urlscan.io logo urlscan.io
SecurityTrails logo

app.qonto.com Open in urlscan Pro
2600:9000:21c7:3800:0:7942:c340:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6...
Effective URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Submission: On September 08 via api from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 47 HTTP transactions. The main IP is 2600:9000:21c7:3800:0:7942:c340:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.qonto.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 26th 2023. Valid for: a year.
This is the only time app.qonto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:223f:2600:1b:92cd:8400:93a1 (United States)

ASN16509 (AMAZON-02, US)
email.qonto.com
21    2600:9000:21c7:3800:0:7942:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.qonto.com
3    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
8    104.18.10.238 (None, )

ASN13335 (CLOUDFLARENET, US)
api.qonto.com
1    13.224.189.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-35.fra2.r.cloudfront.net
widget.intercom.io
2    18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net
js.intercomcdn.com
3    2a00:1450:4001:812::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    184.30.208.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-208-159.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
3    2600:9000:2251:d800:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
2    2600:9000:2250:a000:d:2044:5c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.privacy-center.org
1    3.5.135.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
qonto-assets.s3.eu-central-1.amazonaws.com
1    2a00:1450:4001:827::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
30 qonto.com
email.qonto.com
app.qonto.com
api.qonto.com — Cisco Umbrella Rank: 729340
2 MB
5 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6359
api.privacy-center.org — Cisco Umbrella Rank: 9332
150 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 34
116 KB
3 sentry.io
sentry.io — Cisco Umbrella Rank: 192
441 B
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2718
266 KB
1 gstatic.com
fonts.gstatic.com
27 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 691
1 amazonaws.com
qonto-assets.s3.eu-central-1.amazonaws.com — Cisco Umbrella Rank: 721736
10 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 4046
17 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2187
3 KB
47 10
Domain Requested by
21 app.qonto.com app.qonto.com
8 api.qonto.com app.qonto.com
3 sdk.privacy-center.org app.qonto.com
sdk.privacy-center.org
3 accounts.google.com app.qonto.com
accounts.google.com
3 sentry.io app.qonto.com
2 api.privacy-center.org app.qonto.com
2 js.intercomcdn.com widget.intercom.io
1 fonts.gstatic.com
1 csp.withgoogle.com app.qonto.com
1 qonto-assets.s3.eu-central-1.amazonaws.com
1 appleid.cdn-apple.com app.qonto.com
1 widget.intercom.io app.qonto.com
1 email.qonto.com 1 redirects
47 13

This site contains links to these domains. Also see Links.

Domain
qonto.com
welcome.qonto.com
Subject Issuer Validity Valid
*.qonto.com
Amazon RSA 2048 M02		 2023-04-26 -
2024-05-24		 a year crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2024-09-07		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-29		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2023-05-03 -
2023-10-29		 6 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
api.privacy-center.org
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
*.s3.eu-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2024-01-14		 9 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Frame ID: 4E635C29557B4BCF6D51015284112460
Requests: 37 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.1dd78431.js
Frame ID: 6EB2928CC9499B026F6D4ADF3770B020
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=continue_with&shape=square&logo_alignment=center&width=350&client_id=528595174513-3lfm8f4bi5190vtqdhqgfr89qbjfougu.apps.googleusercontent.com&iframe_id=gsi_239607_941533&as=CfC76WPxb8c%2FRZYI5wq%2BnA&hl=en
Frame ID: 558F3E157E6681C2E4FF6A99A2D4B3E5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qonto

Page URL History Show full URLs

  1. https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0i... HTTP 302
    https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organiz... Page URL
  2. https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-292... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js

