urlscan.io logo urlscan.io
SecurityTrails logo

creditmutuel-professionnel-virement.decentralande.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/cm-professionel/index.html?eJwcyUuOtCAQAODTwM4Oj-JRCxb_pq9hSqDTRLT8FWMyp59k1l9JlD-GjKxJe4zKRwdRf...
Effective URL: https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/login.php
Submission: On June 14 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 35 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is creditmutuel-professionnel-virement.decentralande.com.
TLS certificate: Issued by GTS CA 1P5 on May 28th 2024. Valid for: 3 months.
This is the only time creditmutuel-professionnel-virement.decentralande.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a00:1450:4001:80f::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
5    13.56.96.205 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-96-205.us-west-1.compute.amazonaws.com
creditmutuel-professionnel-virement.fanlink.tv
www.toneden.io
1    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
1    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    13.224.189.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-73.fra2.r.cloudfront.net
st.toneden.io
1    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
www.googleadservices.com
2    13.32.99.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-58.fra60.r.cloudfront.net
sd.toneden.io
1    3.161.82.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-28.fra56.r.cloudfront.net
cdn.evbstatic.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    13.52.31.143 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-52-31-143.us-west-1.compute.amazonaws.com
fanlink.tv
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
4    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
creditmutuel-professionnel-virement.decentralande.com
Apex Domain
Subdomains		 Transfer
9 toneden.io
st.toneden.io — Cisco Umbrella Rank: 355176
sd.toneden.io — Cisco Umbrella Rank: 372232
www.toneden.io — Cisco Umbrella Rank: 368009
4 MB
7 decentralande.com
creditmutuel-professionnel-virement.decentralande.com
225 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
162 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
region1.google-analytics.com — Cisco Umbrella Rank: 2347
21 KB
3 fanlink.tv
creditmutuel-professionnel-virement.fanlink.tv
fanlink.tv — Cisco Umbrella Rank: 387723
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
174 KB
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 394
801 B
1 evbstatic.com
cdn.evbstatic.com — Cisco Umbrella Rank: 27694
224 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 135
21 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1380
426 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 881
15 KB
1 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1430
383 B
1 google.com
www.google.com — Cisco Umbrella Rank: 5
872 B
35 14
Domain Requested by
7 creditmutuel-professionnel-virement.decentralande.com 3 redirects st.toneden.io
creditmutuel-professionnel-virement.decentralande.com
4 www.facebook.com creditmutuel-professionnel-virement.fanlink.tv
4 www.toneden.io st.toneden.io
4 connect.facebook.net creditmutuel-professionnel-virement.fanlink.tv
st.toneden.io
connect.facebook.net
3 st.toneden.io creditmutuel-professionnel-virement.fanlink.tv
2 www.googletagmanager.com www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com st.toneden.io
www.google-analytics.com
2 fanlink.tv st.toneden.io
2 sd.toneden.io creditmutuel-professionnel-virement.fanlink.tv
sd.toneden.io
2 storage.googleapis.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.evbstatic.com creditmutuel-professionnel-virement.fanlink.tv
1 www.googleadservices.com creditmutuel-professionnel-virement.fanlink.tv
1 use.fontawesome.com creditmutuel-professionnel-virement.fanlink.tv
1 static.ads-twitter.com creditmutuel-professionnel-virement.fanlink.tv
1 platform.twitter.com 1 redirects
1 www.google.com
1 creditmutuel-professionnel-virement.fanlink.tv
35 18

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.fanlink.tv
R3		 2024-06-05 -
2024-09-03		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
toneden.io
Amazon RSA 2048 M02		 2024-02-08 -
2025-03-08		 a year crt.sh
*.googleadservices.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
evbstatic.com
Amazon RSA 2048 M02		 2024-01-01 -
2025-01-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-23 -
2024-06-21		 3 months crt.sh
*.toneden.io
R3		 2024-03-26 -
2024-06-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
decentralande.com
GTS CA 1P5		 2024-05-28 -
2024-08-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/login.php
Frame ID: 569DCCBBC9AAC208240550183F82EF58
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Connexion à votre Espace Client

