urlscan.io logo urlscan.io
SecurityTrails logo

app.qonto.com Open in urlscan Pro
2600:9000:225e:7400:0:7942:c340:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url2820.qonto.com/ls/click?upn=5WVlG0tWcqQBxAP-2BGd0oNys2tyJ9KeBFRmZ-2FDMSmiPRBaefCGbN0TqIxADtLBpzdd6v489h7iDykmpX...
Effective URL: https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=...
Submission: On September 06 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 45 HTTP transactions. The main IP is 2600:9000:225e:7400:0:7942:c340:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.qonto.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 26th 2023. Valid for: a year.
This is the only time app.qonto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.18.10.238 13335 (CLOUDFLAR...)
21 2600:9000:225... 16509 (AMAZON-02)
3 35.186.247.156 15169 (GOOGLE)
8 104.18.11.238 13335 (CLOUDFLAR...)
1 18.239.36.44 16509 (AMAZON-02)
2 18.239.94.98 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2.17.186.40 16625 (AKAMAI-AS)
3 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.219.169.214 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
45 11
1    104.18.10.238 (None, )

ASN13335 (CLOUDFLARENET, US)
url2820.qonto.com
21    2600:9000:225e:7400:0:7942:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.qonto.com
3    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
8    104.18.11.238 (None, )

ASN13335 (CLOUDFLARENET, US)
api.qonto.com
1    18.239.36.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-44.ams58.r.cloudfront.net
widget.intercom.io
2    18.239.94.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-98.ams1.r.cloudfront.net
js.intercomcdn.com
3    2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2.17.186.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-186-40.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
3    2600:9000:2251:7e00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2a00:1450:4001:813::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
1    52.219.169.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
qonto-assets.s3.eu-central-1.amazonaws.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
30 qonto.com
url2820.qonto.com — Cisco Umbrella Rank: 923690
app.qonto.com
api.qonto.com — Cisco Umbrella Rank: 729340
2 MB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6359
149 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 34
116 KB
3 sentry.io
sentry.io — Cisco Umbrella Rank: 192
443 B
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2718
267 KB
1 gstatic.com
fonts.gstatic.com
27 KB
1 amazonaws.com
qonto-assets.s3.eu-central-1.amazonaws.com — Cisco Umbrella Rank: 721736
10 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 691
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 4046
17 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2187
3 KB
45 10
Domain Requested by
21 app.qonto.com app.qonto.com
8 api.qonto.com app.qonto.com
3 sdk.privacy-center.org app.qonto.com
sdk.privacy-center.org
3 accounts.google.com app.qonto.com
accounts.google.com
3 sentry.io app.qonto.com
2 js.intercomcdn.com widget.intercom.io
1 fonts.gstatic.com app.qonto.com
1 qonto-assets.s3.eu-central-1.amazonaws.com app.qonto.com
1 csp.withgoogle.com app.qonto.com
1 appleid.cdn-apple.com app.qonto.com
1 widget.intercom.io app.qonto.com
1 url2820.qonto.com 1 redirects
45 12

This site contains links to these domains. Also see Links.

Domain
qonto.com
welcome.qonto.com
Subject Issuer Validity Valid
*.qonto.com
Amazon RSA 2048 M02		 2023-04-26 -
2024-05-24		 a year crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2024-09-07		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-29		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2023-05-03 -
2023-10-29		 6 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.s3.eu-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2024-01-14		 9 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1
Frame ID: 7D27DDD9405F037395DD8CEF3F3C4557
Requests: 36 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.9417a1a6.js
Frame ID: D1D3A7937AD84AF6C6E077B215B76442
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=continue_with&shape=square&logo_alignment=center&width=350&client_id=528595174513-3lfm8f4bi5190vtqdhqgfr89qbjfougu.apps.googleusercontent.com&iframe_id=gsi_678461_943909&as=gYPoSYd7Ytw0eU8I0soTGw&hl=en
Frame ID: D08047D0ECADAB6EEA702254EF04E70D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qonto

Page URL History Show full URLs

  1. https://url2820.qonto.com/ls/click?upn=5WVlG0tWcqQBxAP-2BGd0oNys2tyJ9KeBFRmZ-2FDMSmiPRBaefCGbN0TqIxADt... HTTP 302
    https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6c... Page URL
  2. https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js