Page Statistics

47
Requests

100 %
HTTPS

54 %
IPv6

10
Domains

13
Subdomains

12
IPs

3
Countries

2706 kB
Transfer

14030 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6Ly9hcHAucW9udG8uY29tL2RldGVjdGFwcC5odG1sP2FwcFVybD1kZWVwbGlua3MlM0ZhY3Rpb24lM0RyZWNlaXZhYmxlLWludm9pY2VzLm5ldyUyNm9yZ2FuaXphdGlvbl9zbHVnJTNEbGVzZWNxLWF1cm9yZS0yOTI2JTI2YmxvY2tfMSUzRGN0YSIsImludGVybmFsIjoiZDdkYjA1MTVmMzYwZTQ5YTI3IiwibGlua19pZCI6ODU4OX0/2afd7e09b8014a3f9b211a44b0adc61efbee4bddd2d05df4701c1b55c242857d HTTP 302
    https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta Page URL
  2. https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6Ly9hcHAucW9udG8uY29tL2RldGVjdGFwcC5odG1sP2FwcFVybD1kZWVwbGlua3MlM0ZhY3Rpb24lM0RyZWNlaXZhYmxlLWludm9pY2VzLm5ldyUyNm9yZ2FuaXphdGlvbl9zbHVnJTNEbGVzZWNxLWF1cm9yZS0yOTI2JTI2YmxvY2tfMSUzRGN0YSIsImludGVybmFsIjoiZDdkYjA1MTVmMzYwZTQ5YTI3IiwibGlua19pZCI6ODU4OX0/2afd7e09b8014a3f9b211a44b0adc61efbee4bddd2d05df4701c1b55c242857d HTTP 302
  • https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
detectapp.html
app.qonto.com/
Redirect Chain
  • https://email.qonto.com/e/c/eyJlbWFpbF9pZCI6ImRnVFgyd1VEQU9TYUotT2FKd0dLUzNjLVhnZlBLSGdqR21oMTVwOD0iLCJocmVmIjoiaHR0cHM6Ly9hcHAucW9udG8uY29tL2RldGVjdGFwcC5odG1sP2FwcFVybD1kZWVwbGlua3MlM0ZhY3Rpb24lM...
  • https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
716 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2ed03089377d17c425b4036eba9716a30bdde90b38ae3a4a1171e5d1efa03d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
716
content-security-policy
frame-ancestors 'none'
content-type
text/html
date
Fri, 08 Sep 2023 10:00:37 GMT
etag
"0009a3c55bd7b5abfc64b54fdbf006a5"
last-modified
Fri, 08 Sep 2023 10:00:31 GMT
server
AmazonS3
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-id
69HqDeTnbPQAsansHHf5xOZ5cy1q9yv2UzVTVTgekw8QD5wNh0GTag==
x-amz-cf-pop
AMS54-C1
x-amz-id-2
UcICstXWUABlWAEAhKhmca7kI4BG/GkydCpwpxTRZhwBq2EG3keaYdAOmFvZl5JjdYJ74ELnLBw=
x-amz-request-id
SNB0CKEMSAPF7N4X
x-amz-server-side-encryption
AES256
x-amz-version-id
TY1f8Xf8d6ESzAS5_pxLouBucDrkLqGA
x-cache
Miss from cloudfront

