urlscan.io logo urlscan.io
SecurityTrails logo

www.csf.fr Open in urlscan Pro
64.208.250.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.csf.fr/e/700443/e-Pardot-utm-campaign-PP240131/9q8q2s/2292256292/h/AdXLX9tjBrWPZ8y-pm3ucSIJJS3uyvjxdaKk...
Effective URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Submission: On February 02 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 6 countries across 20 domains to perform 111 HTTP transactions. The main IP is 64.208.250.188, located in Chicago, United States and belongs to COMPAGNIE-IBM-FRANCE-AS, FR. The main domain is www.csf.fr.
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 25th 2024. Valid for: a year.
This is the only time www.csf.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 34.237.219.119 14618 (AMAZON-AES)
39 64.208.250.188 202213 (COMPAGNIE...)
1 18.66.192.129 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
30 93.20.42.171 15557 (LDCOMNET)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
4 2a03:2880:f04... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2620:1ec:46::60 8075 (MICROSOFT...)
1 146.75.116.157 54113 (FASTLY)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
2 2001:4860:480... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 212.82.100.181 34010 (YAHOO-IRD)
2 194.51.217.243 3215 (France Te...)
1 3 2a03:2880:f14... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.208.125.13 14618 (AMAZON-AES)
111 22
3    34.237.219.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com
email.csf.fr
39    64.208.250.188 (Chicago, United States)

ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR)
www.csf.fr
1    18.66.192.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-129.muc50.r.cloudfront.net
d1m6l9dfulcyw7.cloudfront.net
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
30    93.20.42.171 (Colombes, France)

ASN15557 (LDCOMNET, FR)
creditenligne.financo.fr
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
4    2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
static.critizr.com
cdn.goodays.co
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
2    194.51.217.243 (Annecy, France)

ASN3215 (France Telecom - Orange, FR)
www.financo.fr
3    2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com
pi.pardot.com
Apex Domain
Subdomains		 Transfer
42 csf.fr
email.csf.fr
www.csf.fr
1 MB
32 financo.fr
creditenligne.financo.fr
www.financo.fr
318 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
38 KB
5 gstatic.com
www.gstatic.com
635 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
136 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
637 B
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
ssl.google-analytics.com — Cisco Umbrella Rank: 570
17 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
14 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
253 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 673
7 KB
1 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 4833
1 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1451
632 B
1 goodays.co
cdn.goodays.co — Cisco Umbrella Rank: 189382
97 KB
1 google.fr
www.google.fr — Cisco Umbrella Rank: 19149
455 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 789
394 B
1 t.co
t.co — Cisco Umbrella Rank: 656
376 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 745
15 KB
1 critizr.com
static.critizr.com — Cisco Umbrella Rank: 197203
13 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
2 KB
1 cloudfront.net
d1m6l9dfulcyw7.cloudfront.net
116 KB
111 20
Domain Requested by
39 www.csf.fr www.csf.fr
30 creditenligne.financo.fr www.csf.fr
creditenligne.financo.fr
6 www.google.com www.csf.fr
creditenligne.financo.fr
www.gstatic.com
www.google.com
5 www.gstatic.com www.google.com
4 connect.facebook.net www.csf.fr
connect.facebook.net
creditenligne.financo.fr
3 www.facebook.com 1 redirects www.csf.fr
creditenligne.financo.fr
3 bat.bing.com www.csf.fr
bat.bing.com
3 www.googletagmanager.com www.csf.fr
www.googletagmanager.com
3 email.csf.fr 1 redirects www.csf.fr
email.csf.fr
2 www.financo.fr creditenligne.financo.fr
2 region1.google-analytics.com www.googletagmanager.com
2 s.yimg.com www.csf.fr
s.yimg.com
1 pi.pardot.com email.csf.fr
1 ssl.google-analytics.com www.csf.fr
1 sp.analytics.yahoo.com www.csf.fr
1 cdn.goodays.co static.critizr.com
1 www.google.fr www.csf.fr
1 analytics.twitter.com www.csf.fr
1 t.co www.csf.fr
1 static.ads-twitter.com www.csf.fr
1 static.critizr.com www.csf.fr
1 googleads.g.doubleclick.net www.googletagmanager.com
1 d1m6l9dfulcyw7.cloudfront.net www.csf.fr
111 23

This site contains links to these domains. Also see Links.

Domain
moncompte.csf.fr
www.facebook.com
www.youtube.com
Subject Issuer Validity Valid
*.csf.fr
Thawte TLS RSA CA G1		 2024-01-25 -
2025-02-04		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
creditenligne.financo.fr
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-11-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-22 -
2024-03-13		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-11 -
2024-02-09		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
static.critizr.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-11-02 -
2024-05-02		 6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-16 -
2024-10-14		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-19 -
2024-09-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
cdn.goodays.co
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-11-02 -
2024-05-02		 6 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-24 -
2024-04-17		 6 months crt.sh
www.financo.fr
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-14 -
2024-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
email.csf.fr
R3		 2023-12-10 -
2024-03-09		 3 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-07-23		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Frame ID: F4F83C276A455EE3468657F60D4E1B28
Requests: 65 HTTP requests in this frame

Frame: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Frame ID: DBC4DEAFF125821824A603D1FFAE6A2B
Requests: 38 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrvcQUAAAAAA-zGSAQ1dIFggdvCrIr9GtNo9Lh&co=aHR0cHM6Ly9jcmVkaXRlbmxpZ25lLmZpbmFuY28uZnI6NDQz&hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=tkfc3saixyzh
Frame ID: 9D8BEB08ED6E2206C66C190C367BFEEB
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LcrvcQUAAAAAA-zGSAQ1dIFggdvCrIr9GtNo9Lh
Frame ID: E073021CA5819477CA0A0EFC692D4E55
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Prêt personnel auto : simulez en ligne et obtenez une réponse de principe immédiate ! (Crédit Social des Fonctionnaires).

Page URL History Show full URLs

  1. https://email.csf.fr/e/700443/e-Pardot-utm-campaign-PP240131/9q8q2s/2292256292/h/AdXLX9tjBrWPZ8y-... HTTP 301
    https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

111
Requests

99 %
HTTPS

55 %
IPv6

20
Domains

23
Subdomains

22
IPs

6
Countries

2939 kB
Transfer

7259 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.csf.fr/e/700443/e-Pardot-utm-campaign-PP240131/9q8q2s/2292256292/h/AdXLX9tjBrWPZ8y-pm3ucSIJJS3uyvjxdaKk42WVgII HTTP 301
    https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://www.facebook.com/tr/?id=481884418601426&ev=PageView&dl=https%3A%2F%2Fwww.csf.fr&rl=&if=false&ts=1706861380900&sw=1600&sh=1200&v=2.9.144&r=stable&ec=0&o=4124&fbp=fb.1.1706861380899.1067085681&pm=1&hrl=f226c2&ler=empty&cdl=API_unavailable&it=1706861380818&coo=false&cs_cc=1&cas=6200955059950927%2C2910330689070006%2C1411899695589978&exp=e1&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?cas=6200955059950927%2C2910330689070006%2C1411899695589978&cdl=API_unavailable&coo=false&cs_cc=1&dl=https%3A%2F%2Fwww.csf.fr&ec=0&ev=PageView&exp=e1&fbp=fb.1.1706861380899.1067085681&hrl=f226c2&id=481884418601426&if=false&it=1706861380818&ler=empty&o=4124&pm=1&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1706861380900&v=2.9.144

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request le-pret-personnel-auto
www.csf.fr/jcms/mle_832/
Redirect Chain
  • https://email.csf.fr/e/700443/e-Pardot-utm-campaign-PP240131/9q8q2s/2292256292/h/AdXLX9tjBrWPZ8y-pm3ucSIJJS3uyvjxdaKk42WVgII
  • https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
104 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
c855e8ef3af3c5f4f46249aa14fb34f91138145a163a052b120ac4094c08f789
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
19553
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
content-type
text/html;charset=UTF-8
date
Fri, 02 Feb 2024 08:09:38 GMT
expires
0
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-jcms-ajax-id
AjaxCtxt-0-1706861379890
x-xss-protection
1

