urlscan.io logo urlscan.io
SecurityTrails logo

formation-continue.ooreka.fr Open in urlscan Pro
2606:4700:4400::6812:2745  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://formation-continue.ooreka.fr/
Effective URL: https://formation-continue.ooreka.fr/
Submission: On November 11 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2606:4700:4400::6812:2745, located in United States and belongs to CLOUDFLARENET, US. The main domain is formation-continue.ooreka.fr.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 27th 2023. Valid for: a year.
This is the only time formation-continue.ooreka.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
9 2606:4700:440... 13335 (CLOUDFLAR...)
1 151.101.2.132 54113 (FASTLY)
3 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.66.147.91 16509 (AMAZON-02)
1 104.17.196.85 13335 (CLOUDFLAR...)
18 7
1    2606:4700:4400::ac40:94bb (United States)

ASN13335 (CLOUDFLARENET, US)
formation-continue.ooreka.fr
9    2606:4700:4400::6812:2745 (United States)

ASN13335 (CLOUDFLARENET, US)
formation-continue.ooreka.fr
static.ooreka.fr
1    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
cdn.hubvisor.io
3    2600:9000:2251:d000:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    18.66.147.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-91.fra60.r.cloudfront.net
tag.aticdn.net
1    104.17.196.85 (None, )

ASN13335 (CLOUDFLARENET, US)
at.pagesjaunes.fr
Apex Domain
Subdomains		 Transfer
10 ooreka.fr
formation-continue.ooreka.fr
static.ooreka.fr
304 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6418
159 KB
2 aticdn.net
tag.aticdn.net — Cisco Umbrella Rank: 15759
47 KB
1 pagesjaunes.fr
at.pagesjaunes.fr — Cisco Umbrella Rank: 409690
597 B
1 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
694 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
90 KB
1 hubvisor.io
cdn.hubvisor.io — Cisco Umbrella Rank: 48980
176 KB
18 7
Domain Requested by
7 formation-continue.ooreka.fr 1 redirects formation-continue.ooreka.fr
3 static.ooreka.fr formation-continue.ooreka.fr
3 sdk.privacy-center.org formation-continue.ooreka.fr
sdk.privacy-center.org
2 tag.aticdn.net www.googletagmanager.com
1 at.pagesjaunes.fr tag.aticdn.net
1 securepubads.g.doubleclick.net cdn.hubvisor.io
1 www.googletagmanager.com formation-continue.ooreka.fr
1 cdn.hubvisor.io formation-continue.ooreka.fr
18 8

This site contains links to these domains. Also see Links.

Domain
www.ooreka.fr
www.facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-27 -
2024-04-26		 a year crt.sh
cdn.hubvisor.io
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tag.aticdn.net
Thawte RSA CA 2018		 2023-01-02 -
2024-02-02		 a year crt.sh
*.pagesjaunes.fr
GlobalSign RSA OV SSL CA 2018		 2023-08-22 -
2024-09-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://formation-continue.ooreka.fr/
Frame ID: 18B5820413B7FDE3AABBE2EE4249E392
Requests: 16 HTTP requests in this frame

Frame: https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ.svg
Frame ID: 78D753EE4382BAE7668FCAA223D51A57
Requests: 1 HTTP requests in this frame

Frame: https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ_blanc.svg
Frame ID: 39CD99664E8936A09219F6232B76AA5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Formation continue - OorekaOoreka

Page URL History Show full URLs

  1. http://formation-continue.ooreka.fr/ HTTP 301
    https://formation-continue.ooreka.fr/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

18
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

778 kB
Transfer

2762 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://formation-continue.ooreka.fr/ HTTP 301
    https://formation-continue.ooreka.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
formation-continue.ooreka.fr/
Redirect Chain
  • http://formation-continue.ooreka.fr/
  • https://formation-continue.ooreka.fr/
60 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://formation-continue.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f6f4eac5cf4b42ed0e5b27e8cd6f5ba54c6dc1f36b8e17a09c08109fdefba17

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
824617eb4e1cd3e4-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 11 Nov 2023 11:11:15 GMT
server
cloudflare
via
1.1 google
x-cloud-trace-context
8bc1cf7697c9e27065f4708b7af4199c