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
date
Fri, 08 Sep 2023 10:00:36 GMT
location
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
via
1.1 google, 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-id
DfoRw7w0QR9_dUuLoNRKancs6IiZ_uJKw8UQlaq81TXcqQ87ssG2_A==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
chunk.7085c0573e3aa58e364e.js
app.qonto.com/assets/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.7085c0573e3aa58e364e.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
219fb6cae6f5c1cedcb80148e240632646803354f644a2a55eb08cf5334b671f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
dDNow3W6pL2KgP_4oqqxC3zdsA7rlW4c
content-encoding
br
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
date
Tue, 05 Sep 2023 22:57:35 GMT
last-modified
Tue, 29 Aug 2023 16:27:17 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
214085
x-amz-server-side-encryption
AES256
etag
W/"24382005caab74b3a595955647edaf67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Jsaca874aoiPTRLzcZbCUdeDwU5TF1T4HzgS3X6CbpUGC6a2buBdxw==
detectapp.b7da05d43c8b5148a6798b62b4b28110.css
app.qonto.com/ 		1 KB
913 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/detectapp.b7da05d43c8b5148a6798b62b4b28110.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f113d06a10439a44df2fab3ed14628b4443ddf10e4de8c9e96a0ca720f4f4af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
dNtMzNUCc1DtS.Gw53QoMkh9_KeyUNLV
content-encoding
br
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
date
Fri, 08 Sep 2023 10:00:13 GMT
last-modified
Mon, 28 Aug 2023 14:03:27 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
55
x-amz-server-side-encryption
AES256
etag
W/"b7da05d43c8b5148a6798b62b4b28110"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
Di71e-I6X-0xMYWWo7SY3taJYupr0C5g5Mhg7G2C5Fux7LjED2Pzew==
qonto-logo.svg
app.qonto.com/illustrations/app/ 		734 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.qonto.com/illustrations/app/qonto-logo.svg
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
qJIFNkihsy6ofHdG1K3Qqh6yFULv0DGl
date
Thu, 07 Sep 2023 07:45:02 GMT
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
94675
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
734
last-modified
Thu, 31 Aug 2023 07:26:41 GMT
server
AmazonS3
etag
"35b31ae0bb9ec6d7240ee58ec494c4bc"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
zwcg8WGdfLTLa6QezSgdEUCgA_p1F3PEpXdQVvngLeWtkyS32rSGLA==
external-link-alt.svg
app.qonto.com/icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.qonto.com/icon/external-link-alt.svg
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:59:50 GMT
x-amz-version-id
NADA_X_7WcwRXWdZZN2t37etSEFCTSoa
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Fri, 01 Sep 2023 16:15:45 GMT
server
AmazonS3
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"a1084858db19e2c456b57fcbb8bc3afb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
age
540047
x-amz-cf-id
YClAjnQk_klr4kHs1C-cGPrP1IPwuYtK5jofmGo12rAsWdniohCqRQ==
Primary Request deeplinks
app.qonto.com/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.7085c0573e3aa58e364e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d595100d596a0256d5c67b1942a42013e11b5896f28c698c3a8ea7aa3a483fb4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
7965
content-security-policy
frame-ancestors 'none'
content-type
text/html
date
Fri, 08 Sep 2023 10:00:37 GMT
etag
"e4ffb6f57bc1207647dc391c113dd905"
last-modified
Fri, 08 Sep 2023 10:00:30 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-id
1MTTWJ_iNSpd5LGurytReS7dIzfgbCiXs9WxBShqnpibgFSjZOZO-Q==
x-amz-cf-pop
AMS54-C1
x-amz-id-2
eVzhH5H3RKuLVJsueZITIdfnQsUxr29BsAEhryvoH3xIKWYNlX9TYRR161zhUoy88NYqOvUAcZY=
x-amz-request-id
SNBDHNWKYB88FN9G
x-amz-server-side-encryption
AES256
x-amz-version-id
Vd9x1DHDFdPbS16PWUspr64vz8wbDX8K
x-cache
Error from cloudfront
polysans-neutral.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-neutral.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbe7ffb622175ae830af0bbe0d29673470fe728f9df47fb850094ebfbf930cf3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
a4Pj1e8hhF88ZBspQvv_iMtskHBywZSQ
date
Fri, 08 Sep 2023 10:00:17 GMT
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
20
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25484
last-modified
Thu, 10 Aug 2023 07:57:33 GMT
server
AmazonS3
etag
"a19c4c179b08653db697a55d8b218512"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
H8dKd4Av-SbSxK-9YNxTOZqPZpG1NtcA2IN5AYo4F86vVVXKhjbcaQ==
polysans-median.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-median.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
692f6f15f66235cf41b8646d5d75b9f609028832e0ad9f569483819d2694e655
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
U.uQQojltGqWpwslfYWx3BCRXrUb.6pc
date
Fri, 08 Sep 2023 10:00:19 GMT
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
18
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26516
last-modified
Thu, 10 Aug 2023 16:04:25 GMT
server
AmazonS3
etag
"f41f8b7109964b649e2e6c028eda3144"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
Wd1_pq8oSPhyY6Fl7pJ_G98AOENcXk-EinuHz7ok3CdLbaKjVfnhjw==
polysans-slim.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-slim.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f23e103734fedf6e937f8cefe3598bb7a9d65989e96664ec85a03c3e5c81c213
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
UrnzYc196CUdm0rVHgPPAO8pV_UQR3tX
date
Fri, 08 Sep 2023 10:00:18 GMT
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
18
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25428
last-modified
Fri, 11 Aug 2023 16:02:30 GMT
server
AmazonS3
etag
"130f1af8644734f23dd97252d3db7b11"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
EbM1BYCbfhPgpwFovfQtQ4tBua4N-jaUQbCUoqd2P2nr_7YBcXzvdw==
vendor.58b2be94723e4ebfc91ca768d34cc00b.css
app.qonto.com/assets/ 		160 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/vendor.58b2be94723e4ebfc91ca768d34cc00b.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81ff11fd1f4acd5527fbedf0e9dfe3f9504b0230f4f66d5ddab563c6baeb0fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
wl3.PgA_Zlf5wuhySoV2NXgixTXvz7Yq
content-encoding
gzip
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
date
Thu, 07 Sep 2023 06:15:17 GMT
last-modified
Thu, 31 Aug 2023 06:14:39 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
99920
x-amz-server-side-encryption
AES256
etag
W/"58b2be94723e4ebfc91ca768d34cc00b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
loIWGSFeJEgkyEFq6yhusLd8mWEjsU-ZjbvpLVnQYw923E3VjNNRnA==
qonto.3d9a68fd8ae2abdbca7e9b4521c7a192.css
app.qonto.com/assets/ 		377 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/qonto.3d9a68fd8ae2abdbca7e9b4521c7a192.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f0bdbb7f63b28b95774f2c049a06391f952b66ce50fdb316a5f69e231ee39aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 09:18:05 GMT
x-amz-version-id
FylzViqJp8SlW6SH0HktGwnCrBYc_JEN
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Fri, 08 Sep 2023 09:17:42 GMT
server
AmazonS3
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"3d9a68fd8ae2abdbca7e9b4521c7a192"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
2552
x-amz-cf-id
ORHtRlEjdiHJZdyJT3UYiBpaoRkFj8CChETaTBoUrnRmnaPPmXmpMQ==
chunk.34a9bcc9074c040c0d86.css
app.qonto.com/assets/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.34a9bcc9074c040c0d86.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e813c5a2361f20ec8bdb14728568e89dcf6ae3865c4aba45ba2b44ecbd22c6d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:35:08 GMT
x-amz-version-id
PeTux1LFzn9OiSMz3_NJ.L2L9gREOsMQ
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Thu, 07 Sep 2023 12:34:32 GMT
server
AmazonS3
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"cd383a4aa30a49d7a4af348c4f8aae71"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
77129
x-amz-cf-id
9HHjnJcGZpmlEgAJ-06W7GFz39-Bt0d54rsLeBMrG2h8Q4HqIphngw==
vendor.3330d5cea76b9c29b86877969b2803d6.js
app.qonto.com/assets/ 		543 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/vendor.3330d5cea76b9c29b86877969b2803d6.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dea3380a2bb70f3adf1e985da92fead733ded524ce08841914cae229475f645
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 08:08:32 GMT
x-amz-version-id
Yyu_.scr4n._z9Tb6uUj_VuYTkxOfUer
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
last-modified
Fri, 01 Sep 2023 16:15:40 GMT
server
AmazonS3
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"3330d5cea76b9c29b86877969b2803d6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
438725
x-amz-cf-id
3UwejJ2HBCVt3wzWQFSF3uOojy_F6hlmusu8LIrdtmL7-i5-M3mWNA==
chunk.60910401816e2e19a841.js
app.qonto.com/assets/ 		2 MB
536 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.60910401816e2e19a841.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19bd5a0d56670463ff32c04d4b1d3ecf3e712351c50677418043cdf1a6ef3318
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:35:08 GMT
x-amz-version-id
1Km7Q7mqOahxyMqaQGGaNkgt9BiBaUS2
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Thu, 07 Sep 2023 12:34:34 GMT
server
AmazonS3
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"a63ef7501ae7d21397bc87a878132aec"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
77129
x-amz-cf-id
aylm7V3C0HL03_WKEUMgO7VUxq2MYZRvfjEQ9wZ7Q0vIa3q_44BC3Q==
chunk.aced51e5a641919c724e.js
app.qonto.com/assets/ 		7 MB
916 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.aced51e5a641919c724e.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/deeplinks?action=receivable-invoices.new&organization_slug=lesecq-aurore-2926&block_1=cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
705b8cce3cf1f6761702221d51415fb3da53b830d54028774d50e6ff0ee432a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 09:18:05 GMT
x-amz-version-id
UFVKK9ykleSoCsdKQOxRg62I7S7z5Z1Z
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Fri, 08 Sep 2023 09:17:33 GMT
server
AmazonS3
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"8cc0cbf3e7e86b160d176a8ccaaf7dd5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
2552
x-amz-cf-id
Gaw24frEtTXwy2xokzqXJ-4AKXfMW0uGK74YkbaD4xJ8A-D1H1KwYQ==
/
sentry.io/api/160009/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.60910401816e2e19a841.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 08 Sep 2023 10:00:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/goals/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Launchdarkly-User-Agent
access-control-allow-methods
GET
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
803658777dd9383f-MAD
content-length
0
date
Fri, 08 Sep 2023 10:00:38 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Launchdarkly-User-Agent
access-control-allow-methods
GET
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
803658777ddb383f-MAD
content-length
0
date
Fri, 08 Sep 2023 10:00:38 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
r0qk2mbw
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/r0qk2mbw
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/vendor.3330d5cea76b9c29b86877969b2803d6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a16d790f7f8189eb1f81eb974ca6a201a0509c20260a3f35fd46f2bf6e249411

