
e3fbe79fefb6ab4f2bfe292e0fb65d768f65bb106f37ecdd4d84859245fdfce3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:09:56 GMT
content-encoding
gzip
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
4223129
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:42 GMT
server
nginx
etag
W/"44317-1668046902000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
o8bgVAYgvj1uWYffRJRrk6kHQ6LEOUUUD8lyANtts5St7uz7eIyAKw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
loading.gif
consent-pref.trustarc.com/images/ Frame A575 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent-pref.trustarc.com/images/loading.gif
Requested by
Host: frbsfemployeecare.yournextstep.com
URL: https://frbsfemployeecare.yournextstep.com/help?ca_t=38505956-7770-4c34-9cea-37d2791cae2a&locale=en&utm_campaign=im_invite1&utm_medium=trig&utm_source=em
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 20:54:27 GMT
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
12058
x-cache
Hit from cloudfront
content-length
2608
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:24 GMT
server
nginx
etag
W/"2608-1668046884000"
expect-ct
max-age=86400; enforce;
vary
Origin
content-type
image/gif
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges
bytes
x-amz-cf-id
E1BAN7VJmUIh9PLN46xIJPNDqpByqdAk9L2iFfCk2bbBCrQxvjvHiA==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A575 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
5da90c380e450a9e05e44b10cbe56ec86706c6d80b2add82b822864c7e62b9ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
E386C51EAEB40FABD3D67271C058D97E
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Fri, 06 Jan 2023 00:15:26 GMT
content-encoding
gzip
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
905
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
ALjMJWtc42CXsdCvMk1K6ZyknJa6h3F5Z8St-wBqYGpMyBpfJ1e1_A==
get
consent.trustarc.com/ Frame A575 		61 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=MuseoSans_500.otf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-106.vie50.r.cloudfront.net
Software
/
Resource Hash
46428f2c539eecc8b06fecb7ea74dc8f945fd9ab25b8b4cabba1aa55f6d91239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://consent-pref.trustarc.com/
Origin
https://consent-pref.trustarc.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Jan 2023 00:09:37 GMT
content-encoding
gzip
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
348
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
ZGaG1Sig1d-zajZdgJDIPabTKVBmfoU1PgZ3lhlTIIAuV6C661WEsg==
expires
Sun, 05 Feb 2023 00:09:37 GMT
get
consent.trustarc.com/ Frame A575 		61 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=MuseoSans-300.otf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-106.vie50.r.cloudfront.net
Software
/
Resource Hash
ecc24f40f565ce3d863f4ab0fe3258c6d92ca796776a4cae7d68fb52fdddeb7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://consent-pref.trustarc.com/
Origin
https://consent-pref.trustarc.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Jan 2023 23:23:14 GMT
content-encoding
gzip
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
3131
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
B-G5vPzBu6YqbX9KVZVi4xOHJThgOTLQyJnubzEl-LG_2Dutz3HmbQ==
expires
Sat, 04 Feb 2023 23:23:14 GMT
get
consent.trustarc.com/ Frame A575 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/get?name=logo-intoo-small.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-106.vie50.r.cloudfront.net
Software
/
Resource Hash
1ae7c291f65f7a458f290b6a230bfe32665b7604b49374c514948d44a7353230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Jan 2023 23:49:39 GMT
content-encoding
gzip
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
1545
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
9sA8Kup08ZSMsMarYFd8aNu7Ws6bZZer7UuRY88URCj01WsKH88aQA==
expires
Sat, 04 Feb 2023 23:49:39 GMT
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A575 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
e6ab9f4619d2d320e2c7b100ed1aebf6a2dceb5a284d581eb5d2195874438f55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
E386C51EAEB40FABD3D67271C058D97E
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Fri, 06 Jan 2023 00:15:26 GMT
content-encoding
gzip
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
2092
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