Redirect headers

CF-RAY
824617ea9da8d6a2-CDG
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 11 Nov 2023 11:11:15 GMT
Expires
Sat, 11 Nov 2023 12:11:15 GMT
Location
https://formation-continue.ooreka.fr/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
hubvisor.js
cdn.hubvisor.io/wrapper/01D6X4Y50DGHQY1A2QJ063SAF4/ 		564 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hubvisor.io/wrapper/01D6X4Y50DGHQY1A2QJ063SAF4/hubvisor.js
Requested by
Host: formation-continue.ooreka.fr
URL: https://formation-continue.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
85cdde748120ca07bade69d25e4cfa9c2d09bea3ccf3829b920dd247e29dc07b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://formation-continue.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Tue, 07 Nov 2023 15:26:35 GMT
date
Sat, 11 Nov 2023 11:11:16 GMT
content-encoding
gzip
via
1.1 varnish
age
71062
x-guploader-uploadid
ABPtcPq0Csjrxn7trAtckoYL8-yy5mlUHVBLZeqJoOpSQ-dLl4jDEjKX5uGifrD-9U9wZyD-fnCyNFwb8eGJsKq2IWpfCg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
180038
x-served-by
cache-lcy-eglc8600077-LCY
last-modified
Mon, 06 Nov 2023 15:26:05 GMT
server
UploadServer
x-timer
S1699701076.003475,VS0,VE1
etag
"1263ca1bc51cf610aff909c4411b81d0"
vary
Accept-Encoding
x-goog-generation
1699284365454879
content-type
application/javascript
x-goog-hash
crc32c=wKWw/A==, md5=EmPKG8Uc9hCv+QnEQRuB0A==
cache-control
public, max-age=3600, stale-while-revalidate=604800
x-goog-stored-content-length
180038
accept-ranges
bytes
x-cache-hits
1
main.cd92be50f822159b2c4e.js
formation-continue.ooreka.fr/static/ 		601 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://formation-continue.ooreka.fr/static/main.cd92be50f822159b2c4e.js
Requested by
Host: formation-continue.ooreka.fr
URL: https://formation-continue.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b18431e871418bca8e4511041d670b453cf47afc0eb7d351471337ece8af2c6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://formation-continue.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 11:11:15 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
81649
cf-polished
origSize=616022
content-disposition
inline; filename=main.cd92be50f822159b2c4e.js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
86a66436ef2fa651cf1216e341a2b3c2
cache-control
public, max-age=345600
cf-ray
824617eccf4cd3e4-CDG
expires
Wed, 15 Nov 2023 11:11:15 GMT
loader.js
sdk.privacy-center.org/fedf8fb9-1b11-4492-ba29-e222ebd90a42/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/fedf8fb9-1b11-4492-ba29-e222ebd90a42/loader.js?target=formation-continue.ooreka.fr
Requested by
Host: formation-continue.ooreka.fr
URL: https://formation-continue.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:d000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
43805c6d8fa2abc0b6d124caa026a9dd53d8ba5e1700dea848b673a4042cce21

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://formation-continue.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 09:59:32 GMT
content-encoding
gzip
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:true
x-didomi-remote-config-source
Lambda
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
age
4304
etag
"99ecdc1ea066f0c27a924f3ac8e98234"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
17628
x-amz-cf-id
gLasSQvlh-fsYtFfZY_phjNlcPsunjrjAD65ZueLY8njTPARXCbREA==
gtm.js
www.googletagmanager.com/ 		365 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-54MM6T3
Requested by
Host: formation-continue.ooreka.fr
URL: https://formation-continue.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39a394fd9323934414048169c62c3ced0450fc96c7080245c48422e8a9a19290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://formation-continue.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 11:11:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91921
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 11 Nov 2023 11:11:16 GMT
main.53b1d85a22572b9515c5.css
formation-continue.ooreka.fr/static/ 		269 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://formation-continue.ooreka.fr/static/main.53b1d85a22572b9515c5.css
Requested by
Host: formation-continue.ooreka.fr
URL: https://formation-continue.ooreka.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a90ce09fc68a01d17a5a9a00f3d2afea3c6f9e9ca3900b03f1f8d730c12064a9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://formation-continue.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 11:11:15 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
263328
cf-polished
origSize=275863
content-disposition
inline; filename=main.53b1d85a22572b9515c5.css
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
e380fa97e5d66e437724df99648c830e
cache-control
public, max-age=345600
cf-ray
824617ecdbd5018e-CDG
expires
Wed, 15 Nov 2023 11:11:15 GMT
museo500.woff2
formation-continue.ooreka.fr/static/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://formation-continue.ooreka.fr/static/fonts/museo500.woff2
Requested by
Host: formation-continue.ooreka.fr
URL: https://formation-continue.ooreka.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e52ebe37da001ef8846a88edc1c1063f2cdf5c1ce54d9002e0a691ac1810474