Redirect headers

Connection
keep-alive
Content-Length
169
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Feb 2024 08:09:39 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
max-age=63072000
content-encoding
gzip
expires
Sun, 01 Feb 2026 08:09:39 GMT
location
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary
Accept-Encoding,User-Agent
9a50778c62aa7.js
d1m6l9dfulcyw7.cloudfront.net/uxt/ 		458 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1m6l9dfulcyw7.cloudfront.net/uxt/9a50778c62aa7.js
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-129.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
531e02b7e3d1307f6f7b6b6e018ff0f211acc8372a6ce05f19f8e66704b34c5a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 04:45:39 GMT
content-encoding
gzip
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
0
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
118627
last-modified
Mon, 30 Jul 2018 12:32:03 GMT
server
AmazonS3
etag
"20fe4390df65f22736991188ecfef999"
vary
Origin
content-type
application/javascript;charset=utf-8
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
IGq4uzNvXgcPYd_369tQPnntSt1cNJENgeHeKYr-RKnM6f4XCIWhNg==
csspacker.jsp
www.csf.fr/css/ 		726 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
3985f2314cd02932f090bee72d9b5bece5908802d6036337604d436a3b7e21c9
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
Apache
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
vary
Accept-Encoding,User-Agent
content-type
text/css;charset=UTF-8
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
content-length
121460
x-xss-protection
1
expires
Mon, 04 Mar 2024 08:09:39 GMT
csspacker.jsp
www.csf.fr/css/ 		79 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-empty.css&css=plugins%2FCSFCore%2Fcss%2Frefonte-identification%2Findentification.css&css=frontlib%2Flightgallery%2Fcss%2Flightgallery.css&css=frontlib%2Flightgallery%2Fcss%2Flg-autoplay.css&css=frontlib%2Flightgallery%2Fcss%2Flg-fullscreen.css&css=frontlib%2Flightgallery%2Fcss%2Flg-thumbnail.css&css=frontlib%2Flightgallery%2Fcss%2Flg-video.css&css=frontlib%2Flightgallery%2Fcss%2Flg-zoom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2FimageEditor%2Fjalios-image-editor.css&css=plugins%2FCSFCore%2Fcss%2Fworkspace%2Fcredits.css&css=plugins%2FCSFCore%2Fcss%2Fui-lightness%2Fjquery-ui-1.10.4.custom.min.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2Fold_formulaire.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_contentdisplay.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_accueil_body.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_column.css&css=plugins%2FCSFCore%2Fcss%2Faide%2FquestionsReponses.css&css=plugins%2FCSFCore%2Fcss%2FespaceCorrespondant%2FespaceCorrespondant.css&css=plugins%2FCSFCore%2Fcss%2FespaceCorrespondant%2Fmanuel%2FmanuelCorrespondant.css&css=plugins%2FCSFCore%2Fcss%2Faide%2Flexique.css
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
834f5c01b302c6002f787b9ae77b5f1acb2eee03a8f1bccad0e378a231587fc5
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
Apache
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
vary
Accept-Encoding,User-Agent
content-type
text/css;charset=UTF-8
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
content-length
14360
x-xss-protection
1
expires
Mon, 04 Mar 2024 08:09:39 GMT
le-csf.jpg
www.csf.fr/upload/docs/image/jpeg/2022-04/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/jpeg/2022-04/le-csf.jpg
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
3d1b72c2d45ff3c79abe735ca52813ab8e896cbd479e6f26db2725b1a0ed9644
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Wed, 06 Apr 2022 09:20:56 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"6561-1649236856000"
content-type
image/jpeg
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
6561
x-xss-protection
1
csf-smart.jpg
www.csf.fr/upload/docs/image/jpeg/2022-04/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/jpeg/2022-04/csf-smart.jpg
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
9d061bb9ff5ebc15c5880b6c21af95d495a0f32ef05a3cb6b3d6a6cc9930594a
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Wed, 06 Apr 2022 09:20:56 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"4962-1649236856000"
content-type
image/jpeg
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
4962
x-xss-protection
1
headerhome.png
www.csf.fr/plugins/CSFCore/images/ 		755 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/plugins/CSFCore/images/headerhome.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
cfc5e54ee13fdda982d78aa068b593ccbccc182a8e54941bddc8482cfdabb077
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
last-modified
Tue, 19 Dec 2023 16:01:20 GMT
server
Apache
etag
W/"755-1703001680000"
content-type
image/png
accept-ranges
bytes
content-length
755
blanc_ident.gif
www.csf.fr/upload/docs/image/gif/2014-02/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/gif/2014-02/blanc_ident.gif
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
4fdc7b5042461555d756ef8bf251d292d15484c4e785f1ec057e2cfb70be54e1
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 11 Feb 2014 13:06:44 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"1104-1392124004000"
content-type
image/gif
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
1104
x-xss-protection
1
csf_banniere_barre_de_navigation_350x250.jpg
www.csf.fr/upload/docs/image/jpeg/2023-12/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/jpeg/2023-12/csf_banniere_barre_de_navigation_350x250.jpg
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
f0887a983559998304983e928a55c950179112fd4c76e45bc41df0d71be5cc32
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 28 Dec 2023 09:51:11 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"79818-1703757071865"
content-type
image/jpeg
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
79818
x-xss-protection
1
visuel_gen_380x325.jpg
www.csf.fr/upload/docs/image/jpeg/2024-01/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/jpeg/2024-01/visuel_gen_380x325.jpg
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
6a8c9640148b0baff062a35be70345b862675970decaff687cc6bb1adb73d630
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 04 Jan 2024 16:08:56 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"28222-1704384536671"
content-type
image/jpeg
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
28222
x-xss-protection
1
visuel_nav_rac_350x350.jpg
www.csf.fr/upload/docs/image/jpeg/2023-09/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/jpeg/2023-09/visuel_nav_rac_350x350.jpg
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
a0c1b3e23a9eccf9d51efcdb5fe72451036853487dd5d786a1b4c109522ddf06
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2023 10:00:50 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"27332-1694685650121"
content-type
image/jpeg
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
27332
x-xss-protection
1
notre_assurance_du_mois_-_csf.png
www.csf.fr/upload/docs/image/png/2023-05/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/png/2023-05/notre_assurance_du_mois_-_csf.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
cbcd145728b1b2d585e64ec5d8323d75b154b6cb7455f34e21eb02556d266337
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 04 May 2023 09:17:02 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"43374-1683191822000"
content-type
image/png
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
43374
x-xss-protection
1
350x250_per.jpg
www.csf.fr/upload/docs/image/jpeg/2023-10/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/jpeg/2023-10/350x250_per.jpg
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
3a8e8cf93ae6f6ca75864d1f4915d54da077f8b62deffb866b1e513adc6910d8
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 09 Oct 2023 15:21:37 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"27553-1696864897011"
content-type
image/jpeg
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
27553
x-xss-protection
1
blanc-carte_v2.png
www.csf.fr/upload/docs/image/png/2017-03/ 		96 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/png/2017-03/blanc-carte_v2.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
ae82847dd8bc0bb5f14f11e98989a4d1ab07ddcb66a6bbc4b7fc1fe8193d72b8
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Wed, 08 Mar 2017 14:49:48 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"96-1488984588000"
content-type
image/png
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
96
x-xss-protection
1
blanc-carte.png
www.csf.fr/upload/docs/image/png/2014-02/ 		958 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/png/2014-02/blanc-carte.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
cbb38942abbad6ff8356d1ee115cb05c5b487fd3ca469969fab6b046693ca92d
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Wed, 12 Feb 2014 08:22:00 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"958-1392193320000"
content-type
image/png
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
958
x-xss-protection
1
380x325_teleassistance.jpg
www.csf.fr/upload/docs/image/jpeg/2021-02/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/jpeg/2021-02/380x325_teleassistance.jpg
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
98770b7f95f84892346a0c35c4ee72e4822ad4ca190b6887e92044fe5b79321c
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Wed, 10 Feb 2021 10:12:32 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"45709-1612951952000"
content-type
image/jpeg
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
45709
x-xss-protection
1
offre_auto_-_42_.png
www.csf.fr/upload/docs/image/png/2023-04/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/png/2023-04/offre_auto_-_42_.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
10db6d22f3e108f57e266297c422f4aa1d844d3698de439032a395e856935b84
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Wed, 19 Apr 2023 14:44:43 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"38784-1681915483000"
content-type
image/png
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
38784
x-xss-protection
1
bloc_barre_de_nav_acces_espace_correspondant_380px_plan_de_travail_1.png
www.csf.fr/upload/docs/image/png/2022-11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/png/2022-11/bloc_barre_de_nav_acces_espace_correspondant_380px_plan_de_travail_1.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
60ad62e349ec78296f83fb5bddbbc4f08a11db6ada7998ecf51d7bf80b82056b
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 17 Nov 2022 14:40:47 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"4077-1668696047000"
content-type
image/png
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
4077
x-xss-protection
1
790x300px_ppa_102020_smart.jpg
www.csf.fr/upload/docs/image/jpeg/2020-09/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/jpeg/2020-09/790x300px_ppa_102020_smart.jpg
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
a2f8e15ef0630ece1d5a9c2b6e80abf963bc6e9e7f6c790c8c705bf696572e3a
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 29 Sep 2020 11:58:38 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"164087-1601380718000"
content-type
image/jpeg
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
164087
x-xss-protection
1
gtm.js
www.googletagmanager.com/ 		407 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-SPJG
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec24b0b3da2a6502802a361e5057e6149378519aeb25e774a4d545dff3145d06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105232
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Feb 2024 08:09:40 GMT
380x360px_ppa_102020_desk.jpg
www.csf.fr/upload/docs/image/jpeg/2020-09/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/jpeg/2020-09/380x360px_ppa_102020_desk.jpg
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
073ab67870647d462760b77677e6d881753a5c9b24db4d8c02b55242493ff00f
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 25 Sep 2020 09:50:20 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"130408-1601027420000"
content-type
image/jpeg
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
130408
x-xss-protection
1
fb.png
www.csf.fr/upload/docs/image/png/2017-12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/png/2017-12/fb.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
82fea4d222f0530622b0e66cfd35ae62ca42f8385f96cc987e3be64487f3089e
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2017 08:58:21 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"2972-1513241901000"
content-type
image/png
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
2972
x-xss-protection
1
youtube.png
www.csf.fr/upload/docs/image/png/2017-12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/png/2017-12/youtube.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
e7c24ff4f9df16482965ee583219cabc76e35e238986dbe5a0a2637c2a8631bd
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2017 08:58:21 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"2748-1513241901000"
content-type
