fondationorange.com Open in urlscan Pro
90.84.180.167 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fondationorange.com/fr
Submission: On March 17 via api (March 17th 2024, 3:25:31 pm UTC) from US — Scanned from US

Summary HTTP 47 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 47 HTTP transactions. The main IP is 90.84.180.167, located in Avrille, France and belongs to OCBHONEY OCB public cloud network, FR. The main domain is fondationorange.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 3rd 2024. Valid for: a year.

This is the only time fondationorange.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Orange (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
18	90.84.180.167 90.84.180.167	2280 (OCBHONEY ...) (OCBHONEY OCB public cloud network)
2	2a02:6ea0:c00... 2a02:6ea0:c000::18	60068 (CDN77 _) (CDN77 _)
8	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2006	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2016	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
1	90.84.178.179 90.84.178.179	2280 (OCBHONEY ...) (OCBHONEY OCB public cloud network)
3	2600:9000:251... 2600:9000:2510:fc00:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a01:c9c0:b3:... 2a01:c9c0:b3:3000::137	24600 (WANADOOPO...) (WANADOOPORTAILS-AS Wanadoo PortailsDirection technique)
47	15

18 90.84.180.167 (Avrille, France)

ASN2280 (OCBHONEY OCB public cloud network, FR)
PTR: ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

fondationorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c000::18 (Amsterdam, Netherlands)

ASN60068 (CDN77 _, GB)

cdn-eu.readspeaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2006 (United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2016 (United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 90.84.178.179 (Avrille, France)

ASN2280 (OCBHONEY OCB public cloud network, FR)
PTR: ecs-90-84-178-179.compute.prod-cloud-ocb.orange-business.com

internets-orange-com.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2510:fc00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:c9c0:b3:3000::137 (France)

ASN24600 (WANADOOPORTAILS-AS Wanadoo PortailsDirection technique, FR)

c.woopic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	fondationorange.com fondationorange.com	727 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 78	1013 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 239	41 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
3	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 4371	151 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 static.doubleclick.net — Cisco Umbrella Rank: 282	1 KB
2	readspeaker.com cdn-eu.readspeaker.com — Cisco Umbrella Rank: 69489	63 KB
1	woopic.com c.woopic.com — Cisco Umbrella Rank: 213439	4 KB
1	piwik.pro internets-orange-com.piwik.pro	28 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 261	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 98	22 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	77 KB
47	13

	Domain	Requested by
18	fondationorange.com	fondationorange.com
8	www.youtube.com	fondationorange.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	sdk.privacy-center.org	fondationorange.com sdk.privacy-center.org
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	cdn-eu.readspeaker.com	fondationorange.com cdn-eu.readspeaker.com
1	c.woopic.com	fondationorange.com
1	internets-orange-com.piwik.pro	www.googletagmanager.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.googletagmanager.com	fondationorange.com
47	15

This site contains links to these domains. Also see Links.

Domain
www.fondationorange.com
challengefablabs.fondationorange.com
bibliotheque.fondationorange.com
mooc-culturels.fondationorange.com
www.lecteurs.com
www.facebook.com
twitter.com
www.youtube.com
www.orange.com

Subject Issuer	Validity	Valid
orange.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-03` - `2025-01-22`	a year	crt.sh
1630983047.rsc.cdn77.org R3	`2024-02-01` - `2024-05-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.piwik.pro GlobeSSL DV CA	`2024-01-02` - `2025-01-28`	a year	crt.sh
*.privacy-center.org Amazon RSA 2048 M03	`2024-03-10` - `2025-04-07`	a year	crt.sh
cdn.woopic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-10` - `2024-06-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://fondationorange.com/fr
Frame ID: 4A7D2794B87D91623B897DF6152C2A9D
Requests: 40 HTTP requests in this frame

Frame: https://www.youtube.com/embed/krwTXopoYLQ
Frame ID: C16FFCE40FB6BCCB766A1CD4E2BE1B7A
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

La Fondation Orange | Fondation

Detected technologies

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

47
Requests

98 %
HTTPS

86 %
IPv6

13
Domains

15
Subdomains

15
IPs

3
Countries

2197 kB
Transfer

6712 kB
Size

5
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fondationorange.com/fr/handisport-makers-2024
Title: Votez ici

Search URL Search Domain Scan URL

URL: https://challengefablabs.fondationorange.com/?utm_source=Ban&utm_medium=FOsite&utm_campaign=6challengeFablabs

Search URL Search Domain Scan URL

URL: https://www.fondationorange.com/fr/le-numerique-solidaire
Title: Voir les programmes

Search URL Search Domain Scan URL

URL: https://www.fondationorange.com/fr/la-culture
Title: Voir les programmes

Search URL Search Domain Scan URL

URL: https://www.fondationorange.com/fr/la-sante-et-lautisme
Title: Voir les programmes

Search URL Search Domain Scan URL

URL: https://bibliotheque.fondationorange.com/
Title: En savoir plus

Search URL Search Domain Scan URL

URL: https://mooc-culturels.fondationorange.com/
Title: En savoir plus

Search URL Search Domain Scan URL

URL: https://www.lecteurs.com/
Title: En savoir plus

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fondationorange
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/FondationOrange
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/fondationorange
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.orange.com/fr/notice-sur-la-protection-des-donnees-personnelles
Title: Données personnelles

Search URL Search Domain Scan URL

URL: https://www.orange.com/sirius/accessibilite/fondation/d%C3%A9claration%20fondation-orange-FR.html
Title: Accessibilité

Search URL Search Domain Scan URL

URL: https://www.orange.com/fr
Title: Orange.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

