accounts.google.com Open in urlscan Pro
2a00:1450:4001:813::200d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://account-factory.istefr.fr/
Effective URL:
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26z...
Submission: On February 16 via automatic, source certstream-suspicious (February 16th 2023, 3:16:42 am UTC) — Scanned from FR

Summary HTTP 71 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 71 HTTP transactions. The main IP is 2a00:1450:4001:813::200d, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is accounts.google.com. The Cisco Umbrella rank of the primary domain is 76.
TLS certificate: Issued by GTS CA 1C3 on February 1st 2023. Valid for: 3 months.

This is the only time accounts.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	13.225.78.90 13.225.78.90	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1 1	2a05:d012:699... 2a05:d012:699:d102:a411:a749:dd44:9748	16509 (AMAZON-02) (AMAZON-02)
1 4	52.48.103.115 52.48.103.115	16509 (AMAZON-02) (AMAZON-02)
1	18.66.23.59 18.66.23.59	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211a:1000:c:7267:8d00:21	16509 (AMAZON-02) (AMAZON-02)
15	54.239.36.191 54.239.36.191	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:813::200d	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
71	13

23 13.225.78.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-90.fra2.r.cloudfront.net

account-factory.istefr.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d012:699:d102:a411:a749:dd44:9748 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)

prd-account-factory-domain.auth.eu-west-3.amazoncognito.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.48.103.115 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-103-115.eu-west-1.compute.amazonaws.com

portal.sso.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.23.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-59.vie50.r.cloudfront.net

vwis-login.awsapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211a:1000:c:7267:8d00:21 (United States)

ASN16509 (AMAZON-02, US)

d250zetdqyq0c4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.239.36.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

eu-west-1.signin.aws.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	istefr.fr account-factory.istefr.fr	2 MB
15	amazon.com eu-west-1.signin.aws.amazon.com — Cisco Umbrella Rank: 88907	744 KB
14	gstatic.com fonts.gstatic.com ssl.gstatic.com	141 KB
7	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 76 play.google.com — Cisco Umbrella Rank: 21	527 KB
4	amazonaws.com 1 redirects portal.sso.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 188732 website.sso-portal.eu-west-1.amazonaws.com Failed	1 KB
2	youtube.com accounts.youtube.com — Cisco Umbrella Rank: 842	14 KB
2	cloudfront.net d250zetdqyq0c4.cloudfront.net	5 MB
1	awsapps.com vwis-login.awsapps.com	1 KB
1	amazoncognito.com 1 redirects prd-account-factory-domain.auth.eu-west-3.amazoncognito.com	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 346	22 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
0	Failed function sub() { [native code] }. Failed
71	12

	Domain	Requested by
23	account-factory.istefr.fr	account-factory.istefr.fr
15	eu-west-1.signin.aws.amazon.com	d250zetdqyq0c4.cloudfront.net eu-west-1.signin.aws.amazon.com account-factory.istefr.fr
8	fonts.gstatic.com	accounts.google.com
6	ssl.gstatic.com
5	accounts.google.com	1 redirects account-factory.istefr.fr accounts.google.com
4	portal.sso.eu-west-1.amazonaws.com	1 redirects d250zetdqyq0c4.cloudfront.net
2	play.google.com
2	accounts.youtube.com	account-factory.istefr.fr
2	d250zetdqyq0c4.cloudfront.net	vwis-login.awsapps.com d250zetdqyq0c4.cloudfront.net
1	vwis-login.awsapps.com	account-factory.istefr.fr
1	prd-account-factory-domain.auth.eu-west-3.amazoncognito.com	1 redirects
1	cdn.jsdelivr.net	account-factory.istefr.fr
1	fonts.googleapis.com	account-factory.istefr.fr
0	truncated Failed	eu-west-1.signin.aws.amazon.com
0	website.sso-portal.eu-west-1.amazonaws.com Failed	d250zetdqyq0c4.cloudfront.net
71	15

This site contains links to these domains. Also see Links.

Domain
support.google.com

Subject Issuer	Validity	Valid
account-factory.istefr.fr Amazon RSA 2048 M01	`2023-02-15` - `2024-03-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.awsapps.com Amazon	`2022-03-22` - `2023-04-20`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
portal.sso.eu-west-1.amazonaws.com Amazon RSA 2048 M02	`2023-02-10` - `2023-09-03`	7 months	crt.sh
eu-west-1.signin.aws Amazon RSA 2048 M01	`2023-01-14` - `2023-12-24`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&ltmpl=popup&oauth=1&faa=1&sarp=1&scc=1
Frame ID: 5F3227D689ED92D88A2D3B46FB44BF0A
Requests: 71 HTTP requests in this frame

Frame: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-1354791528&timestamp=1676517399677
Frame ID: E3DFE420859F726354624F3CF5ACC5EE
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/_/bscframe
Frame ID: AE710CE1F5961AFF61ABF9D58EAD94A3
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/cspreport
Frame ID: 40436A70CCC466A0C7F05CC708E9BEA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connexion : comptes Google

Page URL History Show full URLs

https://account-factory.istefr.fr/ Page URL
https://prd-account-factory-domain.auth.eu-west-3.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Faccount-factory.istefr.fr&respon... HTTP 302
https://portal.sso.eu-west-1.amazonaws.com/saml/assertion/NTQ1MzcyOTgzMTkwX2lucy0wNzJlMzZmNmNjMDlkZTM3?SAMLRequest=fVLL... HTTP 303
https://vwis-login.awsapps.com/start/?relayId=bd3cf2de-3f5b-4726-9430-b500380918b6_4d919d44-eb36-41b6-aaa2-... Page URL
https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1 Page URL
https://accounts.google.com/o/saml2/idp?idpid=C03ufh3nx HTTP 302
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/id... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

71
Requests

96 %
HTTPS

69 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

8490 kB
Transfer

11251 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/chrome/answer/6130773?hl=fr
Title: En savoir plus