image/png
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
2748
x-xss-protection
1
montoitamoi.png
www.csf.fr/upload/docs/image/png/2017-12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/png/2017-12/montoitamoi.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
e90685a2948ca13c8fe250dcfc20bb48c593d06ed3e54b67ac7246eeb3c2d89e
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2017 08:58:21 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"4027-1513241901000"
content-type
image/png
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
4027
x-xss-protection
1
plugin.css
www.csf.fr/plugins/TopLinkPlugin/css/ 		1 KB
612 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/plugins/TopLinkPlugin/css/plugin.css
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
08651b6f6de8fe69f211d09ad73c403135ab280e8e2fc20bb574f538bd377198
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
last-modified
Mon, 29 Jan 2024 07:03:58 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"1230-1706511838764-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
524
s.gif
www.csf.fr/ 		422 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/s.gif
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
675e9a463940e418ab8efef1af0106f008365673456a6a6e80b904bc6b926324
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
last-modified
Thu, 04 May 2023 07:57:14 GMT
server
Apache
etag
W/"422-1683187034000"
content-type
image/gif
accept-ranges
bytes
content-length
422
csspacker.jsp
www.csf.fr/css/ 		1 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=plugins%2FTopLinkPlugin%2Fcss%2Fplugin.css
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
d45123ad4cf7d834c42944425475891bd20bd42c8c68452b7e764fbfb087fa76
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
Apache
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
vary
Accept-Encoding,User-Agent
content-type
text/css;charset=UTF-8
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
content-length
478
x-xss-protection
1
expires
Mon, 04 Mar 2024 08:09:40 GMT
jalios-properties-js.jsp
www.csf.fr/js/jalios/core/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/js/jalios/core/jalios-properties-js.jsp?nopackfirst&v=JCPRO_202401290808
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
b7b1a9e026380482794719f831345a65d11a922ed0344400b4d1b6bd1935b667
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
Apache
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
vary
Accept-Encoding,User-Agent
content-type
text/javascript;charset=UTF-8
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
content-length
968
x-xss-protection
1
expires
Mon, 04 Mar 2024 08:09:40 GMT
jalios-i18n-js.jsp
www.csf.fr/js/jalios/core/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/js/jalios/core/jalios-i18n-js.jsp?nopackfirst&lang=fr&v=JCPRO_202401290808
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
2ba24537e7a0c89df8c9aec91566ce2b2f6b6be2d4f5d307959c9960d1c95775
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
Apache
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
vary
Accept-Encoding,User-Agent
content-type
text/javascript;charset=UTF-8
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
content-length
2402
x-xss-protection
1
expires
Mon, 04 Mar 2024 08:09:40 GMT
jspacker.jsp
www.csf.fr/js/ 		1 MB
292 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/js/jspacker.jsp?v=JCPRO_202401290808&js=js%2Flib%2Fmodernizr%2Fmodernizr.custom.js&js=frontlib%2Fjquery%2Fjquery.min.js&js=js%2Fjalios%2Fcore%2Fjalios-init.js&js=frontlib%2FjqueryMigrate%2Fjquery-migrate.min.js&js=frontlib%2Fjquery%2Fjquery-fix.js&js=js%2Flib%2FelementQuery.js&js=frontlib%2Fjquery-ui%2Fjquery-ui.min.js&js=js%2Fjalios%2Fjquery-browser.js&js=js%2Flib%2FimagesLoaded%2Fimagesloaded.pkgd.js&js=js%2Flib%2Fmoment%2Fmoment.js&js=js%2Flib%2Fmoment%2Fmoment-timezone-with-data-1970-2030.js&js=js%2Flib%2Fjsonrpc.js&js=js%2Flib%2Fprototype.js&js=js%2Flib%2Fhistory.js%2Fhistory.adapter.jquery.js&js=js%2Flib%2Fhistory.js%2Fhistory.js&js=js%2Fjalios%2Futil.js&js=js%2Fchannel.js&js=js%2Fwidget.js&js=js%2Flib%2Fjquery.ajaxQueue.js&js=js%2Flib%2Fjquery.console.js&js=js%2Flib%2Fjquery.idle-timer.js&js=js%2Flib%2Fjquery.cookie.js&js=js%2Fjalios%2Fcore%2Fjalios-common.js&js=js%2Fjalios%2Fcore%2Fjalios-i18n.js&js=js%2Fjalios%2Fcore%2Fjalios-data-broker.js&js=js%2Fjalios%2Fcore%2Fjalios-data-toggle.js&js=js%2Fjalios%2Fcore%2Fjalios-sortable.js&js=js%2Fjalios%2Fcore%2Fjalios-sortable-portal.js&js=js%2Fjalios%2Fcore%2Fjalios-sortable-widget.js&js=js%2Fjalios%2Fcore%2Fjalios-tooltip.js&js=js%2Fjalios%2Fcore%2Fjalios-browser.js&js=js%2Fjalios%2Fcore%2Fjalios-prefs.js&js=js%2Fjalios%2Fcore%2Fjalios-submit.js&js=js%2Fjalios%2Fcore%2Fjalios-clickable.js&js=js%2Flib%2Fbootstrap-3.4.1%2Ftransition.js&js=js%2Flib%2Fbootstrap-3.4.1%2Falert.js&js=js%2Flib%2Fbootstrap-3.4.1%2Fmodal.js&js=js%2Flib%2Fbootstrap-3.4.1%2Fdropdown.js&js=js%2Flib%2Fbootstrap-3.4.1%2Ftab.js&js=js%2Flib%2Fbootstrap-3.4.1%2Ftooltip.js&js=js%2Flib%2Fbootstrap-3.4.1%2Fpopover.js&js=js%2Flib%2Fbootstrap-3.4.1%2Fbutton.js&js=js%2Flib%2Fbootstrap-3.4.1%2Fcollapse.js&js=js%2Flib%2Fbootstrap-typeahead%2Fbootstrap-typeahead.js&js=js%2Flib%2Fbootstrap-notify.js&js=js%2Flib%2Fbootstrap-tabdrop.js&js=js%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.js&js=js%2Fjalios%2Fcore%2Fjalios-prototype-conflict.js&js=js%2Fjalios%2Fcore%2Fjalios-polyfill.js&js=js%2Fjalios%2Fcore%2Fjalios-tab.js&js=js%2Fjalios%2Fcore%2Fjalios-modal.js&js=js%2Fjalios%2Fcore%2Fjalios-popin.js&js=js%2Fjalios%2Fcore%2Fjalios-ajax-refresh.js&js=js%2Fjalios%2Fcore%2Fjalios-single-submit.js&js=js%2Fjalios%2Fcore%2Fjalios-autocomplete.js&js=js%2Fjalios%2Fcore%2Fjalios-autocomplete-chooser.js&js=js%2Fjalios%2Fcore%2Fjalios-autocomplete-wiki.js&js=js%2Fjalios%2Fcore%2Fjalios-ctxmenu.js&js=js%2Fjalios%2Fcore%2Fjalios-collapse.js&js=js%2Fjalios%2Fcore%2Fjalios-widget.js&js=js%2Fjalios%2Fcore%2Fjalios-widget-chooser.js&js=js%2Fjalios%2Fux%2Fjalios-caddy.js&js=js%2Fjalios%2Fcore%2Fjalios-treeview.js&js=js%2Fjalios%2Fcore%2Fjalios-table-data.js&js=js%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.js&js=js%2Fjalios%2Fcore%2Fjalios-modal-forbidden.js&js=js%2Fjalios%2Fcore%2Fjalios-dirty-form-control.js&js=js%2Fjalios%2Fcore%2Fa11y%2Fjalios-a11y.js&js=js%2Fjalios%2Fcore%2Fa11y%2Fjalios-a11y-modal.js&js=js%2Fjalios%2Fcore%2Fa11y%2Fjalios-a11y-tabbable.js&js=js%2Fjalios%2Fcore%2Fa11y%2Fjalios-a11y-collapsable.js&js=plugins%2FCSFCore%2Fjs%2Fmain.js&js=js%2Flib%2Ftwemoji%2Ftwemoji.min.js&js=js%2Fjalios%2Fcore%2Fjalios-emoji.js&js=js%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.js&js=js%2Flib%2Fhandlebars%2Fhandlebars.js&js=js%2Flib%2Ftoastr%2Ftoastr.js&js=custom%2Fjs%2Fstandard.js&js=frontlib%2Flightgallery%2Flightgallery.min.js&js=frontlib%2Flightgallery%2Fplugins%2Fautoplay%2Flg-autoplay.min.js&js=frontlib%2Flightgallery%2Fplugins%2Fvideo%2Flg-video.min.js&js=frontlib%2Flightgallery%2Fplugins%2Ffullscreen%2Flg-fullscreen.min.js&js=frontlib%2Flightgallery%2Fplugins%2Fthumbnail%2Flg-thumbnail.min.js&js=js%2Fjalios%2Fcore%2Fcomponents%2Flightbox%2Flg-zoom.js&js=js%2Fjalios%2Fcore%2Fcomponents%2Flightbox%2Flg-accessPub.js&js=js%2Fjalios%2Fcore%2Fcomponents%2Flightbox%2Flg-imageEditor.js&js=js%2Fjalios%2Fcore%2Fjalios-lightbox.js&js=js%2Fjalios%2Fcore%2Fcomponents%2FimageEditor%2Fjalios-image-editor.js
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
c8b08f62dc28632c0209e05ed0106800df07470b27ccd09e3ffd20f09c027903
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
Apache
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
vary
Accept-Encoding,User-Agent
content-type
text/javascript;charset=UTF-8
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
content-length
297292
x-xss-protection
1
expires
Mon, 04 Mar 2024 08:09:40 GMT
ajax-wait.svg
www.csf.fr/images/jalios/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/images/jalios/icons/ajax-wait.svg
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
74b1cac1b90b79214ab227c1ea8553e839263a6a5f649511b7fde7002e0214a5
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
last-modified
Thu, 04 May 2023 07:57:14 GMT
server
Apache
etag
W/"1425-1683187034000"
vary
User-Agent
content-type
image/svg+xml
accept-ranges
bytes
content-length
1425
csspacker.jsp
www.csf.fr/css/ 		308 B
222 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fprint.css
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
49e131f6e998bdf5d0d386095157df5785c0dc1c99a3d64c25327a1885f04dc5
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
Apache
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
vary
Accept-Encoding,User-Agent
content-type
text/css;charset=UTF-8
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
content-length
184
x-xss-protection
1
expires
Mon, 04 Mar 2024 08:09:40 GMT
headerBackground.png
www.csf.fr/plugins/CSFCore/images/ 		448 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/plugins/CSFCore/images/headerBackground.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-empty.css&css=plugins%2FCSFCore%2Fcss%2Frefonte-identification%2Findentification.css&css=frontlib%2Flightgallery%2Fcss%2Flightgallery.css&css=frontlib%2Flightgallery%2Fcss%2Flg-autoplay.css&css=frontlib%2Flightgallery%2Fcss%2Flg-fullscreen.css&css=frontlib%2Flightgallery%2Fcss%2Flg-thumbnail.css&css=frontlib%2Flightgallery%2Fcss%2Flg-video.css&css=frontlib%2Flightgallery%2Fcss%2Flg-zoom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2FimageEditor%2Fjalios-image-editor.css&css=plugins%2FCSFCore%2Fcss%2Fworkspace%2Fcredits.css&css=plugins%2FCSFCore%2Fcss%2Fui-lightness%2Fjquery-ui-1.10.4.custom.min.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2Fold_formulaire.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_contentdisplay.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_accueil_body.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_column.css&css=plugins%2FCSFCore%2Fcss%2Faide%2FquestionsReponses.css&css=plugins%2FCSFCore%2Fcss%2FespaceCorrespondant%2FespaceCorrespondant.css&css=plugins%2FCSFCore%2Fcss%2FespaceCorrespondant%2Fmanuel%2FmanuelCorrespondant.css&css=plugins%2FCSFCore%2Fcss%2Faide%2Flexique.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
d35e6d7d496f71792a1d2581dcd4443414ec4e7133bec692447941c5f7c1b50a
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-empty.css&css=plugins%2FCSFCore%2Fcss%2Frefonte-identification%2Findentification.css&css=frontlib%2Flightgallery%2Fcss%2Flightgallery.css&css=frontlib%2Flightgallery%2Fcss%2Flg-autoplay.css&css=frontlib%2Flightgallery%2Fcss%2Flg-fullscreen.css&css=frontlib%2Flightgallery%2Fcss%2Flg-thumbnail.css&css=frontlib%2Flightgallery%2Fcss%2Flg-video.css&css=frontlib%2Flightgallery%2Fcss%2Flg-zoom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2FimageEditor%2Fjalios-image-editor.css&css=plugins%2FCSFCore%2Fcss%2Fworkspace%2Fcredits.css&css=plugins%2FCSFCore%2Fcss%2Fui-lightness%2Fjquery-ui-1.10.4.custom.min.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2Fold_formulaire.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_contentdisplay.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_accueil_body.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_column.css&css=plugins%2FCSFCore%2Fcss%2Faide%2FquestionsReponses.css&css=plugins%2FCSFCore%2Fcss%2FespaceCorrespondant%2FespaceCorrespondant.css&css=plugins%2FCSFCore%2Fcss%2FespaceCorrespondant%2Fmanuel%2FmanuelCorrespondant.css&css=plugins%2FCSFCore%2Fcss%2Faide%2Flexique.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
last-modified
Tue, 19 Dec 2023 16:01:18 GMT
server
Apache
etag
W/"448-1703001678000"
content-type
image/png
accept-ranges
bytes
content-length
448
OpenSans-Regular-webfont.woff
www.csf.fr/plugins/CSFCore/css/webfonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/plugins/CSFCore/css/webfonts/OpenSans-Regular-webfont.woff
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
6097786c561eb1b4b32bd690970953e52bd2dcf46907c0548aa5d66de3ccc656
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
Origin
https://www.csf.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
last-modified
Tue, 19 Dec 2023 16:01:16 GMT
server
Apache
etag
W/"16004-1703001676000"
vary
User-Agent
content-type
font/woff
accept-ranges
bytes
content-length
16004
credit-auto-opcsf.php
creditenligne.financo.fr/ Frame DBC4 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
06bd71487830403dbe1b17f9334e63db0bfbe107327908d8317607e4ffa93858
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.csf.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 private, max-age=0
content-encoding
gzip
content-type
text/html
date
Fri, 02 Feb 2024 08:09:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 02 Feb 2024 08:09:40 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
headerUnLogged.png