47 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request fr Show response
fondationorange.com/ 43 KB
10 KB 352ms
108ms Document
text/html 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

1997ccd1aac5874163c72eaeb6df2b2f8ca7b8ca17c83a9fcbec4d81ce0223db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 375
cache-control: max-age=900, public
content-encoding: gzip
content-language: fr
content-length: 9483
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
content-type: text/html; charset=UTF-8
date: Fri, 15 Mar 2024 23:09:14 GMT
etag: W/"1710544154"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Fri, 15 Mar 2024 23:09:14 GMT
link: <https://fondationorange.com/fr>; rel="canonical", <https://fondationorange.com/fr>; rel="shortlink"
server: nginx
strict-transport-security: max-age=31536000
vary: Cookie, Accept-Encoding
via: 1.1 varnish (Varnish/6.5)
x-cache: HIT
x-content-type-options: nosniff
x-drupal-cache: HIT
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: sameorigin always
x-ua-compatible: IE=edge
x-varnish: 13952790 14725024
x-xss-protection: 1; mode=block

GET
H2 200 dark-init.js Show response
fondationorange.com/themes/theme_boosted/js/ 1 KB
931 B 113ms
110ms Script
application/javascript 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fondationorange.com/themes/theme_boosted/js/dark-init.js

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

0e71086b6e2e9c2763161e304c1806256ff48fa1f305bcf70cacb762d09974a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:35 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.5)
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 768
x-cache: HIT
content-length: 428
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:40:03 GMT
server: nginx
etag: W/"65def163-45d"
vary: Accept-Encoding
x-frame-options: sameorigin always
x-varnish: 13952791 13728677
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 google_tag.script.js Show response
fondationorange.com/sites/fondation/files/google_tag/bmhes_gtm_public/ 348 B
784 B 354ms
351ms Script
application/javascript 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fondationorange.com/sites/fondation/files/google_tag/bmhes_gtm_public/google_tag.script.js?s9zxtt

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

84a48824fa64d083f08ca64d036f6b6ce7b06c114c276dc42e9a02717f4b5f95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:35 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.5)
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 768
x-cache: HIT
content-length: 281
x-xss-protection: 1; mode=block
last-modified: Sun, 17 Mar 2024 14:02:31 GMT
server: nginx
etag: W/"65f6f7f7-15c"
vary: Accept-Encoding
x-frame-options: sameorigin always
x-varnish: 13952794 14462876
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 css_4r19_jZiq7wferFC0eGT5vxz5Whk3w7YxbZz76fim5I.css
fondationorange.com/sites/fondation/files/css/ 30 KB
7 KB 349ms
347ms Stylesheet
text/css 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fondationorange.com/sites/fondation/files/css/css_4r19_jZiq7wferFC0eGT5vxz5Whk3w7YxbZz76fim5I.css

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

e2bd7dfe3662abbc1f7ab142d1e193e6fc73e56864df0ed8c5b673efa7e29b92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:35 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.5)
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 768
x-cache: HIT
content-length: 6193
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Mar 2024 14:12:56 GMT
server: nginx
etag: W/"65e72868-7867"
vary: Accept-Encoding
x-frame-options: sameorigin always
x-varnish: 13952793 13728675
content-type: text/css
accept-ranges: bytes

GET
H2 200 css_KAU71bo2dehh1MNZ27UZtEOfluhcFATteUWQWBTqEUk.css
fondationorange.com/sites/fondation/files/css/ 621 KB
107 KB 135ms
133ms Stylesheet
text/css 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fondationorange.com/sites/fondation/files/css/css_KAU71bo2dehh1MNZ27UZtEOfluhcFATteUWQWBTqEUk.css

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

28053bd5ba3675e861d4c359dbb519b4439f96e85c1404ed7945905814ea1149

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:35 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.5)
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 768
x-cache: HIT
content-length: 108802
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 11:39:00 GMT
server: nginx
etag: W/"65df1b54-9b360"
vary: Accept-Encoding
x-frame-options: sameorigin always
x-varnish: 13952792 13728679
content-type: text/css
accept-ranges: bytes

GET
H2 200 js_DF-vH1g_P4MgziOcEicI7CpbRCi-ry5QTd0i7eOrfZw.js Show response
fondationorange.com/sites/fondation/files/js/ 116 KB
39 KB 349ms
348ms Script
application/javascript 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fondationorange.com/sites/fondation/files/js/js_DF-vH1g_P4MgziOcEicI7CpbRCi-ry5QTd0i7eOrfZw.js

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

0c5faf1f583f3f8320ce239c122708ec2a5b4428beaf2e504ddd22ede3ab7d9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:35 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.5)
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 768
x-cache: HIT
content-length: 39874
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 15:34:25 GMT
server: nginx
etag: W/"65eb3001-1cf41"
vary: Accept-Encoding
x-frame-options: sameorigin always
x-varnish: 14270754 14881709
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 webReader.js Show response
cdn-eu.readspeaker.com/script/5725/webReader/ 76 KB
25 KB 438ms
190ms Script
application/javascript 2a02:6ea0:c000::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-eu.readspeaker.com/script/5725/webReader/webReader.js?pids=wr
Requested by: Host: fondationorange.com
URL: https://fondationorange.com/fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c000::18 Amsterdam, Netherlands, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 740bfa710ad39d8e96ca38074bec2f8a011857cc39b991a8814e05f7cca21bff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-77-pop: amsterdamNL
date: Sun, 17 Mar 2024 15:25:23 GMT
content-encoding: gzip
x-age-lb: 464
x-77-cache: HIT
x-cache: HIT
x-age: 453986
x-accel-date: 1710235137
x-77-nzt: EwwBw7WsGQH3Yu0GAAwBuUwKEwH30AEAAAwBJRPCLgGxLgAAAA
x-accel-expires: @1710883091
x-77-age: 454496
x-cache-lb: HIT
last-modified: Thu, 25 Jan 2024 10:44:39 GMT
server: CDN77-Turbo
etag: W/"1313a-60fc2ddd25282"
x-77-nzt-ray: f5ba462377128f65630bf765314fa728
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: sentry-trace

