urlscan.io logo urlscan.io
SecurityTrails logo

varices.ooreka.fr Open in urlscan Pro
2606:4700:4400::ac40:94bb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://varices.ooreka.fr/
Effective URL: https://varices.ooreka.fr/
Submission: On November 09 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2606:4700:4400::ac40:94bb, located in United States and belongs to CLOUDFLARENET, US. The main domain is varices.ooreka.fr.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 27th 2023. Valid for: a year.
This is the only time varices.ooreka.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2606:4700:440... 13335 (CLOUDFLAR...)
1 151.101.130.132 54113 (FASTLY)
3 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.66.147.91 16509 (AMAZON-02)
1 104.16.176.91 13335 (CLOUDFLAR...)
18 7
10    2606:4700:4400::ac40:94bb (United States)

ASN13335 (CLOUDFLARENET, US)
varices.ooreka.fr
static.ooreka.fr
1    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
cdn.hubvisor.io
3    2600:9000:2251:c600:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    18.66.147.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-91.fra60.r.cloudfront.net
tag.aticdn.net
1    104.16.176.91 (None, )

ASN13335 (CLOUDFLARENET, US)
at.pagesjaunes.fr
Apex Domain
Subdomains		 Transfer
10 ooreka.fr
varices.ooreka.fr
static.ooreka.fr
303 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6418
159 KB
2 aticdn.net
tag.aticdn.net — Cisco Umbrella Rank: 15759
47 KB
1 pagesjaunes.fr
at.pagesjaunes.fr — Cisco Umbrella Rank: 409690
592 B
1 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
688 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
90 KB
1 hubvisor.io
cdn.hubvisor.io — Cisco Umbrella Rank: 48980
176 KB
18 7
Domain Requested by
7 varices.ooreka.fr 1 redirects varices.ooreka.fr
3 static.ooreka.fr varices.ooreka.fr
3 sdk.privacy-center.org varices.ooreka.fr
sdk.privacy-center.org
2 tag.aticdn.net www.googletagmanager.com
1 at.pagesjaunes.fr tag.aticdn.net
1 securepubads.g.doubleclick.net cdn.hubvisor.io
1 www.googletagmanager.com varices.ooreka.fr
1 cdn.hubvisor.io varices.ooreka.fr
18 8

This site contains links to these domains. Also see Links.

Domain
www.ooreka.fr
www.facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-27 -
2024-04-26		 a year crt.sh
cdn.hubvisor.io
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tag.aticdn.net
Thawte RSA CA 2018		 2023-01-02 -
2024-02-02		 a year crt.sh
*.pagesjaunes.fr
GlobalSign RSA OV SSL CA 2018		 2023-08-22 -
2024-09-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://varices.ooreka.fr/
Frame ID: 0524ABBAD8C384434EA2B86BA7EE8B04
Requests: 16 HTTP requests in this frame

Frame: https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ_blanc.svg
Frame ID: 44D7C6D3F39E1570E60AACC5B90BA4F1
Requests: 1 HTTP requests in this frame

Frame: https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ.svg
Frame ID: F0A32140CBCC101A860CF4D40388F0A5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Varices - OorekaOoreka

Page URL History Show full URLs

  1. http://varices.ooreka.fr/ HTTP 301
    https://varices.ooreka.fr/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

18
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

777 kB
Transfer

2757 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://varices.ooreka.fr/ HTTP 301
    https://varices.ooreka.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
varices.ooreka.fr/
Redirect Chain
  • http://varices.ooreka.fr/
  • https://varices.ooreka.fr/
56 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://varices.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d203726ee00a9ecf2a1bfe993a9f9f7c245050c33b0abd803517a027c79aa0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82395bc5acf33ccb-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 22:05:40 GMT
server
cloudflare
via
1.1 google
x-cloud-trace-context
660d806589002cb19cae7ab6d255577a