www.csf.fr/plugins/CSFCore/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/plugins/CSFCore/images/headerUnLogged.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-empty.css&css=plugins%2FCSFCore%2Fcss%2Frefonte-identification%2Findentification.css&css=frontlib%2Flightgallery%2Fcss%2Flightgallery.css&css=frontlib%2Flightgallery%2Fcss%2Flg-autoplay.css&css=frontlib%2Flightgallery%2Fcss%2Flg-fullscreen.css&css=frontlib%2Flightgallery%2Fcss%2Flg-thumbnail.css&css=frontlib%2Flightgallery%2Fcss%2Flg-video.css&css=frontlib%2Flightgallery%2Fcss%2Flg-zoom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2FimageEditor%2Fjalios-image-editor.css&css=plugins%2FCSFCore%2Fcss%2Fworkspace%2Fcredits.css&css=plugins%2FCSFCore%2Fcss%2Fui-lightness%2Fjquery-ui-1.10.4.custom.min.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2Fold_formulaire.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_contentdisplay.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_accueil_body.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_column.css&css=plugins%2FCSFCore%2Fcss%2Faide%2FquestionsReponses.css&css=plugins%2FCSFCore%2Fcss%2FespaceCorrespondant%2FespaceCorrespondant.css&css=plugins%2FCSFCore%2Fcss%2FespaceCorrespondant%2Fmanuel%2FmanuelCorrespondant.css&css=plugins%2FCSFCore%2Fcss%2Faide%2Flexique.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
6eaf9de756dbe7b6600fb62fe4c579871304e5f4ec479b6d3531ff3747aaa08f
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-empty.css&css=plugins%2FCSFCore%2Fcss%2Frefonte-identification%2Findentification.css&css=frontlib%2Flightgallery%2Fcss%2Flightgallery.css&css=frontlib%2Flightgallery%2Fcss%2Flg-autoplay.css&css=frontlib%2Flightgallery%2Fcss%2Flg-fullscreen.css&css=frontlib%2Flightgallery%2Fcss%2Flg-thumbnail.css&css=frontlib%2Flightgallery%2Fcss%2Flg-video.css&css=frontlib%2Flightgallery%2Fcss%2Flg-zoom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2FimageEditor%2Fjalios-image-editor.css&css=plugins%2FCSFCore%2Fcss%2Fworkspace%2Fcredits.css&css=plugins%2FCSFCore%2Fcss%2Fui-lightness%2Fjquery-ui-1.10.4.custom.min.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2Fold_formulaire.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_contentdisplay.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_accueil_body.css&css=plugins%2FCSFCore%2Fcss%2Fretrocompatible%2FSite_column.css&css=plugins%2FCSFCore%2Fcss%2Faide%2FquestionsReponses.css&css=plugins%2FCSFCore%2Fcss%2FespaceCorrespondant%2FespaceCorrespondant.css&css=plugins%2FCSFCore%2Fcss%2FespaceCorrespondant%2Fmanuel%2FmanuelCorrespondant.css&css=plugins%2FCSFCore%2Fcss%2Faide%2Flexique.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
last-modified
Tue, 19 Dec 2023 16:01:20 GMT
server
Apache
etag
W/"1673-1703001680000"
content-type
image/png
accept-ranges
bytes
content-length
1673
conseillertel.png
www.csf.fr/upload/docs/image/png/2015-07/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/png/2015-07/conseillertel.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
81294541ba2024a0a59c90c657e9c68c05fe54ae553df38c6edd3108896b8f3c
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2015 15:42:28 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:38 GMT
etag
W/"23529-1437666148000"
content-type
image/png
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
23529
x-xss-protection
1
footerBg.gif
www.csf.fr/plugins/CSFCore/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/plugins/CSFCore/images/footerBg.gif
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
eac7fbd5d0483954ec951864041239c9b3737f44c4f844f4a0ec4b7d47a3b1a7
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
last-modified
Tue, 19 Dec 2023 16:01:18 GMT
server
Apache
etag
W/"1150-1703001678000"
content-type
image/gif
accept-ranges
bytes
content-length
1150
27AFCC_2_0.woff
www.csf.fr/plugins/CSFCore/css/webfonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/plugins/CSFCore/css/webfonts/27AFCC_2_0.woff
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
3eaec069477cdbe458967da7a2d145cc3a53f1fd9c990f81ccea72abbf4ddbf6
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
Origin
https://www.csf.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:38 GMT
last-modified
Tue, 19 Dec 2023 16:01:16 GMT
server
Apache
etag
W/"36123-1703001676000"
vary
User-Agent
content-type
font/woff
accept-ranges
bytes
content-length
36123
js
www.googletagmanager.com/gtag/ 		284 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SNR35HN0P8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SPJG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25ffca5d1f3efca45806bfb08d138eec6993ebc27172b19b83193501094a8d8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94404
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Feb 2024 08:09:40 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071410135/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071410135/?random=1706861380594&cv=11&fst=1706861380594&bg=ffffff&guid=ON&async=1&gtm=45He41v0v534347za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&hn=www.googleadservices.com&frm=0&tiba=Pr%C3%AAt%20personnel%20auto%20%3A%20simulez%20en%20ligne%20et%20obtenez%20une%20r%C3%A9ponse%20de%20principe%20imm%C3%A9diate%20!%20(Cr%C3%A9dit%20Social%20des%20Fonctionnaires).&npa=0&pscdl=noapi&auid=672135729.1706861381&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SPJG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2009785a7837a1f07480d326dfef37ab64b452f0e2f0b3b87033638eba00f315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1394
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Fri, 02 Feb 2024 07:43:16 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
0N42KX4TFNC0EGZY
age
1585
x-amz-server-side-encryption
AES256
content-length
6262
x-amz-id-2
JK/BJtZ+jTpIFSG7oihNVusfpG4+5Nx/Z0o0Rcsh32WvTWSXlhHEiokFjU+Ybkd+bPRum2XHVP0=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 02 Feb 2024 08:09:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57202
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
pAlJyncxnGjz0fBzOtklhR/WLXNgV0s17siHAa3rt6Eu65hPe3Bu5X4CIhlxxYOvn5285uK2vS/EOVudp9V6Eg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 02 Feb 2024 08:09:40 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 25F5715E7DDE4C818581F64A1CE1ED07 Ref B: PAR02EDGE0906 Ref C: 2024-02-02T08:09:40Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
9fa8747e0a08017c38992d467ce9bedf.js
static.critizr.com/widgets/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.critizr.com/widgets/9fa8747e0a08017c38992d467ce9bedf.js
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5ec06210c7e8aa758c09f3c562e9d5389f66e6d255b5ea15a08536f39bd00a8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
x-amz-version-id
mJfM3Mn1jQWQPAZ7jfvhj6Lc5dzKvmCT
last-modified
Tue, 07 Nov 2023 10:04:12 GMT
x-amz-request-id
HXF662CJC5BN31JS
etag
"fb85b01cdaab19bb26428dcf06856ebe"
x-amz-server-side-encryption
AES256
x-azure-ref
20240202T080940Z-gzhbcnbxft2ftb4b5kw4vm39t400000002eg000000013ks9
x-cache
CONFIG_NOCACHE
content-type
application/javascript
accept-ranges
bytes
content-length
12803
x-amz-id-2
ub8a9dGe7PITvCGS9j+kZbwRG69rxAW7JkH0Jr7XFDNmEtbWhibsZ9uSSoP20lmsiN8H/GyCKew=
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230136-FRA
gtm.js
www.googletagmanager.com/ 		178 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55L5KZL
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aeeff688a6cb7cb827bc2ef7a353136e94692a9ac55e403d654933c52ff44d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58438
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Feb 2024 08:09:40 GMT
adsct
t.co/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=3027ca81-ed4a-4d10-a879-139015a8952f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c0693260-5b0c-4685-bd1a-ad82e43bc5bc&tw_document_href=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzl9n&type=javascript&version=2.3.29
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-response-time
105
date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=0
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
21944ce04edd531c
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
4312de0272a68789ff04122b218b9e6316447cb701e81b7f9c7c4666d8b48e04
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3027ca81-ed4a-4d10-a879-139015a8952f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c0693260-5b0c-4685-bd1a-ad82e43bc5bc&tw_document_href=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzl9n&type=javascript&version=2.3.29
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-response-time
105
date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=631138519
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
6366e18982e4dd07
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
06c8b47d99e487f7e1848f9fe02de3e6963b9c49c562c0cc5904c09aa17c5749
content-length
43
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SNR35HN0P8&gtm=45je41v0v884004885z8534347za200&_p=1706861379944&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=522614572.1706861381&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&sid=1706861380&sct=1&seg=0&dt=Pr%C3%AAt%20personnel%20auto%20%3A%20simulez%20en%20ligne%20et%20obtenez%20une%20r%C3%A9ponse%20de%20principe%20imm%C3%A9diate%20!%20(Cr%C3%A9dit%20Social%20des%20Fonctionnaires).&en=page_view&_fv=1&_nsi=1&_ss=1&ep.34164000=true&ep.page_hostname=csf.fr&ep.perimetre=csf&tfd=1664
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SNR35HN0P8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.csf.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
431415.json
s.yimg.com/wi/config/ 		2 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/431415.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 02 Feb 2024 07:15:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
DEY3P7V3V7X1J2KT
age
3259
content-length
2
x-amz-id-2
O+f9Q1j+wdRA2hFcQACD+zppqbThBpZK3auYU6dWvRj5m1pMe8t8yN/DFp9Wtrmz+N2yHvkZwvI=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
5977027.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5977027.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 02 Feb 2024 08:09:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6FBC8AB940724AF5880EF0B7887802B9 Ref B: PAR02EDGE0906 Ref C: 2024-02-02T08:09:40Z
x-cache
CONFIG_NOCACHE
481884418601426
connect.facebook.net/signals/config/ 		51 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/481884418601426?v=2.9.144&r=stable&domain=www.csf.fr&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f41526fbf3a8d51b6803c5a53724825dcf6c1dd00be7de9cd9e1296fdc9569c5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 02 Feb 2024 08:09:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
M09Ud2/tZIHekhzmmx683p1GIzUVbKFjLyrZxqa+sq63ff5ocaaCpMHTHQ4zHaQiWFEeZxYtfta7HEkDyMqzzw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1071410135/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071410135/?random=1706861380594&cv=11&fst=1706860800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v534347za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&frm=0&tiba=Pr%C3%AAt%20personnel%20auto%20%3A%20simulez%20en%20ligne%20et%20obtenez%20une%20r%C3%A9ponse%20de%20principe%20imm%C3%A9diate%20!%20(Cr%C3%A9dit%20Social%20des%20Fonctionnaires).&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_5d5EXz_xErjs2D1ACd8SPzEICAdrgw&random=822883764&rmt_tld=0&ipr=y
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/1071410135/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-user-list/1071410135/?random=1706861380594&cv=11&fst=1706860800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v534347za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&frm=0&tiba=Pr%C3%AAt%20personnel%20auto%20%3A%20simulez%20en%20ligne%20et%20obtenez%20une%20r%C3%A9ponse%20de%20principe%20imm%C3%A9diate%20!%20(Cr%C3%A9dit%20Social%20des%20Fonctionnaires).&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_5d5EXz_xErjs2D1ACd8SPzEICAdrgw&random=822883764&rmt_tld=1&ipr=y
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5977027&Ver=2&mid=ddd5adb4-f555-4c4a-bbfd-3b1f2c5ba2be&sid=6a5e6640c1a211eea636cb66ab61b47e&vid=6a5e58e0c1a211eea4e09737fe575932&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Pr%C3%AAt%20personnel%20auto%20%3A%20simulez%20en%20ligne%20et%20obtenez%20une%20r%C3%A9ponse%20de%20principe%20imm%C3%A9diate%20!%20(Cr%C3%A9dit%20Social%20des%20Fonctionnaires).&p=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&r=&lt=1774&evt=pageLoad&sv=1&rn=726485
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 02 Feb 2024 08:09:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0E97CBBA31B44C7BB9FB43053540A667 Ref B: PAR02EDGE0906 Ref C: 2024-02-02T08:09:40Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
9fa8747e0a08017c38992d467ce9bedf.css
cdn.goodays.co/sdk/ 		97 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.goodays.co/sdk/9fa8747e0a08017c38992d467ce9bedf.css
Requested by
Host: static.critizr.com
URL: https://static.critizr.com/widgets/9fa8747e0a08017c38992d467ce9bedf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
caa5b2bfbc3697a3f9aa1ebe5a0de47e7bc6527e5d0252eb2a2e700cae517571