Page Statistics

45
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

2697 kB
Transfer

14032 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url2820.qonto.com/ls/click?upn=5WVlG0tWcqQBxAP-2BGd0oNys2tyJ9KeBFRmZ-2FDMSmiPRBaefCGbN0TqIxADtLBpzdd6v489h7iDykmpXMxgtEhN9LSgnkIxzOud82z-2FuKIpUWmphmhZnpGKwX4UBk33ZOfKpEutxw6wNRte2RwCheVaJIykX-2FLx-2B7-2Fcqi-2BPm-2FfTD2vcbe5y4TfGwvuXVvSP6fNzz3d-2FSoTVAVaDY-2B-2Bgxt3b3bc6PUwRnPtQlGMWX-2Bz6CWGe2YGD2TloiSPYarkmvuzHLwu40GgEs-2BxW-2FENOIHLw-3D-3De0gj_i1fwepsjIUxm2isjuMPxN0btz86ffU55ZB7vn51OnO4N3S-2F-2B5gbE83czrp5rl2CV9Qn75wzG5k6uGqyElDgqX38N8bkDPxwR1s6dHjnenl7lNWLrHmajTkCrbNfRE2rSVdlbVLv8tLEdyWJzI8HR-2BORb0jgyG0XqGBeONoOqdasvxjXkGqlcezuxDjInp0n0vqepiwdr94RIsS0g89LlGcBjUVloAfpWGVXesAu2lFRmUsHk0lJHK3mL6pBZiiZRPYVV0TcDiil2yxTaSh4-2BbOxH4hTnTNWswNDbigiFDw1CBTOuVLtZy0CK-2F8827et2lZFDLMKOVfd-2FOKz1y-2BQrqjqJ-2B0rJ4kB2ldoMk2oBozFeUuks4FKbCnYnwAuXHgc3QDCPA-2BHmdzc-2FzRYyiV149c0Pon-2FlWmVkCOfAHrDQDPEpeBSCD53Q-2F0XNqTsmLKowdY-2Bg3sKtVST0UC1EbUcFOt7to1ZQRNoavKDDmuL2rHQ-3D HTTP 302
    https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1 Page URL
  2. https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://url2820.qonto.com/ls/click?upn=5WVlG0tWcqQBxAP-2BGd0oNys2tyJ9KeBFRmZ-2FDMSmiPRBaefCGbN0TqIxADtLBpzdd6v489h7iDykmpXMxgtEhN9LSgnkIxzOud82z-2FuKIpUWmphmhZnpGKwX4UBk33ZOfKpEutxw6wNRte2RwCheVaJIykX-2FLx-2B7-2Fcqi-2BPm-2FfTD2vcbe5y4TfGwvuXVvSP6fNzz3d-2FSoTVAVaDY-2B-2Bgxt3b3bc6PUwRnPtQlGMWX-2Bz6CWGe2YGD2TloiSPYarkmvuzHLwu40GgEs-2BxW-2FENOIHLw-3D-3De0gj_i1fwepsjIUxm2isjuMPxN0btz86ffU55ZB7vn51OnO4N3S-2F-2B5gbE83czrp5rl2CV9Qn75wzG5k6uGqyElDgqX38N8bkDPxwR1s6dHjnenl7lNWLrHmajTkCrbNfRE2rSVdlbVLv8tLEdyWJzI8HR-2BORb0jgyG0XqGBeONoOqdasvxjXkGqlcezuxDjInp0n0vqepiwdr94RIsS0g89LlGcBjUVloAfpWGVXesAu2lFRmUsHk0lJHK3mL6pBZiiZRPYVV0TcDiil2yxTaSh4-2BbOxH4hTnTNWswNDbigiFDw1CBTOuVLtZy0CK-2F8827et2lZFDLMKOVfd-2FOKz1y-2BQrqjqJ-2B0rJ4kB2ldoMk2oBozFeUuks4FKbCnYnwAuXHgc3QDCPA-2BHmdzc-2FzRYyiV149c0Pon-2FlWmVkCOfAHrDQDPEpeBSCD53Q-2F0XNqTsmLKowdY-2Bg3sKtVST0UC1EbUcFOt7to1ZQRNoavKDDmuL2rHQ-3D HTTP 302
  • https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
detectapp.html
app.qonto.com/
Redirect Chain
  • https://url2820.qonto.com/ls/click?upn=5WVlG0tWcqQBxAP-2BGd0oNys2tyJ9KeBFRmZ-2FDMSmiPRBaefCGbN0TqIxADtLBpzdd6v489h7iDykmpXMxgtEhN9LSgnkIxzOud82z-2FuKIpUWmphmhZnpGKwX4UBk33ZOfKpEutxw6wNRte2RwCheVaJI...
  • https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
716 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2ed03089377d17c425b4036eba9716a30bdde90b38ae3a4a1171e5d1efa03d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
716
content-security-policy
frame-ancestors 'none'
content-type
text/html
date
Wed, 06 Sep 2023 13:41:17 GMT
etag
"0009a3c55bd7b5abfc64b54fdbf006a5"
last-modified
Wed, 06 Sep 2023 11:28:00 GMT
server
AmazonS3
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-id
SB43lq59Vq2He08pa19uAIjaFWOQRlS5wbzZDzbDch1iAuIbRqefAw==
x-amz-cf-pop
FRA60-P4
x-amz-id-2
PW4HVyE4GsukXOxCULlx9vg2TOOXJIWgmBvznHjQwYIsaeFsEhfvB2qxranfWiiEa1UtG4U4QNo=
x-amz-request-id
VX72QPZX888R6415
x-amz-server-side-encryption
AES256
x-amz-version-id
H9qCnMXO.XT4Ox9aSX6j4zZcZfnNvile
x-cache
Miss from cloudfront