Redirect headers

CF-RAY
82395bc53c850173-CDG
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 09 Nov 2023 22:05:40 GMT
Expires
Thu, 09 Nov 2023 23:05:40 GMT
Location
https://varices.ooreka.fr/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
hubvisor.js
cdn.hubvisor.io/wrapper/01D6X4Y50DGHQY1A2QJ063SAF4/ 		564 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hubvisor.io/wrapper/01D6X4Y50DGHQY1A2QJ063SAF4/hubvisor.js
Requested by
Host: varices.ooreka.fr
URL: https://varices.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
85cdde748120ca07bade69d25e4cfa9c2d09bea3ccf3829b920dd247e29dc07b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://varices.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Tue, 07 Nov 2023 15:26:35 GMT
date
Thu, 09 Nov 2023 22:05:40 GMT
content-encoding
gzip
via
1.1 varnish
age
23926
x-guploader-uploadid
ABPtcPq0Csjrxn7trAtckoYL8-yy5mlUHVBLZeqJoOpSQ-dLl4jDEjKX5uGifrD-9U9wZyD-fnCyNFwb8eGJsKq2IWpfCg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
180038
x-served-by
cache-lcy-eglc8600073-LCY
last-modified
Mon, 06 Nov 2023 15:26:05 GMT
server
UploadServer
x-timer
S1699567541.582016,VS0,VE2
etag
"1263ca1bc51cf610aff909c4411b81d0"
vary
Accept-Encoding
x-goog-generation
1699284365454879
content-type
application/javascript
x-goog-hash
crc32c=wKWw/A==, md5=EmPKG8Uc9hCv+QnEQRuB0A==
cache-control
public, max-age=3600, stale-while-revalidate=604800
x-goog-stored-content-length
180038
accept-ranges
bytes
x-cache-hits
1
main.cd92be50f822159b2c4e.js
varices.ooreka.fr/static/ 		601 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://varices.ooreka.fr/static/main.cd92be50f822159b2c4e.js
Requested by
Host: varices.ooreka.fr
URL: https://varices.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b18431e871418bca8e4511041d670b453cf47afc0eb7d351471337ece8af2c6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://varices.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:05:40 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
157648
cf-polished
origSize=616022
content-disposition
inline; filename=main.cd92be50f822159b2c4e.js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
4baf8549dc030aaf67d73b79aaf29900
cache-control
public, max-age=345600
cf-ray
82395bc859163ccb-CDG
expires
Mon, 13 Nov 2023 22:05:40 GMT
loader.js
sdk.privacy-center.org/fedf8fb9-1b11-4492-ba29-e222ebd90a42/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/fedf8fb9-1b11-4492-ba29-e222ebd90a42/loader.js?target=varices.ooreka.fr
Requested by
Host: varices.ooreka.fr
URL: https://varices.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:c600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
43805c6d8fa2abc0b6d124caa026a9dd53d8ba5e1700dea848b673a4042cce21

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://varices.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:05:40 GMT
content-encoding
gzip
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:true
x-didomi-remote-config-source
Lambda
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
etag
"99ecdc1ea066f0c27a924f3ac8e98234"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
17628
x-amz-cf-id
C4JOBvhZWtAbFO_hPwvn3j5tfVnoVh50b2oe-zLHi4Q1n-5uHNjCGQ==
gtm.js
www.googletagmanager.com/ 		365 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-54MM6T3
Requested by
Host: varices.ooreka.fr
URL: https://varices.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1d0f4cb0ade1bf17a7dfb04b1eb8b9e061fc1f65a2193e87daa9e3365607413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://varices.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:05:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91926
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Nov 2023 22:05:40 GMT
main.53b1d85a22572b9515c5.css
varices.ooreka.fr/static/ 		269 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://varices.ooreka.fr/static/main.53b1d85a22572b9515c5.css
Requested by
Host: varices.ooreka.fr
URL: https://varices.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a90ce09fc68a01d17a5a9a00f3d2afea3c6f9e9ca3900b03f1f8d730c12064a9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://varices.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:05:40 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
129131
cf-polished
origSize=275863
content-disposition
inline; filename=main.53b1d85a22572b9515c5.css
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
021073bb9491cb6ec56c9842fbdee4cf
cache-control
public, max-age=345600
cf-ray
82395bc879663ccb-CDG
expires
Mon, 13 Nov 2023 22:05:40 GMT
museo500.woff2
varices.ooreka.fr/static/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://varices.ooreka.fr/static/fonts/museo500.woff2
Requested by
Host: varices.ooreka.fr
URL: https://varices.ooreka.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e52ebe37da001ef8846a88edc1c1063f2cdf5c1ce54d9002e0a691ac1810474