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
5zqDSZfrAWQiY3ooMXrcBYDqA3cLYpbs
content-encoding
gzip
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
date
Fri, 08 Sep 2023 09:41:19 GMT
x-amz-cf-pop
FRA2-C1
age
1180
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2704
last-modified
Thu, 07 Sep 2023 15:30:09 GMT
server
AmazonS3
etag
"8f15dc1ed8ff7cd59c55ac576d5caf0b"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
-DX1btIqYZU0VijLQQF1Q9tPWdBPSWGB8VIDQndcPmYVVJm4-tNjkQ==
chunk.856.96cf93a695a8e8b7059f.js
app.qonto.com/assets/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.856.96cf93a695a8e8b7059f.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.aced51e5a641919c724e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56dad9307dfeb7810dd3f63d33b036804f419b7a7401b85166b9ccf16fcdead2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 08:47:38 GMT
x-amz-version-id
uXcPBMzLBBcno7As3_aeSbIxAFdffBOs
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
last-modified
Mon, 04 Sep 2023 07:41:27 GMT
server
AmazonS3
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"b02aefd5e278e24a982d1020acd1c2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
349981
x-amz-cf-id
PADtipoc4UpmI8oku5GlzTXKFaXqyIySkLypMmGioQcjZS18Bgoceg==
chunk.257.94897c28d0afb9840fd9.js
app.qonto.com/assets/ 		245 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.257.94897c28d0afb9840fd9.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.aced51e5a641919c724e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f126281035207e19c5665cd472b2c44997f9548802e945c3f3d3ec4a2e1202f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
.urEuFqjBFkvLk7txsylZuwGYPRJo0pG
content-encoding
br
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
date
Thu, 07 Sep 2023 20:34:00 GMT
last-modified
Thu, 24 Aug 2023 16:03:53 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
387915
x-amz-server-side-encryption
AES256
etag
W/"d519fe8a966a2cf8d772f47a9988266e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
L81bNzmEPk3cZ96rTKkBkqRuQwV2iAavmil1DyrgdcyieKnCNNJPeQ==
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/sdk/goals/ 		2 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/goals/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.60910401816e2e19a841.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 10:00:38 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-par-lfpg1960058-PAR
server
cloudflare
x-timer
S1694167238.418329,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
x-varied-accept-encoding
gzip
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
cache-control
max-age=0
access-control-allow-credentials
true
x-ratelimit-reset
0
vary
Origin, Accept-Encoding
x-ratelimit-limit
0
accept-ranges
bytes
cf-ray
80365877fe42383f-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
x-ratelimit-remaining
0
x-cache-hits
37
chunk.asset-manifest.f52c9499b3381f7ab0e3.js
app.qonto.com/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.asset-manifest.f52c9499b3381f7ab0e3.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.aced51e5a641919c724e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7fb2f6bf8aa1b5a747e031264f485da572f5eeb95b1d40b9fcf74ee9da90af9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:44:01 GMT
x-amz-version-id
mYpHwkWY46VYN2LguOZlm6xKbHhHd4i6
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Fri, 01 Sep 2023 07:37:49 GMT
server
AmazonS3
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"236c5d7eb27c2df0671df1f9f75338ac"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
267398
x-amz-cf-id
CHcw4br-zDNo7XmsevIbijwUH_7cko7ywc_weeYjPxNWSGPvq_B-Tg==
chunk.locale.en-json.cbda715fac187061dd5a.js
app.qonto.com/assets/ 		484 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.locale.en-json.cbda715fac187061dd5a.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.aced51e5a641919c724e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e7488d677fb7422582096a9d70aa2644ca6ef7b99526281a3a58adb6ebc6629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 08:47:10 GMT
x-amz-version-id
iYwy3A3sf7sAKmllrB9MYU0IsafaqMmU
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Fri, 08 Sep 2023 08:46:37 GMT
server
AmazonS3
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"f2a8416e4fe14b8c12578dc1e365dc4f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
4409
x-amz-cf-id
W45gJE0pC9ETm1iaAo3kLritAh9MYAG428LbDJR2sq2JR2XOROy2Ow==
eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/ 		3 KB
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.60910401816e2e19a841.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c49eca170055a4124ae28d5efd09dc80af0562856089b382541bd65b713045b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 10:00:38 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
vary
Origin
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
803658780e52383f-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
x-ratelimit-remaining
0
frame-modern.1dd78431.js
js.intercomcdn.com/ Frame 6EB2 		506 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.1dd78431.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r0qk2mbw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a28ae80a1a4c18c0a7b70ee78c21618a1c7ce1f1a8964308b34b0ae992ee1be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
_JZSF5k6H_MGn.FkPg8.3DoWlXsOlCMm
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
date
Fri, 08 Sep 2023 09:30:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
1828
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
143109
last-modified
Thu, 07 Sep 2023 15:28:17 GMT
server
AmazonS3
etag
"8112103693064a7c27b355f8cd7010a5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
KWNpgyOBSJYjsk0mbScRNpX1hTQaBBCJ-UvyMxMtxxzixx0-Jj4cJw==
vendor-modern.1f7f821f.js
js.intercomcdn.com/ Frame 6EB2 		409 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.1f7f821f.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r0qk2mbw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7626bcca2926dde098bd3d26ac6beefc16d926fa07e69b22c12f80d0a5153377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
e6b0of2zh6VmxPzKKTHVSimea6gIp5kh
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
date
Fri, 08 Sep 2023 08:46:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
4472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
128314
last-modified
Wed, 06 Sep 2023 14:44:14 GMT
server
AmazonS3
etag
"ab3e894af9301f1134cecc568095b249"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
cp24BJu5SpSL9gcWmYU7qXF5AA5yUDWKGGvXzaTj7rPqoELyZ3wGtQ==
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/diagnostic/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Launchdarkly-User-Agent
access-control-allow-methods
POST
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
8036587c0b1c383f-MAD
content-length
0
date
Fri, 08 Sep 2023 10:00:39 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/diagnostic/ 		0
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/diagnostic/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.60910401816e2e19a841.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Sep 2023 10:00:39 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
300
vary
Origin
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
x-ratelimit-remaining
0
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
8036587c7b9d383f-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
content-length
0
/
sentry.io/api/160009/envelope/ 		2 B
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.60910401816e2e19a841.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 08 Sep 2023 10:00:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
sentry.io/api/160009/envelope/ 		2 B
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.60910401816e2e19a841.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 08 Sep 2023 10:00:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
client
accounts.google.com/gsi/ 		194 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.aced51e5a641919c724e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af0be6c292ee61fbfc13c843781ff932e1a92c67fead16991d41fb16b955cb0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KlUhAKdzbamrIaaiugKtjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 10:00:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-KlUhAKdzbamrIaaiugKtjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 08 Sep 2023 10:00:39 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.aced51e5a641919c724e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.208.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-208-159.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Fri, 08 Sep 2023 10:00:39 GMT
Last-Modified
Tue, 05 Sep 2023 23:09:06 GMT
Server
Apple
ETag
W/"43171-1693955346931"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
loader.js
sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/loader.js?target_type=notice&target=DCLrVU69
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.aced51e5a641919c724e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:d800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
15d1973e27d92fabd3480f0111c7ee0bd9cf586cae2e2b9f736a2f9e059cda1b