Search URL Search Domain Scan URL

URL: https://support.google.com/accounts?hl=fr&p=account_iph
Title: Aide

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://account-factory.istefr.fr/ Page URL
https://prd-account-factory-domain.auth.eu-west-3.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Faccount-factory.istefr.fr&response_type=token&client_id=28jh6e2ftk8ir69l3gcag5p5nj&state=G4Cz7IZrVqUxQEo2QMDoab7qRbTbEklv&scope=email%20openid&identity_provider=AWS-SSO HTTP 302
https://portal.sso.eu-west-1.amazonaws.com/saml/assertion/NTQ1MzcyOTgzMTkwX2lucy0wNzJlMzZmNmNjMDlkZTM3?SAMLRequest=fVLLbuIwFN33KyLvnYdDQ7FIKjSoUkcNo0JaVWwqj2Oop7Gd8XUK5OsnBBoNG%2BSVrfPSOZ7e71XlfQkL0ugURX6IPKG5KaXepuileMB36D67mQJTFanprHEfein%2BNgKcNwMQ1nW8H0ZDo4RdCfsluXhZPqXow7kaaBDUtsSMc9NohzeMO2MPuDSKSe2zTswXDd51Yjj2mWKt6ay3Wjrjc6OC3jSQZW0F1J2HQN68w0rNXJ928DDWscoHMINcdJZjOxikAvYdOFgUz1He8sOvYtvmxefujVQNP4S7Rfuzytu1WqjFn3xefa6LPEbe4zxF7%2BT35nYcxhyPN8kYj4iY4Akb3eKS8f6MkvIIBWjEowbHtEsRCUmMQ4KjpAhjGiU0TnwSj9bIe%2F1unBwb7zbQQE8dp6ixmhoGEqhmSgB1nK5m%2BRPtoLS2xhluKpSdJqG9ofUejFXMXeceX2SJNz2UCu2kO1x4X6cP7aHsCDv1S897UajpMOX7qozy5WQd7afB%2Fymz8%2FXyH2X%2FAA%3D%3D&RelayState=H4sIAAAAAAAAAF2RSZObMBCF_4vOFsO-3Qjx2EkNYxsM2KRSlBBisQGxSDZxKv89OuWQ23vVX7_qev0bIOACwuGTLAxqeVQqQehkygo2oBATL41gFB2Ew8Kp9q0xiVqxu93OptNpNUa1MRrDTQClABrGxsV9e0MYUz4wWCHM6PxLahdGqlmqZsERwTF6J4PQldCRF3wIWQP3ByA9ajth6EiGtgQ_N6ARxE73X9a3bE6meD1tqXoKvlJUWFNYnIvtvXuIhbvA-m5n2PSw_QxWJeFGrfmBEljQuzpdl8jL5_tZDbSrvl_4yuJj-JJjv0kIxiPXlQ4jNTu-oxZzo_hev_w87A41btOgvvE4DU0W01Rb7OQRPM7P0yXJoykb-V4nxuznR49V-vXxocA89afpy54ZVsobc8SQ7_owk-3LJcLPcmWNHKAn88TFnbh4nEv4X1WwpKKDQUKcNdK_v0ioRy86YFoPLaMSpr1I6IGrmJZpKJbmmBswArdC3UI2YBbRqCod2SxtWDmlAXUNmxCpDoIyUlVcYKWwZR38-Qv3Ggi5_wEAAA.H4sIAAAAAAAAAJueXJe-g2Gn8Pelp6aulTG3yre5ExUsU3T-6Yl014kvG5MA8tpDHSAAAAA.2 HTTP 303
https://vwis-login.awsapps.com/start/?relayId=bd3cf2de-3f5b-4726-9430-b500380918b6_4d919d44-eb36-41b6-aaa2-f1bf15ccaedd Page URL
https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1 Page URL
https://accounts.google.com/o/saml2/idp?idpid=C03ufh3nx HTTP 302
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&ltmpl=popup&oauth=1&faa=1&sarp=1&scc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://prd-account-factory-domain.auth.eu-west-3.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Faccount-factory.istefr.fr&response_type=token&client_id=28jh6e2ftk8ir69l3gcag5p5nj&state=G4Cz7IZrVqUxQEo2QMDoab7qRbTbEklv&scope=email%20openid&identity_provider=AWS-SSO HTTP 302
https://portal.sso.eu-west-1.amazonaws.com/saml/assertion/NTQ1MzcyOTgzMTkwX2lucy0wNzJlMzZmNmNjMDlkZTM3?SAMLRequest=fVLLbuIwFN33KyLvnYdDQ7FIKjSoUkcNo0JaVWwqj2Oop7Gd8XUK5OsnBBoNG%2BSVrfPSOZ7e71XlfQkL0ugURX6IPKG5KaXepuileMB36D67mQJTFanprHEfein%2BNgKcNwMQ1nW8H0ZDo4RdCfsluXhZPqXow7kaaBDUtsSMc9NohzeMO2MPuDSKSe2zTswXDd51Yjj2mWKt6ay3Wjrjc6OC3jSQZW0F1J2HQN68w0rNXJ928DDWscoHMINcdJZjOxikAvYdOFgUz1He8sOvYtvmxefujVQNP4S7Rfuzytu1WqjFn3xefa6LPEbe4zxF7%2BT35nYcxhyPN8kYj4iY4Akb3eKS8f6MkvIIBWjEowbHtEsRCUmMQ4KjpAhjGiU0TnwSj9bIe%2F1unBwb7zbQQE8dp6ixmhoGEqhmSgB1nK5m%2BRPtoLS2xhluKpSdJqG9ofUejFXMXeceX2SJNz2UCu2kO1x4X6cP7aHsCDv1S897UajpMOX7qozy5WQd7afB%2Fymz8%2FXyH2X%2FAA%3D%3D&RelayState=H4sIAAAAAAAAAF2RSZObMBCF_4vOFsO-3Qjx2EkNYxsM2KRSlBBisQGxSDZxKv89OuWQ23vVX7_qev0bIOACwuGTLAxqeVQqQehkygo2oBATL41gFB2Ew8Kp9q0xiVqxu93OptNpNUa1MRrDTQClABrGxsV9e0MYUz4wWCHM6PxLahdGqlmqZsERwTF6J4PQldCRF3wIWQP3ByA9ajth6EiGtgQ_N6ARxE73X9a3bE6meD1tqXoKvlJUWFNYnIvtvXuIhbvA-m5n2PSw_QxWJeFGrfmBEljQuzpdl8jL5_tZDbSrvl_4yuJj-JJjv0kIxiPXlQ4jNTu-oxZzo_hev_w87A41btOgvvE4DU0W01Rb7OQRPM7P0yXJoykb-V4nxuznR49V-vXxocA89afpy54ZVsobc8SQ7_owk-3LJcLPcmWNHKAn88TFnbh4nEv4X1WwpKKDQUKcNdK_v0ioRy86YFoPLaMSpr1I6IGrmJZpKJbmmBswArdC3UI2YBbRqCod2SxtWDmlAXUNmxCpDoIyUlVcYKWwZR38-Qv3Ggi5_wEAAA.H4sIAAAAAAAAAJueXJe-g2Gn8Pelp6aulTG3yre5ExUsU3T-6Yl014kvG5MA8tpDHSAAAAA.2 HTTP 303
https://vwis-login.awsapps.com/start/?relayId=bd3cf2de-3f5b-4726-9430-b500380918b6_4d919d44-eb36-41b6-aaa2-f1bf15ccaedd

71 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
account-factory.istefr.fr/ 40 KB
41 KB 187ms
111ms Document
text/html 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cf959877f4603b93bf6642bd201fcaa9156e1e91dc371cfed93b14e36e5e5fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
content-length: 41271
content-type: text/html
date: Thu, 16 Feb 2023 03:16:36 GMT
etag: "4994f5ba10bf074a7073be7dab578565"
last-modified: Wed, 15 Feb 2023 16:30:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=31536000
vary: Origin
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-amz-cf-id: lnhke5xWPMMYZpPwrTq8XNn2e3oQIog4PsGvkoIwpfEf9qfexIp-Jw==
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 100ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2dc460864a60ac3ce89c4c6fab1c62ef9171ac1365cc47aa8aca95ecb06f0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 03:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 02:47:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 03:16:35 GMT

GET
H2 200 style.css
account-factory.istefr.fr/css/ 3 KB
3 KB 121ms
116ms Stylesheet
text/css 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/css/style.css

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b233f49facee6c91429c55aeda71aebb58ead76a4c28de713bf5432ad8695f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3021
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 16:30:46 GMT
server: AmazonS3
etag: "157499fc39fc07550e70899274f3b7c1"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: AcyYoLAYfQMHaspS2K1XA83zBzHvSL9hmOzlGzshCg-ts7TZuFC8Hg==

GET
H2 200 jquery-3.5.1.js Show response
account-factory.istefr.fr/js/ 292 KB
292 KB 171ms
166ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/jquery-3.5.1.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c5af9f03be3be68535a059f0a4ba8156b6fd67d396a41ab0d1141976917adb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 298500
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:50:20 GMT
server: AmazonS3
etag: "bdd7aa7515742d328fa035e786b43f95"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 0AzBcSoogp_XeMTNblg9zCCDTMqxeWaJ_2hPc1jmE5K3kg3bVJA6gg==

GET
H2 200 datatables.min.js Show response
account-factory.istefr.fr/js/ 88 KB
89 KB 186ms
180ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/datatables.min.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b4888aa8e4ff02cd573587e8443db6845cfbe90848f2f60835dade254db062e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC8EH2SDTZ98WGZ
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 90529
x-amz-id-2: s75yxuOZeZ3kQ5pKIKJ26QmnUzzKqkaJoB5oDRdul4qQg30CdwLakKuQGTntwDMNXKOKKSPt4Tc=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 16:30:48 GMT
server: AmazonS3
etag: "db1633e576dc47493985d5dea18ad2a2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: oQ7_xMy1xluMA_scnd3Sz4muFjjet-_YyHfc9GXyB9z7El0vhvQZWg==

GET
H2 200 main.js Show response
account-factory.istefr.fr/js/ 23 KB
24 KB 145ms
139ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/main.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9fc87778bff02e43bf1c052711b4dd8bbb5f638b44b3a96ade8656104c0d9e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HCB8CW29TPSXJ32
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 24000
x-amz-id-2: c66E37iEuKK0eSNcrVgwJHUjmzlKoXGLcMUi3PxLVEnlUj97xXQ0ytzGkUtSDFNsm+P6pdUNDUk=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:50:20 GMT
server: AmazonS3
etag: "c2ea2eef444d6d6937cdbfc98ac7cf71"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 5zadB62bB3259AyCc2fSpqeeWcrbcqI4w5tJuTzL84dkV2nPnsVmfg==

GET
H2 200 validation.js Show response
account-factory.istefr.fr/js/ 11 KB
11 KB 139ms
133ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/validation.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d8978a204dd6fbc00eab7d2cc3eda40023b70a22ebc54332b7deafc8d1872f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HCDNC2TA00J43H8
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 10765
x-amz-id-2: 9/SGcRyfbfJ69WI3YiFCZZAguY8B/HC4Iwjgr3z78DCCNTq2LVzwpLTGRNihu3uZQEihWcmZz88=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 16:30:48 GMT
server: AmazonS3
etag: "3384d63f3514b4c54b858449fa052a5e"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: HRAUzyUUzQLEV7fJDM-MTU0WXcT8_8MqKyb2Iyht4CwyRJqeUgSPWg==

GET
H2 200 fwrules.js Show response
account-factory.istefr.fr/js/ 1 KB
2 KB 141ms
136ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/fwrules.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cc60bde2651f164804678badf3a9719db5f4d18819d45b4a614ff3b0184fddd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC67M66VMQMVXTV
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 1277
x-amz-id-2: FqNPqp8F18OBWWwFlZbGBGgU64xceiMjoMd8d5QmwLO/3e50oDVvmx2NB2lPUInub2c02RErbzQ=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:50:20 GMT
server: AmazonS3
etag: "9e716c15dacd4113a030dcd974d05faf"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: gwcNMmvSKO9h0e93WNnqec0NMK5Oy2PYRo_-pMkMahAM1nmYLFq7jA==

