assure.sigmage.fr Open in urlscan Pro
194.206.243.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://assure.sigmage.fr/
Effective URL:
https://assure.sigmage.fr/
Submission: On November 29 via api (November 29th 2023, 9:52:05 am UTC) from US — Scanned from FR

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 29 HTTP transactions. The main IP is 194.206.243.237, located in Paris, France and belongs to France Telecom - Orange, FR. The main domain is assure.sigmage.fr.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 15th 2023. Valid for: a year.

This is the only time assure.sigmage.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	194.206.243.237 194.206.243.237	3215 (France Te...) (France Telecom - Orange)
1	90.85.55.198 90.85.55.198	3215 (France Te...) (France Telecom - Orange)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
29	6

20 194.206.243.237 (Paris, France) 1 redirects

ASN3215 (France Telecom - Orange, FR)

assure.sigmage.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 90.85.55.198 (Bussy-Saint-Georges, France)

ASN3215 (France Telecom - Orange, FR)

assets.plansante.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	sigmage.fr 1 redirects assure.sigmage.fr	265 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	433 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	35 KB
1	plansante.com assets.plansante.com	5 KB
29	4

	Domain	Requested by
20	assure.sigmage.fr	1 redirects assure.sigmage.fr
4	www.gstatic.com	www.google.com www.gstatic.com
3	www.google.com	assure.sigmage.fr www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
1	assets.plansante.com	assure.sigmage.fr
29	5

This site contains no links.

Subject Issuer	Validity	Valid
assure.sigmage.fr DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-15` - `2024-10-15`	a year	crt.sh
assets.plansante.com QuoVadis Global SSL ICA G3	`2023-04-07` - `2024-04-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://assure.sigmage.fr/
Frame ID: A49EA6602F954998F17EE6F991551BEC
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSFt4mAAAAAHMBvgJDsOZsRSo9Ri65wboDHJiZ&co=aHR0cHM6Ly9hc3N1cmUuc2lnbWFnZS5mcjo0NDM.&hl=fr&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=yiayloysbgwt
Frame ID: 02519D952AD112C6A5EA770A152D3D88
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connexion

Page URL History Show full URLs

http://assure.sigmage.fr/ HTTP 302
https://assure.sigmage.fr/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

29
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

738 kB
Transfer

1689 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://assure.sigmage.fr/ HTTP 302
https://assure.sigmage.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
assure.sigmage.fr/
Redirect Chain

http://assure.sigmage.fr/
https://assure.sigmage.fr/

12 KB
6 KB

1073ms
988ms

Document
text/html

194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

f53ece8b41e85db6460d22a53a8416c13debaf5bae2e501f968aff6c63d98aac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 2969
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 29 Nov 2023 09:51:59 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Reporting-Endpoints: csp-endpoint="https://assure.sigmage.fr/csp_report"
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Location: https://assure.sigmage.fr/
Server: BigIP

GET
H/1.1 200
OK c5a24c99d386ac5fb8f355d1c1f17b94a4df19f6e16377c1fe5df0be992c9fb9.css
assure.sigmage.fr/css/ 129 KB
24 KB 31ms
31ms Stylesheet
text/css 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/css/c5a24c99d386ac5fb8f355d1c1f17b94a4df19f6e16377c1fe5df0be992c9fb9.css?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

cf752f21ed80fe0f6aaf9d11610a05eabb60adfa64f401e423eacbf29a3a6733

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 21769
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:40 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "204a5-60ace8b84d900-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK logosigm.png
assets.plansante.com/images/assures/logos_env/logos_blanc/ 4 KB
5 KB 162ms
34ms Image
image/png 90.85.55.198
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.plansante.com/images/assures/logos_env/logos_blanc/logosigm.png

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

90.85.55.198 Bussy-Saint-Georges, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

60687a5fb40ada7ed5b0d3e20e0acc00c262769889bfa31607b96872593abced

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:50:11 GMT
Strict-Transport-Security: max-age=15768000;includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 4393
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 07 Oct 2020 12:43:38 GMT
Server: Apache
ETag: "1129-5b1141084286c"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, proxy-revalidate, private, max-age=300, s-maxage=300
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK feature-detection.min.js Show response
assure.sigmage.fr/js/main/ 942 B
3 KB 62ms
26ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/main/feature-detection.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