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 10:00:39 GMT
content-encoding
gzip
x-didomi-remote-config-metadata
multiReg:false;legacyGlobalGdpr:true
x-didomi-remote-config-source
Lambda
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
age
4464
etag
"28b7332bd123236f11c2f28db4926363"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
10779
x-amz-cf-id
Zpn7Y4cvmbcfJX3_5JOYEoG_oGsj5bpFzfKaCFsqDwOljTgE3qRC-A==
chunk.981.4f9c80f39cbc5e3f952f.js
app.qonto.com/assets/ 		289 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.981.4f9c80f39cbc5e3f952f.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.aced51e5a641919c724e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
000d79c60a825b427f49f0de80ffb25600dd0c709c6d363045b4ae8e7851939f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
IN4pe2dB4pjSflFaQst7Z5FGz8q8FCJ0
content-encoding
br
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
date
Fri, 01 Sep 2023 13:44:25 GMT
last-modified
Fri, 25 Aug 2023 13:41:42 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
591375
x-amz-server-side-encryption
AES256
etag
W/"c02f1e9e9e63e24c663a5260b486afae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
2ngu7MiMny8yZ41x9CxvOE_AbTIlE2BKkGQL9J_GVpzhc_KSuBBWiA==
sdk.a55f6b821dd824b653f96b71c35c0f5c3394b0bf.js
sdk.privacy-center.org/sdk/a55f6b821dd824b653f96b71c35c0f5c3394b0bf/modern/ 		336 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/a55f6b821dd824b653f96b71c35c0f5c3394b0bf/modern/sdk.a55f6b821dd824b653f96b71c35c0f5c3394b0bf.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/loader.js?target_type=notice&target=DCLrVU69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:d800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99fbefd2c923ba2cf7377704879e5b7128c88cd1fcc9fe01e695de7cfc142527