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
x-amz-version-id
fXh7R3utGt0o89zODwKnwr7oEsdGzMRd
last-modified
Tue, 07 Nov 2023 10:04:12 GMT
x-amz-request-id
4MBG8YRPZCNTBQMH
etag
"f2b692439c8ce4ca3ed8637f86eba03c"
x-amz-server-side-encryption
AES256
x-azure-ref
20240202T080940Z-ryksgpn0t97qrdcu4nw0uypvan000000051g00000000cg9e
x-cache
CONFIG_NOCACHE
content-type
text/css
accept-ranges
bytes
content-length
98888
x-amz-id-2
hIgS1C5hxDe/SQn2iMSN163H/8SPPoaFgXZy4rwKVv2SDpB7mv8T/5ANvmy6tD7Nts0FbLjPGKkJOtZW13b9Fw==
visuel_cookies_rgpd.png
www.csf.fr/upload/docs/image/png/2022-10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.csf.fr/upload/docs/image/png/2022-10/visuel_cookies_rgpd.png
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
f1736cbdcc082e597c00e8f112bac31e9a22a96d7131aef645bf5d8ff74b4730
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 14 Oct 2022 07:13:07 GMT
server
Apache
date
Fri, 02 Feb 2024 08:09:39 GMT
etag
W/"8950-1665731587000"
content-type
image/png
feature-policy
accelerometer 'none'; autoplay 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; midi 'none'; payment 'none'; usb 'none';
permissions-policy
accelerometer=(), autoplay=(), camera=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=*, midi=(), payment=(), usb=()
accept-ranges
bytes
content-length
8950
x-xss-protection
1
Roboto-Regular.woff2
www.csf.fr/fonts/lib/Roboto/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/fonts/lib/Roboto/Roboto-Regular.woff2?&jv=20210501
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
3baa16fc132d1193f6d745ed2ab7ea31754423ed7d91301f95f98e36cbf29a84
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
Origin
https://www.csf.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:39 GMT
last-modified
Thu, 04 May 2023 07:57:14 GMT
server
Apache
etag
W/"64812-1683187034000"
vary
User-Agent
content-type
font/woff2
accept-ranges
bytes
content-length
64812
Roboto-Bold.woff2
www.csf.fr/fonts/lib/Roboto/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.csf.fr/fonts/lib/Roboto/Roboto-Bold.woff2?&jv=20210501
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.208.250.188 Chicago, United States, ASN202213 (COMPAGNIE-IBM-FRANCE-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
3e2115237961f1cf2258a04220c3a29d53bf742215e223bdead3395c76cebbf7
Security Headers
Name Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.csf.fr/css/csspacker.jsp?v=JCPRO_202401290808&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftopbar%2Fjalios-topbar.css&css=css%2Flib%2Ftoastr%2Ftoastr.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Ftoastr%2Fjalios-toastr.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto.css&css=css%2Fjalios%2Fcore%2Ffonts%2Fwebfont-roboto-condensed.css&css=css%2Fjalios%2Fcore%2Fbootstrap.css&css=css%2Fjalios%2Fcore%2Ffont-icons_with_fa.css&css=css%2Fjalios%2Fcore%2Fcore.css&css=css%2Fjalios%2Fcore%2Fcore-theme.css&css=css%2Ffff-sprite.css&css=css%2Fjalios%2Fcore%2Flang.css&css=css%2Fjalios%2Fcore%2Fportlet%2Fskin%2Fjalios-skin-custom-properties.css&css=css%2Flib%2Fanimate%2Fanimate-custom.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fanimate%2Fjalios-rippler.css&css=css%2Fjalios%2Fcore%2Fjalios-dropdown-repositioning.css&css=css%2Fjalios%2Fcore%2Fcomponents%2Fa11y%2Fa11y.css&css=plugins%2FCSFCore%2Fcss%2Ffonts.css&css=plugins%2FCSFCore%2Fcss%2Fstyle_ecran.css&css=plugins%2FCSFCore%2Fcss%2Fsimulateurs%2Fsimulateurs.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fwysiwyg.css&css=css%2Flib%2Fbootstrap-datetimepicker%2Fbootstrap-datetimepicker.css&css=custom%2Fcss%2Fstandard.css&css=plugins%2FCSFStylesWysiwygPlugin%2Fcss%2Fcustom.css
Origin
https://www.csf.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
date
Fri, 02 Feb 2024 08:09:39 GMT
last-modified
Thu, 04 May 2023 07:57:14 GMT
server
Apache
etag
W/"64184-1683187034000"
vary
User-Agent
content-type
font/woff2
accept-ranges
bytes
content-length
64184
sp.pl
sp.analytics.yahoo.com/ 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=1000817262812&d=Fri%2C%2002%20Feb%202024%2008%3A09%3A40%20GMT&n=-1&b=Pr%C3%AAt%20personnel%20auto%20%3A%20simulez%20en%20ligne%20et%20obtenez%20une%20r%C3%A9ponse%20de%20principe%20imm%C3%A9diate%20!%20(Cr%C3%A9dit%20Social%20des%20Fonctionnaires).&.yp=431415&f=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&enc=UTF-8&yv=1.15.1&tagmgr=gtm
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 02 Feb 2024 08:09:40 GMT
style.css
creditenligne.financo.fr/templates/ Frame DBC4 		93 B
323 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/templates/style.css
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
e10877eec0080e14abb92bde76eff03463c2bc81a591685a627385551f734684
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"8561-5d-60f2075faba40"
content-type
text/css
accept-ranges
bytes
content-length
93
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/ Frame DBC4 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
677958d2d89b86d1707daf67b1f5ed227ed16765c1b6f72149a744c5741283e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 02 Feb 2024 08:09:40 GMT
plugin.css
www.financo.fr/GestionCookies/css/ Frame DBC4 		752 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.financo.fr/GestionCookies/css/plugin.css
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.51.217.243 Annecy, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
b79bd0b50313f25168bbbc1f78cc3dd8877a2472713365ed240a7ff26981f3ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 12:14:22 GMT
server
nginx
content-type
text/css
server-timing
intid;desc=a34b809d75b0689f
content-length
752
x-xss-protection
1; mode=block
prototype.js
creditenligne.financo.fr/templates/javascript/ Frame DBC4 		160 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/templates/javascript/prototype.js
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
a812734873139b51008c64bb77e08703e23fdd1b25461dd06409141313836896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"8508-27f20-60f2075faba40"
content-type
application/javascript
accept-ranges
bytes
content-length
163616
x-xss-protection
1; mode=block
effects.js
creditenligne.financo.fr/templates/javascript/ Frame DBC4 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/templates/javascript/effects.js
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
055be203cf7225e94dec4a5f72ba1f469a499ac78c24d9366705c1099de812d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"8505-9647-60f2075faba40"
content-type
application/javascript
accept-ranges
bytes
content-length
38471
x-xss-protection
1; mode=block
plugin.js
www.financo.fr/GestionCookies/js/ Frame DBC4 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financo.fr/GestionCookies/js/plugin.js
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.51.217.243 Annecy, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
e4fc58f5df3c575b77edd4ab7485641529ef8488db019f06b57aac60ccf7db03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 17 Aug 2023 12:14:20 GMT
server
nginx
vary
accept-encoding
content-type
text/javascript
server-timing
intid;desc=fd7788351c6d134f
x-xss-protection
1; mode=block
js.js
creditenligne.financo.fr/templates/javascript/ Frame DBC4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/templates/javascript/js.js
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
07a9cb92926ffac7259a1179a3cd1ac94830e469b3e645d4e9879ba1ef81819e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"8507-a14-60f2075faba40"
content-type
application/javascript
accept-ranges
bytes
content-length
2580
x-xss-protection
1; mode=block
spinner_large.gif
creditenligne.financo.fr/templates/images/ Frame DBC4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/templates/images/spinner_large.gif
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
2fcd5410ba1b6b734ecb6fe56db265910136dc82219a69d090b1effb8c46bfc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"8502-1cc4-60f2075faba40"
content-type
image/gif
accept-ranges
bytes
content-length
7364
x-xss-protection
1; mode=block
webservice.php
creditenligne.financo.fr/ Frame DBC4 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/webservice.php?qname=q0&idcPrsFmu=O
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
5813edf7f12db09dc1a9607ef57cb3eea72c29f28b2471e42ec8714e3de24509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Feb 2024 08:09:40 GMT
server
nginx
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private, max-age=0, private, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=481884418601426&ev=PageView&dl=https%3A%2F%2Fwww.csf.fr&rl=&if=false&ts=1706861380900&sw=1600&sh=1200&v=2.9.144&r=stable&ec=0&o=4124&fbp=fb.1.1706861380899.106708568...
  • https://www.facebook.com/tr/?cas=6200955059950927%2C2910330689070006%2C1411899695589978&cdl=API_unavailable&coo=false&cs_cc=1&dl=https%3A%2F%2Fwww.csf.fr&ec=0&ev=PageView&exp=e1&fbp=fb.1.1706861380...
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?cas=6200955059950927%2C2910330689070006%2C1411899695589978&cdl=API_unavailable&coo=false&cs_cc=1&dl=https%3A%2F%2Fwww.csf.fr&ec=0&ev=PageView&exp=e1&fbp=fb.1.1706861380899.1067085681&hrl=f226c2&id=481884418601426&if=false&it=1706861380818&ler=empty&o=4124&pm=1&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1706861380900&v=2.9.144
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Feb 2024 08:09:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
content-type
text/plain
location
/tr/?cas=6200955059950927%2C2910330689070006%2C1411899695589978&cdl=API_unavailable&coo=false&cs_cc=1&dl=https%3A%2F%2Fwww.csf.fr&ec=0&ev=PageView&exp=e1&fbp=fb.1.1706861380899.1067085681&hrl=f226c2&id=481884418601426&if=false&it=1706861380818&ler=empty&o=4124&pm=1&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1706861380900&v=2.9.144
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
style_general.css
creditenligne.financo.fr/templates/ Frame DBC4 		773 B
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/templates/style_general.css
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/templates/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
bfa457558fe83e4a3e2536d9d2e534aeec436672c928c8a08caff5bb236ff2cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/templates/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"8566-305-60f2075faba40"
content-type
text/css
accept-ranges
bytes
content-length
773
x-xss-protection
1; mode=block
style_blocs.css
creditenligne.financo.fr/templates/ Frame DBC4 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/templates/style_blocs.css
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/templates/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
f3317f83ca4f48a586082c494b0bbd3113a550c973fb9463b3fd1b1bdbae4077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/templates/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
content-encoding
gzip
etag
W/"8563-d02-60f2075faba40"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
style_fonts.css
creditenligne.financo.fr/templates/ Frame DBC4 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/templates/style_fonts.css
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/templates/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
50706386d67d2e113f701b51c10ff757d60c7ff8ecc2fa2f857175b6155602e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/templates/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
content-encoding
gzip
etag
W/"8565-f2c-60f2075faba40"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame DBC4 		492 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c89c205b2f7f7d35937a3d94b5763fbe797c0f95d536fb61f3268fc5dd505ad1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://creditenligne.financo.fr/
Origin
https://creditenligne.financo.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:54:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200216
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:01:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 18:54:14 GMT
fbevents.js
connect.facebook.net/en_US/ Frame DBC4 		214 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 02 Feb 2024 08:09:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57202
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
pAlJyncxnGjz0fBzOtklhR/WLXNgV0s17siHAa3rt6Eu65hPe3Bu5X4CIhlxxYOvn5285uK2vS/EOVudp9V6Eg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
webservice.php
creditenligne.financo.fr/ Frame DBC4 		280 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/webservice.php?dp_v=2&qname=q0&dp_get_q=credit-auto-opcsf
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/webservice.php?qname=q0&idcPrsFmu=O
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
fb508193bbbb64c7d6c8da4c78a370c7bf4fdfbca7bfbda5639c3309277f1cf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Feb 2024 08:09:41 GMT
server
nginx
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private, max-age=0, private, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 26 Jul 1997 05:00:00 GMT
auto-FINANCO-AFFILIATION.css
creditenligne.financo.fr/templates/questionnaire/ Frame DBC4 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/templates/questionnaire/auto-FINANCO-AFFILIATION.css
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/webservice.php?qname=q0&idcPrsFmu=O
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
c4f5221422987d0499a60be25064be13f7b05fb1ad7839f784b4c5d5b6aabed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
content-encoding
gzip
etag
W/"8511-df6-60f2075faba40"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
ga.js
ssl.google-analytics.com/ Frame DBC4 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Feb 2024 07:54:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
884
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Fri, 02 Feb 2024 09:54:57 GMT
here.gif
creditenligne.financo.fr/templates/images/ Frame DBC4 		60 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/templates/images/here.gif
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
ab63be89e1d0f52ccffafeb26bfb81382ed95299526e920927eb3005cbcac992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"84ee-3c-60f2075faba40"
content-type
image/gif
accept-ranges
bytes
content-length
60
x-xss-protection
1; mode=block
212899359121946
connect.facebook.net/signals/config/ Frame DBC4 		52 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/212899359121946?v=2.9.144&r=stable&domain=www.csf.fr&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d2ffee811d750bfba51d1a040d84f6597758cf6af0378a754d58c70aa4270ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 02 Feb 2024 08:09:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
fsZJNdP2jLL9NiCY0Zt2zCwEUR4VFWWX8l/BAeSnG33gPS6JviNlV/odSERA5F3L9HRnUlj+i6MWmTO8hd3A+Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame DBC4 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=212899359121946&ev=PageView&dl=https%3A%2F%2Fcreditenligne.financo.fr%2Fcredit-auto-opcsf.php%3Fnotrack%3Doui&rl=https%3A%2F%2Fwww.csf.fr%2F&if=true&ts=1706861381413&sw=1600&sh=1200&v=2.9.144&r=stable&ec=0&o=4126&fbp=fb.2.1706861381412.705910853&ler=other&cdl=API_unavailable&it=1706861381311&coo=false&exp=e3&rqm=GET
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Feb 2024 08:09:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
anchor
www.google.com/recaptcha/api2/ Frame 9D8B 		46 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrvcQUAAAAAA-zGSAQ1dIFggdvCrIr9GtNo9Lh&co=aHR0cHM6Ly9jcmVkaXRlbmxpZ25lLmZpbmFuY28uZnI6NDQz&hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=tkfc3saixyzh
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__fr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab251e03727e0366235809a9ee20b4bd7a8e082b7f5ae1f125d2e4d0e236991a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h__wwCKY0pjnhm7ltltWZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://creditenligne.financo.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-h__wwCKY0pjnhm7ltltWZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 08:09:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 9D8B 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrvcQUAAAAAA-zGSAQ1dIFggdvCrIr9GtNo9Lh&co=aHR0cHM6Ly9jcmVkaXRlbmxpZ25lLmZpbmFuY28uZnI6NDQz&hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=tkfc3saixyzh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:01:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 08:01:42 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 9D8B 		492 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrvcQUAAAAAA-zGSAQ1dIFggdvCrIr9GtNo9Lh&co=aHR0cHM6Ly9jcmVkaXRlbmxpZ25lLmZpbmFuY28uZnI6NDQz&hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=tkfc3saixyzh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c89c205b2f7f7d35937a3d94b5763fbe797c0f95d536fb61f3268fc5dd505ad1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:54:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200216
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:01:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 18:54:14 GMT
MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js
www.google.com/js/bg/ Frame 9D8B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrvcQUAAAAAA-zGSAQ1dIFggdvCrIr9GtNo9Lh&co=aHR0cHM6Ly9jcmVkaXRlbmxpZ25lLmZpbmFuY28uZnI6NDQz&hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=tkfc3saixyzh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:01:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
220110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6929