GET
H2 200 sendtoapi.js Show response
account-factory.istefr.fr/js/ 14 KB
14 KB 150ms
145ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/sendtoapi.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c405768f44c037936c41da08d5891ea88ba4e72d693915674d1a79c3c0466615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HCDTW700PJ5A3AF
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 14081
x-amz-id-2: kZLZTtN288hLTVoe3qtW3XfwII0raWCvDgIVQ20GHr2uJ/P5JmqEJH633X5Zot9RUnt7MsyZzPw=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:50:20 GMT
server: AmazonS3
etag: "572844eb5a61b0316e19a589d5551d84"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: X40dhG5xS6ZdcK4iwQmfzRQjSwrt1eeUSUZk691SYEteTnLGW2z9dg==

GET
H2 200 subnetdivider.js Show response
account-factory.istefr.fr/js/ 9 KB
10 KB 161ms
157ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/subnetdivider.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

45dde57ca3e54db1551a0339035b696a80d9fc69566ed2c8763c303c19c3e7c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC93ZY17NEMK2SK
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 9678
x-amz-id-2: htSmmuP8kg7Wq3RbdcG3sVcrKGSk+eVo7RbtFTXjUO74daH6KA1CZnI3GaxA9J7ZMTDhYghhrQU=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:50:20 GMT
server: AmazonS3
etag: "f185d3a1f6cd4bb3434f62ae96dfcfa3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: kZOH5vZvHduYrPHb8zTymA6OSo_moK_qzyu4tk7tD9ExizWt3c4w3A==

GET
H2 200 ssouserstable.js Show response
account-factory.istefr.fr/js/ 3 KB
3 KB 170ms
166ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/ssouserstable.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

22be4a45ac8e04df64a90fbe1cf7bb46f0ac472a5bcb3d5b0acb9862a7741ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC5W6KGFGCMXF3W
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2887
x-amz-id-2: 1zMJ/Ww1piihsy0xkwZ2lkhK1Ni7q1CkP1r2CVCboubjDdvPruNLa9AkVtXNjgmK0/SJBlUTGtk=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:50:20 GMT
server: AmazonS3
etag: "d2a8d23ee8def160ea29ddacfbe40169"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: NHxWWbrVVL18oqNh_oVgWvwPFhWU8MowpYSiAhWdtFzf6b3JnLXfNw==

GET
H2 200 splitemail.js Show response
account-factory.istefr.fr/js/ 6 KB
7 KB 135ms
131ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/splitemail.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c046fa2baa905d5b7d68ac18838c7dd7e7eb2b982517f2cf7ac398263d934b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC7XWN602E0NNJM
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 6404
x-amz-id-2: dfMn/ZJ95Y6uVGxa3BPErcwV014x9vm8GZs71zcqMrBI7J1gFKqRvoBprJQAtH+BXCfrLn2y6Rg=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:50:20 GMT
server: AmazonS3
etag: "9a7245cb9eb6c22001e6e826fb86be44"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: VtIjGCVqK2reiJustpdtdGeYpuXOXUQ5tvs8KdUUsf4ZS7JwEXn9xg==

GET
H2 200 api_params.js Show response
account-factory.istefr.fr/js/ 828 B
1 KB 165ms
161ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/api_params.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8ae75b30f4594478390771042cc7ff85778cd834936d444ce3883dc8c983e2a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC69P81G0DJVBEF
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 828
x-amz-id-2: BD+sKDJQ3rUGD7oiEIiozy40ggugIo3gN+t2kIAkzVZK1blg4eU3eOFk/ykguW3JZfBieHdqU+E=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 16:30:48 GMT
server: AmazonS3
etag: "27c433b1879f5a676f002449cffc239e"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: -TWY8utCgCSpYCOV6X_qFoV6LNKqAEAwjObZR9bnMQtglzXbG-MgkQ==

GET
H2 200 aws-cognito-sdk.js
account-factory.istefr.fr/js/ 517 KB
518 KB 195ms
191ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/aws-cognito-sdk.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC5F0FT2V04CP81
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 529142
x-amz-id-2: uLey6zPoMMO6h9zg0WLFiyL/lVxt4P7O40h7DBdRuYmbs60+BOHzS3QwakgBTvJ226mLrZlNlHg=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 16:30:48 GMT
server: AmazonS3
etag: "ddb442ca565b7e07fa034bfaf4387c89"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: clcOmcxMqOszSE_s3EBQVp4RRJaGhbsVGqlnY4QVe2EM9t2RNB7eHw==

GET
H2 200 amazon-cognito-auth.js Show response
account-factory.istefr.fr/js/ 109 KB
109 KB 191ms
187ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/js/amazon-cognito-auth.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bc345d43caf5a74ba0ca528e9bd57908ba22b4447c7fc20a11935d3982eac825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC0NQHP6T0VPR1N
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 111269
x-amz-id-2: a1F0OdZaxMZrkoD+zUX4kwVmwPuTMgoY+mINunAq9E7Bgv1QtObw3+lSnmqtpNZeDBbLKheOtdY=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 16:30:48 GMT
server: AmazonS3
etag: "c03196ddd3dfb34dc9f120f7ab797f71"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: xEWEP0YEXXjzwrp0miZaUp4mjzdXeaQr2FjFG01OyRog1jlPk0xMyQ==

GET
H2 200 bootstrap.js Show response
account-factory.istefr.fr/bootstrap/js/ 139 KB
140 KB 168ms
165ms Script
application/javascript 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/bootstrap/js/bootstrap.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

167bb626592883f351fb6cec8fffaaea1a47161f5678103ede77d4748784af7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC3X2ZJCCH689V3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 142070
x-amz-id-2: FmwoB68/I36Kgy1ZB18LbPNt8z3brmp7bbTC8ugdidH9Zy57W/Ta66P7hBxJRMQAuKoJ2nPnrLw=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 16:30:48 GMT
server: AmazonS3
etag: "ce32df47acd47efb94d62b439ab7396c"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: b9FP_1JhYdUXlQ_KDPXRdtm7eclrl63Ka3fLZmOmHkcfOFhDtfNUtQ==

GET
H2 200 bootstrap.css
account-factory.istefr.fr/bootstrap/css/ 206 KB
207 KB 167ms
164ms Stylesheet
text/css 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/bootstrap/css/bootstrap.css

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0bf9fe6cc97e003d0b1c9899c90c4d9f50ac9c5a843626f263276a3c0d5ce1f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 210718
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 16:30:47 GMT
server: AmazonS3
etag: "656d67147d27d74f95271f0f2766df5a"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: EzslwEEQrT7ikyEamr_mjh9nSOlayDB3DtHVe7CzZ2Q1Bc92Aswxhw==

GET
H2 200 bootstrap.min.css
account-factory.istefr.fr/bootstrap/css/ 219 KB
220 KB 183ms
180ms Stylesheet
text/css 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/bootstrap/css/bootstrap.min.css

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7019424e972366ff4b6fc6e8112d2b8c75c586b812fcf4818ac90d8946394282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 224413
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 16:30:47 GMT
server: AmazonS3
etag: "d7dd032b4eb92ef04582784b7efc5bef"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: ZU0wtszhZfkf7ts8zW2cugfbqW-l-hhaPiAIGSZB0k3FuGses9R4Mg==

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
22 KB 76ms
19ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account-factory.istefr.fr/
Origin: https://account-factory.istefr.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Feb 2023 03:16:35 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 28827256
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21785
x-served-by: cache-fra19121-FRA, cache-cdg20751-CDG
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cs.css
account-factory.istefr.fr/css/ 21 KB
21 KB 116ms
113ms Stylesheet
text/css 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/css/cs.css

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

404769e285a5bf3a318356c51bf41ef4bd2d4be2a6910b188b7391607a1755fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 21147
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:42:31 GMT
server: AmazonS3
etag: "84de94c0bc1cc9e7c6bb57e9c3a4b9ee"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: Cnq13amyfSgxrv4fMt43MrgUqqtV1ZbdySH3DYwu_-dmHU0KE-Rghw==

GET
H2 200 cs2.css
account-factory.istefr.fr/css/ 7 KB
8 KB 140ms
138ms Stylesheet
text/css 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/css/cs2.css

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a76ad2ae1a5c2ad8aa356b7cc4ed2ee1512fce6448104e11dc910814abdd1dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 7570
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:42:31 GMT
server: AmazonS3
etag: "705c290bd082e70d592271cf593146a3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: ww5cU_GNvujMZm2vKN544LYRCVkQkT4Rz-pO7j0hhN4X7sR_p2rAqA==

GET
H2 200 form.css
account-factory.istefr.fr/css/ 21 KB
21 KB 138ms
136ms Stylesheet
text/css 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/css/form.css