Request headers

Referer
https://formation-continue.ooreka.fr/
Origin
https://formation-continue.ooreka.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 11:11:16 GMT
via
1.1 google
cf-cache-status
HIT
age
153884
content-disposition
inline; filename=museo500.woff2
alt-svc
h3=":443"; ma=86400
content-length
23752
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
https://formation-continue.ooreka.fr
x-cloud-trace-context
003b10d0006d7ff2594277eb7442b0b8
cache-control
public, max-age=345600
accept-ranges
bytes
cf-ray
824617ecebe4018e-CDG
expires
Wed, 15 Nov 2023 11:11:16 GMT
logo_PoC_ooreka_PJ.svg
static.ooreka.fr/static/common/ Frame 78D7 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ.svg
Requested by
Host: formation-continue.ooreka.fr
URL: https://formation-continue.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf5ab4aa12b3308eb4f6260d62a94afefdb390c76fb6b02a302c80278eea9b8

Request headers

Referer
https://formation-continue.ooreka.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Type
age
189690
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=345600
cf-cache-status
HIT
cf-ray
824617edd84ed3e4-CDG
content-encoding
br
content-type
image/svg+xml
date
Sat, 11 Nov 2023 11:11:16 GMT
etag
W/"80b40dd05b2ad8e00943d86db1b28e22"
expires
Wed, 15 Nov 2023 11:11:16 GMT
last-modified
Mon, 03 Apr 2023 15:22:31 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1680535351767544
x-goog-hash
crc32c=aW/meg== md5=gLQN0Fsq2OAJQ9htsbKOIg==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
20384
x-guploader-uploadid
ABPtcPpzG3v41Qi6myt8voxTQ_zzUg6y47_jbcPO9BENB04UNFovYLOaK6RBjDwlS8zwvWBMOoxdmtLMrmMBO_28pyTyrQ
logo_PoC_ooreka_PJ_blanc.svg
static.ooreka.fr/static/common/ Frame 39CD 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ_blanc.svg
Requested by
Host: formation-continue.ooreka.fr
URL: https://formation-continue.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f838024ade4e84537e30b7e001e8111db5f81b3c9cd94b73eecd2137f15aa575

Request headers

Referer
https://formation-continue.ooreka.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Type
age
106707
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=345600
cf-cache-status
HIT
cf-ray
824617edd851d3e4-CDG
content-encoding
br
content-type
image/svg+xml
date
Sat, 11 Nov 2023 11:11:16 GMT
etag
W/"278ad93f823476152ce65775a59eab19"
expires
Wed, 15 Nov 2023 11:11:16 GMT
last-modified
Mon, 03 Jul 2023 09:20:34 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1688376034215677
x-goog-hash
crc32c=f9kxjg== md5=J4rZP4I0dhUs5ld1pZ6rGQ==
x-goog-meta-x-goog-reserved-source-generation
1688109262893726
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
20579
x-guploader-uploadid
ABPtcPrvHGkooh1vvS7_Jhys7YCAMywCJ3kh1gsef6HpaA9QCHrN1Z000AsdkrfLWovZF_hDsYSgpsAMEbu5d63JXuUbg3cxfbx0
icomoon.woff
formation-continue.ooreka.fr/static/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://formation-continue.ooreka.fr/static/fonts/icomoon.woff
Requested by
Host: formation-continue.ooreka.fr
URL: https://formation-continue.ooreka.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
399e7b36a65f63b7ca8bce850e687d173dbd165007a1405ea07d53572babf7ca

