urlscan.io logo urlscan.io
SecurityTrails logo

demo-carrefour-login.revers.io Open in urlscan Pro
2606:4700:10::ac43:14e5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://demo-carrefour-login.revers.io/
Effective URL: https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io...
Submission: On December 27 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 49 HTTP transactions. The main IP is 2606:4700:10::ac43:14e5, located in United States and belongs to CLOUDFLARENET, US. The main domain is demo-carrefour-login.revers.io.
TLS certificate: Issued by GTS CA 1P5 on November 28th 2023. Valid for: 3 months.
This is the only time demo-carrefour-login.revers.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
3 99.86.4.99 16509 (AMAZON-02)
3 54.187.119.242 16509 (AMAZON-02)
2 2600:9000:207... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.213.170.160 16509 (AMAZON-02)
4 20.60.222.228 8075 (MICROSOFT...)
1 2600:1901:0:7... 396982 (GOOGLE-CL...)
49 11
20    2606:4700:10::ac43:14e5 (United States)

ASN13335 (CLOUDFLARENET, US)
demo-carrefour-login.revers.io
3    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
8    2606:4700:10::6816:224 (United States)

ASN13335 (CLOUDFLARENET, US)
demo-carrefour.revers.io
demo-api.revers.io
3    99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net
js.stripe.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    2600:9000:2070:2000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    34.213.170.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-170-160.us-west-2.compute.amazonaws.com
m.stripe.com
4    20.60.222.228 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
demoreversestorage.blob.core.windows.net
1    2600:1901:0:7047:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
rum.browser-intake-datadoghq.eu
Apex Domain
Subdomains		 Transfer
28 revers.io
demo-carrefour-login.revers.io
demo-carrefour.revers.io
demo-api.revers.io
2 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1282
q.stripe.com — Cisco Umbrella Rank: 7730
m.stripe.com — Cisco Umbrella Rank: 1245
148 KB
4 windows.net
demoreversestorage.blob.core.windows.net
371 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
20 KB
2 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 357
66 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1361
16 KB
1 browser-intake-datadoghq.eu
rum.browser-intake-datadoghq.eu — Cisco Umbrella Rank: 12520
49 7
Domain Requested by
20 demo-carrefour-login.revers.io 1 redirects demo-carrefour-login.revers.io
static.cloudflareinsights.com
demo-carrefour.revers.io
6 demo-carrefour.revers.io demo-carrefour.revers.io
static.cloudflareinsights.com
4 demoreversestorage.blob.core.windows.net demo-carrefour.revers.io
demo-carrefour-login.revers.io
3 q.stripe.com demo-carrefour-login.revers.io
3 js.stripe.com demo-carrefour.revers.io
js.stripe.com
3 static.cloudflareinsights.com demo-carrefour-login.revers.io
demo-carrefour.revers.io
2 maps.googleapis.com demo-carrefour.revers.io
2 m.stripe.network js.stripe.com
m.stripe.network
2 demo-api.revers.io demo-carrefour.revers.io
1 rum.browser-intake-datadoghq.eu demo-carrefour.revers.io
1 m.stripe.com m.stripe.network
49 11

This site contains no links.

Subject Issuer Validity Valid
demo-carrefour-login.revers.io
GTS CA 1P5		 2023-11-28 -
2024-02-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
demo-carrefour.revers.io
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
demo-api.revers.io
GTS CA 1P5		 2023-11-29 -
2024-02-27		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2023-09-28 -
2024-09-28		 a year crt.sh
*.browser-intake-datadoghq.eu
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-17 -
2024-06-18		 a year crt.sh

This page contains 3 frames:

Primary Page: https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Frame ID: B7A08622BD7AF3E8373D0EB2B709AB1E
Requests: 40 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 05917A02426A4F00BCB6B8B0D194DD80
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: ABF6D70EB9EFC1F03759C3F47C624C7E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://demo-carrefour-login.revers.io/ Page URL
  2. https://demo-carrefour.revers.io/ Page URL
  3. https://demo-carrefour-login.revers.io/connect/authorize?client_id=demo-carrefour.revers.io&redirect_uri=https%3A%2... HTTP 302
    https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