Page URL History Show full URLs

  1. https://storage.googleapis.com/cm-professionel/index.html?eJwcyUuOtCAQAODTwM4Oj-JRCxb_pq9hSqDTRLT8FWMyp59k1... Page URL
  2. https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction Page URL
  3. https://creditmutuel-professionnel-virement.decentralande.com/ HTTP 302
    https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0 HTTP 301
    https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/ HTTP 302
    https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

35
Requests

94 %
HTTPS

44 %
IPv6

14
Domains

18
Subdomains

18
IPs

3
Countries

6064 kB
Transfer

21359 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/cm-professionel/index.html?eJwcyUuOtCAQAODTwM4Oj-JRCxb_pq9hSqDTRLT8FWMyp59k1l9JlD-GjKxJe4zKRwdRfpN1SOrjTbRUESpY4zy4hfKiERWgbMk760MEi07FMIegImlQGn2IVAWoq5W6tv9T52cKbgmhAGQ_hfXJ62uj1mVP3zGOS9h_wryFeR98n515p0I_r8ybPNPO9wngJo2IAhTfozOvfzjS1Uadn9ozb3U-Ti53Ho333wAAAP__htBAug Page URL
  2. https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction Page URL
  3. https://creditmutuel-professionnel-virement.decentralande.com/ HTTP 302
    https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0 HTTP 301
    https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/ HTTP 302
    https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://storage.googleapis.com/favicon.ico HTTP 307
  • https://www.google.com/images/icons/product/cloud_storage-32.png
Request Chain 3
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.html
storage.googleapis.com/cm-professionel/ 		129 B
603 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/cm-professionel/index.html?eJwcyUuOtCAQAODTwM4Oj-JRCxb_pq9hSqDTRLT8FWMyp59k1l9JlD-GjKxJe4zKRwdRfpN1SOrjTbRUESpY4zy4hfKiERWgbMk760MEi07FMIegImlQGn2IVAWoq5W6tv9T52cKbgmhAGQ_hfXJ62uj1mVP3zGOS9h_wryFeR98n515p0I_r8ybPNPO9wngJo2IAhTfozOvfzjS1Uadn9ozb3U-Ti53Ho333wAAAP__htBAug
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
1841
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
129
content-type
text/html
date
Fri, 14 Jun 2024 12:47:21 GMT
etag
"9e1a0ef4f4e9225a58e440e012624980"
expires
Fri, 14 Jun 2024 13:47:21 GMT
last-modified
Fri, 14 Jun 2024 10:20:54 GMT
server
UploadServer
x-goog-generation
1718360454752720
x-goog-hash
crc32c=J9oHTQ== md5=nhoO9PTpIlpY5EDgEmJJgA==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
129
x-guploader-uploadid
ABPtcPqOa3mMNRz63JqoJ5mM1IBNewL0EPAwaPn8p4a8_2A08Z7EZdzALbjzjbZ-MKp3jcClei9DIQDA1g
AnnulationAction
creditmutuel-professionnel-virement.fanlink.tv/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.96.205 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-96-205.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
14707e7d9f95cf96c9ae53dbafee01cdda00c2405951c234c770115b3d72af36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000000; includeSubDomains

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://storage.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Jun 2024 13:18:02 GMT
Keep-Alive
timeout=5
Strict-Transport-Security
max-age=31536000000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Nerd-Alert
Hacking us? Why not work for us instead? eventbritecareers.com
X-Powered-By
Express
cloud_storage-32.png
www.google.com/images/icons/product/
Redirect Chain
  • https://storage.googleapis.com/favicon.ico
  • https://www.google.com/images/icons/product/cloud_storage-32.png
850 B
872 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/images/icons/product/cloud_storage-32.png
Protocol
H3
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 14 Jun 2024 13:18:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
850
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 14 Jun 2024 13:18:02 GMT

Redirect headers

date
Fri, 14 Jun 2024 12:20:31 GMT
server
UploadServer
age
3451
x-guploader-uploadid
ABPtcPrXw29gNYGs6r_h_ud1_XCg0GPT-A5hywtwiv4AG45gmPq8S8Lftfb3svJk-0Yp2pCUvw
content-type
text/html; charset=UTF-8
location
https://www.google.com/images/icons/product/cloud_storage-32.png
cache-control
public, max-age=31556926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H2
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 14 Jun 2024 13:18:03 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kjyo7100113-IAD, cache-fra-etou8220113-FRA