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 19:01:11 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 9D8B 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrvcQUAAAAAA-zGSAQ1dIFggdvCrIr9GtNo9Lh&co=aHR0cHM6Ly9jcmVkaXRlbmxpZ25lLmZpbmFuY28uZnI6NDQz&hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=tkfc3saixyzh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d6ec3112fde7c127c259abde1d61541404e8db18527dd4afd5e7b690c9d432c2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrvcQUAAAAAA-zGSAQ1dIFggdvCrIr9GtNo9Lh&co=aHR0cHM6Ly9jcmVkaXRlbmxpZ25lLmZpbmFuY28uZnI6NDQz&hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=tkfc3saixyzh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 02 Feb 2024 08:09:41 GMT
apiClient.php
creditenligne.financo.fr/ws/client/ Frame DBC4 		717 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/ws/client/apiClient.php?functionname=calcul&appelant=creditenligne&canal=credit-auto-opcsf&montant=15000&duree=60
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/webservice.php?dp_v=2&qname=q0&dp_get_q=credit-auto-opcsf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
2b08ad86d6706a838445931c6add58724c92db1ca48b595d97c0ea36be0e0989
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Allow-Origin
*
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Feb 2024 08:09:41 GMT
server
nginx
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private, max-age=0
content-length
717
x-xss-protection
1; mode=block
expires
Mon, 26 Jul 1997 05:00:00 GMT
ajax_dispatch.php
creditenligne.financo.fr/ Frame DBC4 		330 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/ajax_dispatch.php
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/webservice.php?qname=q0&idcPrsFmu=O
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
39cef8f6aeb448155e77c4dfd42147e43ff557a71dd0c246dcc0cc6a254bddff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Feb 2024 08:09:41 GMT
server
nginx
content-type
text/css; charset=iso-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private, max-age=0
content-length
330
x-xss-protection
1; mode=block
expires
Mon, 26 Jul 1997 05:00:00 GMT
ajax_dispatch.php
creditenligne.financo.fr/ Frame DBC4 		327 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/ajax_dispatch.php
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/webservice.php?qname=q0&idcPrsFmu=O
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
9668969aa6f1d02e91bd587c98e03973dfb8eddbd42bef4dc3c98677d4917066
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Feb 2024 08:09:41 GMT
server
nginx
content-type
text/css; charset=iso-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private, max-age=0
content-length
327
x-xss-protection
1; mode=block
expires
Mon, 26 Jul 1997 05:00:00 GMT
ajax_dispatch.php
creditenligne.financo.fr/ Frame DBC4 		303 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/ajax_dispatch.php
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/webservice.php?qname=q0&idcPrsFmu=O
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
3c456b85d75402f38d5dc21e631d5e60f936fa823c390ced3069cbd82da555c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Feb 2024 08:09:41 GMT
server
nginx
content-type
text/css; charset=iso-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private, max-age=0
content-length
303
x-xss-protection
1; mode=block
expires
Mon, 26 Jul 1997 05:00:00 GMT
ajax_dispatch.php
creditenligne.financo.fr/ Frame DBC4 		306 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/ajax_dispatch.php
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/webservice.php?qname=q0&idcPrsFmu=O
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
2870fb7b03f8a46556ce41c0d5622473fbb7a1f84f5be9c7237ef31a4b089d03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Feb 2024 08:09:41 GMT
server
nginx
content-type
text/css; charset=iso-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private, max-age=0
content-length
306
x-xss-protection
1; mode=block
expires
Mon, 26 Jul 1997 05:00:00 GMT
ajax_dispatch.php
creditenligne.financo.fr/ Frame DBC4 		276 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/ajax_dispatch.php
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/webservice.php?qname=q0&idcPrsFmu=O
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
c2e41afccf2dac91eac99ab50e4dca4eca92ff91986bef3e332e212610d0588c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Feb 2024 08:09:41 GMT
server
nginx
content-type
text/css; charset=iso-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private, max-age=0
content-length
276
x-xss-protection
1; mode=block
expires
Mon, 26 Jul 1997 05:00:00 GMT
apiClient.php
creditenligne.financo.fr/ws/client/ Frame DBC4 		717 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://creditenligne.financo.fr/ws/client/apiClient.php?functionname=calcul&appelant=creditenligne&canal=credit-auto-opcsf&montant=15000&duree=60
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/webservice.php?dp_v=2&qname=q0&dp_get_q=credit-auto-opcsf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
2b08ad86d6706a838445931c6add58724c92db1ca48b595d97c0ea36be0e0989
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Allow-Origin
*
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Feb 2024 08:09:41 GMT
server
nginx
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private, max-age=0
content-length
717
x-xss-protection
1; mode=block
expires
Mon, 26 Jul 1997 05:00:00 GMT
info-bulle.gif
creditenligne.financo.fr/templates/images/ Frame DBC4 		690 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/templates/images/info-bulle.gif
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/templates/questionnaire/auto-FINANCO-AFFILIATION.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
ca9c7ce88d09ba6c73eff3402973a4b1249a8cf46c3ea9b3528e7620fe900c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/templates/questionnaire/auto-FINANCO-AFFILIATION.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"84f2-2b2-60f2075faba40"
content-type
image/gif
accept-ranges
bytes
content-length
690
x-xss-protection
1; mode=block
spinner.gif
creditenligne.financo.fr/templates/images/ Frame DBC4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/templates/images/spinner.gif
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
933ff16b42f8bc92603b880ec9135e163a559fbf2b2dc21692c576c1461bde7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"8501-755-60f2075faba40"
content-type
image/gif
accept-ranges
bytes
content-length
1877
x-xss-protection
1; mode=block
hr_img.png
creditenligne.financo.fr/templates/images/ Frame DBC4 		175 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/templates/images/hr_img.png
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
fa18175b9384ec395377b64ae1926a8b0889963112fcc3109ac278e57c4fa4c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"84ef-af-60f2075faba40"
content-type
image/png
accept-ranges
bytes
content-length
175
x-xss-protection
1; mode=block
parapluie.png
creditenligne.financo.fr/templates/images/ Frame DBC4 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/templates/images/parapluie.png
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
c640afea16fb267c2ef9b95dcbb60315b569659e2f606eb5ab30d0b32118aa96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"84fe-462-60f2075faba40"
content-type
image/png
accept-ranges
bytes
content-length
1122
x-xss-protection
1; mode=block
questionMark.png
creditenligne.financo.fr/templates/images/ Frame DBC4 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/templates/images/questionMark.png
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c057b7e7304a1f5d6187126599f5b81006fd155944e5f00dbfced543a86aebe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"84ff-54e-60f2075faba40"
content-type
image/png
accept-ranges
bytes
content-length
1358
x-xss-protection
1; mode=block
fond-et-x.png
creditenligne.financo.fr/templates/images/ Frame DBC4 		892 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/templates/images/fond-et-x.png
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
b0c9159daa654538945988db265dfd81522d5c8da653f2fd626debd29afb22eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"84eb-37c-60f2075faba40"
content-type
image/png
accept-ranges
bytes
content-length
892
x-xss-protection
1; mode=block
logo_DOC.gif
creditenligne.financo.fr/images/ Frame DBC4 		353 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/images/logo_DOC.gif
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
aed50609c1dab72b9c907b889566623ecc462d7c4caab54a35eb792f7ced26f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"8487-161-60f2075faba40"
content-type
image/gif
accept-ranges
bytes
content-length
353
x-xss-protection
1; mode=block
logo_PDF.jpg
creditenligne.financo.fr/images/ Frame DBC4 		669 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/images/logo_PDF.jpg
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
b6d608c643ce842fba1e3899ae287fa1a094e0a0a145d607e8f3b90b9518f2fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"848a-29d-60f2075faba40"
content-type
image/jpeg
accept-ranges
bytes
content-length
669
x-xss-protection
1; mode=block
icone-INFO.jpg
creditenligne.financo.fr/images/ Frame DBC4 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/images/icone-INFO.jpg
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2a05f73f49746568624ba70ef9bf3a0ca2db0ea1a4b727afa7d2078bb1cbfa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/credit-auto-opcsf.php?notrack=oui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"8482-418-60f2075faba40"
content-type
image/jpeg
accept-ranges
bytes
content-length
1048
x-xss-protection
1; mode=block
pd.js
email.csf.fr/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://email.csf.fr/pd.js
Requested by
Host: www.csf.fr
URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 08:09:41 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
last-modified
Thu, 01 Feb 2024 05:25:41 GMT
Server
PardotServer
etag
"15f4-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1988
expires
Sun, 01 Feb 2026 08:09:41 GMT
bframe
www.google.com/recaptcha/api2/ Frame E073 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LcrvcQUAAAAAA-zGSAQ1dIFggdvCrIr9GtNo9Lh
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ed50be1ff7f022e336113824a5aa0cd7e3d44d98f710b0d5171ae4dbc198233
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HIb0oMLKnKLia1PJcRk6OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://creditenligne.financo.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HIb0oMLKnKLia1PJcRk6OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 08:09:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
CCAS-mensu_back.gif
creditenligne.financo.fr/images/ Frame DBC4 		581 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditenligne.financo.fr/images/CCAS-mensu_back.gif
Requested by
Host: creditenligne.financo.fr
URL: https://creditenligne.financo.fr/templates/questionnaire/auto-FINANCO-AFFILIATION.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.20.42.171 Colombes, France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71ff796781639f178135f71c4588f64f43b4ae9f9a85c1301bfe9b3dd9b5c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creditenligne.financo.fr/templates/questionnaire/auto-FINANCO-AFFILIATION.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 08:59:13 GMT
server
nginx
etag
"8469-245-60f2075faba40"
content-type
image/gif
accept-ranges
bytes
content-length
581
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame E073 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LcrvcQUAAAAAA-zGSAQ1dIFggdvCrIr9GtNo9Lh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:01:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 08:01:42 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame E073 		492 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LcrvcQUAAAAAA-zGSAQ1dIFggdvCrIr9GtNo9Lh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c89c205b2f7f7d35937a3d94b5763fbe797c0f95d536fb61f3268fc5dd505ad1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:54:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200216
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:01:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 18:54:14 GMT
analytics
email.csf.fr/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://email.csf.fr/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=null&account_id=701443&title=Pr%C3%AAt%20personnel%20auto%20%3A%20simulez%20en%20ligne%20et%20obtenez%20une%20r%C3%A9ponse%20de%20principe%20imm%C3%A9diate%20!%20(Cr%C3%A9dit%20Social%20des%20Fonctionnaires).&url=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&referrer=&utm_campaign=PP240131&utm_medium=email&utm_source=Pardot
Requested by
Host: email.csf.fr
URL: https://email.csf.fr/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
3bbeabfd805d3065aadbacef97d40e68b1901bb55975f5417dc34284b30cd98b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 02 Feb 2024 08:09:42 GMT
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
x-pardot-canary
true
Content-Length
550
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
pi.pardot.com/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?conly=true&visitor_id=1557573315&visitor_id_sign=977928f5594de04db8658d4ba387c601209fb0ce48f65d66c65687d57bbe4b6bfe8334b27160a03cebc024973244023554ea1719&pi_opt_in=&campaign_id=101004&account_id=701443&title=Pr%C3%AAt%20personnel%20auto%20%3A%20simulez%20en%20ligne%20et%20obtenez%20une%20r%C3%A9ponse%20de%20principe%20imm%C3%A9diate%20!%20(Cr%C3%A9dit%20Social%20des%20Fonctionnaires).&url=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&referrer=&utm_campaign=PP240131&utm_medium=email&utm_source=Pardot
Requested by
Host: email.csf.fr
URL: https://email.csf.fr/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=null&account_id=701443&title=Pr%C3%AAt%20personnel%20auto%20%3A%20simulez%20en%20ligne%20et%20obtenez%20une%20r%C3%A9ponse%20de%20principe%20imm%C3%A9diate%20!%20(Cr%C3%A9dit%20Social%20des%20Fonctionnaires).&url=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&referrer=&utm_campaign=PP240131&utm_medium=email&utm_source=Pardot
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.csf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 02 Feb 2024 08:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SNR35HN0P8&gtm=45je41v0v884004885z8534347za200&_p=1706861379944&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=522614572.1706861381&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&dl=https%3A%2F%2Fwww.csf.fr%2Fjcms%2Fmle_832%2Fle-pret-personnel-auto%3Futm_medium%3Demail%26utm_source%3DPardot%26utm_campaign%3DPP240131&sid=1706861380&sct=1&seg=0&dt=Pr%C3%AAt%20personnel%20auto%20%3A%20simulez%20en%20ligne%20et%20obtenez%20une%20r%C3%A9ponse%20de%20principe%20imm%C3%A9diate%20!%20(Cr%C3%A9dit%20Social%20des%20Fonctionnaires).&_s=2&tfd=6830
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SNR35HN0P8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.csf.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 08:09:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.csf.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| UXT_CONF object| UXUtils object| UXAudience object| _gaq object| UXTesting function| jQueryCS boolean| isJqueryIncluded function| $ function| jQuery function| UAParser object| JCMS_Properties object| I18N object| google_tag_manager object| google_tag_data string| piAId string| piCId string| piHostname object| GooglebQhCsO object| dotq function| fbq function| _fbq object| uetq undefined| cz function| twq object| regeneratorRuntime object| twttr function| onYouTubeIframeAPIReady object| gaGlobal function| escapeJSONChar function| escapeJSONString function| toJSON function| JSONRpcClient object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position object| InputUtil object| FormUtil object| Util function| Notifier object| JcmsLogger function| cbSplit boolean| isIE boolean| isNN4 boolean| isNN7 boolean| isOPERA boolean| isSafari object| JcmsJsContext function| getFormElementPos function| updateOptionMenu function| setField function| clearField function| blankField function| uncheckElement function| uncheckAll function| checkAll function| checkAllwithId function| checkAllwithParentId function| _checkAllwithId function| selectAll function| selectAllwithId function| checkAndSubmitForm function| moveFormOption function| moveFormElement function| move2FormElement function| getUrlWithUpdatedParam function| popupWindow function| pause function| doOnLoad function| fillOpenerField function| getFormElementLastPos function| simpleSubmitForm function| confirmSubmitForm function| confirmSubmitFormLightBox function| getFormName function| restrictToNumerics function| submitForm function| confirmSubmit function| submitAction object| Sortable object| Droppables object| PortalSortable undefined| disablePrototypeJS undefined| pluginsToDisable function| setSelectedTab function| deprecatedModal function| promptJSAction function| promptAction function| confirmJSAction function| confirmAction function| confirmNoAction function| initUnloadMessage object| CtxMenuManager object| twemoji object| Modernizr function| elementQuery function| getEmPixels function| EvEmitter function| imagesLoaded function| moment function| $$ undefined| Sizzle function| Selector function| JcmsAjaxRequest function| JcmsJsonRequest object| JCMS function| namespace object| Popup function| Typeahead string| key object| Handlebars object| toastr function| lightGallery function| lgAutoplay function| lgVideo function| lgFullscreen function| lgThumbnail function| lgJPlatformZoom function| lgJPlatformAccessPub function| lgJPlatformImageEditor object| YAHOO function| domLoadFunc function| UET function| UET_init function| UET_push object| ueto_9a7fc8ef94 object| GoodaysSDK object| CritizrSDK function| e function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse

21 Cookies

Domain/Path Name / Value
www.csf.fr/jcms/mle_832 Name: jcms.prefs
Value: %7B%22id%22%3A%22jcms%22%7D
www.csf.fr/ Name: JSESSIONID
Value: F6550B6B9E5F3FBCA2918930FD5EEE79.jalios1
.csf.fr/ Name: _gcl_au
Value: 1.1.672135729.1706861381
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.csf.fr/ Name: _ga
Value: GA1.1.522614572.1706861381
.csf.fr/ Name: _uetsid
Value: 6a5e6640c1a211eea636cb66ab61b47e
.csf.fr/ Name: _uetvid
Value: 6a5e58e0c1a211eea4e09737fe575932
.t.co/ Name: muc_ads
Value: c6163486-3a20-42b4-ba44-b1376bb852c7
.twitter.com/ Name: personalization_id
Value: "v1_hUzTzm2LS4Z05kITc/aLxw=="
.bing.com/ Name: MUID
Value: 0FB38A98C0646F7130AF9E81C1236EC8
.csf.fr/ Name: _fbp
Value: fb.1.1706861380899.1067085681
.facebook.com/ Name: fr
Value: 0Wjw139o0OHSZxij4..BlvKNE...1.0.BlvKNE.
.yahoo.com/ Name: A3
Value: d=AQABBESjvGUCEDZP4sC-E1amyOW-c3UEuEsFEgEBAQH0vWXGZeWnJm0A_eMAAA&S=AQAAAvvtPrzdexDRmqIvb-3o-7M
.csf.fr/ Name: _ga_SNR35HN0P8
Value: GS1.1.1706861380.1.0.1706861381.0.0.0
email.csf.fr/ Name: visitor_id700443
Value: 1557573315
email.csf.fr/ Name: visitor_id700443-hash
Value: 977928f5594de04db8658d4ba387c601209fb0ce48f65d66c65687d57bbe4b6bfe8334b27160a03cebc024973244023554ea1719
email.csf.fr/ Name: lpv700443
Value: aHR0cHM6Ly93d3cuY3NmLmZyL2pjbXMvbWxlXzgzMi9sZS1wcmV0LXBlcnNvbm5lbC1hdXRvP3V0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1QYXJkb3QmdXRtX2NhbXBhaWduPVBQMjQwMTMx
www.csf.fr/ Name: visitor_id700443
Value: 1557573315
www.csf.fr/ Name: visitor_id700443-hash
Value: 977928f5594de04db8658d4ba387c601209fb0ce48f65d66c65687d57bbe4b6bfe8334b27160a03cebc024973244023554ea1719
.pardot.com/ Name: visitor_id700443
Value: 1557573315
.pardot.com/ Name: visitor_id700443-hash
Value: 977928f5594de04db8658d4ba387c601209fb0ce48f65d66c65687d57bbe4b6bfe8334b27160a03cebc024973244023554ea1719