Request headers

Referer
https://formation-continue.ooreka.fr/
Origin
https://formation-continue.ooreka.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 11:11:16 GMT
via
1.1 google
cf-cache-status
HIT
age
276243
content-disposition
inline; filename=icomoon.woff
alt-svc
h3=":443"; ma=86400
content-length
9320
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
https://formation-continue.ooreka.fr
x-cloud-trace-context
fe96b91b055d53e0d894a2e748b0599b
cache-control
public, max-age=345600
accept-ranges
bytes
cf-ray
824617ee8e1d018e-CDG
expires
Wed, 15 Nov 2023 11:11:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		232 B
694 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config
Requested by
Host: cdn.hubvisor.io
URL: https://cdn.hubvisor.io/wrapper/01D6X4Y50DGHQY1A2QJ063SAF4/hubvisor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94b6f126253701c8bf45cd9aeb37be41a05b9441897f7c294bd81376cabfbf99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://formation-continue.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 11:11:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152
x-xss-protection
0
expires
Sat, 11 Nov 2023 11:11:16 GMT
getUserCountryByIp
formation-continue.ooreka.fr/annuaire/ 		17 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://formation-continue.ooreka.fr/annuaire/getUserCountryByIp
Requested by
Host: formation-continue.ooreka.fr
URL: https://formation-continue.ooreka.fr/static/main.cd92be50f822159b2c4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Request headers

Accept
*/*
Referer
https://formation-continue.ooreka.fr/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 11:11:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/x-json; charset=UTF-8
x-cloud-trace-context
375773eb5b154e9e646c50e4f1ac0ea5
cf-ray
824617f048a8018e-CDG
alt-svc
h3=":443"; ma=86400
content-length
17
sdk.8bde36d9d5b849538e5a19a60ce257b7322da5ba.js
sdk.privacy-center.org/sdk/8bde36d9d5b849538e5a19a60ce257b7322da5ba/modern/ 		335 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/8bde36d9d5b849538e5a19a60ce257b7322da5ba/modern/sdk.8bde36d9d5b849538e5a19a60ce257b7322da5ba.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/fedf8fb9-1b11-4492-ba29-e222ebd90a42/loader.js?target=formation-continue.ooreka.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:d000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ad44b955bc6932069cd36d95265a74958e8c7f326cbb51bf88de6c9e0205724

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://formation-continue.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:12:31 GMT
content-encoding
gzip
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2023 16:12:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
154726
etag
W/"870ca3450014c699ba6abc4884d3b792-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
KcqAhR6TH9F9D0_8dpfO8IRfJMD5_NYkFBbUv9HjQo9ZGomiRi8qnw==
smarttag.js
tag.aticdn.net/564527/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/564527/smarttag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54MM6T3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93389eb347ebdeffd077b6e1c0e38e506ad76201bd1b99c65ab98129965d20ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://formation-continue.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
NCplR_wtAaYYozJ8v_r2azVXj366fFT3
content-encoding
gzip
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
date
Sat, 11 Nov 2023 11:01:56 GMT
x-amz-cf-pop
FRA60-P4
age
561
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 25 May 2022 15:18:23 GMT
server
AmazonS3
etag
W/"ada7973ec38375539e8c361731654a59"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-amz-cf-id
MPBZE5k8dyDg-F3ckZUUOYIl4YA5DhK2GX1B0a20v3V6zi5EGrakng==
ui-gdpr-fr-web.8bde36d9d5b849538e5a19a60ce257b7322da5ba.js
sdk.privacy-center.org/sdk/8bde36d9d5b849538e5a19a60ce257b7322da5ba/modern/ 		263 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/8bde36d9d5b849538e5a19a60ce257b7322da5ba/modern/ui-gdpr-fr-web.8bde36d9d5b849538e5a19a60ce257b7322da5ba.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/8bde36d9d5b849538e5a19a60ce257b7322da5ba/modern/sdk.8bde36d9d5b849538e5a19a60ce257b7322da5ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:d000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d55132bffda6ea7040a03799531174d255ccd95a059998d5d8281bb1bb2c464

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://formation-continue.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:12:32 GMT
content-encoding
gzip
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2023 16:12:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
154726
etag
W/"f197d1f4b849660f1df1275aca5f61ca-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
WDz_-5v8Mtm8HwPp7NWm84wnYwybZ-sZ-ElXSxkb4ma3Ef092zoGhA==
piano-analytics.js
tag.aticdn.net/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/piano-analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54MM6T3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0835dee84ae7175ed5be4ab0502bcd555a2a26cd8b6c7cc0421935ba7af2b460

