urlscan.io logo urlscan.io
SecurityTrails logo

epargne-salariale.ooreka.fr Open in urlscan Pro
2606:4700:4400::ac40:94bb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://epargne-salariale.ooreka.fr/
Effective URL: https://epargne-salariale.ooreka.fr/
Submission: On November 02 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2606:4700:4400::ac40:94bb, located in United States and belongs to CLOUDFLARENET, US. The main domain is epargne-salariale.ooreka.fr.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 27th 2023. Valid for: a year.
This is the only time epargne-salariale.ooreka.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
9 2606:4700:440... 13335 (CLOUDFLAR...)
1 151.101.194.132 54113 (FASTLY)
3 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.66.147.21 16509 (AMAZON-02)
1 104.17.196.85 13335 (CLOUDFLAR...)
18 7
1    2606:4700:4400::6812:2745 (United States)

ASN13335 (CLOUDFLARENET, US)
epargne-salariale.ooreka.fr
9    2606:4700:4400::ac40:94bb (United States)

ASN13335 (CLOUDFLARENET, US)
epargne-salariale.ooreka.fr
static.ooreka.fr
1    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
cdn.hubvisor.io
3    2600:9000:2251:1200:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    18.66.147.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-21.fra60.r.cloudfront.net
tag.aticdn.net
1    104.17.196.85 (None, )

ASN13335 (CLOUDFLARENET, US)
at.pagesjaunes.fr
Apex Domain
Subdomains		 Transfer
10 ooreka.fr
epargne-salariale.ooreka.fr
static.ooreka.fr
303 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6418
159 KB
2 aticdn.net
tag.aticdn.net — Cisco Umbrella Rank: 15759
46 KB
1 pagesjaunes.fr
at.pagesjaunes.fr — Cisco Umbrella Rank: 409690
597 B
1 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
691 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
90 KB
1 hubvisor.io
cdn.hubvisor.io — Cisco Umbrella Rank: 48980
176 KB
18 7
Domain Requested by
7 epargne-salariale.ooreka.fr 1 redirects epargne-salariale.ooreka.fr
3 static.ooreka.fr epargne-salariale.ooreka.fr
3 sdk.privacy-center.org epargne-salariale.ooreka.fr
sdk.privacy-center.org
2 tag.aticdn.net www.googletagmanager.com
1 at.pagesjaunes.fr tag.aticdn.net
1 securepubads.g.doubleclick.net cdn.hubvisor.io
1 www.googletagmanager.com epargne-salariale.ooreka.fr
1 cdn.hubvisor.io epargne-salariale.ooreka.fr
18 8

This site contains links to these domains. Also see Links.

Domain
www.ooreka.fr
www.facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-27 -
2024-04-26		 a year crt.sh
cdn.hubvisor.io
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tag.aticdn.net
Thawte RSA CA 2018		 2023-01-02 -
2024-02-02		 a year crt.sh
*.pagesjaunes.fr
GlobalSign RSA OV SSL CA 2018		 2023-08-22 -
2024-09-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://epargne-salariale.ooreka.fr/
Frame ID: 5FC97914E82FCA9BD77080B2B6F4449C
Requests: 16 HTTP requests in this frame

Frame: https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ_blanc.svg
Frame ID: 7F34EB0EE7F5BA8CEBA222002A68270E
Requests: 1 HTTP requests in this frame

Frame: https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ.svg
Frame ID: 78EF2A47FC7C1CCB72D20ADA8EE69CDB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Epargne salariale - OorekaOoreka

Page URL History Show full URLs

  1. http://epargne-salariale.ooreka.fr/ HTTP 301
    https://epargne-salariale.ooreka.fr/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

18
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

776 kB
Transfer

2751 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://epargne-salariale.ooreka.fr/ HTTP 301
    https://epargne-salariale.ooreka.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
epargne-salariale.ooreka.fr/
Redirect Chain
  • http://epargne-salariale.ooreka.fr/
  • https://epargne-salariale.ooreka.fr/
57 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://epargne-salariale.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68c6038a92761eea67e7280272fa965eaba9142ccc0e42fadfeafb5585a806a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81fab406bb2c1545-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 02 Nov 2023 07:35:52 GMT
server
cloudflare
via
1.1 google
x-cloud-trace-context
bb42706d7fa7e091f77167eea246bd84