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

248c5c2e98621b15fe02999c36a92c042bc950ef74db9136a52dfdfda58b82bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC7WCGN8YJ66E0Y
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 21289
x-amz-id-2: LJVM4BB8CEumefiy3COXWM4mINyRmFajbkCMzrIy4K7j6LdnEpAhtrFsNTqmMvwGSAdK4YbMqEg=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:42:31 GMT
server: AmazonS3
etag: "4747e07d2f266ebf2691ddc5b77c45b0"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: rwhGTN_q3ERLfRakuCDINBtRAoh1s2-olbVF77BMimWNGsqvrv-XQg==

GET
H2 200 home.css
account-factory.istefr.fr/css/ 27 KB
28 KB 132ms
130ms Stylesheet
text/css 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account-factory.istefr.fr/css/home.css

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d671d28e7fe3a131e21a67b0125b206d5f2ab48ca6c977f68af3847bb60604f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC3NC0XYCGKKBCX
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 27819
x-amz-id-2: mLPyiYrWxVVkyDnyH25aAf9nlq6jpyjtqeA7SvTdZ5FxCHIX1NgRj/ZCGPx1H91RwkLFoCWwgs8=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 16:30:47 GMT
server: AmazonS3
etag: "4926fea0c89a3f75aae865c191d510a1"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: hAa6Rslu7aLlrMaokhdBdIfrxS9IBTkmwnjkr-o-iONMENOGoXvkpw==

GET
H2 200 Copie%20de%20logo%20IS&T%20Eau%20France%20long.png
account-factory.istefr.fr/images/ 98 KB
98 KB 129ms
129ms Image
image/png 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account-factory.istefr.fr/images/Copie%20de%20logo%20IS&T%20Eau%20France%20long.png

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC3N52QDRKP41K1
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 99966
x-amz-id-2: kvpQaKWcgzCddWCndalPDzDS464FzAc4rPG7Nh+McwmXqoKIR24RAt/Ob/VIPnt4phOMVnnSF1E=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:42:30 GMT
server: AmazonS3
etag: "e4d5b351eecea73950dea42101aeb23b"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 8IukUSKcTC-_pCw9mbHxynyTF4euN-yz2aafptCLoIA_s9FP5wiaxA==

GET
H2 200 VPC-no-internet%20gateway.png
account-factory.istefr.fr/images/ 126 KB
126 KB 91ms
90ms Image
image/png 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account-factory.istefr.fr/images/VPC-no-internet%20gateway.png

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-90.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://account-factory.istefr.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:36 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 6HC7Z3MZ4MP5Y9P0
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 128678
x-amz-id-2: 6s2OjfifBHOVlmBIeVp8dPYD8DDoebJ/8QMZwXyvImp4HkddKnPzJkQG1u9VMlkoYCZVuOFdVJk=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 14:42:30 GMT
server: AmazonS3
etag: "c66c0524a34ff49f320034c6715802ea"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 9hnEAzDklJv_uSBfMH1tO4GI7yduEPsJQZizq-_rXw2hahwesw93kg==

GET
H/1.1

200
OK

/ Show response
vwis-login.awsapps.com/start/
Redirect Chain

https://prd-account-factory-domain.auth.eu-west-3.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Faccount-factory.istefr.fr&response_type=token&client_id=28jh6e2ftk8ir69l3gcag5p5nj&st...
https://portal.sso.eu-west-1.amazonaws.com/saml/assertion/NTQ1MzcyOTgzMTkwX2lucy0wNzJlMzZmNmNjMDlkZTM3?SAMLRequest=fVLLbuIwFN33KyLvnYdDQ7FIKjSoUkcNo0JaVWwqj2Oop7Gd8XUK5OsnBBoNG%2BSVrfPSOZ7e71XlfQkL...
https://vwis-login.awsapps.com/start/?relayId=bd3cf2de-3f5b-4726-9430-b500380918b6_4d919d44-eb36-41b6-aaa2-f1bf15ccaedd

720 B
1 KB

262ms
156ms

Document
text/html

18.66.23.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vwis-login.awsapps.com/start/?relayId=bd3cf2de-3f5b-4726-9430-b500380918b6_4d919d44-eb36-41b6-aaa2-f1bf15ccaedd
Requested by: Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/js/amazon-cognito-auth.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-59.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea5bd40e5a3a46edf80d7613a16d964f3f1ce351d1aac30303b0db13284582b0

Request headers

Referer: https://account-factory.istefr.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 720
Content-Type: text/html
Date: Thu, 16 Feb 2023 03:16:37 GMT
ETag: "7aaadaa5c89ebbdbff7870ad053f53bd"
Last-Modified: Wed, 04 Jan 2023 06:08:26 GMT
Server: AmazonS3
Via: 1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
X-Amz-Cf-Id: OvOFXpB2WtNKyJDLsqgSJ1y6ZFG6ygXgvbcUPFeffq0sLXCUNvJ93w==
X-Amz-Cf-Pop: VIE50-P1
X-Cache: Miss from cloudfront

Redirect headers

access-control-expose-headers: RequestId x-amzn-RequestId
content-length: 0
date: Thu, 16 Feb 2023 03:16:36 GMT
location: https://vwis-login.awsapps.com/start/?relayId=bd3cf2de-3f5b-4726-9430-b500380918b6_4d919d44-eb36-41b6-aaa2-f1bf15ccaedd
requestid: c5b409a2-8613-46f5-b934-231771565f2e
server: AWS SSO
x-amzn-requestid: c5b409a2-8613-46f5-b934-231771565f2e

GET
H2 200 orchestrator.js Show response
d250zetdqyq0c4.cloudfront.net/assets/Prod/eu-west-1/da43ef9c1d55b9e42113ffc1c902ae2d/ 169 KB
169 KB 132ms
42ms Script
application/javascript 2600:9000:211a:1000:c:7267:8d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d250zetdqyq0c4.cloudfront.net/assets/Prod/eu-west-1/da43ef9c1d55b9e42113ffc1c902ae2d/orchestrator.js
Requested by: Host: vwis-login.awsapps.com
URL: https://vwis-login.awsapps.com/start/?relayId=bd3cf2de-3f5b-4726-9430-b500380918b6_4d919d44-eb36-41b6-aaa2-f1bf15ccaedd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1000:c:7267:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c57c70ba04d616f522374d8a2f8a4a37c4fad2f86471cd8987951c5d213a5a0f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://vwis-login.awsapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 04:44:41 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 06:08:26 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 2327515
etag: "9efd52e7690175903e418c23e1ebb44e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 172987
x-amz-cf-id: c7KWSXmWtZiBf-GFCGhJ6rBtoX73shF6qfLCTcJqTPFFrX3xZDpjuw==

GET
H2 200 0.js Show response
d250zetdqyq0c4.cloudfront.net/assets/Prod/eu-west-1/da43ef9c1d55b9e42113ffc1c902ae2d/ 5 MB
5 MB 40ms
39ms Script
application/javascript 2600:9000:211a:1000:c:7267:8d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d250zetdqyq0c4.cloudfront.net/assets/Prod/eu-west-1/da43ef9c1d55b9e42113ffc1c902ae2d/0.js
Requested by: Host: d250zetdqyq0c4.cloudfront.net
URL: https://d250zetdqyq0c4.cloudfront.net/assets/Prod/eu-west-1/da43ef9c1d55b9e42113ffc1c902ae2d/orchestrator.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1000:c:7267:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12f457fc34d1021bb58886d50c06417169d2b8805c6dc36a69908ab03fe19a08

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://vwis-login.awsapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 00:42:08 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 06:08:26 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 1910069
etag: "9d075ce7826a6849d438e558d2231615"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4912113
x-amz-cf-id: Ie41PE70ELeZmNyzyzHDrf0d9pQ03mS6OlsLGwJ0Sb6j7NxayO9YTw==

OPTIONS
H2 200 whoAmI
portal.sso.eu-west-1.amazonaws.com/token/ Frame 0
0 90ms
30ms Preflight 52.48.103.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.sso.eu-west-1.amazonaws.com/token/whoAmI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.103.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-103-115.eu-west-1.compute.amazonaws.com
Software: AWS SSO /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: p3p
Access-Control-Request-Method: GET
Origin: https://vwis-login.awsapps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: p3p
access-control-allow-methods: GET, OPTIONS, POST, DELETE, PUT
access-control-allow-origin: https://vwis-login.awsapps.com
content-length: 0
date: Thu, 16 Feb 2023 03:16:37 GMT
server: AWS SSO

GET
H2 401 whoAmI
portal.sso.eu-west-1.amazonaws.com/token/ 114 B
416 B 29ms
29ms XHR
application/json 52.48.103.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.sso.eu-west-1.amazonaws.com/token/whoAmI
Requested by: Host: d250zetdqyq0c4.cloudfront.net
URL: https://d250zetdqyq0c4.cloudfront.net/assets/Prod/eu-west-1/da43ef9c1d55b9e42113ffc1c902ae2d/orchestrator.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.103.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-103-115.eu-west-1.compute.amazonaws.com
Software: AWS SSO /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://vwis-login.awsapps.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
P3P: policyref="https://www.amazon.com/w3c/p3p.xml", CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC"

