support.grandlyon.com Open in urlscan Pro
5.196.106.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://demarches-support.grandlyon.com/
Effective URL:
https://support.grandlyon.com/
Submission: On December 19 via automatic, source certstream-suspicious (December 19th 2023, 7:15:24 am UTC) — Scanned from FR

Summary HTTP 19 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 5.196.106.224, located in France and belongs to OVH, FR. The main domain is support.grandlyon.com.
TLS certificate: Issued by Gandi Standard SSL CA 2 on May 15th 2023. Valid for: a year.

This is the only time support.grandlyon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 20	5.196.106.224 5.196.106.224		16276 (OVH) (OVH)
19	1

20 5.196.106.224 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: node1-output.prod.saas.entrouvert.org

demarches-support.grandlyon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
support.grandlyon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	grandlyon.com 1 redirects demarches-support.grandlyon.com support.grandlyon.com	1 MB
19	1

	Domain	Requested by
19	support.grandlyon.com	support.grandlyon.com
1	demarches-support.grandlyon.com	1 redirects
19	2

This site contains links to these domains. Also see Links.

Domain
connexion.toodego.com
demarches-support.grandlyon.com
www.grandlyon.com

Subject Issuer	Validity	Valid
*.grandlyon.com Gandi Standard SSL CA 2	`2023-05-15` - `2024-05-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://support.grandlyon.com/
Frame ID: 08D7A66A930FE91854922362C9F72085
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Accueil | Service d'Assistance aux Utilisateurs

Page URL History Show full URLs

https://demarches-support.grandlyon.com/ HTTP 302
https://support.grandlyon.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1158 kB
Transfer

1375 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://connexion.toodego.com/register/?next=https%3A%2F%2Fsupport.grandlyon.com%2F
Title: Inscription

Search URL Search Domain Scan URL

URL: https://demarches-support.grandlyon.com/retour-toodego
Title: Formulaire Toodego

Search URL Search Domain Scan URL

URL: https://demarches-support.grandlyon.com/retour-glc
Title: Formulaire GLC

Search URL Search Domain Scan URL

URL: http://www.grandlyon.com/
Title: un site de la Métropole de Lyon

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://demarches-support.grandlyon.com/ HTTP 302
https://support.grandlyon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
support.grandlyon.com/
Redirect Chain

https://demarches-support.grandlyon.com/
https://support.grandlyon.com/

14 KB
4 KB

194ms
104ms

Document
text/html

5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

f41fc483e8ebcec5162d3a4c36ab825fcf8bb523c2891d9990579ac716b3ac3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 07:15:20 GMT
permissions-policy: interest-cohort=()
strict-transport-security: max-age=63072000
vary: Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, must-revalidate private
content-length: 73
content-type: text/plain; charset=utf-8
date: Tue, 19 Dec 2023 07:15:19 GMT
expires: -1
location: https://support.grandlyon.com/
permissions-policy: interest-cohort=()
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
support.grandlyon.com/static/xstatic/ 87 KB
31 KB 34ms
31ms Script
application/javascript 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grandlyon.com/static/xstatic/jquery.min.js

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 04 Apr 2022 12:43:19 GMT
content-encoding: gzip
etag: W/"624ae7e7-15d84"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 style.css
support.grandlyon.com/static/grandlyon-sau/ 168 KB
26 KB 48ms
46ms Stylesheet
text/css 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

4e669fdc9139ff271a3667f1a97bc0df041338d8e178190cc3f7fa83efb9a29a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Fri, 08 Dec 2023 14:34:12 GMT
content-encoding: gzip
etag: W/"65732964-29e1e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 combo.public.js Show response
support.grandlyon.com/static/js/ 17 KB
5 KB 15ms
15ms Script
application/javascript 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grandlyon.com/static/js/combo.public.js?20231219.0815

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

dd6b3a80db9fd3e3b9e7162897a9cdf4a3fecb74dc046dab9a3275d3bcf89b70

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Tue, 14 Nov 2023 09:34:25 GMT
content-encoding: gzip
etag: W/"65533f21-422b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 combo.back.js Show response
support.grandlyon.com/static/js/ 984 B
892 B 14ms
14ms Script
application/javascript 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grandlyon.com/static/js/combo.back.js?20231219.0815

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

2308a6a572ef1598b5e911b47d81681ae1f2cddfc485ec6d0f93362954f225f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Fri, 08 Dec 2023 14:34:12 GMT
content-encoding: gzip
etag: W/"65732964-3d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 extra.js Show response
support.grandlyon.com/static/grandlyon-sau/ 403 B
684 B 14ms
14ms Script
application/javascript 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grandlyon.com/static/grandlyon-sau/extra.js?20231219.0815