Redirect headers

Date
Fri, 14 Jun 2024 13:18:03 GMT
Server
ECS (pab/6FA0)
x-tw-cdn
VZ
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Location
https://static.ads-twitter.com/oct.js
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= ,x-tw-cdn;desc=VZ
Content-Length
0
all.js
use.fontawesome.com/releases/v5.15.4/js/ 		1 MB
426 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 13:18:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
168726
etag
W/"5e29440867fdb02a48dffded02338c31"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YYoqAlWpCNIXaFk299C9%2BWUZNrRzxnwiHLkvV25Rp2pMx67Nr4fcPgYi6wB8REIzAsFn%2BGf3xKnX%2B%2FVMCmZZLrnE79A%2FXIVlgKJbrgyowT954XoBc7oneKZFA%2B9YKSJc4D1aIHd%2Bl1HP3G4bVfUcyF4k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
893a9aa51bf70068-CDG
alt-svc
h3=":443"; ma=86400
fan-link.css
st.toneden.io/production/stylesheets/ 		403 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st.toneden.io/production/stylesheets/fan-link.css?v=86d82457b1
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-73.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d6873d6c25a63ba3dfc58721372035d852f5ae37edb24151e9614b6a059a0de

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
zZhEGrdcfmQT8q4SHqgCJqmCUbl3yv86
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date
Thu, 13 Jun 2024 19:15:27 GMT
x-amz-cf-pop
FRA2-C1
age
64963
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
70367
last-modified
Mon, 10 Jun 2024 19:15:07 GMT
server
AmazonS3
etag
"31a80b765f33e7625b738778cb8bff67"
vary
Accept-Encoding, Origin
content-type
text/css; charset=utf-8
cache-control
no-store, max-age=0
accept-ranges
bytes
x-amz-cf-id
oH4F-G0Y2-9h_qd7-7fdXHsEGCD5voRfUaPf-ti6LsLvPSGuc-7cFw==
conversion.js
www.googleadservices.com/pagead/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
cb80189bea8ea7a6843849c79683005d8b2a08e5bcb7cd5081b4231517944e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 13:18:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21122
x-xss-protection
0
server
cafe
etag
324536219094311370
vary
Accept-Encoding
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 14 Jun 2024 13:18:03 GMT
fan-link.js
st.toneden.io/production/javascripts/ 		17 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.toneden.io/production/javascripts/fan-link.js?v=86d82457b1
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-73.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21aa5fde6d1d4e8881e6c6f1cc7515481ac6b941c28746ea30fb646dc30d76a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Dgp2UFO_UrfDCwlOotkJSFr8G55KTow0
content-encoding
gzip
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
date
Thu, 13 Jun 2024 19:15:27 GMT
x-amz-cf-pop
FRA2-C1
age
64958
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4491816
last-modified
Mon, 10 Jun 2024 19:15:05 GMT
server
AmazonS3
etag
"0730f1c6e942cf9a76f6ed7f71056126"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, max-age=0
accept-ranges
bytes
x-amz-cf-id
cD2vprv3LDcmj5X2-0Yf8T8G7HcJiW2YIvSbTo9w-x4V36FwsoDsmg==
toneden.loader.js
sd.toneden.io/production/v2/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sd.toneden.io/production/v2/toneden.loader.js
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dea8ea11a3aa9c899fc3ed1a48e81009586b3100f0b67bbe6b9e2bfc1cf3d1a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 12:31:46 GMT
content-encoding
gzip
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2017 00:32:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
2784
etag
"01cdccc32ce4455a13916531784c396a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=691200
accept-ranges
bytes
content-length
645
x-amz-cf-id
JoqgwOdhD_moCwsO9_2MWI8JWKdHG-8FXisu3peUKwTp-P5TQU9h3g==
neueplak.js
cdn.evbstatic.com/s3-build/perm_001/bf1c05/django/js/src/eb/fonts/ 		296 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.evbstatic.com/s3-build/perm_001/bf1c05/django/js/src/eb/fonts/neueplak.js
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
929f6b6ca9a0c32b436454d91eb36d10a2a50b827c8b4e710b6829d1cc6f9e8c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
date
Fri, 14 Jun 2024 13:12:43 GMT
last-modified
Thu, 21 Mar 2019 00:58:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
328
etag
W/"bf1c0572e601b9755fd9af7a63f0cac2"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
private, max-age=604800
x-amz-cf-id
UxkRU6FfEPL5lisvQ6Fc8dbS70qSC40fXCXWKeBw0a8g9hSdFciZOA==
expires
Tue, 17 Sep 2019 00:54:54 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Jun 2024 13:18:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1297, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
kVVhMAItHzb5PDSAvoKAbNsojRTryvKhP2UtHn1D8RFVhxLCZYfSMb7RUgo4gSue4kFjMObd6RwB2HaL1aHpCQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events
www.toneden.io/api/v1/analytics/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.96.205 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-96-205.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,csrf-token,ui-version
Access-Control-Request-Method
POST
Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Connection
keep-alive
Date
Fri, 14 Jun 2024 13:18:05 GMT
Keep-Alive
timeout=5
Strict-Transport-Security
max-age=31536000000; includeSubDomains
Transfer-Encoding
chunked
X-Nerd-Alert
Like React.js? Flux? Node? We want you! eventbritecareers.com
X-Powered-By
Express
access-control-allow-headers
content-type,csrf-token,ui-version
record
fanlink.tv/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fanlink.tv/record
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.52.31.143 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-31-143.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,csrf-token
Access-Control-Request-Method
POST
Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Connection
keep-alive
Date
Fri, 14 Jun 2024 13:18:05 GMT
Keep-Alive
timeout=5
Strict-Transport-Security
max-age=31536000000; includeSubDomains
Transfer-Encoding
chunked
X-Nerd-Alert
Like React.js? Flux? Node? We want you! eventbritecareers.com
X-Powered-By
Express
access-control-allow-headers
content-type,csrf-token
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=86d82457b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Jun 2024 11:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5820
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 14 Jun 2024 13:41:03 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=86d82457b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
82455f3569cda0e70966fac424b495fe04cab8ac122d6c4115099f2568c3ea3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Jun 2024 13:18:03 GMT
content-md5
NEnTlB7LwQ4P8FXMzgqwUA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1690
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=60, mss=1297, tbw=63535, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
Yzs59/5UOonZVpkRmf3Hnk6g/67+uwLXn5xtxIieIFMtJmFZNHAdcbN+bp8s4f+jNh0myHHdTbau9zy6J/Vfdg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d66dac5b241268c03d61d841680fa5dd
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"96024ade6d372752d47a13075dd78e32"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 14 Jun 2024 13:26:50 GMT
events
www.toneden.io/api/v1/analytics/ 		16 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=86d82457b1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.96.205 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-96-205.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
csrf-token
xNPDLQTC-tBAjUBFG0-cYohNIpEoFs7t6_pI
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
ui-version
1.227
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000000; includeSubDomains
Date
Fri, 14 Jun 2024 13:18:05 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
X-Nerd-Alert
Hacking us? Why not work for us instead? eventbritecareers.com
Content-Length
16
Keep-Alive
timeout=5
events
www.toneden.io/api/v1/analytics/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.96.205 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-96-205.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,csrf-token,ui-version
Access-Control-Request-Method
POST
Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Connection
keep-alive
Date
Fri, 14 Jun 2024 13:18:05 GMT
Keep-Alive
timeout=5
Strict-Transport-Security
max-age=31536000000; includeSubDomains
Transfer-Encoding
chunked
X-Nerd-Alert
Like React.js? Flux? Node? We want you! eventbritecareers.com
X-Powered-By
Express
access-control-allow-headers
content-type,csrf-token,ui-version
record
fanlink.tv/ 		16 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fanlink.tv/record
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=86d82457b1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.52.31.143 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-31-143.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
csrf-token
xNPDLQTC-tBAjUBFG0-cYohNIpEoFs7t6_pI
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000000; includeSubDomains
Date
Fri, 14 Jun 2024 13:18:05 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
X-Nerd-Alert
Like React.js? Flux? Node? We want you! eventbritecareers.com
Content-Length
16
Keep-Alive
timeout=5
events
www.toneden.io/api/v1/analytics/ 		16 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=86d82457b1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.96.205 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-96-205.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
csrf-token
xNPDLQTC-tBAjUBFG0-cYohNIpEoFs7t6_pI
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
ui-version
1.227
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000000; includeSubDomains
Date
Fri, 14 Jun 2024 13:18:05 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
X-Nerd-Alert
Hacking us? Why not work for us instead? eventbritecareers.com
Content-Length
16
Keep-Alive
timeout=5
toneden.js
sd.toneden.io/production/v2/ 		422 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sd.toneden.io/production/v2/toneden.js
Requested by
Host: sd.toneden.io
URL: https://sd.toneden.io/production/v2/toneden.loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 13:15:49 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
144
x-cache
Hit from cloudfront
content-length
144884
last-modified
Mon, 13 Feb 2017 00:32:38 GMT
server
AmazonS3
etag
"da4bf68ea0f8cffa6ea439d7608d52cf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
x-amz-cf-id
6LStU7--8gjMbH7jOj7oyEoConv5kVOIxG8iz9ESS5j3nodNwCZXdw==
1711912442390284
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1711912442390284?v=2.9.158&r=stable&domain=creditmutuel-professionnel-virement.fanlink.tv&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Jun 2024 13:18:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4326, tp=9, tpl=0, uplat=73, ullat=0
pragma
public
x-fb-debug
QXsb8HTMmhteNCq04bV6X2wjxJkjxq0PAsYN7TRJEv+bHQp1HrHM/TDA5DNcKkyjWN5T7C2zd88F5iDcWZ9aXQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=810d9971fa84d6d454579e4b6bd3f768
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Origin
https://creditmutuel-professionnel-virement.fanlink.tv
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Jun 2024 13:18:05 GMT
content-md5
akITH0k0smEn2WomQw7+Bw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89055
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4293, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
m4Bt5HdYvwa35EAV6UWSP/ytWWehCAvBV8mXmtCuBR+k5DhXopLW7rh9UK1EHTmV2mIEhfkl5kkZc3hnwaLSQg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b1ea12097549a1cbd216dde1011b1f72
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"1d6194be67b660633bf0ea5ec23b6716"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 14 Jun 2025 12:28:11 GMT
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1711912442390284&ev=PageView&dl=https%3A%2F%2Fcreditmutuel-professionnel-virement.fanlink.tv%2FAnnulationAction&rl=https%3A%2F%2Fstorage.googleapis.com%2F&if=false&ts=1718371085529&cd[link_id]=3161609&cd[owner]=71295747&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718371085525.444384555196095898&cs_est=true&ler=other&cdl=API_unavailable&it=1718371085370&coo=false&rqm=GET
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=3143, tp=-1, tpl=-1, uplat=0, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Jun 2024 13:18:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1711912442390284&ev=PageView&dl=https%3A%2F%2Fcreditmutuel-professionnel-virement.fanlink.tv%2FAnnulationAction&rl=https%3A%2F%2Fstorage.googleapis.com%2F&if=false&ts=1718371085529&cd[link_id]=3161609&cd[owner]=71295747&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718371085525.444384555196095898&cs_est=true&ler=other&cdl=API_unavailable&it=1718371085370&coo=false&rqm=FGET
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe3b6f76e980a589a","source_keys":["1","2"]},{"key_piece":"0x2a5f9e946f49cabb","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 14 Jun 2024 13:18:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=16, mss=1297, tbw=6460, tp=-1, tpl=-1, uplat=176, ullat=1
pragma
no-cache
x-fb-debug
XuoUHdVSsNXDmYCZn5r/3sR6H2V6+xX49BsNy90XUHx8dXQKLkGs6qtq/95dZnRyQ2+DOdWWun5tv1g1S+MlPQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1711912442390284&ev=ViewContent&dl=https%3A%2F%2Fcreditmutuel-professionnel-virement.fanlink.tv%2FAnnulationAction&rl=https%3A%2F%2Fstorage.googleapis.com%2F&if=false&ts=1718371085532&cd[content_type]=product&cd[link_id]=3161609&cd[owner]=71295747&cd[viewer]=&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.1.1718371085525.444384555196095898&ler=other&cdl=API_unavailable&it=1718371085370&coo=false&rqm=GET
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=2856, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Jun 2024 13:18:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1711912442390284&ev=ViewContent&dl=https%3A%2F%2Fcreditmutuel-professionnel-virement.fanlink.tv%2FAnnulationAction&rl=https%3A%2F%2Fstorage.googleapis.com%2F&if=false&ts=1718371085532&cd[content_type]=product&cd[link_id]=3161609&cd[owner]=71295747&cd[viewer]=&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.1.1718371085525.444384555196095898&ler=other&cdl=API_unavailable&it=1718371085370&coo=false&rqm=FGET
Requested by
Host: creditmutuel-professionnel-virement.fanlink.tv
URL: https://creditmutuel-professionnel-virement.fanlink.tv/AnnulationAction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe129f147ad9f8880","source_keys":["1","2"]},{"key_piece":"0x8d9bd34f1088e8a8","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 14 Jun 2024 13:18:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=16, mss=1297, tbw=3299, tp=-1, tpl=-1, uplat=169, ullat=1
pragma
no-cache
x-fb-debug
PFnhYZrj/LRqdVoSld3Pnyq1g5g1HdGjJFtRoZwq4FIeRYKkf83l50adlM5rG8Ep2otUVFlqtGdWwQcDH0WJsQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1846828930&t=event&_s=1&dl=https%3A%2F%2Fcreditmutuel-professionnel-virement.fanlink.tv%2FAnnulationAction&dr=https%3A%2F%2Fstorage.googleapis.com%2F&ul=fr-fr&de=UTF-8&dt=Espace%20Client&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=sdk&ea=loaded&el=https%3A%2F%2Fcreditmutuel-professionnel-virement.fanlink.tv%2FAnnulationAction&_u=qGhAAAABAAAAACAAI~&jid=2057455013&gjid=273277314&cid=280718033.1718371085&tid=UA-55279667-1&_gid=612390948.1718371086&_r=1&_slc=1&z=1900309199
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 13:18:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://creditmutuel-professionnel-virement.fanlink.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		258 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3KM8DGF3ZN&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 13:18:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93715
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 14 Jun 2024 13:18:05 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-974636074&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KM8DGF3ZN&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 13:18:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83651
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Jun 2024 13:18:05 GMT
collect
region1.google-analytics.com/g/ 		0
276 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3KM8DGF3ZN&gtm=45je46c0v9123967733za200&_p=1718371083867&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&ul=fr-fr&sr=1600x1200&cid=280718033.1718371085&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fcreditmutuel-professionnel-virement.fanlink.tv%2FAnnulationAction&dr=https%3A%2F%2Fstorage.googleapis.com%2F&dt=Espace%20Client&sid=1718371085&sct=1&seg=0&en=loaded&_fv=1&_ss=1&_ee=1&ep.event_category=sdk&ep.event_label=https%3A%2F%2Fcreditmutuel-professionnel-virement.fanlink.tv%2FAnnulationAction&tfd=3567
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KM8DGF3ZN&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 13:18:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://creditmutuel-professionnel-virement.fanlink.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.png
st.toneden.io/prod-assets/images/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://st.toneden.io/prod-assets/images/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-73.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Bi8BJO.HF_IXB5CTEkgEkmEhodfkLz2l
date
Fri, 14 Jun 2024 00:57:17 GMT
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 14:55:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
44568
etag
"4850bce0ba7f582c01c337f1aea253d7"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
no-store, max-age=0
accept-ranges
bytes
content-length
1966
x-amz-cf-id
JcZ6Fp-p-DLhM1CD3J0cGRBkEspeX_TQASesbqG3xbqjgb9XgZ1D8Q==
Primary Request login.php
creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/
Redirect Chain
  • https://creditmutuel-professionnel-virement.decentralande.com/
  • https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0
  • https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/
  • https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/login.php
512 KB
220 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/login.php
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=86d82457b1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.3.8 PleskLin
Resource Hash
88e1b3e346a5cf41184fbabe171357115cfa7d3e2b5cb2a80ba2dcb4c55747b0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://creditmutuel-professionnel-virement.fanlink.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
893a9abebf369edd-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 14 Jun 2024 13:18:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpDICqtOMH7waURRdrQMpGMwPwSOTESXceZ325aVekxSzZ6EIBseZAqXWk6rjMincUlQHiAtdy9IZXeRP8ayvknWjwd39v7VvkIUEbkSYnYdXNLjW5zaLBRzIg3bpbI3YsciMFLy1QAPbNHzbxtL7OaoV6GD%2FcDGTNC82xFjpfEQHfo54ypBnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.3.8 PleskLin