49
Requests

94 %
HTTPS

60 %
IPv6

7
Domains

11
Subdomains

11
IPs

3
Countries

2418 kB
Transfer

8421 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://demo-carrefour-login.revers.io/ Page URL
  2. https://demo-carrefour.revers.io/ Page URL
  3. https://demo-carrefour-login.revers.io/connect/authorize?client_id=demo-carrefour.revers.io&redirect_uri=https%3A%2F%2Fdemo-carrefour.revers.io%2Fcallback&response_type=id_token%20token&scope=openid%20email%20api&state=0e834a6c6644421fa0d5e9e7057df51b&nonce=19c9e75e461a42bdb471a474e82d7b2f&ui_locales=en HTTP 302
    https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
demo-carrefour-login.revers.io/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8380a9bd5c0f818a6c68165319ac233871b80ea521e5553fe7ff376bffc064d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; frame-src https://www.google.com/recaptcha/; img-src 'self' data:; default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83c54e8a48fd380d-FRA
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
content-type
text/html; charset=utf-8
date
Wed, 27 Dec 2023 23:22:39 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-security-policy
script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; frame-src https://www.google.com/recaptcha/; img-src 'self' data:; default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
bootstrap.css
demo-carrefour-login.revers.io/lib/bootstrap/css/ 		144 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/lib/bootstrap/css/bootstrap.css
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 22 Dec 2023 14:01:47 GMT
server
cloudflare
etag
W/"1da34df66eee866"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=14400
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e8b49c5380d-FRA
site.css
demo-carrefour-login.revers.io/css/ 		2 KB
576 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/css/site.css
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10398d80b4175b0f0267f614250c431ed69d4c977bc29134aa7dc3b904b1b1a4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 22 Dec 2023 14:01:47 GMT
server
cloudflare
etag
W/"1da34df66ecd1e9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=14400
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e8b49c7380d-FRA
Login
demo-carrefour-login.revers.io/Style/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/Style/Login
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b430d6940c347c30fdd466343324e2b4a166808bc5bcff19b71dca29b2fc4ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
referrer-policy
no-referrer
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e8b49c9380d-FRA
alt-svc
h3=":443"; ma=86400
logo.svg
demo-carrefour-login.revers.io/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo-carrefour-login.revers.io/logo.svg
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627b0caa54579eabd1591fc712d51b9774e058d88c10e2fe43d6e4b7db3e28e1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 22 Dec 2023 14:01:47 GMT
server
cloudflare
etag
W/"1da34df66ecf10f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=14400
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e8b49cb380d-FRA
language.js
demo-carrefour-login.revers.io/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/js/language.js
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
193138e8b61edc9dfb19d8265d74184cbf4339881613214a1b10cf7331c47194
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 22 Dec 2023 14:01:47 GMT
server
cloudflare
etag
W/"1da34df66ecc4c4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=14400
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e8b49cc380d-FRA
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin
https://demo-carrefour-login.revers.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83c54e8baf981997-FRA
normal.woff2
demo-carrefour-login.revers.io/cf-fonts/s/roboto/5.0.11/latin/400/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/cf-fonts/s/roboto/5.0.11/latin/400/normal.woff2
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce893c505f39dd4648a663903cc54acb53706282331c26552ed55ccef0c127f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://demo-carrefour-login.revers.io/
Origin
https://demo-carrefour-login.revers.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
date
Wed, 27 Dec 2023 23:22:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e8c3e353677-FRA
alt-svc
h3=":443"; ma=86400
content-length
15744
rum
demo-carrefour-login.revers.io/cdn-cgi/ 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://demo-carrefour-login.revers.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83c54e8cbeb93677-FRA
/
demo-carrefour.revers.io/ 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a11dd77ebac1f508b8a17d782e4b8bb1f4704cc745a5ae318013aaee4dc70d67
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83c54e8d9e8292a2-FRA
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
content-type
text/html
date
Wed, 27 Dec 2023 23:22:39 GMT
expires
0
last-modified
Fri, 22 Dec 2023 14:05:36 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
rum
demo-carrefour-login.revers.io/cdn-cgi/ 		0
0
2.78c6116f.chunk.css
demo-carrefour.revers.io/static/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour.revers.io/static/css/2.78c6116f.chunk.css
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea7c31394d1857e9de8998ded97d7b1f28cf81a45902465e97de2a499dcf72bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
age
24480
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 24 Nov 2023 17:18:46 GMT
server
cloudflare
etag
W/"01f848fa1eda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e8e5ed292a2-FRA
runtime-main.0d888731.js
demo-carrefour.revers.io/static/js/ 		1 KB
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour.revers.io/static/js/runtime-main.0d888731.js
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87c18690cbbeec0687f6a6cae31833bcb5613d534ceca32bd316a7b8b2134442
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
age
24480
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 24 Nov 2023 17:18:46 GMT
server
cloudflare
etag
W/"01f848fa1eda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e8e5ed392a2-FRA
2.d5158433.chunk.js
demo-carrefour.revers.io/static/js/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
122e4447d477b5f82d2d9e68b8cb155530a87e5e146d34694285b9225494c8d1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
age
206807
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 22 Dec 2023 14:05:36 GMT
server
cloudflare
etag
W/"0786befdf34da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e8e5ed492a2-FRA
main.99511125.chunk.js
demo-carrefour.revers.io/static/js/ 		2 MB
452 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour.revers.io/static/js/main.99511125.chunk.js
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100b9e2935b047e9ba4dbb4d1ea62439edf6abfdb5a29fcdec6e88f63f272156
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
age
24480
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 22 Dec 2023 14:05:36 GMT
server
cloudflare
etag
W/"0786befdf34da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e8e5ed592a2-FRA
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin
https://demo-carrefour.revers.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:39 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83c54e8e69771997-FRA
demo-carrefour.revers.io
demo-api.revers.io/ReverseSellerService/sellers/idsUrl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://demo-api.revers.io/ReverseSellerService/sellers/idsUrl/demo-carrefour.revers.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id
Access-Control-Request-Method
GET
Origin
https://demo-carrefour.revers.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id
access-control-allow-methods
GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83c54e915b3b65b2-FRA
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
date
Wed, 27 Dec 2023 23:22:40 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
demo-carrefour.revers.io
demo-api.revers.io/ReverseSellerService/sellers/idsUrl/ 		170 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://demo-api.revers.io/ReverseSellerService/sellers/idsUrl/demo-carrefour.revers.io
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60877a3c884ebecb140f30f6aca51941f4eeb76720df202e97ba9948d38eba56
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
x-datadog-parent-id
2205772125476847341
x-datadog-trace-id
6545757836366970854
accept-language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
x-datadog-sampling-priority
1