GET
H2 200 Master_Logo_RGB.png
fondationorange.com/themes/theme_boosted/ 2 KB
2 KB 350ms
350ms Image
image/png 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fondationorange.com/themes/theme_boosted/Master_Logo_RGB.png

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

6ccceec628d86d155654a45da11c7f635450f15077dbbbb0ba06e07b5ad9584f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:35 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
strict-transport-security: max-age=31536000
age: 768
x-cache: HIT
content-length: 1585
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:40:03 GMT
server: nginx
etag: "65def163-631"
x-frame-options: sameorigin always
x-varnish: 14270755 14881711
content-type: image/png
accept-ranges: bytes

GET
H2 200 js_8BFew_UYlLzEhPSjcSRkwUgdyBm_eWbXcQOJDraur6o.js Show response
fondationorange.com/sites/fondation/files/js/ 763 KB
191 KB 592ms
592ms Script
application/javascript 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fondationorange.com/sites/fondation/files/js/js_8BFew_UYlLzEhPSjcSRkwUgdyBm_eWbXcQOJDraur6o.js

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

f0115ec3f51894bcc484f4a3712464c1481dc819bf7966d77103890eb6aeafaa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:35 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.5)
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 768
x-cache: HIT
content-length: 195439
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 11:39:00 GMT
server: nginx
etag: W/"65df1b54-bec62"
vary: Accept-Encoding
x-frame-options: sameorigin always
x-varnish: 14753362 14462878
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 ReadSpeaker.Styles-Button.css
cdn-eu.readspeaker.com/script/5725/webReader/r/r2526/ 71 KB
38 KB 123ms
123ms Stylesheet
text/css 2a02:6ea0:c000::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-eu.readspeaker.com/script/5725/webReader/r/r2526/ReadSpeaker.Styles-Button.css?v=3.8.2.2526
Requested by: Host: cdn-eu.readspeaker.com
URL: https://cdn-eu.readspeaker.com/script/5725/webReader/webReader.js?pids=wr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c000::18 Amsterdam, Netherlands, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ab46c1cd923cd8438cf84b391ec0f4f0968248b0926ed472798aa57bd128f788

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-77-pop: amsterdamNL
date: Sun, 17 Mar 2024 15:25:23 GMT
content-encoding: gzip
x-age-lb: 9856
x-77-cache: HIT
x-cache: HIT
x-age: 81383
x-accel-date: 1710607740
x-77-nzt: EwwBw7WsGQH35z0BAAwBuUwKEwH3gCYAAAgBJRPCLgGB
x-accel-expires: @1710693953
x-77-age: 91239
x-cache-lb: HIT
last-modified: Thu, 25 Jan 2024 10:34:57 GMT
server: CDN77-Turbo
etag: W/"11b52-60fc2bb18dc02"
x-77-nzt-ray: f5ba462377128f65630bf7654de4bf35
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: sentry-trace
expires: Fri, 26 Jan 2024 16:21:04 GMT

GET
H2 200 krwTXopoYLQ Show response
www.youtube.com/embed/ Frame C16F 91 KB
39 KB 165ms
102ms Document
text/html 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/krwTXopoYLQ

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec7fbe426bbd6655e366fc39580c11ba339475a1171af8515f204051a143d113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fondationorange.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 15:25:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 106 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5215fa49c286ba33350b96fdf50b93bd6b5ba2471e1242983cd3c4bf01c6338b

Request headers

Referer
Origin: https://fondationorange.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 882da9bebf0a516341961a6f2f15831caf59af85ade79c64cfa178a747d5b3e9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 141 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57b891271aa5e7021ab5c0fac212cc4ae616d6af7dc8b0949ed410650f295922

Request headers

Referer
Origin: https://fondationorange.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 345 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ec2c2d17b0a54782a7484430ee9af759e4a025e7f6eb454113d9a585cc5b4a0

Request headers

Referer
Origin: https://fondationorange.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c082a01e7f136a3768caf33cdb736e790c11f22c3def6bba032dc773f8b78c5d

Request headers

Referer
Origin: https://fondationorange.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 HelvNeue55_W1G.woff2
fondationorange.com/themes/theme_boosted/boosted/fonts/ 37 KB
38 KB 112ms
111ms Font
font/woff2 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fondationorange.com/themes/theme_boosted/boosted/fonts/HelvNeue55_W1G.woff2

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/sites/fondation/files/css/css_KAU71bo2dehh1MNZ27UZtEOfluhcFATteUWQWBTqEUk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

39848ebe4a0bdd73f0f2418229fb2a3005d6c6e2ce8efaa4c6dd4d9e7f7afb6f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fondationorange.com/sites/fondation/files/css/css_KAU71bo2dehh1MNZ27UZtEOfluhcFATteUWQWBTqEUk.css
Origin: https://fondationorange.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:35 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
strict-transport-security: max-age=31536000
age: 767
x-cache: HIT
content-length: 38000
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:40:03 GMT
server: nginx
etag: "65def163-9470"
x-frame-options: sameorigin always
x-varnish: 14270756 14462883
content-type: font/woff2
accept-ranges: bytes