Ii7HulqlRuAQIW8yO67xoQb6hxvPr-gnk16JNwRt0vs8RZmGr0s1kQ==
switchbg.png
consent-pref.trustarc.com/images/ Frame A575 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent-pref.trustarc.com/images/switchbg.png
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/EuPreferenceManager.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/EuPreferenceManager.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 02:16:43 GMT
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
79132
x-cache
Hit from cloudfront
content-length
1068
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:24 GMT
server
nginx
etag
W/"1068-1668046884000"
expect-ct
max-age=86400; enforce;
vary
Origin
content-type
image/png
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges
bytes
x-amz-cf-id
HGwr8DMn7Ud7fHaHPQxexwDHEUrceev_ABjvyHmpDx3JusJoDDYZ2Q==
loader.gif
consent-pref.trustarc.com/images/ Frame A575 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent-pref.trustarc.com/images/loader.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-59.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/?type=intoo_gdpr&layout=gdpr&site=intoo.com&action=notice&country=fr&locale=fr&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:27:54 GMT
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
71255
x-cache
Hit from cloudfront
content-length
1737
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:24 GMT
server
nginx
etag
W/"1737-1668046884000"
expect-ct
max-age=86400; enforce;
vary
Origin
content-type
image/gif
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges
bytes
x-amz-cf-id
dN-H-08lH0243eRbSRBZbftyfF8Ir0_5SzAw4NFEiV5416gNCxo2vg==
get
consent.trustarc.com/ Frame A575 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/get?name=Powered-By-TrustArc.png
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-106.vie50.r.cloudfront.net
Software
/
Resource Hash
407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Jan 2023 23:34:03 GMT
content-encoding
gzip
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-P1
age
2483
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
GCHDCStYxSxQC-elCSkU0-GARoyUM3HmR4M6b0-p7yihM0XyoVINkA==
expires
Sat, 04 Feb 2023 23:34:03 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| Chartkick function| Chart function| Pusher function| Cookies string| MY_DOMAIN boolean| REQUIRE_USER_EXPRESSED_PERMISSION object| _STATE function| runOnce function| getBehavior function| handleAPIResponse function| activateElement function| record_consents function| gtag object| dataLayer string| pageCategory string| pageLabel string| pageValue object| pageInitialized function| requirejs function| require function| define function| pageLoaded function| _truste_eumap object| truste object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery function| moment function| Bloodhound object| BFHCountriesList object| BFHCurrenciesList object| BFHMonthsList object| BFHDaysList number| BFHDayOfWeekStart object| BFHFontsList object| BFHFontSizesList object| BFHGoogleFontsList object| BFHLanguagesList object| BFHPhoneFormatList object| BFHStatesList string| BFHTimePickerDelimiter object| BFHTimePickerModes object| BFHTimezonesList function| initPage function| deleteRow function| addRow function| initDraggableFields

9 Cookies

Domain/Path Name / Value
.yournextstep.com/ Name: _yournextstep_session
Value: LMY3s2OrnZ1IL5fpztTG5dqxnCwrCII2LDHfJ7Reu157XtRCM9K9NutVPOjdWtOuJoJKEtI%2FRpwCBw6%2FwqFy4b7%2Bqh70y6jN1cFlbrG9DNhwSN%2BxRvDCccjAPo6ONKKOZRdBWZL2op3o729wW7%2BUtEiyJ8d0YlGaRsKrvS7u%2BBiIVR0RETV%2BqSlmC5Qv6gTyqFOsQjIAZcrQ%2FQSj9O20F7AU9myaXlndOfV9%2BlW2SpqjEnEU5dWNlF4bBuCU7pBhBb0WJyfYG6A8JU5B1hWloEIoKYMNtvgygFn%2Blu0%3D--8p8TBn1kXrzelthW--WEGnrwYp2NPNKQIYypz5%2FA%3D%3D
frbsfemployeecare.yournextstep.com/ Name: browser.timezone
Value: Etc/Unknown
.frbsfemployeecare.yournextstep.com/ Name: notice_behavior
Value: expressed,eu
.yournextstep.com/ Name: _ga
Value: GA1.2.1401264850.1672964125
.yournextstep.com/ Name: _gid
Value: GA1.2.1924537183.1672964125
.yournextstep.com/ Name: _gat_gtag_UA_63893315_1
Value: 1
submit-irm.trustarc.com/ Name: AWSALBCORS
Value: TU1KN7JFEvNRwC4JPUAxk7sDrNTH6Ct2VxCTN9tHAijozfC6hC0jAiyeLUPSJGNe3qY4NVFfo0orSb+figgzQ32TOg6SvhXmF4P5JJsECfSH50FSbA9aUOX+WhZW
prefmgr-cookie.truste-svc.net/ Name: cookie_3rdparty
Value: enabled
consent-pref.trustarc.com/ Name: token_test