3bcc482c4555b3232400c1a8e8ceffc67c84cde8c2c79709459c5ea29e0285f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 307
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:18 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "3ae-60ace8a2e22a0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK system.min.js Show response
assure.sigmage.fr/js/vendor/ 10 KB
6 KB 79ms
27ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/vendor/system.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

1b643ca238b021c4703dbf16b184b4e29bfc6b4391cd9cd5c2e1bb020071cbc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 3566
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:26 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "260d-60ace8aad7460-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK jquery.min.js Show response
assure.sigmage.fr/js/vendor/ 89 KB
33 KB 91ms
35ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/vendor/jquery.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

fe51d9f2289050f2dfd75a5ed03a5d12e78cb1606ce513c0d9ad3d2dd685efb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 31281
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:23 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "1623d-60ace8a851c40-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK bootstrap.min.js Show response
assure.sigmage.fr/js/vendor/ 58 KB
18 KB 85ms
29ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/vendor/bootstrap.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

354146db13359a6eb9c6bbb5c0411e24c3b392b35b06e2e4c16e891f1e5b42d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 15436
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:21 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "e696-60ace8a67d040-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK helpers.min.js Show response
assure.sigmage.fr/js/ 5 KB
5 KB 108ms
28ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/helpers.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

9be3b06a05dfdeed30ab1d2cff357375dca02867dc26795e33e46adeca4d9d82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 2232
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:17 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "151c-60ace8a2b7320-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK polyfills.min.js Show response
assure.sigmage.fr/js/ 17 KB
7 KB 88ms
27ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/polyfills.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

bcebcad2580907cf201fe6dd3c1ae4b210e1ff26cef07760d62d859714b70693

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 4787
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:19 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "445b-60ace8a491ce0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK bootstrap-datepicker.min.js Show response
assure.sigmage.fr/js/vendor/ 34 KB
12 KB 42ms
27ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/vendor/bootstrap-datepicker.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

e791dda34f4502e5257c3f1d051c8ff440af91a11645a070b0a0e0c6c7d341bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 10044
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:20 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "861f-60ace8a54b5a0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK bootstrap-datepicker.fr.min.js Show response
assure.sigmage.fr/js/vendor/ 519 B
3 KB 39ms
26ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/vendor/bootstrap-datepicker.fr.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

6526b5a850eff3a98a0940b5e517f7e4c0ccaf5fecb60781386b87a95ea6cc56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 290
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:20 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "207-60ace8a4da120-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Content-Language: fr
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.form.min.js Show response
assure.sigmage.fr/js/vendor/ 15 KB
8 KB 42ms
28ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/vendor/jquery.form.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

d21856339e599938a40a2836d6b42b46e2c48a5060c93d20884e757a1684c9b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 5858
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:22 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "3c3d-60ace8a74e000-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK plupload.full.min.js Show response
assure.sigmage.fr/js/vendor/ 136 KB
43 KB 46ms
31ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/vendor/plupload.full.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

cee8d579e4e1c12797791dcf920fba198af03a189b07d9f5298add8aebf6e882

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 41025
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:25 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "220a9-60ace8aa0d200-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK axios.min.js Show response
assure.sigmage.fr/js/vendor/ 13 KB
7 KB 221ms
213ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/vendor/axios.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

3980234d14be5938db9da8696a7f146b7cf738a3567cccfe226abb81796063a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 4646
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:20 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "35d5-60ace8a4d9180-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK healthcareNetworksKalixia.min.js Show response
assure.sigmage.fr/js/main/ 759 B
3 KB 198ms
195ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/main/healthcareNetworksKalixia.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

31b67c9796774932b8c5966e58c8194deffeae9e5cd897111acfc2fae6c38951

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 417
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:18 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "2f7-60ace8a2e6120-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK auth.min.js Show response
assure.sigmage.fr/js/ 1010 B
3 KB 26ms
26ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/auth.min.js?1700732082

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

87ef89eb483d62c1b887f0600deeafc3bf5a837e91f59e3044b4fb7f50e369c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 431
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:17 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "3f2-60ace8a290220-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK recaptchaV3.min.js Show response
assure.sigmage.fr/js/main/ 182 B
3 KB 35ms
35ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/main/recaptchaV3.min.js

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

642602f3597b5053f3814cfa7229bdcf013411f4edcb77e704a95df810e5103b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 165
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:18 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "b6-60ace8a31ace0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 89ms
33ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d6ab7941c53500bd101f5faa1bf8bf2fae9fa75d879083d3c0c99054b5d4e204