GET
H2 200 HelvNeue75_W1G.woff2
fondationorange.com/themes/theme_boosted/boosted/fonts/ 37 KB
38 KB 223ms
223ms Font
font/woff2 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fondationorange.com/themes/theme_boosted/boosted/fonts/HelvNeue75_W1G.woff2

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/sites/fondation/files/css/css_KAU71bo2dehh1MNZ27UZtEOfluhcFATteUWQWBTqEUk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

db8adbb2540762202edc492ec31b16e6849fc6d8b9f1656fd4b09d813e43f038

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fondationorange.com/sites/fondation/files/css/css_KAU71bo2dehh1MNZ27UZtEOfluhcFATteUWQWBTqEUk.css
Origin: https://fondationorange.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:35 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
strict-transport-security: max-age=31536000
age: 768
x-cache: HIT
content-length: 37996
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:40:03 GMT
server: nginx
etag: "65def163-946c"
x-frame-options: sameorigin always
x-varnish: 14270757 14881713
content-type: font/woff2
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 68 B
68 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf4822b84adb775132967992785be9cd96c1bb7a2dd51cf024e0f9e5fe45ffc1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
68 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5c426bf1718168791091d0ce0dc1c661b0919da4a02ce21cb01eeee004e7eeb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
68 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fbe15af06776617bbefa6d2016b50037c9b372f63ac60202a039b5f3651dbc7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
69 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba66e6ca74696141b4e33e2db481483d0b5db8cceb9d25ce0382a82026219ee9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
69 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b349feb818892434372a5a59071a0ed7867f7a79b56b79f12a17c0bda5840b04

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
69 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db177b76f5944c9c7fb23d1454d00e3cc9dd0e31b3d6ba36e97d7644696bb74f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
68 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27ed1cadc137bcef0c51f961644fe9a177cb043d88e89bb79f58587103f1c64e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
68 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee342ee66585d5e1c320c5277f3ea9e4e35bf685d87ef95d329ef19f123b7f06

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 www-player.css
www.youtube.com/s/player/d552837c/ Frame C16F 370 KB
47 KB 49ms
29ms Stylesheet
text/css 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d552837c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/krwTXopoYLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fad6d837dc76f3470099a612936eeb8f521e20e8dd3cda74cd303759721ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/krwTXopoYLQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 04:16:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47892
x-xss-protection: 0
last-modified: Wed, 13 Mar 2024 04:18:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 17 Mar 2025 04:16:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C16F 15 KB
15 KB 99ms
33ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/krwTXopoYLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:50:10 GMT
x-content-type-options: nosniff
age: 326114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 20:50:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C16F 15 KB
16 KB 91ms
25ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/krwTXopoYLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 09:09:27 GMT
x-content-type-options: nosniff
age: 368157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 09:09:27 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/ Frame C16F 57 KB
18 KB 41ms
37ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/krwTXopoYLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a199e35c9b0b5f81da2e717fa9b9b5d336220d2b080db4be10c321069efb1dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/krwTXopoYLQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:55:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18087
x-xss-protection: 0
last-modified: Wed, 13 Mar 2024 04:18:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Mar 2025 20:55:35 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/d552837c/www-embed-player.vflset/ Frame C16F 320 KB
95 KB 46ms
43ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d552837c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/krwTXopoYLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f21c22963092f299414dd54347d8ddf003179242f53b9ad3215a3980e2b1bbe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/krwTXopoYLQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 11:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97638
x-xss-protection: 0
last-modified: Wed, 13 Mar 2024 04:18:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 16 Mar 2025 11:59:23 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/ Frame C16F 2 MB
781 KB 59ms
57ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/krwTXopoYLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec30570c25bd99ddd65ffc9842e9399f7ece99bd68f35ffed1247d3f5a8dba2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/krwTXopoYLQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 12:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798740
x-xss-protection: 0
last-modified: Wed, 13 Mar 2024 04:18:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 17 Mar 2025 12:14:13 GMT

GET
H2 200 HandiMakers_compress.jpg.webp
fondationorange.com/sites/fondation/files/styles/crop_16_9_large/public/2023-12/ 36 KB
36 KB 122ms
119ms Image
image/webp 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fondationorange.com/sites/fondation/files/styles/crop_16_9_large/public/2023-12/HandiMakers_compress.jpg.webp?itok=vFnAcIh5

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

fe0d04b5b272e9e0d55a61e03e6b2645987b5ff80335433970db5f2d6ece093b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:40 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
strict-transport-security: max-age=31536000
age: 763
x-cache: HIT
content-length: 36676
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Feb 2024 08:35:47 GMT
server: nginx
etag: "65c340e3-8f44"
x-frame-options: sameorigin always
x-varnish: 14463350 14462899
content-type: image/webp
accept-ranges: bytes

GET
H2 200 Ecolesnumeriques2-aap2024.jpg
fondationorange.com/sites/fondation/files/2024-02/ 54 KB
54 KB 124ms
122ms Image
image/jpeg 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fondationorange.com/sites/fondation/files/2024-02/Ecolesnumeriques2-aap2024.jpg

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

a2a38807789a331543c33d1917f5fb7b831b41007ef38ae1d783e5324b00f979

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:41 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
strict-transport-security: max-age=31536000
age: 763
x-cache: HIT
content-length: 55068
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Feb 2024 09:10:00 GMT
server: nginx
etag: "65c348e8-d71c"
x-frame-options: sameorigin always
x-varnish: 14463351 14753089
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 Femme%20robe%20orange%20CI%20Maisons%20Digitales.jpg
fondationorange.com/sites/fondation/files/2024-02/ 14 KB
15 KB 122ms
121ms Image
image/jpeg 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fondationorange.com/sites/fondation/files/2024-02/Femme%20robe%20orange%20CI%20Maisons%20Digitales.jpg