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
802720e7bc539191-FRA
content-type
text/html; charset=utf-8
date
Wed, 06 Sep 2023 13:41:16 GMT
location
https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
chunk.7085c0573e3aa58e364e.js
app.qonto.com/assets/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.7085c0573e3aa58e364e.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
219fb6cae6f5c1cedcb80148e240632646803354f644a2a55eb08cf5334b671f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
dDNow3W6pL2KgP_4oqqxC3zdsA7rlW4c
content-encoding
br
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date
Tue, 05 Sep 2023 22:51:43 GMT
last-modified
Tue, 29 Aug 2023 16:27:17 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
54525
x-amz-server-side-encryption
AES256
etag
W/"24382005caab74b3a595955647edaf67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
yiemXCKSSETdmcMkomlLGBjdd0Da8JQK4bhuRw2rao61RwQn1EPPUg==
detectapp.b7da05d43c8b5148a6798b62b4b28110.css
app.qonto.com/ 		1 KB
913 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/detectapp.b7da05d43c8b5148a6798b62b4b28110.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f113d06a10439a44df2fab3ed14628b4443ddf10e4de8c9e96a0ca720f4f4af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
dNtMzNUCc1DtS.Gw53QoMkh9_KeyUNLV
content-encoding
br
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date
Wed, 06 Sep 2023 13:41:16 GMT
last-modified
Mon, 28 Aug 2023 14:03:27 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
17
x-amz-server-side-encryption
AES256
etag
W/"b7da05d43c8b5148a6798b62b4b28110"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
j3cZqad9H01NyKhvWywqge8XwTby3NA_Iu2GwNFHN7aDEJ20p5jE3Q==
qonto-logo.svg
app.qonto.com/illustrations/app/ 		734 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.qonto.com/illustrations/app/qonto-logo.svg
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9d4c75a96068797accfa9976836988ff6cc9c848761dae72ae2875cc81b3810
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
t7EqmLboKGVRrE8Pu5zN9vuzgcUq2nTb
date
Sat, 02 Sep 2023 07:00:20 GMT
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
539917
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
734
last-modified
Fri, 18 Aug 2023 16:36:42 GMT
server
AmazonS3
etag
"35b31ae0bb9ec6d7240ee58ec494c4bc"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
1-yRs8J0LK5pKNWdlF8G6Wi8p6vj-ifGrK95jHa7bUcgNHi4ENgOqA==
external-link-alt.svg
app.qonto.com/icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.qonto.com/icon/external-link-alt.svg
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
CaDrp4KCWkzOOCbkFcZZyRaMKNZtR77y
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date
Tue, 05 Sep 2023 05:32:10 GMT
last-modified
Mon, 21 Aug 2023 15:45:20 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
380487
x-amz-server-side-encryption
AES256
etag
W/"a1084858db19e2c456b57fcbb8bc3afb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
zntsdUE2rCFA6CtTppnPbCkiNPOA7jKgPBsNwwh67S5-CnJooFnRHA==
Primary Request 6ca6db90-d965-4918-a1d2-ec8175c4d51e
app.qonto.com/organizations/lesecq-aurore-2926/transactions/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.7085c0573e3aa58e364e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fcc8e3902c83eec26c862a29d6653f4c01d364ecbd9f15f65905308dde2aac02
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
7970
content-security-policy
frame-ancestors 'none'
content-type
text/html
date
Wed, 06 Sep 2023 13:41:18 GMT
etag
"61428423d3e2cbf52d5b4f160b9c4184"
last-modified
Wed, 06 Sep 2023 11:28:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-id
m0e686nGozLsaP2ddCx9YP7JCmUKra5Fv1KpNAzwBd2J5TVnpcM1_A==
x-amz-cf-pop
FRA60-P4
x-amz-id-2
TAhgRoWkqS6qSYKh6j6qLQlchwqby9pl8t2cr8EIUNBTJguLbMIDiartodgtBgvrdm3FhqNAU6w=
x-amz-request-id
F1R74DVJ2TB45AKF
x-amz-server-side-encryption
AES256
x-amz-version-id
X2ON5oKUkwXqmc24_vfx6vJ8Vf9R05ax
x-cache
Error from cloudfront
polysans-neutral.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-neutral.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbe7ffb622175ae830af0bbe0d29673470fe728f9df47fb850094ebfbf930cf3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
a4Pj1e8hhF88ZBspQvv_iMtskHBywZSQ
date
Wed, 06 Sep 2023 13:41:17 GMT
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25484
last-modified
Thu, 10 Aug 2023 07:57:33 GMT
server
AmazonS3
etag
"a19c4c179b08653db697a55d8b218512"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
1zhsW_4wX_ABZNu7Qn3TU5R8GYsrmtm3PRKTzJnO77ZHRHTgRPhlzA==
polysans-median.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-median.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
692f6f15f66235cf41b8646d5d75b9f609028832e0ad9f569483819d2694e655
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
U.uQQojltGqWpwslfYWx3BCRXrUb.6pc
date
Wed, 06 Sep 2023 13:40:43 GMT
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
56
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26516
last-modified
Thu, 10 Aug 2023 16:04:25 GMT
server
AmazonS3
etag
"f41f8b7109964b649e2e6c028eda3144"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
nOqblpVy-pnlIlkhbVDfpzfVwHWLrYnuNg1YSvZ5zTJPgk9KFTiQKQ==
polysans-slim.woff2
app.qonto.com/@qonto/ui-kit/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/@qonto/ui-kit/fonts/polysans-slim.woff2
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f23e103734fedf6e937f8cefe3598bb7a9d65989e96664ec85a03c3e5c81c213
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
Origin
https://app.qonto.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
UrnzYc196CUdm0rVHgPPAO8pV_UQR3tX
date
Wed, 06 Sep 2023 13:40:43 GMT
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
55
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25428
last-modified
Fri, 11 Aug 2023 16:02:30 GMT
server
AmazonS3
etag
"130f1af8644734f23dd97252d3db7b11"
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
zI5Kii_QEY_XYjEnhq88PfY_RUmgLCSpkWNPKOMPZWFivu9owvpfVw==
vendor.58b2be94723e4ebfc91ca768d34cc00b.css
app.qonto.com/assets/ 		160 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/vendor.58b2be94723e4ebfc91ca768d34cc00b.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81ff11fd1f4acd5527fbedf0e9dfe3f9504b0230f4f66d5ddab563c6baeb0fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 06:14:56 GMT
x-amz-version-id
wl3.PgA_Zlf5wuhySoV2NXgixTXvz7Yq
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Thu, 31 Aug 2023 06:14:39 GMT
server
AmazonS3
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"58b2be94723e4ebfc91ca768d34cc00b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
545182
x-amz-cf-id
D3SgU0nPXXEqwB2hpee_i8rg1tdjOI-0Kpfi-UOSRajFrxijfG7oew==
qonto.9232989e4a3aba0f0b4e0d221bbc3339.css
app.qonto.com/assets/ 		378 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/qonto.9232989e4a3aba0f0b4e0d221bbc3339.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7cf5b4e5b6f94a4df3d1afa7d2629ee32d727356bf1617d80bcfab2c2f1b7cd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 07:51:49 GMT
x-amz-version-id
cdxH0Mie.oycC_BW.eFmiEZnay8EDfEA
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Wed, 06 Sep 2023 07:51:30 GMT
server
AmazonS3
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"9232989e4a3aba0f0b4e0d221bbc3339"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
20969
x-amz-cf-id
VSf9NO3hZwKdap8If3slcZAo6flOhtfj-6vJGMhBTVvrrkdrYZXDNg==
chunk.66db79b57b597bf2edca.css
app.qonto.com/assets/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.66db79b57b597bf2edca.css
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14080b7ffd2034039c20c4f2296d2e6e56ddf73ea38733d74222fe36ceedb59a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 09:11:25 GMT
x-amz-version-id
3QDbR46PRBgScqg58KMM6_kyaZ5nSL91
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Wed, 06 Sep 2023 09:10:54 GMT
server
AmazonS3
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"1dca7f37b0c347657b4f1e156a7fc72b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
16193
x-amz-cf-id
P7wxgfSVY9poWqKpINlc0aY_s-nSVy7HGIMXYjMU5LugV9tHt9V0xQ==
vendor.3330d5cea76b9c29b86877969b2803d6.js
app.qonto.com/assets/ 		543 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/vendor.3330d5cea76b9c29b86877969b2803d6.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dea3380a2bb70f3adf1e985da92fead733ded524ce08841914cae229475f645
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
.Zh0WJXMTpMKso2WhcPq8MOR8T3pLgUp
content-encoding
br
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date
Sat, 02 Sep 2023 00:27:54 GMT
last-modified
Fri, 25 Aug 2023 17:00:39 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
393246
x-amz-server-side-encryption
AES256
etag
W/"3330d5cea76b9c29b86877969b2803d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
JtJHHetMmknVGo--r2KxA9suQ_uKLI40l_Rhz9Tq_NH6AtX6ai-LUQ==
chunk.18033ee7e96b5766e21b.js
app.qonto.com/assets/ 		2 MB
536 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.18033ee7e96b5766e21b.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96df0db679aa0a195489c8abcaf0736abf7050057585c75eb9bb6b131da77949
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 09:11:25 GMT
x-amz-version-id
rWMFVH3PHE.DZbKotaAqH0QNe5E.luxf
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Wed, 06 Sep 2023 09:10:51 GMT
server
AmazonS3
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"f64092ae877dc4b9cb1524751565d98d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
16193
x-amz-cf-id
olVHlF5NiJwGOpMeQgYs9DD2xR0mLZ_tlQgoi50kgTxuU1CsnKS0pw==
chunk.66c465fc5828a8b7e994.js
app.qonto.com/assets/ 		7 MB
914 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.66c465fc5828a8b7e994.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/organizations/lesecq-aurore-2926/transactions/6ca6db90-d965-4918-a1d2-ec8175c4d51e?bank_account=lesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9f4b3b13d70320ef174704b1e03cba55cd7d92a52cd693f59b5267b3719d07d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 11:28:00 GMT
x-amz-version-id
I._guigCb4P1OzjCz1M7MFHqtNn3w063
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Wed, 06 Sep 2023 11:27:30 GMT
server
AmazonS3
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"b7d8bf2f2e405a8e0ebae60cce4df174"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
7998
x-amz-cf-id
z5ESJ1RByaf5U_XkDruPVNMzrVsM2Z9uXYpLmRnwQ88TiqrIG6i9MA==
/
sentry.io/api/160009/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.18033ee7e96b5766e21b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 06 Sep 2023 13:41:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
2
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/goals/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Launchdarkly-User-Agent
access-control-allow-methods
GET
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
802720f0de850394-FRA
content-length
0
date
Wed, 06 Sep 2023 13:41:17 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Launchdarkly-User-Agent
access-control-allow-methods
GET
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
802720f0ee870394-FRA
content-length
0
date
Wed, 06 Sep 2023 13:41:17 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
r0qk2mbw
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/r0qk2mbw
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/vendor.3330d5cea76b9c29b86877969b2803d6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-44.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f919e527e5cbb4a7967de4094944f9b5e283809614d62502c30983b251572106

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 13:24:07 GMT
content-encoding
gzip
via
1.1 24145882259ee3aa55cb95d62adb00ea.cloudfront.net (CloudFront)
x-amz-version-id
gzReVPFZi0Msw_Dvdgkt0ZpBQNmj85bb
x-amz-cf-pop
AMS58-P2
age
1031
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2704
last-modified
Wed, 06 Sep 2023 13:24:05 GMT
server
AmazonS3
etag
"740a9561494d8d536db92b444249d79e"
vary
Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
ayTtC7RgoMkxUf12NfCMEGgJsjhiuL6xtfhy9aTDxgaUwKcZU0UEMA==
chunk.856.96cf93a695a8e8b7059f.js
app.qonto.com/assets/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.856.96cf93a695a8e8b7059f.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.66c465fc5828a8b7e994.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56dad9307dfeb7810dd3f63d33b036804f419b7a7401b85166b9ccf16fcdead2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
AlVxYJd31fS_me32dpPJO8xguiSHqUWK
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date
Fri, 01 Sep 2023 23:14:08 GMT
last-modified
Thu, 17 Aug 2023 09:25:53 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
397716
x-amz-server-side-encryption
AES256
etag
W/"b02aefd5e278e24a982d1020acd1c2df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Vxtn6EtDFmqCMQROPtRH-ihpa4v3Km8VHDox_w8IKcLlhyFctAQsMA==
chunk.257.94897c28d0afb9840fd9.js
app.qonto.com/assets/ 		245 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.257.94897c28d0afb9840fd9.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.66c465fc5828a8b7e994.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f126281035207e19c5665cd472b2c44997f9548802e945c3f3d3ec4a2e1202f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
WksaXpLbHvR2z1FJc2qy92EGpt2I9pGH
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date
Sat, 02 Sep 2023 01:59:58 GMT
last-modified
Fri, 25 Aug 2023 17:00:24 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
493863
x-amz-server-side-encryption
AES256
etag
W/"d519fe8a966a2cf8d772f47a9988266e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
8QN6ppwUuqvcpqRyKdVqJz-lt_QD4zs4O4kKxgOC6Ogqj5gtkOmbtQ==
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/sdk/goals/ 		2 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/goals/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.18033ee7e96b5766e21b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 13:41:17 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-par-lfpg1960051-PAR
server
cloudflare
x-timer
S1694007678.669736,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
x-varied-accept-encoding
gzip
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
cache-control
max-age=0
access-control-allow-credentials
true
x-ratelimit-reset
0
vary
Origin, Accept-Encoding
x-ratelimit-limit
0
accept-ranges
bytes
cf-ray
802720f15f3d0394-FRA
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
x-ratelimit-remaining
0
x-cache-hits
2705
chunk.asset-manifest.3576b82fe18d868f1d7b.js
app.qonto.com/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.asset-manifest.3576b82fe18d868f1d7b.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.66c465fc5828a8b7e994.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20ad84d60b25639f1e88ddadc13b611763bc6779166278bc9ac5d0e30f3de5d4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
7FZVdu.8T_qfFiFXDHHTKjPzDuss1FQP
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date
Wed, 06 Sep 2023 13:23:42 GMT
last-modified
Fri, 25 Aug 2023 12:42:42 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
202546
x-amz-server-side-encryption
AES256
etag
W/"4032c98c05641d988f3706260eb8b1e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XM6AKa3ufORmjiRm6ZU3srZEcrjln4wuLcROGmkFyCElVAV1q1cysg==
chunk.locale.en-json.994fda161fd28a8d1aa1.js
app.qonto.com/assets/ 		484 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.locale.en-json.994fda161fd28a8d1aa1.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.66c465fc5828a8b7e994.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe631f4ad0985a6d9b9d31d9f0f9b4626bb099f0a78b0b655f83b7d50f0fd1ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:27:18 GMT
x-amz-version-id
3TS7eGiPIxfll0M9nhcbJGyDYM4dQ8xq
content-encoding
br
content-security-policy
frame-ancestors 'none'
last-modified
Tue, 05 Sep 2023 14:26:45 GMT
server
AmazonS3
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"65f3bfe25cec840ffac027bb7e13e8ee"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
83640
x-amz-cf-id
vtffHslY4dsRag-e64qZxKya1ya9k6G8docdV7CqWLS_OYjhsV-6WA==
eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/ 		3 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/sdk/evalx/630f66eefec6f211a620a237/contexts/eyJrZXkiOiJ1bmtub3duLXdlYi11c2VyIn0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.18033ee7e96b5766e21b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e719834b531769ec86b58e24b85414139b145b01b4d2e6cee1d2b1cb4630736
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 13:41:17 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
vary
Origin
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
802720f12ee70394-FRA
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
x-ratelimit-remaining
0
frame-modern.9417a1a6.js
js.intercomcdn.com/ Frame D1D3 		506 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.9417a1a6.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r0qk2mbw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-98.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fa099efb00a9ea01142852d32f419c4dc41abc4dd8a91299689de46afb2e0f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 13:24:08 GMT
content-encoding
gzip
via
1.1 7cbec639ed3557aac04425ec5a5f177a.cloudfront.net (CloudFront)
x-amz-version-id
IkSB8IZEI3a0D0EFZG8JUy_iD_9ziQc8
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P3
age
1030
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
143118
last-modified
Wed, 06 Sep 2023 13:22:39 GMT
server
AmazonS3
etag
"f162e6e6dbe259238fda5c36ff969b18"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
Zcx-8wMZsCDoSM6mJbGFk73S5WY5ERb6FQ9b5dx3oU5pU675ZJwOvA==
vendor-modern.50f96c1e.js
js.intercomcdn.com/ Frame D1D3 		409 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.50f96c1e.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r0qk2mbw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-98.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f46f3de715bd8995eb1224739b12e60523aa69187075ee9ce686e2e7871ced2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
11pBcTkMbQ8AdAXm7AGmDODO6HePY82.
content-encoding
gzip
via
1.1 7cbec639ed3557aac04425ec5a5f177a.cloudfront.net (CloudFront)
date
Wed, 06 Sep 2023 12:06:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P3
age
5699
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
128395
last-modified
Wed, 06 Sep 2023 10:04:28 GMT
server
AmazonS3
etag
"72bb0d423d60572aedb584ab8ab2d310"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
DVhszdPGs2qtY2bnVi-1W-oYdWpp0_-yMAJBosffGClp9KeotMRLZA==
/
sentry.io/api/160009/envelope/ 		2 B
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.18033ee7e96b5766e21b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 06 Sep 2023 13:41:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
sentry.io/api/160009/envelope/ 		2 B
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/160009/envelope/?sentry_key=fa86b669a6ac4c4fa3dfc79ddda2a514&sentry_version=7&sentry_client=sentry.javascript.ember%2F7.64.0
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.18033ee7e96b5766e21b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 06 Sep 2023 13:41:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
client
accounts.google.com/gsi/ 		194 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.66c465fc5828a8b7e994.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b7f37e6aa1012f26ec9044307783a2533140a0e69ceb35fdc59da9b9e23736d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--VVoIArzIRwIIJbnnVxJgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 13:41:18 GMT
content-security-policy
script-src 'report-sample' 'nonce--VVoIArzIRwIIJbnnVxJgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 06 Sep 2023 13:41:18 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.66c465fc5828a8b7e994.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-186-40.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Wed, 06 Sep 2023 13:41:18 GMT
Last-Modified
Wed, 02 Aug 2023 18:15:19 GMT
Server
Apple
ETag
W/"43171-1691000119453"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
loader.js
sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/loader.js?target_type=notice&target=DCLrVU69
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.66c465fc5828a8b7e994.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:7e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
556410cedcbe84c098964b2b9e3f9458d1f9b95e34d2132166f9a3a6ac892ccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 13:01:22 GMT
content-encoding
gzip
x-didomi-remote-config-metadata
multiReg:false;legacyGlobalGdpr:true
x-didomi-remote-config-source
Lambda
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
age
2396
etag
"6861cd76c23a666dda17b657c903c77c"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
10778
x-amz-cf-id
BSzeO8hBkFWNnx0f_A6nPhBIRcBOxOVuI06Uimw6jEC2ShjuBhKvLQ==
chunk.981.4f9c80f39cbc5e3f952f.js
app.qonto.com/assets/ 		289 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/assets/chunk.981.4f9c80f39cbc5e3f952f.js
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.66c465fc5828a8b7e994.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
000d79c60a825b427f49f0de80ffb25600dd0c709c6d363045b4ae8e7851939f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
dW1EDilSJOx2CcjvLtVJvNqHt_zKzlel
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date
Fri, 01 Sep 2023 13:44:27 GMT
last-modified
Mon, 14 Aug 2023 15:15:05 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
431814
x-amz-server-side-encryption
AES256
etag
W/"c02f1e9e9e63e24c663a5260b486afae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
zUcBdED6r5SImZXQbrsmIBmgDMw8S9b2DTNhnLPSvyExlZlZyyfKbQ==
style
accounts.google.com/gsi/ 		533 B
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-1LA7iaeuiba9AHUZh_m50A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 13:41:18 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-1LA7iaeuiba9AHUZh_m50A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 06 Sep 2023 13:41:18 GMT
button
accounts.google.com/gsi/ Frame D080 		108 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=continue_with&shape=square&logo_alignment=center&width=350&client_id=528595174513-3lfm8f4bi5190vtqdhqgfr89qbjfougu.apps.googleusercontent.com&iframe_id=gsi_678461_943909&as=gYPoSYd7Ytw0eU8I0soTGw&hl=en
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e953042ff7707514a1180ab57d6c98f09b7ac97e8737e4c8440b68aa61c368d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-oOd15Etmolu7n13Md85RTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.qonto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-oOd15Etmolu7n13Md85RTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 13:41:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sdk.f3a9db26ee1a9154ecf22089ec162da266878c31.js
sdk.privacy-center.org/sdk/f3a9db26ee1a9154ecf22089ec162da266878c31/modern/ 		336 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/f3a9db26ee1a9154ecf22089ec162da266878c31/modern/sdk.f3a9db26ee1a9154ecf22089ec162da266878c31.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/99e8835d-ab08-4716-a9f3-47e233bc25bf/loader.js?target_type=notice&target=DCLrVU69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:7e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dffe65eb3e0b794411028e2493c9782d6aa0fe793f392eee202c6e65b1fc2302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:59:17 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 12:59:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
2522
etag
W/"ecce3ec4612a670a24b6a602f4ecfaf8-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
9Zu4OUCN50qCPWJ5U0YxKJjjBZE_LzseqCnCQJ3-a2ai60gE42BaHQ==
first-screen-mint.json
app.qonto.com/lotties/ 		676 KB
57 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.qonto.com/lotties/first-screen-mint.json
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.18033ee7e96b5766e21b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:0:7942:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f1adf42b2098b21db5df4ba13a6f5eedc207dfaa5aaa95d60b5b257705316c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Referer
https://app.qonto.com/
accept-language
de-DE,de;q=0.9
baggage
sentry-environment=production,sentry-release=d396848f93,sentry-public_key=fa86b669a6ac4c4fa3dfc79ddda2a514,sentry-trace_id=41dab5e16cd542d3bbbb8c9acbf53891
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
sentry-trace
41dab5e16cd542d3bbbb8c9acbf53891-8514144445399b75-0

Response headers

x-amz-version-id
Fqx_fAlVbAv68FxIYluHJcEoe5jhTMIz
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date
Wed, 06 Sep 2023 13:41:06 GMT
last-modified
Tue, 22 Aug 2023 07:31:56 GMT
server
AmazonS3
content-security-policy
frame-ancestors 'none'
x-amz-cf-pop
FRA60-P4
age
25
x-amz-server-side-encryption
AES256
etag
W/"d3831a228e8863ee5489d3d344b7052d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
x-amz-cf-id
pF0cIvtaIqUpk_VUTnM20goHv3gauw9oGXkiBj644p_FrNxX6wcqZQ==
ui-gdpr-en-web.f3a9db26ee1a9154ecf22089ec162da266878c31.js
sdk.privacy-center.org/sdk/f3a9db26ee1a9154ecf22089ec162da266878c31/modern/ 		249 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/f3a9db26ee1a9154ecf22089ec162da266878c31/modern/ui-gdpr-en-web.f3a9db26ee1a9154ecf22089ec162da266878c31.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/f3a9db26ee1a9154ecf22089ec162da266878c31/modern/sdk.f3a9db26ee1a9154ecf22089ec162da266878c31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:7e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16eb0a2cbdb98b2d0c12b8d8a703b9ca3c2327f12998b8d3372dd451272f80bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:59:38 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 12:59:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
2501
etag
W/"1a969190557a5939c93662698f06d87c-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
gBw70Dk9pPxLnkVRtWwjfFXQVcnY4vusN2Mnq-NIe-aDqk7Sb2cKbQ==
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame D080 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/detectapp.html?appUrl=organizations%2Flesecq-aurore-2926%2Ftransactions%2F6ca6db90-d965-4918-a1d2-ec8175c4d51e%3Fbank_account%3Dlesecq-aurore-2926-bank-account-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/csp-report

Response headers
logo_qonto_2022.jpg
qonto-assets.s3.eu-central-1.amazonaws.com/logos/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qonto-assets.s3.eu-central-1.amazonaws.com/logos/logo_qonto_2022.jpg
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/signin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.169.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2bb2a9c3b2a75f82899f568fc6459120a9a120f6cedf235016fea046ce682a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qonto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 13:41:19 GMT
x-amz-meta-server-side-encryption
AES256
x-amz-version-id
mzk_qXrLzA_d7o1a.eFYJ1sfmtHXwsO1
Last-Modified
Thu, 17 Feb 2022 13:00:17 GMT
Server
AmazonS3
x-amz-request-id
TEQM46D2CD6H265J
ETag
"8bb168ebf4aee766a9f0d698e195a760"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
x-amz-meta-version-id
Hm_nNe8LPJle6pFLjN_1ZIqj2kUPgbJe
Accept-Ranges
bytes
Content-Length
9718
x-amz-id-2
g+zOvukzfA2vJro84n8a4vWxQHUYkbHcRmBAOOeX3vTe3S3sCqKcuMmSKP+DEU5cyVKAIEtE2IE=
4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame D080 		51 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
Origin
https://accounts.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27431
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:43:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Sep 2024 04:49:03 GMT
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/diagnostic/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Launchdarkly-User-Agent
access-control-allow-methods
POST
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
802720f859c30394-FRA
content-length
0
date
Wed, 06 Sep 2023 13:41:18 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/diagnostic/ 		0
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/diagnostic/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.18033ee7e96b5766e21b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Sep 2023 13:41:18 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
300
vary
Origin
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
x-ratelimit-remaining
0
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
802720f89a110394-FRA
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
content-length
0
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/bulk/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/bulk/630f66eefec6f211a620a237
Requested by
Host: app.qonto.com
URL: https://app.qonto.com/assets/chunk.18033ee7e96b5766e21b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Referer
https://app.qonto.com/
X-LaunchDarkly-Payload-ID
10187e20-4cbb-11ee-b656-29a022fb742d
X-LaunchDarkly-Event-Schema
4
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Sep 2023 13:41:20 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-length
0
server
cloudflare
x-ratelimit-remaining
0
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://app.qonto.com
access-control-expose-headers
Content-Disposition, Content-Encoding
vary
Origin
access-control-allow-credentials
true
x-ratelimit-reset
0
x-ratelimit-limit
0
cf-ray
802721051cd20394-FRA
access-control-allow-headers
Cache-Control,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-Tags
630f66eefec6f211a620a237
api.qonto.com/v1/feature-relay-proxy/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.qonto.com/v1/feature-relay-proxy/events/bulk/630f66eefec6f211a620a237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.11.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://app.qonto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Launchdarkly-Event-Schema, X-Launchdarkly-Payload-Id, X-Launchdarkly-User-Agent
access-control-allow-methods
POST
access-control-allow-origin
https://app.qonto.com
access-control-max-age
24
cf-cache-status
DYNAMIC
cf-ray
80272104dc7a0394-FRA
content-length
0
date
Wed, 06 Sep 2023 13:41:20 GMT
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| loader function| define function| requireModule function| require function| requirejs boolean| runningTests boolean| preferNative object| EmberENV object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| ProgressBar object| webpackChunkqonto object| __SENTRY__ object| __sentryEmberConfig function| Intercom function| __intercomAssignLocation function| __intercomReloadLocation object| intlTelInputGlobals object| intlTelInputUtils object| __LD__ object| didomiOnReady object| didomiEventListeners object| didomiConfig boolean| gdprAppliesGlobally function| __tcfapi object| default_gsi object| google object| closure_lm_273883 object| __G_ID_CLIENT__ object| AppleID object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| webpackChunkDidomi object| Didomi object| dataLayer object| didomiState object| DidomiSanitizing