Response headers

date
Wed, 27 Dec 2023 23:22:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
referrer-policy
no-referrer
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e925c3e65b2-FRA
alt-svc
h3=":443"; ma=86400
v3
js.stripe.com/ 		579 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:35 GMT
content-encoding
br
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
13
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:47:17 GMT
server
Cloudfront
etag
W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
4bMm4007wOBcmc3trZKpe4LOCt_02ZYXLH3kVtQXw5zhnQDxLHS50Q==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 0591 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3278
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 27 Dec 2023 22:28:10 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-id
PtH6B0cxoGeegzqbTscrJOrFaRiLZ_QuvNWNInb09hEO7Fl1LQFfSw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
rum
demo-carrefour.revers.io/cdn-cgi/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour.revers.io/cdn-cgi/rum?
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Wed, 27 Dec 2023 23:22:40 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://demo-carrefour.revers.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83c54e923d1e2bde-FRA
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 0591 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 22:28:03 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
3277
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
YOaM_BMLGLjGfRaIRrvjuLBFpmapuW0ZTcUBdL7cCfXwZQR9J22CUQ==
csp-report
q.stripe.com/ Frame 0591 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 27 Dec 2023 23:22:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1703719360935830
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1703719360934907
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 0591 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 27 Dec 2023 23:22:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1703719360937349
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1703719360934901
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame ABF6 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:2000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
251
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 27 Dec 2023 23:18:30 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 67c53a3f025013bfb9704050f9d1933a.cloudfront.net (CloudFront)
x-amz-cf-id
eATAdyARvxPtxaL5aZ5nB8nYn83J6nlDOp8LJ3q0QU3s_axXOwatEw==
x-amz-cf-pop
HAM50-C3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
js
maps.googleapis.com/maps/api/ 		194 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyB1A5uuq6QNheeZbnqeMdfq3RT_FB4vPGQ&libraries=places
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/main.99511125.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
97c64fef8128a8c219c9af24748c7e431b4ae70344141dcdf0e2cc5f603c91e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66706
x-xss-protection
0
information
demo-carrefour-login.revers.io/api/client/ 		792 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/api/client/information?clientId=demo-carrefour.revers.io
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75fd5aea9dc4d50c596a095e0fc6f2e10fa7df2b4f1d8c4e8895572abe2315bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
server
cloudflare
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://demo-carrefour.revers.io
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e93abc7366f-FRA
csp-report
q.stripe.com/ Frame ABF6 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 27 Dec 2023 23:22:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1703719360935342
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1703719360934898
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame ABF6 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:2000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:18:34 GMT
content-encoding
br
via
1.1 67c53a3f025013bfb9704050f9d1933a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
249
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
HAM50-C3
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
2gX4SPJb5HE4Ttewp12z_2oVg9CyWB3VqxorZP89GZ1RHUl340AOiQ==
6
m.stripe.com/ Frame ABF6 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-170-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Wed, 27 Dec 2023 23:22:41 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1703719361178471
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1703719361177980
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://demo-carrefour.revers.io
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
theme.json
demoreversestorage.blob.core.windows.net/publicdocuments/sellers/87e24f2c-11db-4e9b-a0bb-ffbfe2289c1b/ 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://demoreversestorage.blob.core.windows.net/publicdocuments/sellers/87e24f2c-11db-4e9b-a0bb-ffbfe2289c1b/theme.json
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.222.228 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6652089700a805785a21ece6ae8def933201830c6fdf3de8d1245fc5dd551e59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 27 Dec 2023 23:22:40 GMT
Last-Modified
Mon, 25 Sep 2023 13:32:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
W8GvpxIN+zBRABQqXtYedg==
ETag
0x8DBBDCBE46B30E9
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://demo-carrefour.revers.io
x-ms-request-id
844aad96-d01e-0046-3d1b-396f2b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
3330
en.json
demoreversestorage.blob.core.windows.net/catalog/translations/ 		276 KB
276 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://demoreversestorage.blob.core.windows.net/catalog/translations/en.json
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.222.228 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 27 Dec 2023 23:22:40 GMT
Last-Modified
Fri, 22 Dec 2023 08:33:10 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
3etD37epxFbhICLaOv0bBw==
ETag
0x8DC02C8A146F43E
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://demo-carrefour.revers.io
x-ms-request-id
844aadbf-d01e-0046-5f1b-396f2b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
282216
en.json
demoreversestorage.blob.core.windows.net/catalog/translations/dynamic/ 		85 KB
86 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://demoreversestorage.blob.core.windows.net/catalog/translations/dynamic/en.json
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.222.228 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 27 Dec 2023 23:22:40 GMT
Last-Modified
Fri, 22 Dec 2023 08:33:10 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
j3322T4Eeax1DCvMYK6qyQ==
ETag
0x8DC02C8A14594D5
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://demo-carrefour.revers.io
x-ms-request-id
f6ec50e3-801e-005b-4d1b-396297000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
86986
openid-configuration
demo-carrefour-login.revers.io/.well-known/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/.well-known/openid-configuration
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
server
cloudflare
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://demo-carrefour.revers.io
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e964d55366f-FRA
Primary Request Login
demo-carrefour-login.revers.io/Account/
Redirect Chain
  • https://demo-carrefour-login.revers.io/connect/authorize?client_id=demo-carrefour.revers.io&redirect_uri=https%3A%2F%2Fdemo-carrefour.revers.io%2Fcallback&response_type=id_token%20token&scope=openi...
  • https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io...
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10c16b454aa9e0e3c4b07c2db46b1be3d0132852ec089ae4abe4eb323b927dfd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; frame-src https://www.google.com/recaptcha/; img-src 'self' data:; default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
83c54e97ff993677-FRA
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
content-type
text/html; charset=utf-8
date
Wed, 27 Dec 2023 23:22:41 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-security-policy
script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; frame-src https://www.google.com/recaptcha/; img-src 'self' data:; default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83c54e970ee03677-FRA
content-length
0
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
date
Wed, 27 Dec 2023 23:22:41 GMT
location
https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
rum
rum.browser-intake-datadoghq.eu/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.44.0%2Capi%3Abeacon%2Cenv%3Ademonstration%2Cservice%3Arevers-front-selfcare%2Cversion%3A20231222.1&dd-api-key=pubd6cb15641d9e1e327c48891bd3947cde&dd-evp-origin-version=4.44.0&dd-evp-origin=browser&dd-request-id=b79d7027-aa08-43eb-ae29-811263d2cfce&batch_time=1703719361099
Requested by
Host: demo-carrefour.revers.io
URL: https://demo-carrefour.revers.io/static/js/2.d5158433.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7047:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
rum
rum.browser-intake-datadoghq.eu/api/v2/ 		0
0
rum
demo-carrefour.revers.io/cdn-cgi/ 		0
0
bootstrap.css
demo-carrefour-login.revers.io/lib/bootstrap/css/ 		144 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/lib/bootstrap/css/bootstrap.css
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 22 Dec 2023 14:01:47 GMT
server
cloudflare
etag
W/"1da34df66eee866"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=14400
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e98c8843677-FRA
site.css
demo-carrefour-login.revers.io/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/css/site.css
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10398d80b4175b0f0267f614250c431ed69d4c977bc29134aa7dc3b904b1b1a4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 22 Dec 2023 14:01:47 GMT
server
cloudflare
etag
W/"1da34df66ecd1e9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=14400
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e98c8853677-FRA
Login
demo-carrefour-login.revers.io/Style/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/Style/Login?clientId=demo-carrefour.revers.io
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bffcf7ec7772c7e7f590d75f6af460b58e2fa72a5da23d62b7d422a6974bbb26
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
referrer-policy
no-referrer
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e98c8863677-FRA
alt-svc
h3=":443"; ma=86400
8b02e4357960382cdd04cfb1adbf9d28
demoreversestorage.blob.core.windows.net/ui-styles/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demoreversestorage.blob.core.windows.net/ui-styles/logos/8b02e4357960382cdd04cfb1adbf9d28
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.222.228 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1c7e23f85149bc5339fdc98b2dc5ffa0acf9f497d2c1dbdd7d3b7fc8b0a94500

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 27 Dec 2023 23:22:41 GMT
Last-Modified
Fri, 22 Dec 2023 08:39:23 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
8gV+7Fk/hdY/Md37dT7Fmg==
ETag
0x8DC02C97FD78079
Vary
Origin
Content-Type
image/svg+xml
x-ms-request-id
02f83ca0-601e-0031-361b-39babf000000
x-ms-version
2009-09-19
Content-Length
5170
GetResourceForClientId
demo-carrefour-login.revers.io/Style/ 		93 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo-carrefour-login.revers.io/Style/GetResourceForClientId?clientId=demo-carrefour.revers.io&directory=login-images&defaultContentType=image%2Fsvg%2Bxml
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d6793a0887fd3f19ec468af5249e77e053d4e083f3e881bc4aa5255ab50d105
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
referrer-policy
no-referrer
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e98c8873677-FRA
alt-svc
h3=":443"; ma=86400
login-function.js
demo-carrefour-login.revers.io/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/js/login-function.js
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21e979c4c31033c5d6e5429734e330502168a2307c8bb1efd83600cf36252118
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 22 Dec 2023 14:01:47 GMT
server
cloudflare
etag
W/"1da34df66ecd1a7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=14400
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e98c8883677-FRA
language.js
demo-carrefour-login.revers.io/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/js/language.js
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
193138e8b61edc9dfb19d8265d74184cbf4339881613214a1b10cf7331c47194
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 22 Dec 2023 14:01:47 GMT
server
cloudflare
etag
W/"1da34df66ecc4c4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=14400
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e98c8893677-FRA
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin
https://demo-carrefour-login.revers.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:22:41 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83c54e98c96d1997-FRA
normal.woff2
demo-carrefour-login.revers.io/cf-fonts/s/roboto/5.0.11/latin/400/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/cf-fonts/s/roboto/5.0.11/latin/400/normal.woff2
Requested by
Host: demo-carrefour-login.revers.io
URL: https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce893c505f39dd4648a663903cc54acb53706282331c26552ed55ccef0c127f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://demo-carrefour-login.revers.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Ddemo-carrefour.revers.io%26redirect_uri%3Dhttps%253A%252F%252Fdemo-carrefour.revers.io%252Fcallback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520email%2520api%26state%3D0e834a6c6644421fa0d5e9e7057df51b%26nonce%3D19c9e75e461a42bdb471a474e82d7b2f%26ui_locales%3Den
Origin
https://demo-carrefour-login.revers.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
date
Wed, 27 Dec 2023 23:22:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
83c54e99c9343677-FRA
alt-svc
h3=":443"; ma=86400
content-length
15744
rum
demo-carrefour-login.revers.io/cdn-cgi/ 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demo-carrefour-login.revers.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Wed, 27 Dec 2023 23:22:41 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://demo-carrefour-login.revers.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83c54e9a397b3677-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
demo-carrefour-login.revers.io
URL
https://demo-carrefour-login.revers.io/cdn-cgi/rum?
Domain
rum.browser-intake-datadoghq.eu
URL
https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.44.0%2Capi%3Abeacon%2Cenv%3Ademonstration%2Cservice%3Arevers-front-selfcare%2Cversion%3A20231222.1&dd-api-key=pubd6cb15641d9e1e327c48891bd3947cde&dd-evp-origin-version=4.44.0&dd-evp-origin=browser&dd-request-id=fc3dbad3-c672-4850-84bb-a258915f93d6&batch_time=1703719361379
Domain
demo-carrefour.revers.io
URL
https://demo-carrefour.revers.io/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| captchaSubmit function| changeLanguages object| __cfBeacon

6 Cookies

Domain/Path Name / Value
demo-carrefour.revers.io/ Name: _dd_s
Value: rum=2&id=c287b9bf-3d06-44b9-b1ff-e51a9b4f6e0b&created=1703719360017&expire=1703720260017
demo-carrefour-login.revers.io/ Name: .AspNetCore.Culture
Value: c%3Den%7Cuic%3Den
m.stripe.com/ Name: m
Value: 5a49b57a-8911-4b76-b7b0-535066e385f239a429
.demo-carrefour.revers.io/ Name: __stripe_mid
Value: be5514d6-e6a7-41cf-9432-5c4c7371667b4abfec
.demo-carrefour.revers.io/ Name: __stripe_sid
Value: 35013492-3acb-4804-9960-53ce44b79698fd8ccf
demo-carrefour-login.revers.io/ Name: .AspNetCore.Antiforgery.9TtSrW0hzOs
Value: CfDJ8JKzaw3ZX1ZNpntMfhs6v-BOx3iWZUJAZfQMMqgoYe61AILtfYmDjSzC-g9_upzn-P55kahoMYziDtGF4uWEGBqLI1cfknT_cfkOgg6-Ad-EyfX6V9g5SI8aXGUzIzTJcwVr7krtSsemTMdEuK48r4Y

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.revers.io https://*.revers.io; script-src 'self' https://*.revers.io https://*.revers.io 'unsafe-eval' 'unsafe-inline' blob: https://api.cumul.io https://*.googleapis.com https://static.cloudflareinsights.com:* https://challenges.cloudflare.com https://js.stripe.com; connect-src 'self' https://*.revers.io https://*.revers.io https://rum.browser-intake-datadoghq.eu:* https://*.blob.core.windows.net:* https://*.statuspage.io:* https://*.googleapis.com cloudflareinsights.com api-adresse.data.gouv.fr https://api.cumul.io; img-src 'self' * data: blob:; style-src 'self' https://*.revers.io https://*.revers.io 'unsafe-inline' https://fonts.googleapis.com:*; font-src 'self' https://*.revers.io https://*.revers.io https://fonts.gstatic.com:* data:; frame-src 'self' https://*.revers.io https://*.revers.io https://challenges.cloudflare.com https://js.stripe.com blob: https://app.cumul.io/; frame-ancestors 'self' https://*.revers.io https://*.revers.io; object-src 'self' blob: https://*.revers.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; frame-src https://www.google.com/recaptcha/; img-src 'self' data:; default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

demo-api.revers.io
demo-carrefour-login.revers.io
demo-carrefour.revers.io
demoreversestorage.blob.core.windows.net
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
q.stripe.com
rum.browser-intake-datadoghq.eu
static.cloudflareinsights.com
demo-carrefour-login.revers.io
demo-carrefour.revers.io
rum.browser-intake-datadoghq.eu
20.60.222.228
2600:1901:0:7047::
2600:9000:2070:2000:19:7d10:bd80:93a1
2606:4700:10::6816:224
2606:4700:10::ac43:14e5
2606:4700::6810:3965
2a00:1450:4001:82a::200a
34.213.170.160
54.187.119.242
99.86.4.99
100b9e2935b047e9ba4dbb4d1ea62439edf6abfdb5a29fcdec6e88f63f272156
10398d80b4175b0f0267f614250c431ed69d4c977bc29134aa7dc3b904b1b1a4
10c16b454aa9e0e3c4b07c2db46b1be3d0132852ec089ae4abe4eb323b927dfd
122e4447d477b5f82d2d9e68b8cb155530a87e5e146d34694285b9225494c8d1
193138e8b61edc9dfb19d8265d74184cbf4339881613214a1b10cf7331c47194
1c7e23f85149bc5339fdc98b2dc5ffa0acf9f497d2c1dbdd7d3b7fc8b0a94500
21e979c4c31033c5d6e5429734e330502168a2307c8bb1efd83600cf36252118
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3d6793a0887fd3f19ec468af5249e77e053d4e083f3e881bc4aa5255ab50d105
60877a3c884ebecb140f30f6aca51941f4eeb76720df202e97ba9948d38eba56
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
627b0caa54579eabd1591fc712d51b9774e058d88c10e2fe43d6e4b7db3e28e1
6652089700a805785a21ece6ae8def933201830c6fdf3de8d1245fc5dd551e59
75fd5aea9dc4d50c596a095e0fc6f2e10fa7df2b4f1d8c4e8895572abe2315bd
8380a9bd5c0f818a6c68165319ac233871b80ea521e5553fe7ff376bffc064d4
87c18690cbbeec0687f6a6cae31833bcb5613d534ceca32bd316a7b8b2134442
8ce893c505f39dd4648a663903cc54acb53706282331c26552ed55ccef0c127f
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
97c64fef8128a8c219c9af24748c7e431b4ae70344141dcdf0e2cc5f603c91e1
a11dd77ebac1f508b8a17d782e4b8bb1f4704cc745a5ae318013aaee4dc70d67
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
b430d6940c347c30fdd466343324e2b4a166808bc5bcff19b71dca29b2fc4ac5
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bffcf7ec7772c7e7f590d75f6af460b58e2fa72a5da23d62b7d422a6974bbb26
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7c31394d1857e9de8998ded97d7b1f28cf81a45902465e97de2a499dcf72bc
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058