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

e2f74fb6f3ab4d0634dade6c17825305e348f432cd9f6ceaed3c4e3ec38349a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:43 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
strict-transport-security: max-age=31536000
age: 760
x-cache: HIT
content-length: 14701
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Feb 2024 10:26:23 GMT
server: nginx
etag: "65c5fdcf-396d"
x-frame-options: sameorigin always
x-varnish: 14270758 14753096
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 visuel-autisme-2-avril-2020.jpg
fondationorange.com/sites/fondation/files/2022-11/ 46 KB
46 KB 142ms
140ms Image
image/jpeg 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fondationorange.com/sites/fondation/files/2022-11/visuel-autisme-2-avril-2020.jpg

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

7ff52de1c94e8741afa89f73342981e090f2a784b5076c7fa4899a60c5c164b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:44 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
strict-transport-security: max-age=31536000
age: 760
x-cache: HIT
content-length: 46657
x-xss-protection: 1; mode=block
last-modified: Sun, 13 Nov 2022 13:02:24 GMT
server: nginx
etag: "6370eae0-b641"
x-frame-options: sameorigin always
x-varnish: 14270759 14462902
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 237 KB
77 KB 147ms
80ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLJZRBV

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/sites/fondation/files/google_tag/bmhes_gtm_public/google_tag.script.js?s9zxtt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0a1983de0eb7f301e963099529b38ffe18b1bc4ef41d2b88e6d6ff69dc12d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:25:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78482
x-xss-protection: 0
last-modified: Sun, 17 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 Mar 2024 15:25:24 GMT

GET
H2 200 Master_Logo_RGB.png
fondationorange.com/themes/theme_boosted/ 2 KB
2 KB 479ms
479ms Image
image/png 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fondationorange.com/themes/theme_boosted/Master_Logo_RGB.png

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

6ccceec628d86d155654a45da11c7f635450f15077dbbbb0ba06e07b5ad9584f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:35 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
strict-transport-security: max-age=31536000
age: 769
x-cache: HIT
content-length: 1585
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:40:03 GMT
server: nginx
etag: "65def163-631"
x-frame-options: sameorigin always
x-varnish: 14753363 14881711
content-type: image/png
accept-ranges: bytes

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C16F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
241 B

42ms
41ms

XHR
application/json

2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/krwTXopoYLQ

Protocol

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

956711b1a6abe4433b427e896951d867d144f5c3715299f788f5fcd294e2594c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 17 Mar 2024 15:25:24 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C16F 29 B
495 B 87ms
25ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d552837c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:23:39 GMT
x-content-type-options: nosniff
age: 105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Mar 2024 15:38:39 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 95ms
32ms Preflight
text/html 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 17 Mar 2024 15:25:24 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C16F 88 KB
41 KB 44ms
43ms XHR
application/json+protobuf 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0bbd1ef6a00fd6cde78f3f6abb69fe34b639b423408cafb6d52bbb96d026110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 17 Mar 2024 15:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41848
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/ Frame C16F 117 KB
33 KB 28ms
25ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9919caa425814c2d0dcc15e8287ddd1350f818e0b245652c18590ef79f7a0071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/krwTXopoYLQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 07:30:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 374071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33776
x-xss-protection: 0
last-modified: Wed, 13 Mar 2024 04:18:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Mar 2025 07:30:53 GMT

GET
H2 200 5OkHZN3F3io59sl2rCNWEM4LdayjIm6qhcWs5MZXw2M.js Show response
www.google.com/js/th/ Frame C16F 51 KB
20 KB 90ms
27ms Script
text/javascript 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/5OkHZN3F3io59sl2rCNWEM4LdayjIm6qhcWs5MZXw2M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4e90764ddc5de2a39f6c976ac235610ce0b75aca3226eaa85c5ace4c657c363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20143
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 21:07:48 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/krwTXopoYLQ/ Frame C16F 21 KB
22 KB 105ms
44ms Image
image/webp 2607:f8b0:4006:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/krwTXopoYLQ/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/krwTXopoYLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebe2006bd94404bc2aa152dc07e9f5573afebafbf46f78da0e6ee7f54bd32f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:25:24 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21868
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 17 Mar 2024 17:25:24 GMT

GET
DATA 200
OK truncated
/ Frame C16F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7cBNlXYOMUTx3Ixn1bRnurIPk23Mq-oTFGZPlnF5ebxOcAHOQwa6qb24SECs_BDecxjoTUJn_zU=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C16F 2 KB
3 KB 89ms
24ms Image
image/jpeg 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/7cBNlXYOMUTx3Ixn1bRnurIPk23Mq-oTFGZPlnF5ebxOcAHOQwa6qb24SECs_BDecxjoTUJn_zU=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/krwTXopoYLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4531e033739f9397f8c5bfbce9bfe5ebe7c4d841ce799a027d2832f2bcaad65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:47:57 GMT
x-content-type-options: nosniff
age: 5847
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2288
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 18 Mar 2024 13:47:57 GMT

GET
H2 200 Culture.jpg
fondationorange.com/sites/fondation/files/2022-08/ 40 KB
41 KB 116ms
115ms Image
image/jpeg 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fondationorange.com/sites/fondation/files/2022-08/Culture.jpg