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://formation-continue.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
2Wi5MQ.Yv4EApEWmLp6u3289VynpMgI9
content-encoding
br
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
date
Sat, 11 Nov 2023 11:02:06 GMT
x-amz-cf-pop
FRA60-P4
age
552
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Mon, 06 Nov 2023 10:31:50 GMT
server
AmazonS3
etag
W/"3b71512a8679605c8a35cdc598944fb4"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
x-amz-cf-id
iVL6rMpMBkftYdxxhcjJhU_mLvx787BK7zXaZhzMBE943hjEywZPnQ==
logo_PoC_ooreka_PJ.svg
static.ooreka.fr/static/common/ 		20 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ.svg
Requested by
Host: formation-continue.ooreka.fr
URL: https://formation-continue.ooreka.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf5ab4aa12b3308eb4f6260d62a94afefdb390c76fb6b02a302c80278eea9b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://formation-continue.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 11:11:17 GMT
content-encoding
br
cf-cache-status
HIT
age
329762
x-guploader-uploadid
ADPycds42i1skktWHeohDzE--EI0_MxA0fDnkIOM7qSwJIUB6nBC9kLVRrBVfDqxKoMewbMSc6KxhhWOn8P-OT5Uup207edEGaEv
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 03 Apr 2023 15:22:31 GMT
server
cloudflare
etag
W/"80b40dd05b2ad8e00943d86db1b28e22"
vary
Accept-Encoding
x-goog-hash
crc32c=aW/meg==, md5=gLQN0Fsq2OAJQ9htsbKOIg==
x-goog-generation
1680535351767544
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=345600
x-goog-stored-content-length
20384
cf-ray
824617f5a841018e-CDG
expires
Wed, 15 Nov 2023 11:11:17 GMT
event
at.pagesjaunes.fr/ 		0
597 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.pagesjaunes.fr/event?s=564527&idclient=loty4wxmlmt4prrd
Requested by
Host: tag.aticdn.net
URL: https://tag.aticdn.net/piano-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.196.85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://formation-continue.ooreka.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 11 Nov 2023 11:11:17 GMT
via
1.1 2c3da44501476a8019710c3ae4a409c4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG52-P6
access-control-max-age
600
x-cache
Miss from cloudfront
access-control-allow-origin
https://formation-continue.ooreka.fr
cache-control
no-store
access-control-allow-credentials
true
cf-ray
824617f8e8752a34-CDG
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
uCHC8QxHih-B7U5asGOUle-mCtMEfeyTfE4YA2ekPXQmK0SYJvcVHw==

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture boolean| gdprAppliesGlobally function| __tcfapi function| atSelfPromoImpression function| atSelfPromoClick function| atClick function| addToDataLayer object| dataLayer function| extend function| getCookie object| g object| authInfos object| xtcustom object| mvp_xtcustom object| googletag function| fetchAds function| waitingAuthorizationForFetchingAds object| didomiOnReady function| WidthChange function| loadPJHOnUserConsent object| cssLink object| godefer object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| hubjs object| _pbjsGlobals object| sas object| invibes function| Hubvisor object| __tcfapiBuffer object| bundle function| setImmediate function| clearImmediate object| __algolia object| channels function| _ object| mvpContentCommerce function| $ object| mvpAuth object| mvpAuthentication object| mvpBloc object| mvpCommon object| mvpFacebook object| mvpPros object| mvpTracking object| mvpStepper object| mvpFolder object| mvpFormulaireDevis boolean| isScriptsLoading object| didomiRemoteConfig string| didomiCountry object| didomiRegion object| didomiGeoRegulations object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| webpackChunkDidomi object| Didomi object| didomiEventListeners object| DidomiSanitizing object| adsbygoogle object| didomiState object| ATInternet function| ATCustomEvent object| pianoAnalytics object| _pac object| pdl object| _paq object| pa object| config object| context object| tag object| typeMapping string| xtPage string| level string| universe object| chaptersList object| xtCustom object| data object| stopwords object| compatibleNiche boolean| isPython function| sendTrackClick function| getFormat function| getNiche function| isCurrentNicheCompatible function| getCategory function| isNotAStopWord function| prepareCritere function| getTemplate function| fillTemplate function| constructAmazonBox undefined| pubRight undefined| pubBottom