13 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, geolocation, gyroscope, magnetometer, microphone, midi, payment, usb. Values defined in Permissions-Policy header will be used.
other warning URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131(Line 4311)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/481884418601426?v=2.9.144&r=stable&domain=www.csf.fr&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99(Line 80)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/212899359121946?v=2.9.144&r=stable&domain=www.csf.fr&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.csf.fr/jcms/mle_832/le-pret-personnel-auto?utm_medium=email&utm_source=Pardot&utm_campaign=PP240131
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https://* http://vir-www-jc1-pro.csf.asso.fr http://vir-www-jc2-pro.csf.asso.fr gap-iab://* wss://* data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
bat.bing.com
cdn.goodays.co
connect.facebook.net
creditenligne.financo.fr
d1m6l9dfulcyw7.cloudfront.net
email.csf.fr
googleads.g.doubleclick.net
pi.pardot.com
region1.google-analytics.com
s.yimg.com
sp.analytics.yahoo.com
ssl.google-analytics.com
static.ads-twitter.com
static.critizr.com
t.co
www.csf.fr
www.facebook.com
www.financo.fr
www.google.com
www.google.fr
www.googletagmanager.com
www.gstatic.com
104.244.42.131
104.244.42.5
146.75.116.157
18.208.125.13
18.66.192.129
194.51.217.243
2001:4860:4802:34::36
212.82.100.181
2620:1ec:46::60
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:806::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:831::2003
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
34.237.219.119
64.208.250.188
93.20.42.171
055be203cf7225e94dec4a5f72ba1f469a499ac78c24d9366705c1099de812d0
06bd71487830403dbe1b17f9334e63db0bfbe107327908d8317607e4ffa93858
073ab67870647d462760b77677e6d881753a5c9b24db4d8c02b55242493ff00f
07a9cb92926ffac7259a1179a3cd1ac94830e469b3e645d4e9879ba1ef81819e
08651b6f6de8fe69f211d09ad73c403135ab280e8e2fc20bb574f538bd377198
0c057b7e7304a1f5d6187126599f5b81006fd155944e5f00dbfced543a86aebe
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10db6d22f3e108f57e266297c422f4aa1d844d3698de439032a395e856935b84
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2009785a7837a1f07480d326dfef37ab64b452f0e2f0b3b87033638eba00f315
22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81
25ffca5d1f3efca45806bfb08d138eec6993ebc27172b19b83193501094a8d8c
2870fb7b03f8a46556ce41c0d5622473fbb7a1f84f5be9c7237ef31a4b089d03
2b08ad86d6706a838445931c6add58724c92db1ca48b595d97c0ea36be0e0989
2ba24537e7a0c89df8c9aec91566ce2b2f6b6be2d4f5d307959c9960d1c95775
2d2ffee811d750bfba51d1a040d84f6597758cf6af0378a754d58c70aa4270ec
2fcd5410ba1b6b734ecb6fe56db265910136dc82219a69d090b1effb8c46bfc0
3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631
3985f2314cd02932f090bee72d9b5bece5908802d6036337604d436a3b7e21c9
39cef8f6aeb448155e77c4dfd42147e43ff557a71dd0c246dcc0cc6a254bddff
3a8e8cf93ae6f6ca75864d1f4915d54da077f8b62deffb866b1e513adc6910d8
3baa16fc132d1193f6d745ed2ab7ea31754423ed7d91301f95f98e36cbf29a84
3bbeabfd805d3065aadbacef97d40e68b1901bb55975f5417dc34284b30cd98b
3c456b85d75402f38d5dc21e631d5e60f936fa823c390ced3069cbd82da555c0
3d1b72c2d45ff3c79abe735ca52813ab8e896cbd479e6f26db2725b1a0ed9644
3e2115237961f1cf2258a04220c3a29d53bf742215e223bdead3395c76cebbf7
3eaec069477cdbe458967da7a2d145cc3a53f1fd9c990f81ccea72abbf4ddbf6
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
49e131f6e998bdf5d0d386095157df5785c0dc1c99a3d64c25327a1885f04dc5
4fdc7b5042461555d756ef8bf251d292d15484c4e785f1ec057e2cfb70be54e1
50706386d67d2e113f701b51c10ff757d60c7ff8ecc2fa2f857175b6155602e7
531e02b7e3d1307f6f7b6b6e018ff0f211acc8372a6ce05f19f8e66704b34c5a
5813edf7f12db09dc1a9607ef57cb3eea72c29f28b2471e42ec8714e3de24509
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6097786c561eb1b4b32bd690970953e52bd2dcf46907c0548aa5d66de3ccc656
60ad62e349ec78296f83fb5bddbbc4f08a11db6ada7998ecf51d7bf80b82056b
675e9a463940e418ab8efef1af0106f008365673456a6a6e80b904bc6b926324
677958d2d89b86d1707daf67b1f5ed227ed16765c1b6f72149a744c5741283e4
6a8c9640148b0baff062a35be70345b862675970decaff687cc6bb1adb73d630
6eaf9de756dbe7b6600fb62fe4c579871304e5f4ec479b6d3531ff3747aaa08f
6ed50be1ff7f022e336113824a5aa0cd7e3d44d98f710b0d5171ae4dbc198233
74b1cac1b90b79214ab227c1ea8553e839263a6a5f649511b7fde7002e0214a5
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
81294541ba2024a0a59c90c657e9c68c05fe54ae553df38c6edd3108896b8f3c
82fea4d222f0530622b0e66cfd35ae62ca42f8385f96cc987e3be64487f3089e
834f5c01b302c6002f787b9ae77b5f1acb2eee03a8f1bccad0e378a231587fc5
933ff16b42f8bc92603b880ec9135e163a559fbf2b2dc21692c576c1461bde7c
9668969aa6f1d02e91bd587c98e03973dfb8eddbd42bef4dc3c98677d4917066
98770b7f95f84892346a0c35c4ee72e4822ad4ca190b6887e92044fe5b79321c
9d061bb9ff5ebc15c5880b6c21af95d495a0f32ef05a3cb6b3d6a6cc9930594a
a0c1b3e23a9eccf9d51efcdb5fe72451036853487dd5d786a1b4c109522ddf06
a2a05f73f49746568624ba70ef9bf3a0ca2db0ea1a4b727afa7d2078bb1cbfa9
a2f8e15ef0630ece1d5a9c2b6e80abf963bc6e9e7f6c790c8c705bf696572e3a
a71ff796781639f178135f71c4588f64f43b4ae9f9a85c1301bfe9b3dd9b5c99
a812734873139b51008c64bb77e08703e23fdd1b25461dd06409141313836896
ab251e03727e0366235809a9ee20b4bd7a8e082b7f5ae1f125d2e4d0e236991a
ab63be89e1d0f52ccffafeb26bfb81382ed95299526e920927eb3005cbcac992
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae82847dd8bc0bb5f14f11e98989a4d1ab07ddcb66a6bbc4b7fc1fe8193d72b8
aed50609c1dab72b9c907b889566623ecc462d7c4caab54a35eb792f7ced26f0
aeeff688a6cb7cb827bc2ef7a353136e94692a9ac55e403d654933c52ff44d33
b0c9159daa654538945988db265dfd81522d5c8da653f2fd626debd29afb22eb
b5ec06210c7e8aa758c09f3c562e9d5389f66e6d255b5ea15a08536f39bd00a8
b6d608c643ce842fba1e3899ae287fa1a094e0a0a145d607e8f3b90b9518f2fa
b79bd0b50313f25168bbbc1f78cc3dd8877a2472713365ed240a7ff26981f3ef
b7b1a9e026380482794719f831345a65d11a922ed0344400b4d1b6bd1935b667
bfa457558fe83e4a3e2536d9d2e534aeec436672c928c8a08caff5bb236ff2cb
c2e41afccf2dac91eac99ab50e4dca4eca92ff91986bef3e332e212610d0588c
c4f5221422987d0499a60be25064be13f7b05fb1ad7839f784b4c5d5b6aabed0
c640afea16fb267c2ef9b95dcbb60315b569659e2f606eb5ab30d0b32118aa96
c855e8ef3af3c5f4f46249aa14fb34f91138145a163a052b120ac4094c08f789
c89c205b2f7f7d35937a3d94b5763fbe797c0f95d536fb61f3268fc5dd505ad1
c8b08f62dc28632c0209e05ed0106800df07470b27ccd09e3ffd20f09c027903
ca9c7ce88d09ba6c73eff3402973a4b1249a8cf46c3ea9b3528e7620fe900c09
caa5b2bfbc3697a3f9aa1ebe5a0de47e7bc6527e5d0252eb2a2e700cae517571
cbb38942abbad6ff8356d1ee115cb05c5b487fd3ca469969fab6b046693ca92d
cbcd145728b1b2d585e64ec5d8323d75b154b6cb7455f34e21eb02556d266337
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfc5e54ee13fdda982d78aa068b593ccbccc182a8e54941bddc8482cfdabb077
d35e6d7d496f71792a1d2581dcd4443414ec4e7133bec692447941c5f7c1b50a
d45123ad4cf7d834c42944425475891bd20bd42c8c68452b7e764fbfb087fa76
d6ec3112fde7c127c259abde1d61541404e8db18527dd4afd5e7b690c9d432c2
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e10877eec0080e14abb92bde76eff03463c2bc81a591685a627385551f734684
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fc58f5df3c575b77edd4ab7485641529ef8488db019f06b57aac60ccf7db03
e7c24ff4f9df16482965ee583219cabc76e35e238986dbe5a0a2637c2a8631bd
e90685a2948ca13c8fe250dcfc20bb48c593d06ed3e54b67ac7246eeb3c2d89e
eac7fbd5d0483954ec951864041239c9b3737f44c4f844f4a0ec4b7d47a3b1a7
ec24b0b3da2a6502802a361e5057e6149378519aeb25e774a4d545dff3145d06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0887a983559998304983e928a55c950179112fd4c76e45bc41df0d71be5cc32
f1736cbdcc082e597c00e8f112bac31e9a22a96d7131aef645bf5d8ff74b4730
f3317f83ca4f48a586082c494b0bbd3113a550c973fb9463b3fd1b1bdbae4077
f41526fbf3a8d51b6803c5a53724825dcf6c1dd00be7de9cd9e1296fdc9569c5
fa18175b9384ec395377b64ae1926a8b0889963112fcc3109ac278e57c4fa4c0
fb508193bbbb64c7d6c8da4c78a370c7bf4fdfbca7bfbda5639c3309277f1cf9