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

2cf56429ebe2a3fbe47f568983f2850d1ae458a84a11ecbe059a0fe5bed475a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:25:24 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
strict-transport-security: max-age=31536000
age: 0
x-cache: MISS
content-length: 41330
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Aug 2022 14:51:27 GMT
server: nginx
etag: "62fd006f-a172"
x-frame-options: sameorigin always
x-varnish: 14270760
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 autisme3.jpg.webp
fondationorange.com/sites/fondation/files/styles/crop_21_5_small/public/2022-09/ 9 KB
10 KB 291ms
291ms Image
image/webp 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fondationorange.com/sites/fondation/files/styles/crop_21_5_small/public/2022-09/autisme3.jpg.webp?itok=oFMt5GWo

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

b8c460b6c5e99641020f24ffbcc1ff69a56738a2e03771e8bcc83785d12706d4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:25:24 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
strict-transport-security: max-age=31536000
age: 0
x-cache: MISS
content-length: 9686
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Feb 2024 15:37:09 GMT
server: nginx
etag: "65ccde25-25d6"
x-frame-options: sameorigin always
x-varnish: 14009972
content-type: image/webp
accept-ranges: bytes

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 31ms
31ms Preflight
text/html 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 17 Mar 2024 15:25:24 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C16F 90 B
134 B 37ms
36ms XHR
application/json+protobuf 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a16e918adb82d28b75b2159f3530cbdc26f4af8514ec6a041bce0a88c4725c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 17 Mar 2024 15:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 ppms.js Show response
internets-orange-com.piwik.pro/ 81 KB
28 KB 348ms
102ms Script
application/javascript 90.84.178.179
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to

Full URL

https://internets-orange-com.piwik.pro/ppms.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLJZRBV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

90.84.178.179 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-178-179.compute.prod-cloud-ocb.orange-business.com

Software

Resource Hash

90c1259c518e899ef16d991aad8e9a079e275295bdc623a764e0e5872c719404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Thu, 22 Feb 2024 12:09:16 GMT
referrer-policy: origin
etag: W/"65d7396c-1449d"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=21600
expires: Sun, 17 Mar 2024 21:25:25 GMT

GET
H2 200 loader.js Show response
sdk.privacy-center.org/46f7dddf-c089-41ee-a5e2-5ea92cabd8dd/ 37 KB
8 KB 590ms
449ms Script
application/javascript 2600:9000:2510:fc00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/46f7dddf-c089-41ee-a5e2-5ea92cabd8dd/loader.js?target=fondationorange.com
Requested by: Host: fondationorange.com
URL: https://fondationorange.com/fr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:fc00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 22a8f54883992c57bf81705f8b16c2c55618db2c0d365d63a56e2bb8b7f055ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:25:25 GMT
x-didomi-configs-version: 95
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:true
content-encoding: br
via: 1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-amzn-requestid: 64f3f87d-6620-4827-8654-4c0e668151e8
etag: W/"fc9fd16988f887c66a7772b7dd4ad0da"
vary: Accept-Encoding
x-amzn-trace-id: root=1-65f70b65-6752f6436d524ddf32d47404;parent=4b35b75f56012936;sampled=0;lineage=eaae1266:0
content-type: application/javascript; charset=utf-8
x-cache: Miss from cloudfront
cache-control: max-age=7200, public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qQVatvh-rUo--O3OebvX4sysWPocPtdeda4NKrnPr_ZPO2CoSAaiQA==

GET
H2 200 mega-couv.jpg
fondationorange.com/sites/fondation/files/2022-08/ 89 KB
90 KB 453ms
452ms Image
image/jpeg 90.84.180.167
OCBHONEY OCB publ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fondationorange.com/sites/fondation/files/2022-08/mega-couv.jpg

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.180.167 Avrille, France, ASN2280 (OCBHONEY OCB public cloud network, FR),

Reverse DNS

ecs-90-84-180-167.compute.prod-cloud-ocb.orange-business.com

Software

nginx /

Resource Hash

52a1f479eb83026241117330c25eda22fe2a0ed1e846cae3674f06af2313068f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:12:44 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.multimediabs.com *.orange.com *.orange-business.com *.backoffice.mastermedia.orange-business.com
strict-transport-security: max-age=31536000
age: 760
x-cache: HIT
content-length: 91267
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Aug 2022 12:09:17 GMT
server: nginx
etag: "62f24e6d-16483"
x-frame-options: sameorigin always
x-varnish: 14270762 14462904
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C16F 4 KB
2 KB 114ms
53ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 15:25:24 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame C16F 0
10 B 24ms
24ms Image
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?MH7MMA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/krwTXopoYLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/krwTXopoYLQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 15:25:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/122/ Frame C16F 50 KB
15 KB 29ms
28ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/122/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 18:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14711
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 16:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 17 Mar 2024 18:12:01 GMT

GET
H2 200 sdk.63d827159775fd219ae26e3aa4c6198b71dcc50d.js Show response
sdk.privacy-center.org/sdk/63d827159775fd219ae26e3aa4c6198b71dcc50d/modern/ 339 KB
87 KB 32ms
31ms Script
application/javascript 2600:9000:2510:fc00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/63d827159775fd219ae26e3aa4c6198b71dcc50d/modern/sdk.63d827159775fd219ae26e3aa4c6198b71dcc50d.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/46f7dddf-c089-41ee-a5e2-5ea92cabd8dd/loader.js?target=fondationorange.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:fc00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22f32f3d1a8da0e01cb4a366ea2fab89f0c6558923c2920b645528b7ddc2550f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 15:42:02 GMT
content-encoding: br
via: 1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 15:41:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 171804
etag: W/"ebc66c73dd757e69c2435d5cd850a416-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZIsD9m59KfgsYfcLitHnQmqHbucguueFCajTBoddFL6BtC3wnQ7CHg==