7 Cookies

Domain/Path Name / Value
.ooreka.fr/ Name: SessionComprendreChoisir
Value: bdc2e491a0049c05fbfd54c07c42a340
.ooreka.fr/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMThiYmUxNDMtMzdhZS02ODg0LTg1ZTgtOWQxYWIyOGZhMjNkIiwiY3JlYXRlZCI6IjIwMjMtMTEtMTFUMTE6MTE6MTcuMDA3WiIsInVwZGF0ZWQiOiIyMDIzLTExLTExVDExOjExOjE3LjAwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
formation-continue.ooreka.fr/ Name: atuserid
Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%22a2464296-f0e6-4c4a-98d4-0163e055d81a%22%2C%22options%22%3A%7B%22end%22%3A%222024-12-12T11%3A11%3A17.547Z%22%2C%22path%22%3A%22%2F%22%7D%7D
formation-continue.ooreka.fr/ Name: pa_privacy
Value: %22exempt%22
formation-continue.ooreka.fr/ Name: _pcid
Value: %7B%22browserId%22%3A%22loty4wxmlmt4prrd%22%2C%22_t%22%3A%22m4id2edy%7Cloty4x1y%22%7D
formation-continue.ooreka.fr/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXSwH18yBbACz1WAJihRRAH1SV8AT0EAPUaJABfIA
.pagesjaunes.fr/ Name: __cf_bm
Value: NXvjVK9cR1QrjQD8ZIaRpzX.fHPXthn4bmUOj6PD7bg-1699701077-0-AYLnaPXRaaevQUDeP0vvllYD91z1dkSyuSkt0qkemy6MrMxqoSrzRJCH4gevXOrnMuKhcAnhGWeyNy7p/6ghD8opoT1CrvX6tFYjUOO4ojPq

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.pagesjaunes.fr
cdn.hubvisor.io
formation-continue.ooreka.fr
sdk.privacy-center.org
securepubads.g.doubleclick.net
static.ooreka.fr
tag.aticdn.net
www.googletagmanager.com
104.17.196.85
151.101.2.132
18.66.147.91
2600:9000:2251:d000:5:b7cc:d3c0:93a1
2606:4700:4400::6812:2745
2606:4700:4400::ac40:94bb
2a00:1450:4001:811::2008
2a00:1450:4001:81c::2002
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
0835dee84ae7175ed5be4ab0502bcd555a2a26cd8b6c7cc0421935ba7af2b460
0ad44b955bc6932069cd36d95265a74958e8c7f326cbb51bf88de6c9e0205724
0b18431e871418bca8e4511041d670b453cf47afc0eb7d351471337ece8af2c6
0d55132bffda6ea7040a03799531174d255ccd95a059998d5d8281bb1bb2c464
399e7b36a65f63b7ca8bce850e687d173dbd165007a1405ea07d53572babf7ca
39a394fd9323934414048169c62c3ced0450fc96c7080245c48422e8a9a19290
3f6f4eac5cf4b42ed0e5b27e8cd6f5ba54c6dc1f36b8e17a09c08109fdefba17
43805c6d8fa2abc0b6d124caa026a9dd53d8ba5e1700dea848b673a4042cce21
4bf5ab4aa12b3308eb4f6260d62a94afefdb390c76fb6b02a302c80278eea9b8
6e52ebe37da001ef8846a88edc1c1063f2cdf5c1ce54d9002e0a691ac1810474
85cdde748120ca07bade69d25e4cfa9c2d09bea3ccf3829b920dd247e29dc07b
93389eb347ebdeffd077b6e1c0e38e506ad76201bd1b99c65ab98129965d20ac
94b6f126253701c8bf45cd9aeb37be41a05b9441897f7c294bd81376cabfbf99
a90ce09fc68a01d17a5a9a00f3d2afea3c6f9e9ca3900b03f1f8d730c12064a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f838024ade4e84537e30b7e001e8111db5f81b3c9cd94b73eecd2137f15aa575