Request headers

Referer
https://varices.ooreka.fr/
Origin
https://varices.ooreka.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:05:40 GMT
via
1.1 google
cf-cache-status
HIT
age
209239
content-disposition
inline; filename=museo500.woff2
alt-svc
h3=":443"; ma=86400
content-length
23752
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
https://varices.ooreka.fr
x-cloud-trace-context
715f87c0bd4ecc3d47d11567acfde982
cache-control
public, max-age=345600
accept-ranges
bytes
cf-ray
82395bc87c0899cc-CDG
expires
Mon, 13 Nov 2023 22:05:40 GMT
logo_PoC_ooreka_PJ_blanc.svg
static.ooreka.fr/static/common/ Frame 44D7 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ_blanc.svg
Requested by
Host: varices.ooreka.fr
URL: https://varices.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f838024ade4e84537e30b7e001e8111db5f81b3c9cd94b73eecd2137f15aa575

Request headers

Referer
https://varices.ooreka.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Type
age
308064
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=345600
cf-cache-status
HIT
cf-ray
82395bc8ba033ccb-CDG
content-encoding
br
content-type
image/svg+xml
date
Thu, 09 Nov 2023 22:05:40 GMT
etag
W/"278ad93f823476152ce65775a59eab19"
expires
Mon, 13 Nov 2023 22:05:40 GMT
last-modified
Mon, 03 Jul 2023 09:20:34 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1688376034215677
x-goog-hash
crc32c=f9kxjg== md5=J4rZP4I0dhUs5ld1pZ6rGQ==
x-goog-meta-x-goog-reserved-source-generation
1688109262893726
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
20579
x-guploader-uploadid
ABPtcPq6x44V_3CBwd8QY8D1glrnJpKSFQa7ifpcpcHrSWQCGnNWDlPVFzBZvKynWmIB9SsgDsqPzeN6r1dRQC4pniQmmg
logo_PoC_ooreka_PJ.svg
static.ooreka.fr/static/common/ Frame F0A3 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ.svg
Requested by
Host: varices.ooreka.fr
URL: https://varices.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf5ab4aa12b3308eb4f6260d62a94afefdb390c76fb6b02a302c80278eea9b8

Request headers

Referer
https://varices.ooreka.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Type
age
150618
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=345600
cf-cache-status
HIT
cf-ray
82395bc8ba113ccb-CDG
content-encoding
br
content-type
image/svg+xml
date
Thu, 09 Nov 2023 22:05:40 GMT
etag
W/"80b40dd05b2ad8e00943d86db1b28e22"
expires
Mon, 13 Nov 2023 22:05:40 GMT
last-modified
Mon, 03 Apr 2023 15:22:31 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1680535351767544
x-goog-hash
crc32c=aW/meg== md5=gLQN0Fsq2OAJQ9htsbKOIg==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
20384
x-guploader-uploadid
ABPtcPoA-euTIVvK60LaozloragOxmyFHFF45YRUnBF6YYUuZhoPPUc48mg2V7OSRTW1tWC9qGjecO0qmHDH-f_iuYB3dg
icomoon.woff
varices.ooreka.fr/static/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://varices.ooreka.fr/static/fonts/icomoon.woff
Requested by
Host: varices.ooreka.fr
URL: https://varices.ooreka.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
399e7b36a65f63b7ca8bce850e687d173dbd165007a1405ea07d53572babf7ca

Request headers

Referer
https://varices.ooreka.fr/
Origin
https://varices.ooreka.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:05:40 GMT
via
1.1 google
cf-cache-status
HIT
age
47575
content-disposition
inline; filename=icomoon.woff
alt-svc
h3=":443"; ma=86400
content-length
9320
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
https://varices.ooreka.fr
x-cloud-trace-context
84194745694732eed409570942f48d33
cache-control
public, max-age=345600
accept-ranges
bytes
cf-ray
82395bc8fcb299cc-CDG
expires
Mon, 13 Nov 2023 22:05:40 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		221 B
688 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config
Requested by
Host: cdn.hubvisor.io
URL: https://cdn.hubvisor.io/wrapper/01D6X4Y50DGHQY1A2QJ063SAF4/hubvisor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16bd0fd22dfb05f89161db077f15706d2373dac96b8dbde5718115b5c24b564b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://varices.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
x-xss-protection
0
expires
Thu, 09 Nov 2023 22:05:40 GMT
getUserCountryByIp
varices.ooreka.fr/annuaire/ 		17 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://varices.ooreka.fr/annuaire/getUserCountryByIp
Requested by
Host: varices.ooreka.fr
URL: https://varices.ooreka.fr/static/main.cd92be50f822159b2c4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Request headers

Accept
*/*
Referer
https://varices.ooreka.fr/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:05:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/x-json; charset=UTF-8
x-cloud-trace-context
b509a9728fc8165c342435f811f04996
cf-ray
82395bc9cdb099cc-CDG
alt-svc
h3=":443"; ma=86400
content-length
17
smarttag.js
tag.aticdn.net/564527/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/564527/smarttag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54MM6T3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93389eb347ebdeffd077b6e1c0e38e506ad76201bd1b99c65ab98129965d20ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://varices.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
NCplR_wtAaYYozJ8v_r2azVXj366fFT3
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
date
Thu, 09 Nov 2023 22:00:17 GMT
x-amz-cf-pop
FRA60-P4
age
328
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 25 May 2022 15:18:23 GMT
server
AmazonS3
etag
W/"ada7973ec38375539e8c361731654a59"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-amz-cf-id
0md5IiGASMGFvBihhL9wGUvWmkYlDoZ8lS_RtCfF5b6HCPzxmiwojg==
sdk.8bde36d9d5b849538e5a19a60ce257b7322da5ba.js
sdk.privacy-center.org/sdk/8bde36d9d5b849538e5a19a60ce257b7322da5ba/modern/ 		335 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/8bde36d9d5b849538e5a19a60ce257b7322da5ba/modern/sdk.8bde36d9d5b849538e5a19a60ce257b7322da5ba.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/fedf8fb9-1b11-4492-ba29-e222ebd90a42/loader.js?target=varices.ooreka.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:c600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ad44b955bc6932069cd36d95265a74958e8c7f326cbb51bf88de6c9e0205724

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://varices.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:12:31 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2023 16:12:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
21190
etag
W/"870ca3450014c699ba6abc4884d3b792-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
U08pcUTMhehSgHtF-h1rTqSOa-rO5294bF6R2PICSLJB-oMaIvjL-w==
ui-gdpr-fr-web.8bde36d9d5b849538e5a19a60ce257b7322da5ba.js
sdk.privacy-center.org/sdk/8bde36d9d5b849538e5a19a60ce257b7322da5ba/modern/ 		263 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/8bde36d9d5b849538e5a19a60ce257b7322da5ba/modern/ui-gdpr-fr-web.8bde36d9d5b849538e5a19a60ce257b7322da5ba.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/8bde36d9d5b849538e5a19a60ce257b7322da5ba/modern/sdk.8bde36d9d5b849538e5a19a60ce257b7322da5ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:c600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d55132bffda6ea7040a03799531174d255ccd95a059998d5d8281bb1bb2c464

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://varices.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:12:32 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2023 16:12:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
21189
etag
W/"f197d1f4b849660f1df1275aca5f61ca-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
QFexHVRWwCBfUzWS2cl3P1K6abnRc2ylSN_Mi2mVtO3D41BKwnjgbg==
piano-analytics.js
tag.aticdn.net/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/piano-analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54MM6T3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0835dee84ae7175ed5be4ab0502bcd555a2a26cd8b6c7cc0421935ba7af2b460