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

b1a709bb2e34b7a8ffda3c806b2867b62c3b1652c1c58299523c814183ff9bbd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Fri, 08 Dec 2023 14:34:12 GMT
content-encoding: gzip
etag: W/"65732964-193"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 cookie_usage_consent.js Show response
support.grandlyon.com/static/js/ 3 KB
2 KB 49ms
46ms Script
application/javascript 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grandlyon.com/static/js/cookie_usage_consent.js?20231219.0815

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

310c8a0ac8cc5305aaaaa79a380e340154dfd22b8c6ebd562ad90c40c7c70fa7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Fri, 08 Dec 2023 14:34:12 GMT
content-encoding: gzip
etag: W/"65732964-c69"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 homepage-bg.png
support.grandlyon.com/static/grandlyon-sau/img/ 17 KB
17 KB 15ms
12ms Image
image/png 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.grandlyon.com/static/grandlyon-sau/img/homepage-bg.png

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

0604e661a056932482099c97f59557a3f409e28d831f16896efc5e57a2a6d90d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Fri, 08 Dec 2023 14:34:12 GMT
etag: "65732964-43b3"
content-type: image/png
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 17331
x-xss-protection: 1; mode=block

GET
H2 200 logo-sau.png
support.grandlyon.com/static/grandlyon-sau/img/ 7 KB
7 KB 42ms
39ms Image
image/png 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.grandlyon.com/static/grandlyon-sau/img/logo-sau.png

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

cd54d4f6cdce6234fc60075e48466e30275d4d1f18ee3b3a462a577e805f3161

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Fri, 08 Dec 2023 14:34:12 GMT
etag: "65732964-1bea"
content-type: image/png
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 7146
x-xss-protection: 1; mode=block

GET
H2 200 SourceSansPro-Regular.otf
support.grandlyon.com/static/fonts/SourceSansPro/ 224 KB
225 KB 17ms
14ms Font
application/octet-stream 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grandlyon.com/static/fonts/SourceSansPro/SourceSansPro-Regular.otf

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

6b096b47206d8f78a2c49af2f2ae46b35d93b0e3cf105a9febef59144aa2eae2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815
Origin: https://support.grandlyon.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Fri, 08 Dec 2023 14:34:12 GMT
etag: "65732964-380d4"
content-type: application/octet-stream
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 229588
x-xss-protection: 1; mode=block

GET
H2 200 service-grandlyon-connect.png
support.grandlyon.com/media/assets/ 22 KB
22 KB 48ms
48ms Image
image/png 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.grandlyon.com/media/assets/service-grandlyon-connect.png

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

330dd9776fe1aeddea3817f0b2fb4e989004cd1e54ec97cc4ec32e0a3accbed3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Thu, 09 Mar 2023 22:10:25 GMT
etag: "640a5951-57b7"
content-type: image/png
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 22455
x-xss-protection: 1; mode=block

GET
H2 200 service-ecolyo.png
support.grandlyon.com/media/assets/ 5 KB
5 KB 49ms
49ms Image
image/png 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.grandlyon.com/media/assets/service-ecolyo.png

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

ef3f7b90ee908e06f62a14e15312b202b7fa37e8a9a9cf5137f2b0d3290f5995

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Thu, 09 Mar 2023 22:10:59 GMT
etag: "640a5973-137e"
content-type: image/png
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 4990
x-xss-protection: 1; mode=block

GET
H2 200 service-toodego.png
support.grandlyon.com/media/assets/ 92 KB
92 KB 45ms
45ms Image
image/png 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.grandlyon.com/media/assets/service-toodego.png

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

a0cac4aeb183c3ce745f2818ed2340599d51c560ad7e5b623b4a897200aeb014

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Thu, 09 Mar 2023 22:12:05 GMT
etag: "640a59b5-16e6a"
content-type: image/png
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 93802
x-xss-protection: 1; mode=block

GET
H2 200 Logo_SVG_Bleu.svg
support.grandlyon.com/media/assets/ 2 KB
1 KB 47ms
47ms Image
image/svg+xml 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.grandlyon.com/media/assets/Logo_SVG_Bleu.svg

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

e7a759a9cc8cade450cc7ccc7a2b9b5af16489887573fe3303fb5998e8eac032

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Tue, 27 Jun 2023 15:09:40 GMT
content-encoding: gzip
etag: W/"649afbb4-7f1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 Laclasse.com.png
support.grandlyon.com/media/assets/ 348 KB
348 KB 51ms
51ms Image
image/png 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.grandlyon.com/media/assets/Laclasse.com.png

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

472e528e47d5bf77b4d8f7b317ac2e60774620510f53b95acf42fe783e145bf0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Tue, 28 Mar 2023 14:15:42 GMT
etag: "6422f68e-56e71"
content-type: image/png
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 355953
x-xss-protection: 1; mode=block