Response headers

date: Thu, 16 Feb 2023 03:16:37 GMT
server: AWS SSO
x-amzn-requestid: 331db421-4f7e-4f4b-8127-89a2da8c9f56
requestid: 331db421-4f7e-4f4b-8127-89a2da8c9f56
content-type: application/json
access-control-allow-origin: https://vwis-login.awsapps.com
access-control-expose-headers: RequestId, x-amzn-RequestId
access-control-allow-credentials: true
content-length: 114

GET
DATA 200
OK truncated
/ 55 KB
55 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://vwis-login.awsapps.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: application/x-font-ttf

POST log
website.sso-portal.eu-west-1.amazonaws.com/ 0
0

GET
H2 200 login
portal.sso.eu-west-1.amazonaws.com/ 155 B
604 B 141ms
141ms Fetch
application/json 52.48.103.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.sso.eu-west-1.amazonaws.com/login?directory_id=vwis-login&redirect_url=https%3A%2F%2Fvwis-login.awsapps.com%2Fstart%2F%3FrelayId%3Dbd3cf2de-3f5b-4726-9430-b500380918b6_4d919d44-eb36-41b6-aaa2-f1bf15ccaedd
Requested by: Host: d250zetdqyq0c4.cloudfront.net
URL: https://d250zetdqyq0c4.cloudfront.net/assets/Prod/eu-west-1/da43ef9c1d55b9e42113ffc1c902ae2d/orchestrator.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.103.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-103-115.eu-west-1.compute.amazonaws.com
Software: AWS SSO /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://vwis-login.awsapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:16:38 GMT
server: AWS SSO
x-amzn-requestid: 587d110e-d2cd-4774-a42a-7b20ac199e13
requestid: 587d110e-d2cd-4774-a42a-7b20ac199e13
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC"
access-control-allow-origin: https://vwis-login.awsapps.com
access-control-expose-headers: RequestId, x-amzn-RequestId
access-control-allow-credentials: true
content-type: application/json
content-length: 155

GET
H/1.1 200
OK login Show response
eu-west-1.signin.aws.amazon.com/platform/ 475 B
2 KB 370ms
34ms Document
text/html 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1

Requested by

Host: d250zetdqyq0c4.cloudfront.net
URL: https://d250zetdqyq0c4.cloudfront.net/assets/Prod/eu-west-1/da43ef9c1d55b9e42113ffc1c902ae2d/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

2f6b8ff2257d0bf447825c31f8af5640341924fd8c2c5abc4dad3d314b98cc69

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; script-src 'self' https://d1osqh8czd52ng.cloudfront.net/fwcim_signin_us-east-1_prod.js https://d35uxhjf90umnp.cloudfront.net/index.js; style-src 'self'; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vwis-login.awsapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Content-Language: fr-FR
Content-Length: 475
Content-Security-Policy: base-uri 'self'; object-src 'none'; script-src 'self' https://d1osqh8czd52ng.cloudfront.net/fwcim_signin_us-east-1_prod.js https://d35uxhjf90umnp.cloudfront.net/index.js; style-src 'self'; report-uri /metrics/cspreport;
Content-Security-Policy-Report-Only: base-uri 'self'; object-src 'none'; script-src 'self' https://d1osqh8czd52ng.cloudfront.net/fwcim_signin_us-east-1_prod.js https://d35uxhjf90umnp.cloudfront.net/index.js; style-src 'self'; report-uri /metrics/cspreportonly;
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 16 Feb 2023 03:16:37 GMT
ETag: W/"475-1675797608000"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Tue, 07 Feb 2023 19:20:08 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.css
eu-west-1.signin.aws.amazon.com/assets/css/ 459 KB
128 KB 36ms
35ms Stylesheet
text/css 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/assets/css/app.css

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

1b96105123076f236b76c52a7f0026f0c70aa54387ba09707a0de13f87ef61a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options: nosniff
Date: Thu, 16 Feb 2023 03:16:38 GMT
Content-Encoding: gzip
Content-Security-Policy-Report-Only: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-RLuZBQk+/aYHvSWFoK55CQ=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-RLuZBQk+/aYHvSWFoK55CQ=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Last-Modified: Tue, 07 Feb 2023 19:20:08 GMT
Server: Server
ETag: W/"469701-1675797608000"
X-Frame-Options: DENY
vary: accept-encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK app.js Show response
eu-west-1.signin.aws.amazon.com/assets/js/ 1 MB
374 KB 103ms
36ms Script
application/javascript 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/assets/js/app.js

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

5279a14dceae5a4d1a071c4e31ec3cf042894a2e056f5e492962f46482ddcd44

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options: nosniff
Date: Thu, 16 Feb 2023 03:16:37 GMT
Content-Encoding: gzip
Content-Security-Policy-Report-Only: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-cODDud14FqXVPkTK3meGDQ=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-cODDud14FqXVPkTK3meGDQ=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Last-Modified: Tue, 07 Feb 2023 19:20:08 GMT
Server: Server
ETag: W/"1301610-1675797608000"
X-Frame-Options: DENY
vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: no-store
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK cspreport
eu-west-1.signin.aws.amazon.com/metrics/ 0
3 KB 103ms
36ms Other
text/html 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/metrics/cspreport

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://.analytics.console.aws.a2z.com 'nonce-49vyl1nFtgGcsVXP6n00+Q=='; script-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-49vyl1nFtgGcsVXP6n00+Q=='; style-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-49vyl1nFtgGcsVXP6n00+Q=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-49vyl1nFtgGcsVXP6n00+Q=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
X-Content-Type-Options: nosniff
Date: Thu, 16 Feb 2023 03:16:37 GMT
Server: Server
X-Frame-Options: DENY
Content-Security-Policy-Report-Only: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-49vyl1nFtgGcsVXP6n00+Q=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-49vyl1nFtgGcsVXP6n00+Q=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

POST
H/1.1 200
OK cspreportonly
eu-west-1.signin.aws.amazon.com/metrics/ 0
3 KB 102ms
34ms Other
text/html 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/metrics/cspreportonly

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://.analytics.console.aws.a2z.com 'nonce-xvdfermPAkG5Bs3nMBsk0g=='; script-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-xvdfermPAkG5Bs3nMBsk0g=='; style-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-xvdfermPAkG5Bs3nMBsk0g=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-xvdfermPAkG5Bs3nMBsk0g=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
X-Content-Type-Options: nosniff
Date: Thu, 16 Feb 2023 03:16:38 GMT
Server: Server
X-Frame-Options: DENY
Content-Security-Policy-Report-Only: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-xvdfermPAkG5Bs3nMBsk0g=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-xvdfermPAkG5Bs3nMBsk0g=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK translation.json Show response
eu-west-1.signin.aws.amazon.com/assets/locales/en/ 2 B
3 KB 35ms
34ms Fetch
application/json 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/assets/locales/en/translation.json

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/assets/js/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options: nosniff
Date: Thu, 16 Feb 2023 03:16:38 GMT
Content-Security-Policy-Report-Only: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-NGRqRDE5PWfkbcDxPTYtGA=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-NGRqRDE5PWfkbcDxPTYtGA=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length: 2
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Last-Modified: Tue, 07 Feb 2023 19:20:08 GMT
Server: Server
ETag: W/"2-1675797608000"
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK errors.json Show response
eu-west-1.signin.aws.amazon.com/assets/locales/en/ 5 KB
8 KB 34ms
33ms Fetch
application/json 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/assets/locales/en/errors.json

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/assets/js/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

8a33142eec21418dac875ee96d3a1a54789155bbe7a408f0a92f4cf41b181a2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options: nosniff
Date: Thu, 16 Feb 2023 03:16:38 GMT
Content-Security-Policy-Report-Only: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-gGa7boQOloLIULOQGczo3w=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-gGa7boQOloLIULOQGczo3w=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length: 4901
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Last-Modified: Tue, 07 Feb 2023 19:20:08 GMT
Server: Server
ETag: W/"4901-1675797608000"
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK config Show response
eu-west-1.signin.aws.amazon.com/platform/ 259 B
706 B 36ms
36ms XHR
application/json 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/platform/config

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/assets/js/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

87747a11bb57f308edd0c29b2d65624ce1d780bfa7812a1790c0f1d720ee4941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
accept-language: fr-FR,fr;q=0.9
X-Amz-Date: Thu, 16 Feb 2023 03:16:38 GMT
x-amzn-requestid: d4a59786-7bbb-48d6-8987-07237d189f99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 16 Feb 2023 03:16:37 GMT
X-Content-Type-Options: nosniff
Server: Server
X-Frame-Options: DENY
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK common.json Show response
eu-west-1.signin.aws.amazon.com/assets/locales/en/ 1 KB
4 KB 33ms
33ms Fetch
application/json 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/assets/locales/en/common.json

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/assets/js/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