GET
H3 200 ui-gdpr-en-web.63d827159775fd219ae26e3aa4c6198b71dcc50d.js Show response
sdk.privacy-center.org/sdk/63d827159775fd219ae26e3aa4c6198b71dcc50d/modern/ 264 KB
55 KB 27ms
26ms Script
application/javascript 2600:9000:2510:fc00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/63d827159775fd219ae26e3aa4c6198b71dcc50d/modern/ui-gdpr-en-web.63d827159775fd219ae26e3aa4c6198b71dcc50d.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/63d827159775fd219ae26e3aa4c6198b71dcc50d/modern/sdk.63d827159775fd219ae26e3aa4c6198b71dcc50d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2510:fc00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e47ac3372c43a87da3d2343a1974372e2a4849e9147d32f7d25cae7f19401422

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 15:42:05 GMT
content-encoding: br
via: 1.1 b5fe18267507cb61755963d8928a60f4.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 15:41:32 GMT
server: AmazonS3
age: 171801
x-amz-cf-pop: JFK50-P5
etag: W/"f89056c289e3663c85b56e4693090653-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FxaWRR61XOLgLADNNrC7CNK7s-29-I0zvAm5Pxz6SPJL_leQuG4cvg==

GET
DATA 200
OK truncated
/ 422 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebdcbc20af22a9b26b4f13da7242be52472a6c0a6a2398a4cb73e25bd97dcc05

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK logo-orange.png
c.woopic.com/ 3 KB
4 KB 883ms
114ms Image
image/png 2a01:c9c0:b3:3000::137
WANADOOPORTAILS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.woopic.com/logo-orange.png

Requested by

Host: fondationorange.com
URL: https://fondationorange.com/fr

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:c9c0:b3:3000::137 , France, ASN24600 (WANADOOPORTAILS-AS Wanadoo PortailsDirection technique, FR),

Reverse DNS

Software

nginx /

Resource Hash

b36e8ca10880ffc8a3903cd991589fbbe8aa75cbff6315f475be1ed0e9bda472

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fondationorange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 15:25:26 GMT
X-Mid: pr2b
Age: 1869
X-Cache: HIT
Connection: keep-alive
Content-Length: 3354
X-Trans-Id: txb3761e1eb1514066beec8-0065f70418
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 13 Nov 2023 11:53:47 GMT
Server: nginx
Etag: ba58c4c13a8cce3745d4891ece04159e
Vary: Origin
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Object-Meta-Mtime: 1699869432.988829
X-Timestamp: 1699876426.05698
Cache-Control: max-age=3600
x-server: bgl
Accept-Ranges: bytes

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C16F 28 B
50 B 43ms
42ms XHR
application/json 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d552837c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-Goog-Request-Time: 1710689126600
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/krwTXopoYLQ
X-YouTube-Client-Version: 1.20240312.01.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtqWmVabWVoVWpGTSjjltyvBjIKCgJVUxIEGgAgDA%3D%3D
X-YouTube-Ad-Signals: dt=1710689124252&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C432%2C222&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 17 Mar 2024 15:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Orange (Telecommunication)

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: eoOuXyhCNRg
.youtube.com/	1970-01-20 23:30:41	Name: VISITOR_INFO1_LIVE Value: jZeZmehUjFM
.youtube.com/	1970-01-20 23:30:41	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgDA%3D%3D
.fondationorange.com/	1970-01-20 23:35:00	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMThlNGQwNDgtNGE3My02ODNiLWFmZjUtZTA4OTU0MGU4Mjc3IiwiY3JlYXRlZCI6IjIwMjQtMDMtMTdUMTU6MjU6MjUuNTQzWiIsInVwZGF0ZWQiOiIyMDI0LTAzLTE3VDE1OjI1OjI1LjU0M1oiLCJ2ZXJzaW9uIjpudWxsfQ==
fondationorange.com/	1970-01-21 04:37:24	Name: _pk_id.4ebeaab6-91bc-4e44-8c7a-aa45ba493c20.3413 Value: 61cca516a241b53a.1710689125.0.1710689127..