GET
H2 200 Logo_Mes_Papiers_Logo_-_Horizontal.png
support.grandlyon.com/media/assets/ 61 KB
61 KB 50ms
49ms Image
image/png 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.grandlyon.com/media/assets/Logo_Mes_Papiers_Logo_-_Horizontal.png

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

1cd64955eabd6a8ccb241c272bbde48b43d63309a8f8d3f415879191f21e505e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Tue, 02 May 2023 15:46:10 GMT
etag: "64513042-f297"
content-type: image/png
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 62103
x-xss-protection: 1; mode=block

GET
H2 200 footer-metropole-plus.png
support.grandlyon.com/static/grandlyon-sau/img/ 3 KB
3 KB 53ms
52ms Image
image/png 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.grandlyon.com/static/grandlyon-sau/img/footer-metropole-plus.png

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

d6f94cf5400cfce64558411be03f08768946dcfb994902a85b1a36c6af1de064

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Fri, 08 Dec 2023 14:34:12 GMT
etag: "65732964-bad"
content-type: image/png
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 2989
x-xss-protection: 1; mode=block

GET
H2 200 SourceSansPro-Bold.otf
support.grandlyon.com/static/fonts/SourceSansPro/ 230 KB
230 KB 40ms
40ms Font
application/octet-stream 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grandlyon.com/static/fonts/SourceSansPro/SourceSansPro-Bold.otf

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

9b8bd174f97413334e317be808d14d0ff8f6efed79a69299d84384c7e10e9312

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815
Origin: https://support.grandlyon.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Fri, 08 Dec 2023 14:34:12 GMT
etag: "65732964-39678"
content-type: application/octet-stream
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 235128
x-xss-protection: 1; mode=block

GET
H2 200 fontawesome-webfont.woff2
support.grandlyon.com/static/xstatic/fonts/ 75 KB
76 KB 49ms
49ms Font
application/octet-stream 5.196.106.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grandlyon.com/static/xstatic/fonts/fontawesome-webfont.woff2

Requested by

Host: support.grandlyon.com
URL: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.196.106.224 , France, ASN16276 (OVH, FR),

Reverse DNS

node1-output.prod.saas.entrouvert.org

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.grandlyon.com/static/grandlyon-sau/style.css?20231219.0815
Origin: https://support.grandlyon.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:15:20 GMT
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; img-src 'self' data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 24 Oct 2016 15:52:54 GMT
etag: "580e2e56-12d68"
content-type: application/octet-stream
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.grandlyon.com/	1970-01-20 17:47:28	Name: hasConsent Value: true

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

demarches-support.grandlyon.com
support.grandlyon.com
5.196.106.224
0604e661a056932482099c97f59557a3f409e28d831f16896efc5e57a2a6d90d
1cd64955eabd6a8ccb241c272bbde48b43d63309a8f8d3f415879191f21e505e
2308a6a572ef1598b5e911b47d81681ae1f2cddfc485ec6d0f93362954f225f3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
310c8a0ac8cc5305aaaaa79a380e340154dfd22b8c6ebd562ad90c40c7c70fa7
330dd9776fe1aeddea3817f0b2fb4e989004cd1e54ec97cc4ec32e0a3accbed3
472e528e47d5bf77b4d8f7b317ac2e60774620510f53b95acf42fe783e145bf0
4e669fdc9139ff271a3667f1a97bc0df041338d8e178190cc3f7fa83efb9a29a
6b096b47206d8f78a2c49af2f2ae46b35d93b0e3cf105a9febef59144aa2eae2
9b8bd174f97413334e317be808d14d0ff8f6efed79a69299d84384c7e10e9312
a0cac4aeb183c3ce745f2818ed2340599d51c560ad7e5b623b4a897200aeb014
b1a709bb2e34b7a8ffda3c806b2867b62c3b1652c1c58299523c814183ff9bbd
cd54d4f6cdce6234fc60075e48466e30275d4d1f18ee3b3a462a577e805f3161
d6f94cf5400cfce64558411be03f08768946dcfb994902a85b1a36c6af1de064
dd6b3a80db9fd3e3b9e7162897a9cdf4a3fecb74dc046dab9a3275d3bcf89b70
e7a759a9cc8cade450cc7ccc7a2b9b5af16489887573fe3303fb5998e8eac032
ef3f7b90ee908e06f62a14e15312b202b7fa37e8a9a9cf5137f2b0d3290f5995
f41fc483e8ebcec5162d3a4c36ab825fcf8bb523c2891d9990579ac716b3ac3b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

support.grandlyon.com Open in urlscan Pro 5.196.106.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

1158 kBTransfer

1375 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

support.grandlyon.com Open in urlscan Pro
5.196.106.224 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1158 kB
Transfer

1375 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions