candidat.passerelle-esc.com Open in urlscan Pro
163.172.207.194 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sso.passerelle-esc.com/
Effective URL:
https://candidat.passerelle-esc.com/
Submission: On July 09 via automatic, source certstream-suspicious (July 9th 2024, 12:17:01 pm UTC) — Scanned from FR

Summary HTTP 32 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 32 HTTP transactions. The main IP is 163.172.207.194, located in France and belongs to Online SAS, FR. The main domain is candidat.passerelle-esc.com.
TLS certificate: Issued by R10 on July 9th 2024. Valid for: 3 months.

This is the only time candidat.passerelle-esc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	163.172.207.194 163.172.207.194	12876 (Online SAS) (Online SAS)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:5200:1c:f638:2940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:272... 2600:9000:2724:7e00:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:e000:19:61a3:b200:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42:400... 2a04:4e42:400::720	54113 (FASTLY) (FASTLY)
32	11

16 163.172.207.194 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: prod.passerelle-esc.com

sso.passerelle-esc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
candidat.passerelle-esc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

passerelleesc.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:5200:1c:f638:2940:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.axept.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:7e00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:e000:19:61a3:b200:93a1 (United States)

ASN16509 (AMAZON-02, US)

client.axept.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::720 (United States)

ASN54113 (FASTLY, US)

axeptio.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	passerelle-esc.com 1 redirects sso.passerelle-esc.com candidat.passerelle-esc.com	1 MB
4	axept.io static.axept.io — Cisco Umbrella Rank: 105844 client.axept.io — Cisco Umbrella Rank: 111986	187 KB
4	matomo.cloud passerelleesc.matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 28335	80 KB
3	imgix.net axeptio.imgix.net — Cisco Umbrella Rank: 177291	34 KB
2	gstatic.com fonts.gstatic.com	66 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	107 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 331	6 KB
32	8

	Domain	Requested by
15	candidat.passerelle-esc.com	candidat.passerelle-esc.com
3	axeptio.imgix.net
3	passerelleesc.matomo.cloud	candidat.passerelle-esc.com passerelleesc.matomo.cloud
2	client.axept.io	static.axept.io
2	static.axept.io	www.googletagmanager.com static.axept.io
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	candidat.passerelle-esc.com
1	cdn.matomo.cloud	candidat.passerelle-esc.com
1	www.googletagmanager.com	candidat.passerelle-esc.com
1	cdnjs.cloudflare.com	candidat.passerelle-esc.com
1	sso.passerelle-esc.com	1 redirects
32	11

This site contains links to these domains. Also see Links.

Domain
grande-ecole.passerelle-esc.com
www.instagram.com
twitter.com
www.youtube.com
www.facebook.com
www.linkedin.com
www.tiktok.com

Subject Issuer	Validity	Valid
candidat.passerelle-esc.com R10	`2024-07-09` - `2024-10-07`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2024-05-21` - `2025-06-19`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
static.axeptio.eu Amazon RSA 2048 M02	`2024-05-19` - `2025-06-17`	a year	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M03	`2023-10-27` - `2024-11-23`	a year	crt.sh
client.axept.io Amazon RSA 2048 M03	`2024-07-03` - `2025-07-31`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://candidat.passerelle-esc.com/
Frame ID: 77ACC0F8E49410CE10A422AA4FF2281A
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Passerelle

Page URL History Show full URLs

https://sso.passerelle-esc.com/ HTTP 302
https://candidat.passerelle-esc.com/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

32
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

1738 kB
Transfer

5444 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://grande-ecole.passerelle-esc.com/mentions-legales
Title: Mentions Légales

Search URL Search Domain Scan URL

URL: https://www.instagram.com/passerellepge/

Search URL Search Domain Scan URL

URL: https://twitter.com/passerelleesc

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/passerelleesc

Search URL Search Domain Scan URL

URL: https://www.facebook.com/concourspasserelleesc

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/school/concours-passerelle/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@concourspasserelle

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sso.passerelle-esc.com/ HTTP 302
https://candidat.passerelle-esc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
candidat.passerelle-esc.com/
Redirect Chain

https://sso.passerelle-esc.com/
https://candidat.passerelle-esc.com/

1 KB
3 KB

211ms
142ms

Document
text/html

163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://candidat.passerelle-esc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

f71ce570f13781096ec071c62f2d427a55cbffec68f6174d1e2026b673788290

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 702
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Content-Type: text/html
Date: Tue, 09 Jul 2024 12:16:48 GMT
ETag: "5c8-61c2edfa0d4e5-gzip"-gzip
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 01 Jul 2024 12:38:26 GMT
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy: strict-origin
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 220
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 09 Jul 2024 12:16:48 GMT
Keep-Alive: timeout=5, max=100
Location: https://candidat.passerelle-esc.com/
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy: strict-origin
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 219ms
60ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jul 2024 12:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 12:16:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jul 2024 12:16:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
633 B 388ms
229ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:300,400,800,800i,900,900i&display=swap

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bcbd5d4111ee03e68629e3b7413942db271521164cf55e837ffa26cd37d24eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jul 2024 12:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 12:16:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jul 2024 12:16:48 GMT

GET
H3 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 158ms
47ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 12:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1922358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5845
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l01vqhe9vN3hqY%2FolS2fYW%2FQS7neonXCyE9Ylw6lNocYclqrqkQXtqcRJe0rfMeiuPYhcIR4WJkagJTtpR%2BBisqRHxHlwQLnrWVmS8Jg1nAya8YjCpJj5FBvNeK6xxxxcrKckraU"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a083f4f2eb46edf-CDG
expires: Sun, 29 Jun 2025 12:16:48 GMT

GET
H/1.1 200
OK main.80475222.css
candidat.passerelle-esc.com/static/css/ 350 KB
59 KB 55ms
43ms Stylesheet
text/css 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://candidat.passerelle-esc.com/static/css/main.80475222.css

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

d5322e2264778ea2be3eb5b2a5165cb3908adc1721288e31ec8aa696e54ef807

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:48 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Connection: Keep-Alive
Content-Length: 58558
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 28 Jun 2024 12:27:15 GMT
Server: Apache
ETag: "57744-61bf25e1cfedd-gzip"-gzip
X-Frame-Options: SAMEORIGIN
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: text/css
Vary: Accept-Encoding
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK main.5a9b98eb.js Show response
candidat.passerelle-esc.com/static/js/ 3 MB
568 KB 82ms
39ms Script
application/javascript 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://candidat.passerelle-esc.com/static/js/main.5a9b98eb.js

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

5a6b3a89654c96d9a710b64b95989f276ce7a4a59dffedd659b4f3d6a4fc10dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:48 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 01 Jul 2024 12:38:26 GMT
Server: Apache
ETag: "2ed290-61c2edfa24be6-gzip"-gzip
X-Frame-Options: SAMEORIGIN
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: application/javascript
Vary: Accept-Encoding
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H2 200 matomo.js Show response
passerelleesc.matomo.cloud/ 135 KB
40 KB 798ms
60ms Script
application/javascript 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://passerelleesc.matomo.cloud/matomo.js

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

Software

CloudFront /

Resource Hash

6c48decefc857d3ce02604d4bb249d5d9ee164dd43fb3c8ef77c569f15ca2e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 12:16:49 GMT
x-amz-version-id: F1Iv_dmlavkR8se1pLAQ3UIgmUBYVkwI
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 915
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Mon, 29 Apr 2024 00:22:16 GMT
server: CloudFront
etag: W/"ca010fce9ee54c3ca6ce3af5b2ca378c"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200, max-age=691200
x-amz-cf-id: 0wdDB-AqAInFIJ0YjWxqB7M0FMlFLJccZeTBAtPF_GepyruzhEhYVw==
expires: Wed, 17 Jul 2024 12:16:49 GMT

GET
H/1.1 200
OK infos Show response
candidat.passerelle-esc.com/api/account/ 860 B
3 KB 34ms
30ms Fetch
application/json 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://candidat.passerelle-esc.com/api/account/infos

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/static/js/main.5a9b98eb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

336f7ca770066fe1381d52ad1d8748e84d7e4cc549b551c49e2890ae4dc3e27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
Authorization: Bearer null
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: application/json
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 860
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK spaceCandidateOpen Show response
candidat.passerelle-esc.com/api/account/ 75 B
2 KB 34ms
31ms Fetch
application/json 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://candidat.passerelle-esc.com/api/account/spaceCandidateOpen

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/static/js/main.5a9b98eb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

82c5cb5ad57dc34244b2f5d767a92a080dc1ca604877174ba9660b7d2dd0466d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
Authorization: Bearer null
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: application/json
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 75
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK logo_passerelle_blanc.e186be66.png
candidat.passerelle-esc.com/static/media/ 16 KB
18 KB 71ms
27ms Image
image/png 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://candidat.passerelle-esc.com/static/media/logo_passerelle_blanc.e186be66.png

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/connexion

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

6d96bd98037065067c53efd8eda17641cfeb492bc9c05502127645fc0f30cbbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Connection: Keep-Alive
Content-Length: 16313
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 22 Feb 2021 17:02:45 GMT
Server: Apache
ETag: "3fb9-5bbefc5556bd1"-gzip
X-Frame-Options: SAMEORIGIN
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: image/png
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK doc.9b9e6ce3.svg
candidat.passerelle-esc.com/static/media/ 3 KB
5 KB 86ms
28ms Image
image/svg+xml 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://candidat.passerelle-esc.com/static/media/doc.9b9e6ce3.svg

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/connexion

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

c26a8bbaa2f8f55d929dd826669c8d11bcbc1795ea849aecbad80cc32eff743d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Connection: Keep-Alive
Content-Length: 3534
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:11:41 GMT
Server: Apache
ETag: "dce-5a5824ab9dec4"-gzip
X-Frame-Options: SAMEORIGIN
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: image/svg+xml
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e836eef7d167f2ec61229d069345ea3c47d8cfed7814e91b2c2b001df677814

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK login-logo-1.89dab046.svg
candidat.passerelle-esc.com/static/media/ 74 KB
76 KB 84ms
26ms Image
image/svg+xml 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://candidat.passerelle-esc.com/static/media/login-logo-1.89dab046.svg

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/connexion

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

a33073eee51ab84180a6923ca656dbb12e75feaf4c047950581ca8e7b78cc34c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Connection: Keep-Alive
Content-Length: 75703
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:11:41 GMT
Server: Apache
ETag: "127b7-5a5824ab9dec4"-gzip
X-Frame-Options: SAMEORIGIN
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: image/svg+xml
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK banner.a5ab034c.jpg
candidat.passerelle-esc.com/static/media/ 226 KB
228 KB 98ms
25ms Image
image/jpeg 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://candidat.passerelle-esc.com/static/media/banner.a5ab034c.jpg

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/static/css/main.80475222.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

71c86e680971a088072100ec2d752a3ba037900d7eeef841afba0f77563ec326

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Connection: Keep-Alive
Content-Length: 231634
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:11:41 GMT
Server: Apache
ETag: "388d2-5a5824ab9afe4"-gzip
X-Frame-Options: SAMEORIGIN
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK fa-light-300.b6a503f4.woff2
candidat.passerelle-esc.com/static/media/ 80 KB
82 KB 42ms
23ms Font
font/woff2 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://candidat.passerelle-esc.com/static/media/fa-light-300.b6a503f4.woff2

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/static/css/main.80475222.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

7991d4a006c2fc85da43d13d50343030192b62a2e3b6e7692228c75ace5434e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
Origin: https://candidat.passerelle-esc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Connection: Keep-Alive
Content-Length: 82004
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:11:41 GMT
Server: Apache
ETag: "14054-5a5824ab9bf84"-gzip
X-Frame-Options: SAMEORIGIN
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: font/woff2
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 32 KB
33 KB 413ms
68ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:300,400,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://candidat.passerelle-esc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:40:38 GMT
x-content-type-options: nosniff
age: 9371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32796
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:40:38 GMT

GET
H/1.1 200
OK fa-regular-400.79964b60.woff2
candidat.passerelle-esc.com/static/media/ 76 KB
78 KB 55ms
29ms Font
font/woff2 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://candidat.passerelle-esc.com/static/media/fa-regular-400.79964b60.woff2

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/static/css/main.80475222.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

4039460e181605090fc6f0d5d1679b2c05f4639ef114d1c158ae48647f7109a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
Origin: https://candidat.passerelle-esc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Connection: Keep-Alive
Content-Length: 77468
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:11:41 GMT
Server: Apache
ETag: "12e9c-5a5824ab9bf84"-gzip
X-Frame-Options: SAMEORIGIN
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: font/woff2
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK spaceCandidateOpen Show response
candidat.passerelle-esc.com/api/account/ 75 B
2 KB 104ms
67ms Fetch
application/json 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://candidat.passerelle-esc.com/api/account/spaceCandidateOpen

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/static/js/main.5a9b98eb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

82c5cb5ad57dc34244b2f5d767a92a080dc1ca604877174ba9660b7d2dd0466d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
Authorization: Bearer null
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: application/json
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 75
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 326 KB
107 KB 239ms
104ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRR6B8M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5ae21ea6bfab39856bb0e18b99ff687ab9ceeba31cde37c6267f11fc5b4d760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 12:16:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109394
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 12:16:49 GMT

GET
H/1.1 200
OK fa-brands-400.cd221017.woff2
candidat.passerelle-esc.com/static/media/ 60 KB
62 KB 79ms
68ms Font
font/woff2 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://candidat.passerelle-esc.com/static/media/fa-brands-400.cd221017.woff2

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/static/css/main.80475222.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

911c9e4a18166ae4b0ff905a0141335fbf88c3c69edf8d621a18906877983ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
Origin: https://candidat.passerelle-esc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Connection: Keep-Alive
Content-Length: 61272
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:11:41 GMT
Server: Apache
ETag: "ef58-5a5824ab9bf84"-gzip
X-Frame-Options: SAMEORIGIN
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: font/woff2
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H2 200 7Au-p_0qiz-afTf2LwLT.woff2
fonts.gstatic.com/s/muli/v29/ 33 KB
33 KB 30ms
27ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Au-p_0qiz-afTf2LwLT.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:300,400,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e1de4d29f0e7ace332fa1641bd061ec12f58ba31b72e277759e5cd48516c669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://candidat.passerelle-esc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:14:45 GMT
x-content-type-options: nosniff
age: 7324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33876
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 10:14:45 GMT

GET
H/1.1 200
OK fa-solid-900.c4fc4e6d.woff2
candidat.passerelle-esc.com/static/media/ 63 KB
65 KB 29ms
28ms Font
font/woff2 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://candidat.passerelle-esc.com/static/media/fa-solid-900.c4fc4e6d.woff2

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/static/css/main.80475222.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
Origin: https://candidat.passerelle-esc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Connection: Keep-Alive
Content-Length: 64428
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:11:41 GMT
Server: Apache
ETag: "fbac-5a5824ab9cf24"-gzip
X-Frame-Options: SAMEORIGIN
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: font/woff2
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

POST
H2 204 matomo.php
passerelleesc.matomo.cloud/ 0
175 B 82ms
76ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://passerelleesc.matomo.cloud/matomo.php?action_name=Passerelle&idsite=1&rec=1&r=956614&h=14&m=16&s=49&url=https%3A%2F%2Fcandidat.passerelle-esc.com%2Fconnexion&_id=191211ea58b723c4&_idn=1&send_image=0&_refts=0&pv_id=yhs2ID&fa_pv=1&fa_fp[0][fa_vid]=0BguZW&fa_fp[0][fa_fv]=1&pf_net=73&pf_srv=140&pf_tfr=5&pf_dm1=983&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: passerelleesc.matomo.cloud
URL: https://passerelleesc.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://candidat.passerelle-esc.com
date: Tue, 09 Jul 2024 12:16:49 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 sdk.js Show response
static.axept.io/ 680 KB
174 KB 180ms
34ms Script
text/javascript 2600:9000:2057:5200:1c:f638:2940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.axept.io/sdk.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRR6B8M&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5200:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c927c6fd343d591dd876117806482f7a27d257e3f72cbc1831881a968397afb2

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 12:21:16 GMT
content-encoding: br
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jun 2024 08:07:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 86135
x-amz-server-side-encryption: AES256
etag: W/"92bf42eaf00ed65fe206938c4166dc61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: aVi9_KajCmBfuMyIFEf2gBL4B6yAbY5QSpdaXkPNiV4YkgHSiqnyOA==

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/passerelleesc.matomo.cloud/ 135 KB
40 KB 164ms
33ms Script
application/javascript 2600:9000:2724:7e00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/passerelleesc.matomo.cloud/matomo.js

Requested by

Host: candidat.passerelle-esc.com
URL: https://candidat.passerelle-esc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:7e00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6c48decefc857d3ce02604d4bb249d5d9ee164dd43fb3c8ef77c569f15ca2e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 12:01:35 GMT
x-amz-version-id: F1Iv_dmlavkR8se1pLAQ3UIgmUBYVkwI
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 8a7cd2920ac4cbceb2a8f9a130562a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 916
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Mon, 29 Apr 2024 00:22:16 GMT
server: CloudFront
etag: W/"ca010fce9ee54c3ca6ce3af5b2ca378c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: j5-HmTWcrnRPdQnwD74W-mcmzCcLRzIz2ukyNRYKSel1I7br68HopA==

POST
H2 204 matomo.php
passerelleesc.matomo.cloud/ 0
175 B 83ms
82ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://passerelleesc.matomo.cloud/matomo.php?action_name=Passerelle&idsite=1&rec=1&r=959499&h=14&m=16&s=50&url=https%3A%2F%2Fcandidat.passerelle-esc.com%2Fconnexion&_id=191211ea58b723c4&_idn=0&send_image=0&_refts=0&pv_id=H4FLJ9&pf_net=73&pf_srv=140&pf_tfr=5&pf_dm1=983&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: passerelleesc.matomo.cloud
URL: https://passerelleesc.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://candidat.passerelle-esc.com
date: Tue, 09 Jul 2024 12:16:50 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 602a7c338c758459b127941c.json Show response
client.axept.io/ 15 KB
5 KB 106ms
35ms Fetch
application/json 2600:9000:20eb:e000:19:61a3:b200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.axept.io/602a7c338c758459b127941c.json?r=0
Requested by: Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e000:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 744830151faf49ed7aab5cbcea14021b112d9a6751d736f598c358d1bdd30c7d

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: .gGWu6F_53kPhX2eAjVMD6lAwIhidKfY
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
date: Tue, 09 Jul 2024 05:42:32 GMT
x-amz-cf-pop: FRA2-C1
age: 23659
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 May 2024 10:49:38 GMT
server: AmazonS3
etag: W/"65b369027700e08e8213e9d3e0e07a10"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: ykXROixvTUkPlV5yHW0yOaLN7a7tc50Jp9CjhbMOeChE9WJfo_rY6w==

GET
H/1.1 200
OK favicon.ico
candidat.passerelle-esc.com/ 2 KB
4 KB 28ms
25ms Other
image/png 163.172.207.194
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://candidat.passerelle-esc.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.207.194 , France, ASN12876 (Online SAS, FR),

Reverse DNS

prod.passerelle-esc.com

Software

Apache /

Resource Hash

15c48585046865b1e7fad7cdbfd441f2e7d37b941dc807c5a69be0132133c145

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 12:16:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: child-src 'none'; connect-src 'self' api.axept.io client.axept.io px.ads.linkedin.com www.google.com region1.analytics.google.com www.facebook.com stats.g.doubleclick.net analytics.tiktok.com *.google-analytics.com passerelleesc.matomo.cloud ; default-src 'none'; style-src-elem 'unsafe-inline' 'self' static.axept.io static.ads-twitter.com cdnjs.cloudflare.com fonts.googleapis.com ;style-src 'unsafe-inline' 'self' cdnjs.cloudflare.com fonts.googleapis.com ; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com ; img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com; frame-src 'none' tr.snapchat.com; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.axept.io tr.snapchat.com region1.analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com bat.bing.com passerelleesc.matomo.cloud sc-static.net snap.licdn.com cdn.matomo.cloud www.google.com www.google.fr ; report-uri https://csp-monitor.coreoz.com/api/report ; report-to csp-endpoint
Connection: Keep-Alive
Content-Length: 2257
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:11:41 GMT
Server: Apache
ETag: "8d1-5a5824ab88703"-gzip
X-Frame-Options: SAMEORIGIN
Report-To: { "group": "csp-endpoint", "max_age": 0, "endpoints": [ { "url": "https://csp-monitor.coreoz.com/api/report" } ] }
Content-Type: image/png
Permissions-Policy: geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H2 200 fr Show response
client.axept.io/pack/ 10 KB
4 KB 37ms
33ms Fetch
application/json 2600:9000:20eb:e000:19:61a3:b200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.axept.io/pack/fr
Requested by: Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e000:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / campsi
Resource Hash: 9a8209454ae265d2b74ae8a8f4b2354058289cd4262b6dc6568fbd271c20e111

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Jul 2024 00:37:02 GMT
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 387589
x-powered-by: campsi
etag: W/"278f-3BJBoZYAB5jHk7ECSZw/1mZQVdo"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: lgH6hds2ezobKnuGu18T7yp8upQMKVnGXP18O8DsI3cY-IEzbqQFXQ==

GET
H2 200 thumbprint-full.png
axeptio.imgix.net/2019/01/ 19 KB
20 KB 105ms
18ms Image
image/png 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://axeptio.imgix.net/2019/01/thumbprint-full.png?hue=50&sat=100&bri=55&w=200

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

08c665e7aea889550ec61e2e352e754e1b46abbcb9bb02995afeedb3a059b0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 12:16:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Jun 2024 13:25:15 GMT
server: imgix
age: 2328696
x-cache: HIT, HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 8f76bd20bcc29d51f96249aab858daa897234feb
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19844
x-served-by: cache-sjc1000090-SJC, cache-fra-eddf8230060-FRA, cache-lcy-eglc8600098-LCY

GET
H2 200 persos%20site%20-%20suite-14.png
axeptio.imgix.net/2020/04/ 8 KB
8 KB 112ms
28ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://axeptio.imgix.net/2020/04/persos%20site%20-%20suite-14.png?auto=format&fit=crop&w=170&h=auto&dpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

35d0cdb8eb1fe35c03796152fc518eed7ac125423bdb646ad60380bba64e9467

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 12:16:51 GMT
x-content-type-options: nosniff
age: 3581655
x-cache: HIT, HIT, HIT
x-imgix-id: 58624fe20c98748a9085f5b6dc76dbcbbac4f138
cross-origin-resource-policy: cross-origin
content-length: 8305
x-served-by: cache-sjc10063-SJC, cache-fra-etou8220026-FRA, cache-lcy-eglc8600098-LCY
last-modified: Wed, 29 May 2024 01:22:35 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 consentWallStep.js Show response
static.axept.io/ 10 KB
4 KB 30ms
29ms Script
text/javascript 2600:9000:2057:5200:1c:f638:2940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.axept.io/consentWallStep.js
Requested by: Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5200:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768448d30f2c5309d5f4118d733d6424745614cbbb51b13d8e2bd965af36326e

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:02:11 GMT
content-encoding: gzip
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jun 2024 08:07:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 54881
x-amz-server-side-encryption: AES256
etag: W/"30ff2da4e8a93186bc6a7a1edac3264f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DARtRQP-p5_qe_vdE_rqWLtt-XMP0GjKADQYDwHYZyiVSf8LTisxnA==

GET
H2 200 cookie-attention.png
axeptio.imgix.net/2019/07/ 6 KB
6 KB 27ms
24ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://axeptio.imgix.net/2019/07/cookie-attention.png?auto=format&fit=crop&w=170&h=auto&dpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

565c708573baad2a5524edd089f7c801d2b4dcb2645f815f041d41ed95212ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://candidat.passerelle-esc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 12:16:51 GMT
x-content-type-options: nosniff
age: 2397453
x-cache: HIT, HIT, HIT
x-imgix-id: f5c3fbf447bd46b56fea32609c6cf77823afc9c5
cross-origin-resource-policy: cross-origin
content-length: 6352
x-served-by: cache-sjc10050-SJC, cache-fra-eddf8230022-FRA, cache-lcy-eglc8600098-LCY
last-modified: Tue, 11 Jun 2024 18:19:18 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
candidat.passerelle-esc.com/	1970-01-21 07:21:22	Name: _pk_id.1.832d Value: 191211ea58b723c4.1720527410.
candidat.passerelle-esc.com/	1970-01-20 21:55:29	Name: _pk_ses.1.832d Value: 1
candidat.passerelle-esc.com/	1970-01-21 06:41:03	Name: axeptio_cookies Value: {%22$$token%22:%22hui4ten8x9w7atinbraxwm%22%2C%22$$date%22:%222024-07-09T12:16:50.717Z%22%2C%22$$cookiesVersion%22:{}%2C%22$$completed%22:false}
candidat.passerelle-esc.com/	1970-01-21 06:41:03	Name: axeptio_authorized_vendors Value: %2C%2C
candidat.passerelle-esc.com/	1970-01-21 06:41:03	Name: axeptio_all_vendors Value: %2C%2C