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://varices.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
2Wi5MQ.Yv4EApEWmLp6u3289VynpMgI9
content-encoding
br
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
date
Thu, 09 Nov 2023 22:02:10 GMT
x-amz-cf-pop
FRA60-P4
age
217
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Mon, 06 Nov 2023 10:31:50 GMT
server
AmazonS3
etag
W/"3b71512a8679605c8a35cdc598944fb4"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
x-amz-cf-id
6FPcL9weyV_gpjOwDRC_KAOfeHRzxFxnO7hkRS4paebbO_2bOfZyZA==
logo_PoC_ooreka_PJ.svg
static.ooreka.fr/static/common/ 		20 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ.svg
Requested by
Host: varices.ooreka.fr
URL: https://varices.ooreka.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf5ab4aa12b3308eb4f6260d62a94afefdb390c76fb6b02a302c80278eea9b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://varices.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:05:41 GMT
content-encoding
br
cf-cache-status
HIT
age
150619
x-guploader-uploadid
ABPtcPoA-euTIVvK60LaozloragOxmyFHFF45YRUnBF6YYUuZhoPPUc48mg2V7OSRTW1tWC9qGjecO0qmHDH-f_iuYB3dg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 03 Apr 2023 15:22:31 GMT
server
cloudflare
etag
W/"80b40dd05b2ad8e00943d86db1b28e22"
vary
Accept-Encoding
x-goog-hash
crc32c=aW/meg==, md5=gLQN0Fsq2OAJQ9htsbKOIg==
x-goog-generation
1680535351767544
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=345600
x-goog-stored-content-length
20384
cf-ray
82395bcbe86699cc-CDG
expires
Mon, 13 Nov 2023 22:05:41 GMT
event
at.pagesjaunes.fr/ 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.pagesjaunes.fr/event?s=564527&idclient=lorqmrni3oiiuffc
Requested by
Host: tag.aticdn.net
URL: https://tag.aticdn.net/piano-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.176.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://varices.ooreka.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 09 Nov 2023 22:05:41 GMT
via
1.1 541b3521516c2ab2d19244b7072c9f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG52-P6
access-control-max-age
600
x-cache
Miss from cloudfront
access-control-allow-origin
https://varices.ooreka.fr
cache-control
no-store
access-control-allow-credentials
true
cf-ray
82395bccac682a61-CDG
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
BwO3GR536KsEZB2anZPXAsv4lzMIsvre5QQfIAomMsvi14KUTUwNcw==

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture boolean| gdprAppliesGlobally function| __tcfapi function| atSelfPromoImpression function| atSelfPromoClick function| atClick function| addToDataLayer object| dataLayer function| extend function| getCookie object| g object| authInfos object| xtcustom object| mvp_xtcustom object| googletag function| fetchAds function| waitingAuthorizationForFetchingAds object| didomiOnReady function| WidthChange function| loadPJHOnUserConsent object| cssLink object| godefer object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| hubjs object| _pbjsGlobals object| sas object| invibes function| Hubvisor object| __tcfapiBuffer object| bundle function| setImmediate function| clearImmediate object| __algolia object| channels function| _ object| mvpContentCommerce function| $ object| mvpAuth object| mvpAuthentication object| mvpBloc object| mvpCommon object| mvpFacebook object| mvpPros object| mvpTracking object| mvpStepper object| mvpFolder object| mvpFormulaireDevis boolean| isScriptsLoading object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| didomiRemoteConfig string| didomiCountry object| didomiRegion object| didomiGeoRegulations object| webpackChunkDidomi object| Didomi object| didomiEventListeners object| DidomiSanitizing object| adsbygoogle object| didomiState object| ATInternet function| ATCustomEvent object| pianoAnalytics object| _pac object| pdl object| _paq object| pa object| config object| context object| tag object| typeMapping string| xtPage string| level string| universe object| chaptersList object| xtCustom object| data object| stopwords object| compatibleNiche boolean| isPython function| sendTrackClick function| getFormat function| getNiche function| isCurrentNicheCompatible function| getCategory function| isNotAStopWord function| prepareCritere function| getTemplate function| fillTemplate function| constructAmazonBox object| pubRight object| pubBottom