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
893a9abdce949edd-CDG
content-type
text/html; charset=UTF-8
date
Fri, 14 Jun 2024 13:18:07 GMT
location
Select/login.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36%2B8WB0kdGAwzbeoqwHbGKf6sgYiUmmhidM4k3zZBngxFjE7SBHgQyL8WSAzd%2BP5p9jwWXPrBn0dbf2ySeug407IlirL%2Bx3uP9IKsdPLjsyDh7fHOAmOwpSzqMAHC2oYiWiCu0ydbMVflHmCLhERbPxJR%2F625HaHnH8upmzlVhokh4ikhx4L5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.3.8 PleskLin
number.js
creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/js/ 		231 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/js/number.js
Requested by
Host: creditmutuel-professionnel-virement.decentralande.com
URL: https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b4a95661237215dbcf225cc8cec78144927ce87e3dcf4a3976a0bd21967b5a9f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 13:18:07 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
165
last-modified
Fri, 14 Jun 2024 13:18:06 GMT
x-accel-version
0.01
server
cloudflare
etag
W/"e7-61ad97238022a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2BuZ6biFzl1d%2FwEQgxVAZ7LTRLRbZO0K2WhqnSR4%2BaidEVTM%2B6%2BosUoTjtPuzdY3v1fuIh1YFZs2xy0HNjOkbxQKe%2BqAi8ISWFnIVc2RksgU954odtVHzQtCw6NOZz9eF91bYeRy94nmBc%2FfB9Rz847GuQsQ0h1z4W41F6LalJoNwK23%2Fq0%2FQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
893a9abfd8439edd-CDG
logo.svg
creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/img/logo.svg
Requested by
Host: creditmutuel-professionnel-virement.decentralande.com
URL: https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
897ef66bb8c36f0c1ac8a1e420b9a38c0c213eb9f07ed714705a60ebe09290d2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 13:18:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 14 Jun 2024 13:18:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666c430e-b03"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2Um9NjIYGzQwA9YKgskNu7v%2FjPiSmuL%2BDs64DFpV4WgAbc5CDR90SBijOi6K7N96HV%2BUoCV%2BG3%2BFCL8%2Ffj1Yq5aOq4xcbRrOiNA1dGS3%2F%2BCo565PvcqSGyziwxBc3vReraYwtxSSrF7x6S%2BLtmH0t8FfBxAi4Xdk8yFyyD9oGCWkMFetSHLvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
893a9ac2da679edd-CDG
alt-svc
h3=":443"; ma=86400
truncated
/ 		650 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab06844c87d8f3075987f6ab881b4ea43358ee4eccc56b00395408e0bc578b3f