Redirect headers

CF-RAY
81fab406494b2a40-CDG
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 02 Nov 2023 07:35:52 GMT
Expires
Thu, 02 Nov 2023 08:35:52 GMT
Location
https://epargne-salariale.ooreka.fr/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
hubvisor.js
cdn.hubvisor.io/wrapper/01D6X4Y50DGHQY1A2QJ063SAF4/ 		564 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hubvisor.io/wrapper/01D6X4Y50DGHQY1A2QJ063SAF4/hubvisor.js
Requested by
Host: epargne-salariale.ooreka.fr
URL: https://epargne-salariale.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2d731866a89bd1066deff68dcce10727dd9b37372fceb2e100ca9e019ee16d99

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://epargne-salariale.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Tue, 31 Oct 2023 09:22:42 GMT
date
Thu, 02 Nov 2023 07:35:52 GMT
content-encoding
gzip
via
1.1 varnish
age
17717
x-guploader-uploadid
ABPtcPpBwmvHBTxYaMI3U82Wu_NVnHAVJV5IA3GXadvBIxJgpVWZdfOtw_2nho7CXR326C1vyYN76V6E7WcpVKqCk5_ndg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
179959
x-served-by
cache-lcy-eglc8600025-LCY
last-modified
Mon, 30 Oct 2023 09:22:16 GMT
server
UploadServer
x-timer
S1698910552.276870,VS0,VE0
etag
"40c4c5ad915d1d52fdfd16a616baf323"
vary
Accept-Encoding
x-goog-generation
1698657736090916
content-type
application/javascript
x-goog-hash
crc32c=TEwPaA==, md5=QMTFrZFdHVL9/RamFrrzIw==
cache-control
public, max-age=3600, stale-while-revalidate=604800
x-goog-stored-content-length
179959
accept-ranges
bytes
x-cache-hits
1999
main.cd92be50f822159b2c4e.js
epargne-salariale.ooreka.fr/static/ 		601 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epargne-salariale.ooreka.fr/static/main.cd92be50f822159b2c4e.js
Requested by
Host: epargne-salariale.ooreka.fr
URL: https://epargne-salariale.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b18431e871418bca8e4511041d670b453cf47afc0eb7d351471337ece8af2c6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://epargne-salariale.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:35:52 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
177174
cf-polished
origSize=616022
content-disposition
inline; filename=main.cd92be50f822159b2c4e.js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
2bdb713d8633f11cd2d614d138fd19ca
cache-control
public, max-age=345600
cf-ray
81fab4075be61545-CDG
expires
Mon, 06 Nov 2023 07:35:52 GMT
loader.js
sdk.privacy-center.org/fedf8fb9-1b11-4492-ba29-e222ebd90a42/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/fedf8fb9-1b11-4492-ba29-e222ebd90a42/loader.js?target=epargne-salariale.ooreka.fr
Requested by
Host: epargne-salariale.ooreka.fr
URL: https://epargne-salariale.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1200:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a90532601fe45ffd40e046cf8800a923327e1488990ac165ed45933012245ef7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://epargne-salariale.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 06:21:02 GMT
content-encoding
gzip
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:true
x-didomi-remote-config-source
Lambda
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
age
4490
etag
"67070f96732fcd3041874f9673367fdb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
17372
x-amz-cf-id
cuBpCNEOWM_dM9Ixdu7OgrjSen79ZPdCdfmlcAZImv_Sg-K8kOT60A==
gtm.js
www.googletagmanager.com/ 		365 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-54MM6T3
Requested by
Host: epargne-salariale.ooreka.fr
URL: https://epargne-salariale.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec9f0e00af14453eacee95a639ce8c7960e034f3ef42670f916b0d4afd0c3d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://epargne-salariale.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:35:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91923
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Nov 2023 07:35:52 GMT
main.53b1d85a22572b9515c5.css
epargne-salariale.ooreka.fr/static/ 		269 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epargne-salariale.ooreka.fr/static/main.53b1d85a22572b9515c5.css
Requested by
Host: epargne-salariale.ooreka.fr
URL: https://epargne-salariale.ooreka.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a90ce09fc68a01d17a5a9a00f3d2afea3c6f9e9ca3900b03f1f8d730c12064a9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://epargne-salariale.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:35:52 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
164181
cf-polished
origSize=275863
content-disposition
inline; filename=main.53b1d85a22572b9515c5.css
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
da9d7de90a6dac0409ec791f01b9d414
cache-control
public, max-age=345600
cf-ray
81fab4078ffd029a-CDG
expires
Mon, 06 Nov 2023 07:35:52 GMT
museo500.woff2
epargne-salariale.ooreka.fr/static/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://epargne-salariale.ooreka.fr/static/fonts/museo500.woff2
Requested by
Host: epargne-salariale.ooreka.fr
URL: https://epargne-salariale.ooreka.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e52ebe37da001ef8846a88edc1c1063f2cdf5c1ce54d9002e0a691ac1810474

Request headers

Referer
https://epargne-salariale.ooreka.fr/
Origin
https://epargne-salariale.ooreka.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:35:52 GMT
via
1.1 google
cf-cache-status
MISS
content-disposition
inline; filename=museo500.woff2
alt-svc
h3=":443"; ma=86400
content-length
23752
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
https://epargne-salariale.ooreka.fr
x-cloud-trace-context
1114a1185ee5de68dbb3a5fd0ab1971d
cache-control
public, max-age=345600
accept-ranges
bytes
cf-ray
81fab4078806029a-CDG
expires
Mon, 06 Nov 2023 07:35:52 GMT
logo_PoC_ooreka_PJ_blanc.svg
static.ooreka.fr/static/common/ Frame 7F34 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ_blanc.svg
Requested by
Host: epargne-salariale.ooreka.fr
URL: https://epargne-salariale.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f838024ade4e84537e30b7e001e8111db5f81b3c9cd94b73eecd2137f15aa575

Request headers

Referer
https://epargne-salariale.ooreka.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Type
age
6502
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=345600
cf-cache-status
HIT
cf-ray
81fab407cc571545-CDG
content-encoding
br
content-type
image/svg+xml
date
Thu, 02 Nov 2023 07:35:52 GMT
etag
W/"278ad93f823476152ce65775a59eab19"
expires
Mon, 06 Nov 2023 07:35:52 GMT
last-modified
Mon, 03 Jul 2023 09:20:34 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1688376034215677
x-goog-hash
crc32c=f9kxjg== md5=J4rZP4I0dhUs5ld1pZ6rGQ==
x-goog-meta-x-goog-reserved-source-generation
1688109262893726
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
20579
x-guploader-uploadid
ABPtcPrvHGkooh1vvS7_Jhys7YCAMywCJ3kh1gsef6HpaA9QCHrN1Z000AsdkrfLWovZF_hDsYSgpsAMEbu5d63JXuUbg3cxfbx0
logo_PoC_ooreka_PJ.svg
static.ooreka.fr/static/common/ Frame 78EF 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ.svg
Requested by
Host: epargne-salariale.ooreka.fr
URL: https://epargne-salariale.ooreka.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf5ab4aa12b3308eb4f6260d62a94afefdb390c76fb6b02a302c80278eea9b8