7 Cookies

Domain/Path Name / Value
.ooreka.fr/ Name: SessionComprendreChoisir
Value: f9797bcb852cfb11521d3f121d780304
.ooreka.fr/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMThiYjYxZTktYThiYy02ODkwLWE1MzUtNmQyZGI5Yjk5NTZjIiwiY3JlYXRlZCI6IjIwMjMtMTEtMDlUMjI6MDU6NDAuOTIxWiIsInVwZGF0ZWQiOiIyMDIzLTExLTA5VDIyOjA1OjQwLjkyMVoiLCJ2ZXJzaW9uIjpudWxsfQ==
varices.ooreka.fr/ Name: atuserid
Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%228c9b05c0-e298-4dbd-82bc-2284a8f3b80e%22%2C%22options%22%3A%7B%22end%22%3A%222024-12-10T22%3A05%3A41.131Z%22%2C%22path%22%3A%22%2F%22%7D%7D
varices.ooreka.fr/ Name: pa_privacy
Value: %22exempt%22
varices.ooreka.fr/ Name: _pcid
Value: %7B%22browserId%22%3A%22lorqmrni3oiiuffc%22%2C%22_t%22%3A%22m4g5k903%7Clorqmro3%22%7D
varices.ooreka.fr/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXSwH18yBbACwBzAKwBrAJwAGUQB9UlGAEd%2BMSqJABfIA
.pagesjaunes.fr/ Name: __cf_bm
Value: wJdF51_nHQKTOCUkIDINGMQVWTbiUh0KzQmQhYpw6J0-1699567541-0-AZt4djXDOdGzW5FAlX2OiYx58lEVdMAG8cnKZT1qJ2vF09mH2q/X1nWzYQ37IWXU7efo62Dskrfrd+0N5vPbEwWayS3ogXB3D8oJRpgBjOuH

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.pagesjaunes.fr
cdn.hubvisor.io
sdk.privacy-center.org
securepubads.g.doubleclick.net
static.ooreka.fr
tag.aticdn.net
varices.ooreka.fr
www.googletagmanager.com
104.16.176.91
151.101.130.132
18.66.147.91
2600:9000:2251:c600:5:b7cc:d3c0:93a1
2606:4700:4400::ac40:94bb
2a00:1450:4001:80f::2002
2a00:1450:4001:82b::2008
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
0835dee84ae7175ed5be4ab0502bcd555a2a26cd8b6c7cc0421935ba7af2b460
0ad44b955bc6932069cd36d95265a74958e8c7f326cbb51bf88de6c9e0205724
0b18431e871418bca8e4511041d670b453cf47afc0eb7d351471337ece8af2c6
0d55132bffda6ea7040a03799531174d255ccd95a059998d5d8281bb1bb2c464
16bd0fd22dfb05f89161db077f15706d2373dac96b8dbde5718115b5c24b564b
399e7b36a65f63b7ca8bce850e687d173dbd165007a1405ea07d53572babf7ca
43805c6d8fa2abc0b6d124caa026a9dd53d8ba5e1700dea848b673a4042cce21
4bf5ab4aa12b3308eb4f6260d62a94afefdb390c76fb6b02a302c80278eea9b8
6e52ebe37da001ef8846a88edc1c1063f2cdf5c1ce54d9002e0a691ac1810474
85cdde748120ca07bade69d25e4cfa9c2d09bea3ccf3829b920dd247e29dc07b
93389eb347ebdeffd077b6e1c0e38e506ad76201bd1b99c65ab98129965d20ac
96d203726ee00a9ecf2a1bfe993a9f9f7c245050c33b0abd803517a027c79aa0
a90ce09fc68a01d17a5a9a00f3d2afea3c6f9e9ca3900b03f1f8d730c12064a9
c1d0f4cb0ade1bf17a7dfb04b1eb8b9e061fc1f65a2193e87daa9e3365607413
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f838024ade4e84537e30b7e001e8111db5f81b3c9cd94b73eecd2137f15aa575