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assure.sigmage.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 09:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 29 Nov 2023 09:52:00 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
assure.sigmage.fr/fonts/ 74 KB
76 KB 36ms
27ms Font
application/octet-stream 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/fonts/fa-solid-900.woff2

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/css/c5a24c99d386ac5fb8f355d1c1f17b94a4df19f6e16377c1fe5df0be992c9fb9.css?1700732082

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

8d86fae5265d97fb99e40108128776ef137a0f05e4147895820add73c26c05b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assure.sigmage.fr/css/c5a24c99d386ac5fb8f355d1c1f17b94a4df19f6e16377c1fe5df0be992c9fb9.css?1700732082
Origin: https://assure.sigmage.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 75356
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:33:03 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "1265c-60ace85c058a0"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 469 KB
188 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca276a7b63d1747f0404f5f9fa2fb2eb4a27a666543bcc5f9812df012b96ed0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assure.sigmage.fr/
Origin: https://assure.sigmage.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191904
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 18:01:21 GMT

GET
H/1.1 200
OK checkUnreadMessagesCount.1700732066436.min.js Show response
assure.sigmage.fr/js/modules/shared/ 2 KB
4 KB 28ms
28ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/modules/shared/checkUnreadMessagesCount.1700732066436.min.js

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/js/vendor/system.min.js?1700732082

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

40373ba21b0bbdc147443dd108321a8983852486d79bd09ce65bcd858b116a2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assure.sigmage.fr/
Origin: https://assure.sigmage.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 1123
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:26 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "8e7-60ace8aada340-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK updateUnreadMessagesCount.1700732066436.min.js Show response
assure.sigmage.fr/js/modules/pages/messages/ 682 B
3 KB 28ms
27ms Script
application/javascript 194.206.243.237
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://assure.sigmage.fr/js/modules/pages/messages/updateUnreadMessagesCount.1700732066436.min.js

Requested by

Host: assure.sigmage.fr
URL: https://assure.sigmage.fr/js/vendor/system.min.js?1700732082

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.206.243.237 Paris, France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

Apache /

Resource Hash

75a5e4aed800dfc36894561e2c6007c12628b401b7cb9f2c63f14dbff93c035e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assure.sigmage.fr/
Origin: https://assure.sigmage.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 09:52:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 437
X-XSS-Protection: 1; mode=block
Reporting-Endpoints: csp-endpoint="(null)://(null)/csp_report"
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 23 Nov 2023 09:34:26 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin
ETag: "2aa-60ace8aada340-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0251 60 KB
34 KB 50ms
50ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSFt4mAAAAAHMBvgJDsOZsRSo9Ri65wboDHJiZ&co=aHR0cHM6Ly9hc3N1cmUuc2lnbWFnZS5mcjo0NDM.&hl=fr&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=yiayloysbgwt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__fr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

37b6879a181f07ee692dba7ba54c76655353b74a630d306947d78a83ac6cf055

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Lh17sSRm6gX3Q5HOK4lxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assure.sigmage.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2Lh17sSRm6gX3Q5HOK4lxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 09:52:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 0251 55 KB
24 KB 74ms
24ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSFt4mAAAAAHMBvgJDsOZsRSo9Ri65wboDHJiZ&co=aHR0cHM6Ly9hc3N1cmUuc2lnbWFnZS5mcjo0NDM.&hl=fr&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=yiayloysbgwt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 07:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 07:13:56 GMT

GET
H3 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 0251 469 KB
187 KB 74ms
36ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__fr.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca276a7b63d1747f0404f5f9fa2fb2eb4a27a666543bcc5f9812df012b96ed0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191904
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 18:01:21 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0251 2 KB
2 KB 25ms
24ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 20:04:28 GMT
x-content-type-options: nosniff
age: 136053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:04:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0251 15 KB
16 KB 81ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 469505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0251 15 KB
15 KB 87ms
31ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 564634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 21:01:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0251 102 B
135 B 36ms
35ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7620ccffae8b506f5055f1fa8eed23daa43045b36bfb0751b206d6d94bbf7835