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr(Line 879) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr(Line 879) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr(Line 879) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fondationorange.com/fr Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .multimediabs.com .orange.com .orange-business.com .backoffice.mastermedia.orange-business.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin always
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.woopic.com
cdn-eu.readspeaker.com
fondationorange.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
internets-orange-com.piwik.pro
jnn-pa.googleapis.com
sdk.privacy-center.org
static.doubleclick.net
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2600:9000:2510:fc00:5:b7cc:d3c0:93a1
2607:f8b0:4006:807::200e
2607:f8b0:4006:809::2016
2607:f8b0:4006:80d::2004
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80f::2006
2607:f8b0:4006:81f::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2008
2607:f8b0:4006:823::2001
2a01:c9c0:b3:3000::137
2a02:6ea0:c000::18
90.84.178.179
90.84.180.167
0c5faf1f583f3f8320ce239c122708ec2a5b4428beaf2e504ddd22ede3ab7d9c
0e71086b6e2e9c2763161e304c1806256ff48fa1f305bcf70cacb762d09974a3
16fad6d837dc76f3470099a612936eeb8f521e20e8dd3cda74cd303759721ad0
1997ccd1aac5874163c72eaeb6df2b2f8ca7b8ca17c83a9fcbec4d81ce0223db
22a8f54883992c57bf81705f8b16c2c55618db2c0d365d63a56e2bb8b7f055ce
22f32f3d1a8da0e01cb4a366ea2fab89f0c6558923c2920b645528b7ddc2550f
27ed1cadc137bcef0c51f961644fe9a177cb043d88e89bb79f58587103f1c64e
28053bd5ba3675e861d4c359dbb519b4439f96e85c1404ed7945905814ea1149
2cf56429ebe2a3fbe47f568983f2850d1ae458a84a11ecbe059a0fe5bed475a7
2ec2c2d17b0a54782a7484430ee9af759e4a025e7f6eb454113d9a585cc5b4a0
39848ebe4a0bdd73f0f2418229fb2a3005d6c6e2ce8efaa4c6dd4d9e7f7afb6f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4531e033739f9397f8c5bfbce9bfe5ebe7c4d841ce799a027d2832f2bcaad65c
5215fa49c286ba33350b96fdf50b93bd6b5ba2471e1242983cd3c4bf01c6338b
52a1f479eb83026241117330c25eda22fe2a0ed1e846cae3674f06af2313068f
57b891271aa5e7021ab5c0fac212cc4ae616d6af7dc8b0949ed410650f295922
5a199e35c9b0b5f81da2e717fa9b9b5d336220d2b080db4be10c321069efb1dc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ccceec628d86d155654a45da11c7f635450f15077dbbbb0ba06e07b5ad9584f
740bfa710ad39d8e96ca38074bec2f8a011857cc39b991a8814e05f7cca21bff
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
7fbe15af06776617bbefa6d2016b50037c9b372f63ac60202a039b5f3651dbc7
7ff52de1c94e8741afa89f73342981e090f2a784b5076c7fa4899a60c5c164b9
84a48824fa64d083f08ca64d036f6b6ce7b06c114c276dc42e9a02717f4b5f95
882da9bebf0a516341961a6f2f15831caf59af85ade79c64cfa178a747d5b3e9
90c1259c518e899ef16d991aad8e9a079e275295bdc623a764e0e5872c719404
956711b1a6abe4433b427e896951d867d144f5c3715299f788f5fcd294e2594c
9919caa425814c2d0dcc15e8287ddd1350f818e0b245652c18590ef79f7a0071
a16e918adb82d28b75b2159f3530cbdc26f4af8514ec6a041bce0a88c4725c6d
a2a38807789a331543c33d1917f5fb7b831b41007ef38ae1d783e5324b00f979
ab46c1cd923cd8438cf84b391ec0f4f0968248b0926ed472798aa57bd128f788
b0a1983de0eb7f301e963099529b38ffe18b1bc4ef41d2b88e6d6ff69dc12d54
b349feb818892434372a5a59071a0ed7867f7a79b56b79f12a17c0bda5840b04
b36e8ca10880ffc8a3903cd991589fbbe8aa75cbff6315f475be1ed0e9bda472
b5c426bf1718168791091d0ce0dc1c661b0919da4a02ce21cb01eeee004e7eeb
b8c460b6c5e99641020f24ffbcc1ff69a56738a2e03771e8bcc83785d12706d4
ba66e6ca74696141b4e33e2db481483d0b5db8cceb9d25ce0382a82026219ee9
bf4822b84adb775132967992785be9cd96c1bb7a2dd51cf024e0f9e5fe45ffc1
c082a01e7f136a3768caf33cdb736e790c11f22c3def6bba032dc773f8b78c5d
c0bbd1ef6a00fd6cde78f3f6abb69fe34b639b423408cafb6d52bbb96d026110
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db177b76f5944c9c7fb23d1454d00e3cc9dd0e31b3d6ba36e97d7644696bb74f
db8adbb2540762202edc492ec31b16e6849fc6d8b9f1656fd4b09d813e43f038
e2bd7dfe3662abbc1f7ab142d1e193e6fc73e56864df0ed8c5b673efa7e29b92
e2f74fb6f3ab4d0634dade6c17825305e348f432cd9f6ceaed3c4e3ec38349a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47ac3372c43a87da3d2343a1974372e2a4849e9147d32f7d25cae7f19401422
e4e90764ddc5de2a39f6c976ac235610ce0b75aca3226eaa85c5ace4c657c363
ebdcbc20af22a9b26b4f13da7242be52472a6c0a6a2398a4cb73e25bd97dcc05
ebe2006bd94404bc2aa152dc07e9f5573afebafbf46f78da0e6ee7f54bd32f3d
ec30570c25bd99ddd65ffc9842e9399f7ece99bd68f35ffed1247d3f5a8dba2f
ec7fbe426bbd6655e366fc39580c11ba339475a1171af8515f204051a143d113
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee342ee66585d5e1c320c5277f3ea9e4e35bf685d87ef95d329ef19f123b7f06
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0115ec3f51894bcc484f4a3712464c1481dc819bf7966d77103890eb6aeafaa
f21c22963092f299414dd54347d8ddf003179242f53b9ad3215a3980e2b1bbe1
fe0d04b5b272e9e0d55a61e03e6b2645987b5ff80335433970db5f2d6ece093b

fondationorange.com Open in urlscan Pro 90.84.180.167 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

86 %IPv6

13 Domains

15 Subdomains

15 IPs

3 Countries

2197 kBTransfer

6712 kBSize

5 Cookies

14 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fondationorange.com Open in urlscan Pro
90.84.180.167 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

86 %
IPv6

13
Domains

15
Subdomains

15
IPs

3
Countries

2197 kB
Transfer

6712 kB
Size

5
Cookies

47 HTTP transactions
15 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!