66a096744e5d7e4d93fcdaf016e19dd3f3d65c795a9c102426895b6a397960a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options: nosniff
Date: Thu, 16 Feb 2023 03:16:38 GMT
Content-Security-Policy-Report-Only: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-147G2+iHjNNxMf8SZnDgyg=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-147G2+iHjNNxMf8SZnDgyg=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length: 1090
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Last-Modified: Tue, 07 Feb 2023 19:20:08 GMT
Server: Server
ETag: W/"1090-1675797608000"
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK forgotPasswordSuccessPage.json Show response
eu-west-1.signin.aws.amazon.com/assets/locales/en/ 694 B
4 KB 36ms
36ms Fetch
application/json 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/assets/locales/en/forgotPasswordSuccessPage.json

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/assets/js/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

1d6920af6e44b8cf9b217093812ae8b23025ea369e967cb099b52ec3610dfd70

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options: nosniff
Date: Thu, 16 Feb 2023 03:16:38 GMT
Content-Security-Policy-Report-Only: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-OcEjUxbCYQOwkZMAvKh3EA=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-OcEjUxbCYQOwkZMAvKh3EA=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length: 694
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Last-Modified: Tue, 07 Feb 2023 19:20:08 GMT
Server: Server
ETag: W/"694-1675797608000"
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK insecurePasswordPopover.json Show response
eu-west-1.signin.aws.amazon.com/assets/locales/en/ 2 KB
5 KB 34ms
34ms Fetch
application/json 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/assets/locales/en/insecurePasswordPopover.json

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/assets/js/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

bef1e57c42c18ba9c2ff40b6f9996a541ff363874701cea04ee6903fd3a4d1e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options: nosniff
Date: Thu, 16 Feb 2023 03:16:38 GMT
Content-Security-Policy-Report-Only: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-+AyyfYf+vGRZCsObsgbXzw=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-+AyyfYf+vGRZCsObsgbXzw=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length: 2260
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Last-Modified: Tue, 07 Feb 2023 19:20:08 GMT
Server: Server
ETag: W/"2260-1675797608000"
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK execute Show response
eu-west-1.signin.aws.amazon.com/platform/api/ 330 B
2 KB 65ms
65ms XHR
application/json 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/platform/api/execute

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/assets/js/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

0ec90e520b46c9892b31747322f7f30d3e49a935e16a770e20994401896b66ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
accept-language: fr-FR,fr;q=0.9
X-Amz-Date: Thu, 16 Feb 2023 03:16:38 GMT
x-amzn-requestid: 780c6ab6-b50a-4fef-b881-528b7d030af0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 16 Feb 2023 03:16:38 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Server: Server
X-Frame-Options: DENY
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS, PUT
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://eu-west-1.signin.aws
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Accept-Encoding, Accept-Language, Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,Connection,Content-Type,Host,Origin,Referer,Token-Id,User-Agent, X-Requested-With, x-amzn-requestid, X-Amz-Date, Content-Length, DNT, Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK fingerprint Show response
eu-west-1.signin.aws.amazon.com/metrics/ 0
3 KB 36ms
36ms XHR
text/html 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/metrics/fingerprint

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/assets/js/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://.analytics.console.aws.a2z.com 'nonce-aZOQv/geSV49mxSZdVw90w=='; script-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-aZOQv/geSV49mxSZdVw90w=='; style-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-aZOQv/geSV49mxSZdVw90w=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-aZOQv/geSV49mxSZdVw90w=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
X-Content-Type-Options: nosniff
Date: Thu, 16 Feb 2023 03:16:38 GMT
Server: Server
X-Frame-Options: DENY
Content-Security-Policy-Report-Only: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-aZOQv/geSV49mxSZdVw90w=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-aZOQv/geSV49mxSZdVw90w=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

POST
H/1.1 200
OK execute
eu-west-1.signin.aws.amazon.com/platform/api/ 2 KB
3 KB 135ms
135ms XHR
application/json 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-west-1.signin.aws.amazon.com/platform/api/execute

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/assets/js/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://eu-west-1.signin.aws.amazon.com/platform/login?workflowStateHandle=3825cf2d-79bc-484c-b9de-8c6c7e2c5cd1
accept-language: fr-FR,fr;q=0.9
X-Amz-Date: Thu, 16 Feb 2023 03:16:38 GMT
x-amzn-requestid: 0a0cc3f2-eaad-4a6d-a149-e71c9b263de7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 16 Feb 2023 03:16:38 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Server: Server
X-Frame-Options: DENY
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS, PUT
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://eu-west-1.signin.aws
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Accept-Encoding, Accept-Language, Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,Connection,Content-Type,Host,Origin,Referer,Token-Id,User-Agent, X-Requested-With, x-amzn-requestid, X-Amz-Date, Content-Length, DNT, Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK signin-background.png
eu-west-1.signin.aws.amazon.com/assets/static/img/ 198 KB
201 KB 34ms
34ms Image
image/png 54.239.36.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-west-1.signin.aws.amazon.com/assets/static/img/signin-background.png

Requested by

Host: eu-west-1.signin.aws.amazon.com
URL: https://eu-west-1.signin.aws.amazon.com/assets/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.36.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu-west-1.signin.aws.amazon.com/assets/css/app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options: nosniff
Date: Thu, 16 Feb 2023 03:16:38 GMT
Content-Security-Policy-Report-Only: default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-52aX9q2dAeiq188CGUEAjA=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-52aX9q2dAeiq188CGUEAjA=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length: 203133
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Last-Modified: Tue, 07 Feb 2023 19:20:08 GMT
Server: Server
ETag: W/"203133-1675797608000"
X-Frame-Options: DENY
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b79cfcf0fc09dbe5b4979f4ab3e5b7fe51e0ff8f0f5babd4fed93716384c2357

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET truncated
/ 0
0

GET
DATA 200
OK truncated
/ 18 KB
18 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd22b81b898eb407a56ff6b2ac75c7739745331c8b790e83e7dde68966fc16ce

Request headers

Referer
Origin: https://eu-west-1.signin.aws.amazon.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2

200

Primary Request ServiceLogin Show response
accounts.google.com/
Redirect Chain

https://accounts.google.com/o/saml2/idp?idpid=C03ufh3nx
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXR...

2 MB
524 KB

73ms
72ms

Document
text/html

2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&ltmpl=popup&oauth=1&faa=1&sarp=1&scc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

97d3a03db0db5529e2e563a0f48e49c9e45c3e935d41315d3ab7fdb62088eb9e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oTVD59p9W21n1lVwbH_XJQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://eu-west-1.signin.aws.amazon.com
Referer: https://eu-west-1.signin.aws.amazon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-oTVD59p9W21n1lVwbH_XJQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport require-trusted-types-for 'script';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
date: Thu, 16 Feb 2023 03:16:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
server: GSE
strict-transport-security: max-age=31536000; includeSubDomains
x-auto-login: realm=com.google&args=continue%3Dhttps%253A%252F%252Faccounts.google.com%252Fo%252Fsaml2%252Fidp%253Ffrom_login%253D1%2526zt%253DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%2525E2%252588%252599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%2526as%253DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-language: en-US
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-aaVN_myEKaWE-C9MMEqxFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: application/binary
date: Thu, 16 Feb 2023 03:16:39 GMT
location: https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&ltmpl=popup&oauth=1&faa=1&sarp=1&scc=1
server: ESF
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 204 cspreport
accounts.google.com/ 0
235 B 74ms
74ms Other
text/plain 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/cspreport

Requested by

Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BHJE-E-WW1pWMBcM_dEiBw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&ltmpl=popup&oauth=1&faa=1&sarp=1&scc=1
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 03:16:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-BHJE-E-WW1pWMBcM_dEiBw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
server: GSE
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 267 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
16 KB 87ms
26ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&ltmpl=popup&oauth=1&faa=1&sarp=1&scc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:18:07 GMT
x-content-type-options: nosniff
age: 111512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 20:18:07 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ 21 KB
21 KB 135ms
74ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 14:04:55 GMT
x-content-type-options: nosniff
age: 565904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 14:04:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 93ms
32ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 07:07:14 GMT
x-content-type-options: nosniff
age: 158965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 07:07:14 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v14/ 21 KB
21 KB 115ms
54ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 565863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21700
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 14:05:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ 12 KB
12 KB 120ms
65ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:09:22 GMT
x-content-type-options: nosniff
age: 94037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 01:09:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ 7 KB
7 KB 134ms
81ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4WxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca415df2c57b1f26947351c66ccfaf99d2f8f01b4b8de019a3ae6f3a9c780c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 07:54:22 GMT
x-content-type-options: nosniff
age: 156137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7276
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Feb 2024 07:54:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
10 KB 136ms
83ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:52:45 GMT
x-content-type-options: nosniff
age: 102234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 22:52:45 GMT

GET
H2 200 m=n73qwf,MpJwZc,otPmVb,rlNAl Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.fr.nrCEZ-blEa4.O/am=AIeqCQAAAEAAEgAAAAAAAAAwITEEBiAY/d=0/excm=glif_initial_css/ed=1/rs=ABkqax15CpOO2i0UeMaY2GsTbXFZ-AolPw/ 2 KB
1 KB 87ms
27ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.fr.nrCEZ-blEa4.O/am=AIeqCQAAAEAAEgAAAAAAAAAwITEEBiAY/d=1/excm=glif_initial_css/rs=ABkqax15CpOO2i0UeMaY2GsTbXFZ-AolPw/m=glifb,identifier_view,unknownerror_view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

080650e6df123c23f3ae07740d3f6129a1b211ff5242dc60fa8e4ef5750d84a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 846
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 23:20:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 01:30:05 GMT

GET
H2 200 CheckConnection Show response
accounts.youtube.com/accounts/ Frame E3DF 29 KB
12 KB 212ms
43ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-1354791528&timestamp=1676517399677

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21f53e31945b34972dde89d12d55270a46a1943e9b6877766357506f6e7f3c43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://accounts.google.com require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport script-src 'report-sample' 'nonce-X7Xlvgc88OxXQF0GFLfstA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://accounts.google.com
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors https://accounts.google.com require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport script-src 'report-sample' 'nonce-X7Xlvgc88OxXQF0GFLfstA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 03:16:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://accounts.google.com
x-xss-protection: 0

GET
H2 200 m=m9oV,RAnnUd,sy33,uu7UOe,sy34,sy35,soHxf Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.fr.nrCEZ-blEa4.O/am=AIeqCQAAAEAAEgAAAAAAAAAwITEEBiAY/d=0/excm=glif_initial_css/ed=1/rs=ABkqax15CpOO2i0UeMaY2GsTbXFZ-AolPw/ 15 KB
5 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.fr.nrCEZ-blEa4.O/am=AIeqCQAAAEAAEgAAAAAAAAAwITEEBiAY/d=0/excm=glif_initial_css/ed=1/rs=ABkqax15CpOO2i0UeMaY2GsTbXFZ-AolPw/m=m9oV,RAnnUd,sy33,uu7UOe,sy34,sy35,soHxf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49f47a459052ff9eec7782af8b015df9197bb82cbc853d68fd44c1ba1bcfbc84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 16:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4817
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 23:20:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 16:06:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ 5 KB
5 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&followup=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&ltmpl=popup&oauth=1&faa=1&sarp=1&scc=1&ifkv=AWnogHdUlxI6yy6G6AY7dc_tji-rupktdtjQVy67cJMUH6wL7_W34mEA5P8rtjvLU5AcDnd-crjX7A&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:32:03 GMT
x-content-type-options: nosniff
age: 38676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5224
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:32:03 GMT

GET
H2 200 m=sy28,sy2u,sy2v,sy23,sy24,sy26,sy29,sy2a,sy2e,sy1m,sy1o,sy1s,sy21,sy22,sy25,sy27,sy2b,sy2c,sy2d,sy2f,sy2g,sy2h,initialpage_view Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.fr.nrCEZ-blEa4.O/am=AIeqCQAAAEAAEgAAAAAAAAAwITEEBiAY/d=0/excm=glif_initial_css/ed=1/rs=ABkqax15CpOO2i0UeMaY2GsTbXFZ-AolPw/ 24 KB
7 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baca106611701b68e9dae7b525c56af8ab4cd672488e67b3ada1d4996dad80e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7097
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 23:20:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 17:51:35 GMT

POST
H2 200 eligible Show response
accounts.google.com/_/kids/signup/ 45 B
216 B 49ms
49ms XHR
application/json 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/kids/signup/eligible?hl=fr&_reqid=11800&rt=j

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9feef3c86bbecda68772523c044a1c1fdb2087eca6401fdb48dcf40ecdeae768

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Same-Domain: 1
Referer: https://accounts.google.com/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&followup=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&ltmpl=popup&oauth=1&faa=1&sarp=1&scc=1&ifkv=AWnogHdUlxI6yy6G6AY7dc_tji-rupktdtjQVy67cJMUH6wL7_W34mEA5P8rtjvLU5AcDnd-crjX7A&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Google-Accounts-XSRF: 1
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Feb 2023 03:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/json; charset=utf-8
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bscframe Show response
accounts.google.com/_/ Frame AE71 15 B
614 B 250ms
250ms Document
text/html 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/bscframe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval';require-trusted-types-for 'script';object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&followup=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRSLTdmUkdzRHY4blpTZVlYMHh1URIfbzFOcjJCWHVRU3NSUUhVU2RlLXNqMHlickpXRFpSZw%25E2%2588%2599AJFHa0oAAAAAY-7xl7kn7YZxdkTC1YgluFOSeGBQmss7%26as%3DsNwRPjhXwcL-TYHU8BZPTlFKfHZ3BH4B8VdstCO5GrA&ltmpl=popup&oauth=1&faa=1&sarp=1&scc=1&ifkv=AWnogHdUlxI6yy6G6AY7dc_tji-rupktdtjQVy67cJMUH6wL7_W34mEA5P8rtjvLU5AcDnd-crjX7A&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'unsafe-eval';require-trusted-types-for 'script';object-src 'none'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInSignUpUi"
cross-origin-resource-policy: same-site
date: Thu, 16 Feb 2023 03:16:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ 131 B
273 B 98ms
36ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Feb 2023 03:16:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://accounts.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Feb 2023 03:16:39 GMT

GET
H3 200 m=sy43,sy46,sy47,sy49,sy42,sy48,sy6o,pwd_view Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.fr.nrCEZ-blEa4.O/am=AIeqCQAAAEAAEgAAAAAAAAAwITEEBiAY/d=0/excm=glif_initial_css/ed=1/rs=ABkqax15CpOO2i0UeMaY2GsTbXFZ-AolPw/ 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c99062cf0c1712eb48c3b1c813d4a56f49bff39372d95a8769ecd126ab130152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 07:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6187
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 23:20:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 07:12:20 GMT

POST
H2 200 log Show response
play.google.com/ 131 B
581 B 46ms
35ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Feb 2023 03:16:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://accounts.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Feb 2023 03:16:39 GMT

GET
H3 200 m=qNG0Fc,sy38,ywOR5c Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.fr.nrCEZ-blEa4.O/am=AIeqCQAAAEAAEgAAAAAAAAAwITEEBiAY/d=0/excm=glif_initial_css/ed=1/rs=ABkqax15CpOO2i0UeMaY2GsTbXFZ-AolPw/ 19 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47024d5c4027d7810d4a1715d67b9abb428d0905d8d424528bbc936db7e6084f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6456
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 23:20:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 22:47:42 GMT

GET
H3 200 m=i5H9N,sy36,PHUIyb Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.fr.nrCEZ-blEa4.O/am=AIeqCQAAAEAAEgAAAAAAAAAwITEEBiAY/d=0/excm=glif_initial_css/ed=1/rs=ABkqax15CpOO2i0UeMaY2GsTbXFZ-AolPw/ 26 KB
8 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9ddd3adc1c30196b1ca518f962dc72a781e520822e07839d9862e4d35282e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8185
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 23:20:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 00:26:49 GMT

POST
H2 404 cspreport
accounts.youtube.com/_/AccountsDomainCookiesCheckConnectionHttp/ Frame E3DF 2 KB
2 KB 126ms
126ms Other
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.youtube.com/_/AccountsDomainCookiesCheckConnectionHttp/cspreport
Requested by: Host: account-factory.istefr.fr
URL: https://account-factory.istefr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d5f986569d61220db701c5d5b5865b8e71c080e34dd96cb8c3102e31fe7bdb77

Request headers

Referer: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-1354791528&timestamp=1676517399677
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 16 Feb 2023 03:16:40 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1613
content-type: text/html; charset=UTF-8

POST cspreport
accounts.google.com/ Frame 4043 0
0

GET generate_204
accounts.google.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: website.sso-portal.eu-west-1.amazonaws.com
URL: https://website.sso-portal.eu-west-1.amazonaws.com/log