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:51:59 GMT
content-encoding
gzip
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Thu, 07 Sep 2023 04:51:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
104921
etag
W/"68045cd1adb71eaf29049023e3069304-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
LYz4W5-O1xLnsaikbP-OyMIctq-aMOsWpMAgkfLlSiouj7Kz_ia60A==
first-screen-peach.json
app.qonto.com/lotties/ 		676 KB
57 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/lotties/first-screen-peach.json
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.60910401816e2e19a841.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:3800:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4285401243d9d05baebf8b423e1b19e8242f41533b90f92fca3ae659b925394
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
accept-language
es-ES,es;q=0.9
baggage
sentry-environment=production,sentry-release=6da3894ce3,sentry-public_key=fa86b669a6ac4c4fa3dfc79ddda2a514,sentry-trace_id=898c78a0bbac4cae88775d672c37f99c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
sentry-trace
898c78a0bbac4cae88775d672c37f99c-968e3df756c36dee-0

Response headers

x-amz-version-id
SAXBFFVf57zCyJkdEP_jX3A6DOrvUHmO
content-encoding
gzip
via
1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
date
Fri, 08 Sep 2023 10:00:33 GMT
last-modified
Fri, 18 Aug 2023 16:36:47 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
AMS54-C1
age
60
x-amz-server-side-encryption
AES256
etag
W/"7d3e7bcb4cea2428242d2eb1abb14727"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
x-amz-cf-id
xuSVq3eGJMkkQNIKmh7uBsW6-wp1KQUaqOo23Ar9hZdGMgToUJFhFg==
ui-gdpr-en-web.a55f6b821dd824b653f96b71c35c0f5c3394b0bf.js
sdk.privacy-center.org/sdk/a55f6b821dd824b653f96b71c35c0f5c3394b0bf/modern/ 		249 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/a55f6b821dd824b653f96b71c35c0f5c3394b0bf/modern/ui-gdpr-en-web.a55f6b821dd824b653f96b71c35c0f5c3394b0bf.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/a55f6b821dd824b653f96b71c35c0f5c3394b0bf/modern/sdk.a55f6b821dd824b653f96b71c35c0f5c3394b0bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:d800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
499d00967a2dc7070b8dc210bc75f188d73e90f95c691b7f0bcf8b8b844a6d1a

