Redirect 302 redirect from GET @_profiler_home (9f5a0c)

GET https://gpsa-rec.stepnet.fr/login

Response
200 OK
Browse referrer URL
IP
192.168.75.1
Profiled on
Token
8f0a66

HTTP Client

1 Total requests
0 HTTP errors

Clients

http_client 1

Requests

GET https://www.ibansecure.fr/API_v2/token
Request options 
[
  "auth_bearer" => "sVraeFeSAB9aSw7w2MetuysBc"
]
Response 200 
[
  "info" => [
    "header_size" => 1851
    "request_size" => 179
    "total_time" => 0.072408
    "namelookup_time" => 0.018958
    "connect_time" => 0.027297
    "pretransfer_time" => 0.054747
    "size_download" => 743.0
    "speed_download" => 10261.0
    "starttransfer_time" => 0.072209
    "primary_ip" => "185.69.249.158"
    "primary_port" => 443
    "local_ip" => "192.168.75.251"
    "local_port" => 55732
    "http_version" => 2
    "protocol" => 2
    "scheme" => "HTTPS"
    "appconnect_time_us" => 54690
    "connect_time_us" => 27297
    "namelookup_time_us" => 18958
    "pretransfer_time_us" => 54747
    "starttransfer_time_us" => 72209
    "total_time_us" => 72408
    "effective_method" => "GET"
    "start_time" => 1773316699.5642
    "original_url" => "https://www.ibansecure.fr/API_v2/token"
    "pause_handler" => Closure(float $duration) {#1084
      class: "Symfony\Component\HttpClient\Response\CurlResponse"
      use: {
        $ch: CurlHandle {#1080 …}
        $multi: Symfony\Component\HttpClient\Internal\CurlClientState {#1074 …}
        $execCounter: -9223372036854775808
      }
    }
    "debug" => """
      *   Trying 185.69.249.158:443...\n
      * Connected to www.ibansecure.fr (185.69.249.158) port 443 (#0)\n
      * ALPN: offers h2,http/1.1\n
      *  CAfile: /etc/ssl/certs/ca-certificates.crt\n
      *  CApath: /etc/ssl/certs\n
      * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384\n
      * ALPN: server did not agree on a protocol. Uses default.\n
      * Server certificate:\n
      *  subject: CN=*.ibansecure.fr\n
      *  start date: Apr  1 00:00:00 2025 GMT\n
      *  expire date: Mar 31 23:59:59 2026 GMT\n
      *  subjectAltName: host "www.ibansecure.fr" matched cert's "*.ibansecure.fr"\n
      *  issuer: C=FR; O=Gandi SAS; CN=GandiCert\n
      *  SSL certificate verify ok.\n
      * using HTTP/1.x\n
      > GET /API_v2/token HTTP/1.1\r\n
      Host: www.ibansecure.fr\r\n
      Accept: */*\r\n
      Authorization: Bearer sVraeFeSAB9aSw7w2MetuysBc\r\n
      User-Agent: Symfony HttpClient (Curl)\r\n
      Accept-Encoding: gzip\r\n
      \r\n
      * old SSL session ID is stale, removing\n
      < HTTP/1.1 200 OK\r\n
      < cache-control: private\r\n
      < transfer-encoding: chunked\r\n
      < content-type: application/json; charset=utf-8\r\n
      < server: Microsoft-IIS/10.0\r\n
      * Added cookie ASP.NET_SessionId="ypzr1mbikvepljvr4mhtafkn" for domain www.ibansecure.fr, path /, expire 0\n
      < set-cookie: ASP.NET_SessionId=ypzr1mbikvepljvr4mhtafkn; path=/; secure; HttpOnly; SameSite=Lax; Secure\r\n
      < x-content-type-options: nosniff\r\n
      < content-security-policy: default-src 'self' https://*.atlassian.com https://*.googleapis.com https://*.gstatic.com https://*.cookiebot.com https://consent.cookiebot.com https://imgsct.cookiebot.com https://www.google.com https://*.googleadservices.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.googleapis.com https://*.gstatic.com https://www.google.com https://*.cookiebot.com https://consent.cookiebot.com https://*.atlassian.com https://*.googletagmanager.com https://www.google-analytics.com https://*.doubleclick.net https://*.googleadservices.com https://player.vimeo.com; style-src 'unsafe-inline' 'self' https://*.googleapis.com https://*.gstatic.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.doubleclick.net https://*.googleadservices.com https://*.google.com https://*.google.fr https://*.analytics.google.com https://*.googletagmanager.com https://imgsct.cookiebot.com https://consentcdn.cookiebot.com https://consent.cookiebot.com https://player.vimeo.com; font-src 'self' https://*.gstatic.com data:; frame-src 'self' https://player.vimeo.com https://consentcdn.cookiebot.com https://www.google.com\r\n