Value: Fri Jan 06 2023 00:15:25 GMT+0000 (GMT)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
d19t87v9ruil69.cloudfront.net
frbsfemployeecare.yournextstep.com
prefmgr-cookie.truste-svc.net
r.mailer.yournextstep.com
s3.us-east-2.amazonaws.com
stats.g.doubleclick.net
submit-irm.trustarc.com
www-yournextstep-com.s3.amazonaws.com
www-yournextstep-com.s3.us-east-2.amazonaws.com
www.google-analytics.com
www.googletagmanager.com
1.179.112.197
18.207.31.200
18.211.153.139
18.66.15.106
18.66.15.59
2600:9000:248c:3000:b:3d6d:6c40:21
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c00::9b
2a04:4e42::485
52.219.105.122
52.219.107.73
52.219.109.44
54.82.139.21
65.9.66.37
0059164d73c26a15a999512ba9e1ccde23cc33ee8b3d732b3f58e34bbfac36b9
0523f0355f9cd333395ef436edd0dd76b0b9c59fe0a4d7f26d7e7550f16c07d9
08ff74c19e8e21982935e7993945cc29bd6ea1df481f9f848c8745f1bbdf5ccb
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
1ae7c291f65f7a458f290b6a230bfe32665b7604b49374c514948d44a7353230
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
3175df97620413bf2ae297fbe578a8d2ef1e2b9a529cde14d3b74831d4e6b4b8
34d6c38d6fa92ae918ae7986c598904694472c3e8c9c6dd23549e4b1f7a62b12
396adb6c8ff4bc3d801d9bc7681bada78b6d9a9d632771c357fa07efe7574b0d
3e37308afefcf73bdf14ad51b41ab4c15718bf1c0e754ac76ae3da1cf54c09da
407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89
46428f2c539eecc8b06fecb7ea74dc8f945fd9ab25b8b4cabba1aa55f6d91239
4a0c59eedd723f190c5e362a172e326af23733e1de2bf4bd582d75f59e6b58e4
4d4f12c26650a8f09295fbf5ba1901d086d977fb35c609371f1252629b6dbd63
547ce05266cfe4cf1763dca5862bb7ef4bcf603f759690ab63a9dabf397e49eb
553cf3fa6f4df74d5befd5550ac406502f9849d7edd210a4fba2176b16dc2473
579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5da90c380e450a9e05e44b10cbe56ec86706c6d80b2add82b822864c7e62b9ba
662bc4b6bf1fdbe5018c3346dd2de1af29ee837e5a10ca25a7698f86eca96ac9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f5077bd941c380e2eaf59a4ba03ee7cfa4045ff3dd30ccfed55b78b547079c1
725ab31066f4ff0af2ed52e1e29103617bcdf4f69bf0a03e846daf018f1dc5f2
793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526
7dccb99a1595e7edcb27efa8d69930c442c0e5f42e204e00d8946164b24f5396
7e1a09a368ed2d6c6311fec2400aa96e8fed3b56ca73f7f8a82e0471d01f2f8e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e3053c4a113ec65c3f7cabc8b7b5ac5be71902795b61ddbe50624df6c49423
88cdffeef676151ef6bcb7d5aed142c26332d6757628298c63ad8f385cc4b623
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a0e221bfa30fc6e21f967f0837b9b072dea7ad486cec6d73bc898a431c242f4f
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
aa88d6c3c203336bbc9d38e147cde648a25a0501d508fbdade86a136e4bf82d2
b00e315762efbbc87be061ec9d27b360198df8b160d82b0a9a313ab52d885a8d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8b01da72738036b926a4b9cc52542e84178661fbb3376b736a76fcf8f8ec1b1
bf7a61b50946b58216061cd1b0ad91e1d400246dc5f1299b7c17748bf0aabc33
c9824c69ee340e8b6ad683e52862f6697338c276faca3db2b360e6c6343b3481
ccfe2815a6c895f9b76f9e5ebe0bb06bd452ebbb06436f7da321dc5f96aa6308
cf4573f1ed1f560de87f77d9aa1fdf34956f13c657e7cba7c0ab6b156dd59be6
d242145f3dc9ea8974f3686f23451c994b472e579c711d94b3aca9684601062b
d8557ed8c932762768bd0cfc9c98f1a052b79408df31cc58ec7ba29cbdfc2b18
dd62a29e542980034d9edb632282dd081df86babe0b7bdaf8e1a0cb9e21857a3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3fbe79fefb6ab4f2bfe292e0fb65d768f65bb106f37ecdd4d84859245fdfce3
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e6ab9f4619d2d320e2c7b100ed1aebf6a2dceb5a284d581eb5d2195874438f55
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ecc24f40f565ce3d863f4ab0fe3258c6d92ca796776a4cae7d68fb52fdddeb7d
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
efeddaa4242283115cd137f42e2861228aa50ac9ac96d264c53f807abc38fdff
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f5fdfd6c2cb1c6ef3e909080ede850de7f4fa81339bfaa50e9a32140ebfc920d
f6d4c0f72a8df13e9745df24b1cd7e367025eb65ed755506c06c67b3b4e19463
f7a056abbbb2c17b32dcd8722f58fe0b3146599e13024fb32b9881dcadbfdc6f
fc3cf06d3fc9a4d90f11fc66e769da83993236624a7a967c3af625d03600bcd1
fda6439bf3bc4af7d51491ab43b70b588d17aeea035eec34357eb0cdabb9e754
ff1835ccc2a63d7fd9ba65598867826bb4e9e7a6d314100eaf568724607a89c6
ff5c2e6f3f2830c556d2ef49129a6fd37cbd38b00a39a59af84dc5c0eed21fd5
ff774d95f711e4f81369f6128f8751fe3d0dc3b880bdbbf6d5bf8edb846f5269