Domain: truncated
URL: data:truncated

Domain: accounts.google.com
URL: https://accounts.google.com/cspreport

Domain: accounts.google.com
URL: https://accounts.google.com/generate_204?mSL9IA

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eu-west-1.signin.aws.amazon.com/platform	1970-01-20 18:27:33	Name: platform-ubid Value: 438-1880458-3486800
eu-west-1.signin.aws.amazon.com/platform	1969-12-31 23:59:59	Name: workflow-csrf-token Value: %7B%22loginCsrfToken%22%3A%221cd7a89e-d0e4-4b0a-8553-0f5e6d8c656f%22%7D
.eu-west-1.signin.aws.amazon.com/platform	1969-12-31 23:59:59	Name: workflow-csrftoken Value: %7B%22loginCsrfToken%22%3A%221cd7a89e-d0e4-4b0a-8553-0f5e6d8c656f%22%7D
eu-west-1.signin.aws.amazon.com/platform	1969-12-31 23:59:59	Name: login-interview-token Value: e357dde8-efcc-4b61-ac14-eb05d8fb3dd0
eu-west-1.signin.aws.amazon.com/platform	1969-12-31 23:59:59	Name: workflow-step-id Value: get-external-idp-response
vwis-login.awsapps.com/start/	1970-01-20 09:42:26	Name: loginCsrfToken Value: -1666548075
prd-account-factory-domain.auth.eu-west-3.amazoncognito.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 668cb1eb-22aa-4b1f-9b7c-27b89c645bd6
prd-account-factory-domain.auth.eu-west-3.amazoncognito.com/	1970-01-20 09:41:57	Name: csrf-state Value: mlG58oOENMx1Vu5g3CM1M7-AY9llV0sNFT2M3Y4HsuxtUPRz0UChVeccpu41lca2ZPFaicu5bJgzC_RlOgciWMgjuUWR6tUoW3s8VvMvTwQXV_SqZpuH4e5rC_PAtf4YvL1-_WCqqBHt57Wuh6pc-uGmRZ08XXScwdxth0MawtA
prd-account-factory-domain.auth.eu-west-3.amazoncognito.com/	1970-01-20 09:41:57	Name: csrf-state-legacy Value: mlG58oOENMx1Vu5g3CM1M7-AY9llV0sNFT2M3Y4HsuxtUPRz0UChVeccpu41lca2ZPFaicu5bJgzC_RlOgciWMgjuUWR6tUoW3s8VvMvTwQXV_SqZpuH4e5rC_PAtf4YvL1-_WCqqBHt57Wuh6pc-uGmRZ08XXScwdxth0MawtA
.amazon.com/	1970-01-20 18:27:33	Name: aws-ubid-main Value: 317-6501221-0082252
accounts.google.com/	1970-01-20 19:17:57	Name: __Host-GAPS Value: 1:lp4_YSUR0dj2n_XcBE2Izwwhy01CXg:WRoUjU85PmikVVpb
.google.com/	1970-01-20 19:17:57	Name: CONSENT Value: PENDING+364

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://portal.sso.eu-west-1.amazonaws.com/token/whoAmI Message: Failed to load resource: the server responded with a status of 401 ()
javascript	error	URL: https://vwis-login.awsapps.com/start/?relayId=bd3cf2de-3f5b-4726-9430-b500380918b6_4d919d44-eb36-41b6-aaa2-f1bf15ccaedd Message: Access to XMLHttpRequest at 'https://website.sso-portal.eu-west-1.amazonaws.com/log' from origin 'https://vwis-login.awsapps.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://website.sso-portal.eu-west-1.amazonaws.com/log Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://d1osqh8czd52ng.cloudfront.net/fwcim_signin_us-east-1_prod.js https://d35uxhjf90umnp.cloudfront.net/index.js".
network	error	URL: data:application/x-font-woff;base64,awsui-base64-content("./components/styles/src/sass/typography/fonts/ember/400-normal.woff") Message: Failed to load resource: net::ERR_INVALID_URL
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.youtube.com/_/AccountsDomainCookiesCheckConnectionHttp/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-factory.istefr.fr
accounts.google.com
accounts.youtube.com
cdn.jsdelivr.net
d250zetdqyq0c4.cloudfront.net
eu-west-1.signin.aws.amazon.com
fonts.googleapis.com
fonts.gstatic.com
play.google.com
portal.sso.eu-west-1.amazonaws.com
prd-account-factory-domain.auth.eu-west-3.amazoncognito.com
ssl.gstatic.com
truncated
vwis-login.awsapps.com
website.sso-portal.eu-west-1.amazonaws.com
accounts.google.com
truncated
website.sso-portal.eu-west-1.amazonaws.com
13.225.78.90
18.66.23.59
2600:9000:211a:1000:c:7267:8d00:21
2a00:1450:4001:803::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::200d
2a00:1450:4001:82a::2003
2a00:1450:4001:831::200a
2a04:4e42::485
2a05:d012:699:d102:a411:a749:dd44:9748
52.48.103.115
54.239.36.191
080650e6df123c23f3ae07740d3f6129a1b211ff5242dc60fa8e4ef5750d84a8
0bf9fe6cc97e003d0b1c9899c90c4d9f50ac9c5a843626f263276a3c0d5ce1f7
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
0ec90e520b46c9892b31747322f7f30d3e49a935e16a770e20994401896b66ac
12f457fc34d1021bb58886d50c06417169d2b8805c6dc36a69908ab03fe19a08
167bb626592883f351fb6cec8fffaaea1a47161f5678103ede77d4748784af7f
1b96105123076f236b76c52a7f0026f0c70aa54387ba09707a0de13f87ef61a0
1d6920af6e44b8cf9b217093812ae8b23025ea369e967cb099b52ec3610dfd70
21f53e31945b34972dde89d12d55270a46a1943e9b6877766357506f6e7f3c43
22be4a45ac8e04df64a90fbe1cf7bb46f0ac472a5bcb3d5b0acb9862a7741ed6
248c5c2e98621b15fe02999c36a92c042bc950ef74db9136a52dfdfda58b82bc
2f6b8ff2257d0bf447825c31f8af5640341924fd8c2c5abc4dad3d314b98cc69
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
404769e285a5bf3a318356c51bf41ef4bd2d4be2a6910b188b7391607a1755fa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45dde57ca3e54db1551a0339035b696a80d9fc69566ed2c8763c303c19c3e7c2
47024d5c4027d7810d4a1715d67b9abb428d0905d8d424528bbc936db7e6084f
49f47a459052ff9eec7782af8b015df9197bb82cbc853d68fd44c1ba1bcfbc84
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5279a14dceae5a4d1a071c4e31ec3cf042894a2e056f5e492962f46482ddcd44
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
66a096744e5d7e4d93fcdaf016e19dd3f3d65c795a9c102426895b6a397960a8
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
7019424e972366ff4b6fc6e8112d2b8c75c586b812fcf4818ac90d8946394282
87747a11bb57f308edd0c29b2d65624ce1d780bfa7812a1790c0f1d720ee4941
8a33142eec21418dac875ee96d3a1a54789155bbe7a408f0a92f4cf41b181a2d
8ae75b30f4594478390771042cc7ff85778cd834936d444ce3883dc8c983e2a2
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
97d3a03db0db5529e2e563a0f48e49c9e45c3e935d41315d3ab7fdb62088eb9e
9ca415df2c57b1f26947351c66ccfaf99d2f8f01b4b8de019a3ae6f3a9c780c7
9fc87778bff02e43bf1c052711b4dd8bbb5f638b44b3a96ade8656104c0d9e06
9feef3c86bbecda68772523c044a1c1fdb2087eca6401fdb48dcf40ecdeae768
a76ad2ae1a5c2ad8aa356b7cc4ed2ee1512fce6448104e11dc910814abdd1dd1
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548
b233f49facee6c91429c55aeda71aebb58ead76a4c28de713bf5432ad8695f2c
b2dc460864a60ac3ce89c4c6fab1c62ef9171ac1365cc47aa8aca95ecb06f0cf
b4888aa8e4ff02cd573587e8443db6845cfbe90848f2f60835dade254db062e8
b79cfcf0fc09dbe5b4979f4ab3e5b7fe51e0ff8f0f5babd4fed93716384c2357
b9ddd3adc1c30196b1ca518f962dc72a781e520822e07839d9862e4d35282e18
baca106611701b68e9dae7b525c56af8ab4cd672488e67b3ada1d4996dad80e7
bc345d43caf5a74ba0ca528e9bd57908ba22b4447c7fc20a11935d3982eac825
bef1e57c42c18ba9c2ff40b6f9996a541ff363874701cea04ee6903fd3a4d1e4
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
c046fa2baa905d5b7d68ac18838c7dd7e7eb2b982517f2cf7ac398263d934b0e
c405768f44c037936c41da08d5891ea88ba4e72d693915674d1a79c3c0466615
c57c70ba04d616f522374d8a2f8a4a37c4fad2f86471cd8987951c5d213a5a0f
c5af9f03be3be68535a059f0a4ba8156b6fd67d396a41ab0d1141976917adb86
c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e
c99062cf0c1712eb48c3b1c813d4a56f49bff39372d95a8769ecd126ab130152
cc60bde2651f164804678badf3a9719db5f4d18819d45b4a614ff3b0184fddd2
cf959877f4603b93bf6642bd201fcaa9156e1e91dc371cfed93b14e36e5e5fcd
d5f986569d61220db701c5d5b5865b8e71c080e34dd96cb8c3102e31fe7bdb77
d671d28e7fe3a131e21a67b0125b206d5f2ab48ca6c977f68af3847bb60604f7
d8978a204dd6fbc00eab7d2cc3eda40023b70a22ebc54332b7deafc8d1872f88
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
dd22b81b898eb407a56ff6b2ac75c7739745331c8b790e83e7dde68966fc16ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5bd40e5a3a46edf80d7613a16d964f3f1ce351d1aac30303b0db13284582b0

accounts.google.com Open in urlscan Pro 2a00:1450:4001:813::200d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

96 %HTTPS

69 %IPv6

12 Domains

15 Subdomains

13 IPs

4 Countries

8490 kBTransfer

11251 kBSize

12 Cookies

2 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

accounts.google.com Open in urlscan Pro
2a00:1450:4001:813::200d Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

96 %
HTTPS

69 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

8490 kB
Transfer

11251 kB
Size

12
Cookies

71 HTTP transactions
5 data transactions