      < referrer-policy: strict-origin-when-cross-origin\r\n
      < x-frame-options: SAMEORIGIN\r\n
      < x-xss-protection: 1; mode=block\r\n
      < permissions-policy: geolocation=(), microphone=(),camera=(),accelerometer=(),  gyroscope=(), magnetometer=(), payment=(), usb=(),  autoplay=(self)\r\n
      < date: Thu, 12 Mar 2026 11:58:18 GMT\r\n
      < strict-transport-security: max-age=31536000; includeSubDomains; preload\r\n
      < \r\n
      """
  ]
  "response_headers" => [
    "HTTP/1.1 200 OK"
    "cache-control: private"
    "transfer-encoding: chunked"
    "content-type: application/json; charset=utf-8"
    "server: Microsoft-IIS/10.0"
    "set-cookie: ASP.NET_SessionId=ypzr1mbikvepljvr4mhtafkn; path=/; secure; HttpOnly; SameSite=Lax; Secure"
    "x-content-type-options: nosniff"
    "content-security-policy: default-src 'self' https://*.atlassian.com https://*.googleapis.com https://*.gstatic.com https://*.cookiebot.com https://consent.cookiebot.com https://imgsct.cookiebot.com https://www.google.com https://*.googleadservices.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.googleapis.com https://*.gstatic.com https://www.google.com https://*.cookiebot.com https://consent.cookiebot.com https://*.atlassian.com https://*.googletagmanager.com https://www.google-analytics.com https://*.doubleclick.net https://*.googleadservices.com https://player.vimeo.com; style-src 'unsafe-inline' 'self' https://*.googleapis.com https://*.gstatic.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.doubleclick.net https://*.googleadservices.com https://*.google.com https://*.google.fr https://*.analytics.google.com https://*.googletagmanager.com https://imgsct.cookiebot.com https://consentcdn.cookiebot.com https://consent.cookiebot.com https://player.vimeo.com; font-src 'self' https://*.gstatic.com data:; frame-src 'self' https://player.vimeo.com https://consentcdn.cookiebot.com https://www.google.com"
    "referrer-policy: strict-origin-when-cross-origin"
    "x-frame-options: SAMEORIGIN"
    "x-xss-protection: 1; mode=block"
    "permissions-policy: geolocation=(), microphone=(),camera=(),accelerometer=(),  gyroscope=(), magnetometer=(), payment=(), usb=(),  autoplay=(self)"
    "date: Thu, 12 Mar 2026 11:58:18 GMT"
    "strict-transport-security: max-age=31536000; includeSubDomains; preload"
  ]
  "response_json" => [
    "expires_in" => 3600
    "access_token" => "7c9c17ff-b10e-42a8-8b58-26f678dbf610"
    "refresh_token" => "d9fc1254-86a1-4feb-9d6c-51b95ad02ef5"
    "token_type" => "Bearer"
    "scope" => "openid"
    "id_token" => "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJYbWxIZWxwZXJfSWRlbnRpdHkiLCJ1bmlxdWVfbmFtZSI6IjM3ZDVlZmY2LTk5MzItNDYzYi05YTE3LTZkOGIwYTczZjU2ZCIsImh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDUvaWRlbnRpdHkvY2xhaW1zL3NpZCI6IjdjOWMxN2ZmLWIxMGUtNDJhOC04YjU4LTI2ZjY3OGRiZjYxMCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvdXNlcmRhdGEiOiI2MzkwODkxNzA5OTE4MjI2ODQiLCJuYmYiOjE3NzMzMTMwOTksImV4cCI6MTc3MzMyMDI5OSwiaWF0IjoxNzczMzE2Njk5LCJpc3MiOiJMT0NBTCBBVVRIT1JJVFkifQ.yQ7zl9NPe2l-wxp0JcM-XFQ6Ubdjvit3O3sdgRURJT8"
  ]
]