3 Cookies

Domain/Path Name / Value
.qonto.com/organizations/lesecq-aurore-2926/transactions Name: deviceId
Value: 7757dc0f-865b-47fe-9727-b0ef47d795e3
.qonto.com/ Name: ember_simple_auth-session
Value: %7B%22authenticated%22%3A%7B%7D%7D
.qonto.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMThhNmFiOWQtNjU2ZC02OGFiLTk5M2ItYTlhMDRiNjAxMzRlIiwiY3JlYXRlZCI6IjIwMjMtMDktMDZUMTM6NDE6MTguNTg3WiIsInVwZGF0ZWQiOiIyMDIzLTA5LTA2VDEzOjQxOjE4LjU4N1oiLCJ2ZXJzaW9uIjpudWxsfQ==

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
javascript error URL: https://app.qonto.com/assets/chunk.18033ee7e96b5766e21b.js(Line 1)
Message:
Refused to get unsafe header "date"
javascript error URL: https://app.qonto.com/assets/chunk.18033ee7e96b5766e21b.js(Line 1)
Message:
Refused to get unsafe header "date"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.qonto.com
app.qonto.com
appleid.cdn-apple.com
csp.withgoogle.com
fonts.gstatic.com
js.intercomcdn.com
qonto-assets.s3.eu-central-1.amazonaws.com
sdk.privacy-center.org
sentry.io
url2820.qonto.com
widget.intercom.io
104.18.10.238
104.18.11.238
18.239.36.44
18.239.94.98
2.17.186.40
2600:9000:2251:7e00:5:b7cc:d3c0:93a1
2600:9000:225e:7400:0:7942:c340:93a1
2a00:1450:4001:813::2011
2a00:1450:4001:829::200d
2a00:1450:4001:82a::2003
35.186.247.156
52.219.169.214
000d79c60a825b427f49f0de80ffb25600dd0c709c6d363045b4ae8e7851939f
0dea3380a2bb70f3adf1e985da92fead733ded524ce08841914cae229475f645
14080b7ffd2034039c20c4f2296d2e6e56ddf73ea38733d74222fe36ceedb59a
16eb0a2cbdb98b2d0c12b8d8a703b9ca3c2327f12998b8d3372dd451272f80bc
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1e953042ff7707514a1180ab57d6c98f09b7ac97e8737e4c8440b68aa61c368d
20ad84d60b25639f1e88ddadc13b611763bc6779166278bc9ac5d0e30f3de5d4
219fb6cae6f5c1cedcb80148e240632646803354f644a2a55eb08cf5334b671f
2bb2a9c3b2a75f82899f568fc6459120a9a120f6cedf235016fea046ce682a23
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e719834b531769ec86b58e24b85414139b145b01b4d2e6cee1d2b1cb4630736
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
556410cedcbe84c098964b2b9e3f9458d1f9b95e34d2132166f9a3a6ac892ccc
56dad9307dfeb7810dd3f63d33b036804f419b7a7401b85166b9ccf16fcdead2
692f6f15f66235cf41b8646d5d75b9f609028832e0ad9f569483819d2694e655
6b7f37e6aa1012f26ec9044307783a2533140a0e69ceb35fdc59da9b9e23736d
7f113d06a10439a44df2fab3ed14628b4443ddf10e4de8c9e96a0ca720f4f4af
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
8fa099efb00a9ea01142852d32f419c4dc41abc4dd8a91299689de46afb2e0f4
96df0db679aa0a195489c8abcaf0736abf7050057585c75eb9bb6b131da77949
c81ff11fd1f4acd5527fbedf0e9dfe3f9504b0230f4f66d5ddab563c6baeb0fa
d2ed03089377d17c425b4036eba9716a30bdde90b38ae3a4a1171e5d1efa03d6
dbe7ffb622175ae830af0bbe0d29673470fe728f9df47fb850094ebfbf930cf3
dffe65eb3e0b794411028e2493c9782d6aa0fe793f392eee202c6e65b1fc2302
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
f126281035207e19c5665cd472b2c44997f9548802e945c3f3d3ec4a2e1202f7
f23e103734fedf6e937f8cefe3598bb7a9d65989e96664ec85a03c3e5c81c213
f46f3de715bd8995eb1224739b12e60523aa69187075ee9ce686e2e7871ced2e
f6f1adf42b2098b21db5df4ba13a6f5eedc207dfaa5aaa95d60b5b257705316c
f7cf5b4e5b6f94a4df3d1afa7d2629ee32d727356bf1617d80bcfab2c2f1b7cd
f919e527e5cbb4a7967de4094944f9b5e283809614d62502c30983b251572106
f9d4c75a96068797accfa9976836988ff6cc9c848761dae72ae2875cc81b3810
f9f4b3b13d70320ef174704b1e03cba55cd7d92a52cd693f59b5267b3719d07d
fcc8e3902c83eec26c862a29d6653f4c01d364ecbd9f15f65905308dde2aac02
fe631f4ad0985a6d9b9d31d9f0f9b4626bb099f0a78b0b655f83b7d50f0fd1ff