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://candidat.passerelle-esc.com/ Message: The Content-Security-Policy directive 'frame-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security	error	URL: https://candidat.passerelle-esc.com/connexion Message: [Report Only] Refused to load the image 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAGsAAABrCAYAAABwv3wMAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAABmJLR0QA/wD/AP+gvaeTAAAAB3RJTUUH5QsKDBMXeRbM1QAAH6hJREFUeNrtnXmYXUWd9z9VZ7n39r6lOwnZE7InEEggLGEH2WRzBH3Ud0RfdVzQedFXX0d9XmcclxlfHUVnRCSKuOC4IAiKIghEQDAhgRCSIEk6e9LppNe733Oq3j/q3O7bd+s1nUDyfZ5Op889p+459T2/tX5VBSdxEidxEidxEidxEidx4kIc6xs4XpD6dcOg54Ru7Dim93iSLIoSVQ+EgR4glvvBsSTshCcrj6jTgfcA5wOVwAHgMeDnwN9yTzwWpJ3QZOUQJYH/AfwLMLXIqTuAbwGrgd7swfEmTB6LTjoOcRnwdYoTB...dBUzi9NDvXbCEwt0h77Rj7uogygXoO4hhixxTH4S4/Q0egqhow8VENJos/UuYvwIw13UXh6pwR4BaMtN7PGNmg4eK4kKxRIrtx5yRMsL0RCh2AHBsUwnR+NwPt4Zrgh9zrg+sSwD3H+kGPyz0fh4kdwJeAvwJPDXKui7EnT2JqQQZ9/mISdCykCt4YkqUw6u9HlNmoJgdTMRtQX4NxrdODdf6xIicfr2vJyulEjVFrKu94PtKYnRpWY2zTMatbHwle95I1grf+FcyA5zGZYzUavK69weFikCH3kziJkzgh8f8BWJWMVJyF7/sAAAAldEVYdGRhdGU6Y3JlYXRlADIwMjEtMTEtMTBUMTI6MTk6MTgrMDA6MDARGpyhAAAAJXRFWHRkYXRlOm1vZGlmeQAyMDIxLTExLTEwVDEyOjE5OjE4KzAwOjAwYEckHQAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAASUVORK5CYII=' because it violates the following Content Security Policy directive: "img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com".
security	error	URL: https://candidat.passerelle-esc.com/static/js/main.5a9b98eb.js Message: [Report Only] Refused to load the image 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAGsAAABrCAYAAABwv3wMAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAABmJLR0QA/wD/AP+gvaeTAAAAB3RJTUUH5QsKDBMXeRbM1QAAH6hJREFUeNrtnXmYXUWd9z9VZ7n39r6lOwnZE7InEEggLGEH2WRzBH3Ud0RfdVzQedFXX0d9XmcclxlfHUVnRCSKuOC4IAiKIghEQDAhgRCSIEk6e9LppNe733Oq3j/q3O7bd+s1nUDyfZ5Op889p+459T2/tX5VBSdxEidxEidxEidxEidx4kIc6xs4XpD6dcOg54Ru7Dim93iSLIoSVQ+EgR4glvvBsSTshCcrj6jTgfcA5wOVwAHgMeDnwN9yTzwWpJ3QZOUQJYH/AfwLMLXIqTuAbwGrgd7swfEmTB6LTjoOcRnwdYoTB...dBUzi9NDvXbCEwt0h77Rj7uogygXoO4hhixxTH4S4/Q0egqhow8VENJos/UuYvwIw13UXh6pwR4BaMtN7PGNmg4eK4kKxRIrtx5yRMsL0RCh2AHBsUwnR+NwPt4Zrgh9zrg+sSwD3H+kGPyz0fh4kdwJeAvwJPDXKui7EnT2JqQQZ9/mISdCykCt4YkqUw6u9HlNmoJgdTMRtQX4NxrdODdf6xIicfr2vJyulEjVFrKu94PtKYnRpWY2zTMatbHwle95I1grf+FcyA5zGZYzUavK69weFikCH3kziJkzgh8f8BWJWMVJyF7/sAAAAldEVYdGRhdGU6Y3JlYXRlADIwMjEtMTEtMTBUMTI6MTk6MTgrMDA6MDARGpyhAAAAJXRFWHRkYXRlOm1vZGlmeQAyMDIxLTExLTEwVDEyOjE5OjE4KzAwOjAwYEckHQAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAASUVORK5CYII=' because it violates the following Content Security Policy directive: "img-src 'self' axeptio.imgix.net analytics.twitter.com t.co www.google.com www.google.fr tr.snapchat.com googleads.g.doubleclick.net bat.bing.com region1.analytics.google.com www.facebook.com *.linkedin.com www.googletagmanager.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