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:52:02 GMT
content-encoding
gzip
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Thu, 07 Sep 2023 04:51:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
104918
etag
W/"4f930f77b00ed1c46bc2a8052f028c0b-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
F8qlduw1DNK2mG5sbJPsqdsXslyne7gbvRScVNZzvgC-mpudKKk0yA==
style
accounts.google.com/gsi/ 		533 B
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SzEGZE_ninHi0p-qPX4HLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 10:00:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-SzEGZE_ninHi0p-qPX4HLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 08 Sep 2023 10:00:39 GMT
button
accounts.google.com/gsi/ Frame 558F 		108 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=continue_with&shape=square&logo_alignment=center&width=350&client_id=528595174513-3lfm8f4bi5190vtqdhqgfr89qbjfougu.apps.googleusercontent.com&iframe_id=gsi_239607_941533&as=CfC76WPxb8c%2FRZYI5wq%2BnA&hl=en
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7b497bcd200952bcf479d939bcb7102d138156efe019c72b35cc55da38d8fae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g_skmbS49oB2hOUnCr1Jnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.qonto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-g_skmbS49oB2hOUnCr1Jnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 10:00:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
events
api.privacy-center.org/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.privacy-center.org/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
date
Fri, 08 Sep 2023 10:00:39 GMT
vary
Access-Control-Request-Headers
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-id
6DxjgOg0h2BNgTOhNZJXre0KZSgc5IPehwhHrdFg3ji8TJa2_BZ1uQ==
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
x-powered-by
Express
events
api.privacy-center.org/v1/ 		0
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.privacy-center.org/v1/events
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.60910401816e2e19a841.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.qonto.com/
X-Requested-With
XMLHttpRequest
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Sep 2023 10:00:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
surrogate-control
no-store
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
pragma
no-cache
etag
W/"4-K+iMpCQsduglOsYkdIUQZQMtaDM"
x-download-options
noopen
allow
POST
vary
Accept
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-didomi-version
fc43c1e
x-frame-options
SAMEORIGIN
x-amz-cf-id
emGqsaeWV-Dy15gu40B2iaCLxcITS-2IsJkICVva1TQDAqbFoKSKBw==
expires
0
logo_qonto_2022.jpg
qonto-assets.s3.eu-central-1.amazonaws.com/logos/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qonto-assets.s3.eu-central-1.amazonaws.com/logos/logo_qonto_2022.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.135.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2bb2a9c3b2a75f82899f568fc6459120a9a120f6cedf235016fea046ce682a23

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Fri, 08 Sep 2023 10:00:40 GMT
x-amz-meta-server-side-encryption
AES256
x-amz-version-id
mzk_qXrLzA_d7o1a.eFYJ1sfmtHXwsO1
Last-Modified
Thu, 17 Feb 2022 13:00:17 GMT
Server
AmazonS3
x-amz-request-id
1TTF52FFV0H3WQG5
ETag
"8bb168ebf4aee766a9f0d698e195a760"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
x-amz-meta-version-id
Hm_nNe8LPJle6pFLjN_1ZIqj2kUPgbJe
Accept-Ranges
bytes
Content-Length
9718
x-amz-id-2
/dHU1k4HgPmHBlQ39szEWULSnj7czb+HsfAPoGCDfTB5hTnpPig7vasflYQFHPC89vmoPnGZFL6k0ekoYo+m5Q==
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 558F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=deeplinks%3Faction%3Dreceivable-invoices.new%26organization_slug%3Dlesecq-aurore-2926%26block_1%3Dcta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/csp-report

Response headers
4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 558F 		51 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
Origin
https://accounts.google.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 21:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27431
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:43:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Sep 2024 21:19:59 GMT
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/bulk/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Launchdarkly-Event-Schema, X-Launchdarkly-Payload-Id, X-Launchdarkly-User-Agent
access-control-allow-methods
POST
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
803658888a97383f-MAD
content-length
0
date
Fri, 08 Sep 2023 10:00:41 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/bulk/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/bulk/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.60910401816e2e19a841.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.10.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
X-LaunchDarkly-Payload-ID
916aecf0-4e2e-11ee-afc3-61110fbd20ef
X-LaunchDarkly-Event-Schema
4
accept-language
es-ES,es;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Sep 2023 10:00:41 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-length
0
server
cloudflare
x-ratelimit-remaining
0
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
vary
Origin
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
80365888fb30383f-MAD
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| loader function| define function| requireModule function| require function| requirejs boolean| runningTests boolean| preferNative object| EmberENV object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| ProgressBar object| webpackChunkqonto object| __SENTRY__ object| __sentryEmberConfig function| Intercom object| intlTelInputGlobals object| intlTelInputUtils function| __intercomAssignLocation function| __intercomReloadLocation object| __LD__ object| didomiOnReady object| didomiEventListeners object| didomiConfig boolean| gdprAppliesGlobally function| __tcfapi object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| AppleID object| webpackChunkDidomi object| Didomi object| dataLayer object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_42762 object| didomiState object| DidomiSanitizing