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		964 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2b1963e990de47274f03b32159626e421de79584da70b95a381dfe53acf7f6c

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbba7f510e91acf21511498f81f933d1a8d760c486830ee5d9384a448363d812

Request headers

Referer
Origin
https://creditmutuel-professionnel-virement.decentralande.com
Accept-Language
fr-FR,fr;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		120 KB
120 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fc339775497e12cd6f234f7d29f40545c216bf3d2b59b78b51e90e8abf67427

Request headers

Referer
Origin
https://creditmutuel-professionnel-virement.decentralande.com
Accept-Language
fr-FR,fr;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		25 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4351acc7c4b788463eb6bf9cd996b934cc586e95881447ae7ce3254afc1cbd89

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
ico.png
creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/ 		808 B
900 B 		Other
General
Check archive.org
Download Go to
Full URL
https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/ico.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 13:18:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 14 Jun 2024 12:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFjPqyLwsp7%2B4F92d5Jjn%2Fmb4hOvDaY5mZqVOdBBDM7SoLRT9c0cEXfsNCsdcf%2F%2BT35FU7dnEpA7nUf86pNnZ%2BZktUj7W0HUz%2B%2FHbsHE%2BarULGG4T%2FxUHYE9dgKunt2OZGi6yBBlpt7Gdu3fLz9D183OiAVah%2Bya2puAeA5ba2ps8HqooGm%2B1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
893a9ac52c4b9edd-CDG
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| isNumber

7 Cookies

Domain/Path Name / Value
.fanlink.tv/ Name: connect.sid
Value: s%3A%3ABK5k6FjwlB_NfYP3T-_dpeOGOwqfuO-N.XsP77CDcKLqWlJ%2BkJiFcAnK5TPskOlRBA8AVrwT%2FadA
.fanlink.tv/ Name: _fbp
Value: fb.1.1718371085525.444384555196095898
creditmutuel-professionnel-virement.fanlink.tv/ Name: _ga
Value: GA1.1.280718033.1718371085
creditmutuel-professionnel-virement.fanlink.tv/ Name: _gid
Value: GA1.1.612390948.1718371086
creditmutuel-professionnel-virement.fanlink.tv/ Name: _gat_ToneDenTracker
Value: 1
creditmutuel-professionnel-virement.fanlink.tv/ Name: _ga_3KM8DGF3ZN
Value: GS1.1.1718371085.1.0.1718371085.0.0.0
.fanlink.tv/ Name: _gcl_au
Value: 1.1.1887850574.1718371086

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/login.php
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://creditmutuel-professionnel-virement.decentralande.com/8V514ED0/Select/ico.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.evbstatic.com
connect.facebook.net
creditmutuel-professionnel-virement.decentralande.com
creditmutuel-professionnel-virement.fanlink.tv
fanlink.tv
platform.twitter.com
region1.google-analytics.com
sd.toneden.io
st.toneden.io
static.ads-twitter.com
storage.googleapis.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.toneden.io
13.224.189.73
13.32.99.58
13.52.31.143
13.56.96.205
142.250.186.68
146.75.120.157
157.240.253.1
188.114.96.3
2001:4860:4802:34::36
216.58.206.34
2606:2800:234:59:254c:406:2366:268c
2606:4700:3037::ac43:8ef5
2a00:1450:4001:80f::200e
2a00:1450:4001:80f::201b
2a00:1450:4001:812::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.161.82.28
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0d6873d6c25a63ba3dfc58721372035d852f5ae37edb24151e9614b6a059a0de
14707e7d9f95cf96c9ae53dbafee01cdda00c2405951c234c770115b3d72af36
21aa5fde6d1d4e8881e6c6f1cc7515481ac6b941c28746ea30fb646dc30d76a9
4351acc7c4b788463eb6bf9cd996b934cc586e95881447ae7ce3254afc1cbd89
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5fc339775497e12cd6f234f7d29f40545c216bf3d2b59b78b51e90e8abf67427
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
82455f3569cda0e70966fac424b495fe04cab8ac122d6c4115099f2568c3ea3a
88e1b3e346a5cf41184fbabe171357115cfa7d3e2b5cb2a80ba2dcb4c55747b0
897ef66bb8c36f0c1ac8a1e420b9a38c0c213eb9f07ed714705a60ebe09290d2
929f6b6ca9a0c32b436454d91eb36d10a2a50b827c8b4e710b6829d1cc6f9e8c
ab06844c87d8f3075987f6ab881b4ea43358ee4eccc56b00395408e0bc578b3f
b4a95661237215dbcf225cc8cec78144927ce87e3dcf4a3976a0bd21967b5a9f
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bbba7f510e91acf21511498f81f933d1a8d760c486830ee5d9384a448363d812
c2b1963e990de47274f03b32159626e421de79584da70b95a381dfe53acf7f6c
cb80189bea8ea7a6843849c79683005d8b2a08e5bcb7cd5081b4231517944e7b
dea8ea11a3aa9c899fc3ed1a48e81009586b3100f0b67bbe6b9e2bfc1cf3d1a9