axeptio.imgix.net
candidat.passerelle-esc.com
cdn.matomo.cloud
cdnjs.cloudflare.com
client.axept.io
fonts.googleapis.com
fonts.gstatic.com
passerelleesc.matomo.cloud
sso.passerelle-esc.com
static.axept.io
www.googletagmanager.com
104.17.25.14
163.172.207.194
2600:9000:2057:5200:1c:f638:2940:93a1
2600:9000:20eb:e000:19:61a3:b200:93a1
2600:9000:2724:7e00:c:7d55:b3c0:93a1
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::200a
2a04:4e42:400::720
3.126.133.169
08c665e7aea889550ec61e2e352e754e1b46abbcb9bb02995afeedb3a059b0b3
15c48585046865b1e7fad7cdbfd441f2e7d37b941dc807c5a69be0132133c145
1e836eef7d167f2ec61229d069345ea3c47d8cfed7814e91b2c2b001df677814
2e1de4d29f0e7ace332fa1641bd061ec12f58ba31b72e277759e5cd48516c669
336f7ca770066fe1381d52ad1d8748e84d7e4cc549b551c49e2890ae4dc3e27e
35d0cdb8eb1fe35c03796152fc518eed7ac125423bdb646ad60380bba64e9467
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
4039460e181605090fc6f0d5d1679b2c05f4639ef114d1c158ae48647f7109a9
565c708573baad2a5524edd089f7c801d2b4dcb2645f815f041d41ed95212ac5
5a6b3a89654c96d9a710b64b95989f276ce7a4a59dffedd659b4f3d6a4fc10dd
6c48decefc857d3ce02604d4bb249d5d9ee164dd43fb3c8ef77c569f15ca2e75
6d96bd98037065067c53efd8eda17641cfeb492bc9c05502127645fc0f30cbbf
71c86e680971a088072100ec2d752a3ba037900d7eeef841afba0f77563ec326
744830151faf49ed7aab5cbcea14021b112d9a6751d736f598c358d1bdd30c7d
768448d30f2c5309d5f4118d733d6424745614cbbb51b13d8e2bd965af36326e
7991d4a006c2fc85da43d13d50343030192b62a2e3b6e7692228c75ace5434e7
82c5cb5ad57dc34244b2f5d767a92a080dc1ca604877174ba9660b7d2dd0466d
8bcbd5d4111ee03e68629e3b7413942db271521164cf55e837ffa26cd37d24eb
911c9e4a18166ae4b0ff905a0141335fbf88c3c69edf8d621a18906877983ee4
9a8209454ae265d2b74ae8a8f4b2354058289cd4262b6dc6568fbd271c20e111
a33073eee51ab84180a6923ca656dbb12e75feaf4c047950581ca8e7b78cc34c
a5ae21ea6bfab39856bb0e18b99ff687ab9ceeba31cde37c6267f11fc5b4d760
c26a8bbaa2f8f55d929dd826669c8d11bcbc1795ea849aecbad80cc32eff743d
c927c6fd343d591dd876117806482f7a27d257e3f72cbc1831881a968397afb2
d5322e2264778ea2be3eb5b2a5165cb3908adc1721288e31ec8aa696e54ef807
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
f71ce570f13781096ec071c62f2d427a55cbffec68f6174d1e2026b673788290
fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad

candidat.passerelle-esc.com Open in urlscan Pro 163.172.207.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

70 %IPv6

8 Domains

11 Subdomains

11 IPs

4 Countries

1738 kBTransfer

5444 kBSize

5 Cookies

7 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

candidat.passerelle-esc.com Open in urlscan Pro
163.172.207.194 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

1738 kB
Transfer

5444 kB
Size

5
Cookies

32 HTTP transactions
1 data transactions