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSFt4mAAAAAHMBvgJDsOZsRSo9Ri65wboDHJiZ&co=aHR0cHM6Ly9hc3N1cmUuc2lnbWFnZS5mcjo0NDM.&hl=fr&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=yiayloysbgwt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 09:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 29 Nov 2023 09:52:01 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			assure.sigmage.fr/	1969-12-31 23:59:59	Name: session Value: tjrv75k8gi1veq76rojbfng7hu
			assure.sigmage.fr/	1969-12-31 23:59:59	Name: BIGipServerPRDRVRWEBAS_443 Value: !afbmolgmf09Nh3Wn2+C25m7SUkie2+9uNmFOB96Z2UV5BEhPsO950QFADnYJwqaverzF8V3ega/P

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; object-src 'self' blob:; base-uri 'none'; connect-src 'self' https://bot-management-api.tolk.ai/ blob:; font-src 'self'; form-action *; img-src 'self' blob: data: https://assets.plansante.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.tolk.ai/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/; style-src 'self' 'unsafe-inline'; manifest-src 'self'; frame-ancestors 'self'; child-src https://script.tolk.ai/ https://www.google.com/ https://www.youtube.com/ blob:; frame-src 'self' blob: https://www.google.com/ https://script.tolk.ai/ https://www.youtube.com/; worker-src 'self' blob:; report-uri /csp_report; report-to csp-endpoint;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.plansante.com
assure.sigmage.fr
fonts.gstatic.com
www.google.com
www.gstatic.com
194.206.243.237
2a00:1450:4001:813::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
90.85.55.198
1b643ca238b021c4703dbf16b184b4e29bfc6b4391cd9cd5c2e1bb020071cbc9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
31b67c9796774932b8c5966e58c8194deffeae9e5cd897111acfc2fae6c38951
354146db13359a6eb9c6bbb5c0411e24c3b392b35b06e2e4c16e891f1e5b42d3
37b6879a181f07ee692dba7ba54c76655353b74a630d306947d78a83ac6cf055
3980234d14be5938db9da8696a7f146b7cf738a3567cccfe226abb81796063a1
3bcc482c4555b3232400c1a8e8ceffc67c84cde8c2c79709459c5ea29e0285f3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40373ba21b0bbdc147443dd108321a8983852486d79bd09ce65bcd858b116a2c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60687a5fb40ada7ed5b0d3e20e0acc00c262769889bfa31607b96872593abced
642602f3597b5053f3814cfa7229bdcf013411f4edcb77e704a95df810e5103b
6526b5a850eff3a98a0940b5e517f7e4c0ccaf5fecb60781386b87a95ea6cc56
75a5e4aed800dfc36894561e2c6007c12628b401b7cb9f2c63f14dbff93c035e
7620ccffae8b506f5055f1fa8eed23daa43045b36bfb0751b206d6d94bbf7835
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
87ef89eb483d62c1b887f0600deeafc3bf5a837e91f59e3044b4fb7f50e369c1
8d86fae5265d97fb99e40108128776ef137a0f05e4147895820add73c26c05b1
9be3b06a05dfdeed30ab1d2cff357375dca02867dc26795e33e46adeca4d9d82
bcebcad2580907cf201fe6dd3c1ae4b210e1ff26cef07760d62d859714b70693
ca276a7b63d1747f0404f5f9fa2fb2eb4a27a666543bcc5f9812df012b96ed0d
cee8d579e4e1c12797791dcf920fba198af03a189b07d9f5298add8aebf6e882
cf752f21ed80fe0f6aaf9d11610a05eabb60adfa64f401e423eacbf29a3a6733
d21856339e599938a40a2836d6b42b46e2c48a5060c93d20884e757a1684c9b0
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d6ab7941c53500bd101f5faa1bf8bf2fae9fa75d879083d3c0c99054b5d4e204
e791dda34f4502e5257c3f1d051c8ff440af91a11645a070b0a0e0c6c7d341bc
f53ece8b41e85db6460d22a53a8416c13debaf5bae2e501f968aff6c63d98aac
fe51d9f2289050f2dfd75a5ed03a5d12e78cb1606ce513c0d9ad3d2dd685efb1

assure.sigmage.fr Open in urlscan Pro 194.206.243.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

60 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

738 kBTransfer

1689 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

assure.sigmage.fr Open in urlscan Pro
194.206.243.237 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

738 kB
Transfer

1689 kB
Size

2
Cookies

29 HTTP transactions
1 data transactions