3 Cookies

Domain/Path Name / Value
.qonto.com/ Name: deviceId
Value: ed1bb591-de38-4f25-9eb8-c254f39a19dd
.qonto.com/ Name: ember_simple_auth-session
Value: %7B%22authenticated%22%3A%7B%7D%7D
.qonto.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMThhNzQzYzgtYjZkYS02M2Y1LTljZWMtZTQzYmY3ZDU0NjBmIiwiY3JlYXRlZCI6IjIwMjMtMDktMDhUMTA6MDA6MzkuNTc2WiIsInVwZGF0ZWQiOiIyMDIzLTA5LTA4VDEwOjAwOjM5LjU3NloiLCJ2ZXJzaW9uIjpudWxsfQ==

3 Console Messages

Source Level URL
Text
javascript error URL: https://app.qonto.com/assets/chunk.60910401816e2e19a841.js(Line 1)
Message:
Refused to get unsafe header "date"
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
javascript error URL: https://app.qonto.com/assets/chunk.60910401816e2e19a841.js(Line 1)
Message:
Refused to get unsafe header "date"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.privacy-center.org
api.qonto.com
app.qonto.com
appleid.cdn-apple.com
csp.withgoogle.com
email.qonto.com
fonts.gstatic.com
js.intercomcdn.com
qonto-assets.s3.eu-central-1.amazonaws.com
sdk.privacy-center.org
sentry.io
widget.intercom.io
104.18.10.238
13.224.189.35
18.66.147.43
184.30.208.159
2600:9000:21c7:3800:0:7942:c340:93a1
2600:9000:223f:2600:1b:92cd:8400:93a1
2600:9000:2250:a000:d:2044:5c40:93a1
2600:9000:2251:d800:5:b7cc:d3c0:93a1
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200d
2a00:1450:4001:827::2011
3.5.135.15
35.186.247.156
000d79c60a825b427f49f0de80ffb25600dd0c709c6d363045b4ae8e7851939f
0dea3380a2bb70f3adf1e985da92fead733ded524ce08841914cae229475f645
15d1973e27d92fabd3480f0111c7ee0bd9cf586cae2e2b9f736a2f9e059cda1b
19bd5a0d56670463ff32c04d4b1d3ecf3e712351c50677418043cdf1a6ef3318
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
219fb6cae6f5c1cedcb80148e240632646803354f644a2a55eb08cf5334b671f
2bb2a9c3b2a75f82899f568fc6459120a9a120f6cedf235016fea046ce682a23
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
499d00967a2dc7070b8dc210bc75f188d73e90f95c691b7f0bcf8b8b844a6d1a
4e7488d677fb7422582096a9d70aa2644ca6ef7b99526281a3a58adb6ebc6629
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56dad9307dfeb7810dd3f63d33b036804f419b7a7401b85166b9ccf16fcdead2
692f6f15f66235cf41b8646d5d75b9f609028832e0ad9f569483819d2694e655
705b8cce3cf1f6761702221d51415fb3da53b830d54028774d50e6ff0ee432a0
7626bcca2926dde098bd3d26ac6beefc16d926fa07e69b22c12f80d0a5153377
7c49eca170055a4124ae28d5efd09dc80af0562856089b382541bd65b713045b
7f113d06a10439a44df2fab3ed14628b4443ddf10e4de8c9e96a0ca720f4f4af
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
8a28ae80a1a4c18c0a7b70ee78c21618a1c7ce1f1a8964308b34b0ae992ee1be
99fbefd2c923ba2cf7377704879e5b7128c88cd1fcc9fe01e695de7cfc142527
9f0bdbb7f63b28b95774f2c049a06391f952b66ce50fdb316a5f69e231ee39aa
a16d790f7f8189eb1f81eb974ca6a201a0509c20260a3f35fd46f2bf6e249411
af0be6c292ee61fbfc13c843781ff932e1a92c67fead16991d41fb16b955cb0d
c7b497bcd200952bcf479d939bcb7102d138156efe019c72b35cc55da38d8fae
c81ff11fd1f4acd5527fbedf0e9dfe3f9504b0230f4f66d5ddab563c6baeb0fa
d2ed03089377d17c425b4036eba9716a30bdde90b38ae3a4a1171e5d1efa03d6
d595100d596a0256d5c67b1942a42013e11b5896f28c698c3a8ea7aa3a483fb4
dbe7ffb622175ae830af0bbe0d29673470fe728f9df47fb850094ebfbf930cf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4285401243d9d05baebf8b423e1b19e8242f41533b90f92fca3ae659b925394
e7fb2f6bf8aa1b5a747e031264f485da572f5eeb95b1d40b9fcf74ee9da90af9
e813c5a2361f20ec8bdb14728568e89dcf6ae3865c4aba45ba2b44ecbd22c6d7
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
f126281035207e19c5665cd472b2c44997f9548802e945c3f3d3ec4a2e1202f7
f23e103734fedf6e937f8cefe3598bb7a9d65989e96664ec85a03c3e5c81c213