Request headers

Referer
https://epargne-salariale.ooreka.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Type
age
252752
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=345600
cf-cache-status
HIT
cf-ray
81fab407cc561545-CDG
content-encoding
br
content-type
image/svg+xml
date
Thu, 02 Nov 2023 07:35:52 GMT
etag
W/"80b40dd05b2ad8e00943d86db1b28e22"
expires
Mon, 06 Nov 2023 07:35:52 GMT
last-modified
Mon, 03 Apr 2023 15:22:31 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1680535351767544
x-goog-hash
crc32c=aW/meg== md5=gLQN0Fsq2OAJQ9htsbKOIg==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
20384
x-guploader-uploadid
ADPycdtp1FvuMRxbzsjn0f6KwaJiibBIhSgKvQxo1qlYgbKUVpwhObndMeVxjow52CJfdyUsca1C_QXC77aB61pA_dZj_xbxUpUB
icomoon.woff
epargne-salariale.ooreka.fr/static/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://epargne-salariale.ooreka.fr/static/fonts/icomoon.woff
Requested by
Host: epargne-salariale.ooreka.fr
URL: https://epargne-salariale.ooreka.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
399e7b36a65f63b7ca8bce850e687d173dbd165007a1405ea07d53572babf7ca

Request headers

Referer
https://epargne-salariale.ooreka.fr/
Origin
https://epargne-salariale.ooreka.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:35:52 GMT
via
1.1 google
cf-cache-status
MISS
content-disposition
inline; filename=icomoon.woff
alt-svc
h3=":443"; ma=86400
content-length
9320
last-modified
Tue, 03 Oct 2023 13:46:06 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
https://epargne-salariale.ooreka.fr
x-cloud-trace-context
a72b539025a68abac80fb0d0ccc22968
cache-control
public, max-age=345600
accept-ranges
bytes
cf-ray
81fab40838ba029a-CDG
expires
Mon, 06 Nov 2023 07:35:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		225 B
691 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config
Requested by
Host: cdn.hubvisor.io
URL: https://cdn.hubvisor.io/wrapper/01D6X4Y50DGHQY1A2QJ063SAF4/hubvisor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f37dd40f3bc596672d0f727e271a7e03aceb23d08c3778daf545a2854d9a81f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://epargne-salariale.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:35:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-xss-protection
0
expires
Thu, 02 Nov 2023 07:35:52 GMT
getUserCountryByIp
epargne-salariale.ooreka.fr/annuaire/ 		17 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epargne-salariale.ooreka.fr/annuaire/getUserCountryByIp
Requested by
Host: epargne-salariale.ooreka.fr
URL: https://epargne-salariale.ooreka.fr/static/main.cd92be50f822159b2c4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Request headers

Accept
*/*
Referer
https://epargne-salariale.ooreka.fr/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:35:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/x-json; charset=UTF-8
x-cloud-trace-context
d854b2f8fe61f2f4d48c4977c847b50b
cf-ray
81fab40909e5029a-CDG
alt-svc
h3=":443"; ma=86400
content-length
17
sdk.d35c8e0dd5a6b909ad13ea661ef6519a69263cde.js
sdk.privacy-center.org/sdk/d35c8e0dd5a6b909ad13ea661ef6519a69263cde/modern/ 		339 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/d35c8e0dd5a6b909ad13ea661ef6519a69263cde/modern/sdk.d35c8e0dd5a6b909ad13ea661ef6519a69263cde.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/fedf8fb9-1b11-4492-ba29-e222ebd90a42/loader.js?target=epargne-salariale.ooreka.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1200:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bc47ee618fd9ce528fdce7542f7195a154b4a986c23cb6c4df17faeee61e916

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://epargne-salariale.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 13:51:16 GMT
content-encoding
gzip
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified
Mon, 30 Oct 2023 13:51:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
236677
etag
W/"6e23e04032a28dc0bf64b66fb1fe596c-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
aJSoUah_VQfo0Z81N8FcnT1jv_5ycxI15EZB14CXxAWPkbDRLVtdlA==
smarttag.js
tag.aticdn.net/564527/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/564527/smarttag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54MM6T3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93389eb347ebdeffd077b6e1c0e38e506ad76201bd1b99c65ab98129965d20ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://epargne-salariale.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
NCplR_wtAaYYozJ8v_r2azVXj366fFT3
content-encoding
gzip
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
date
Thu, 02 Nov 2023 07:34:10 GMT
x-amz-cf-pop
FRA60-P4
age
106
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 25 May 2022 15:18:23 GMT
server
AmazonS3
etag
W/"ada7973ec38375539e8c361731654a59"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-amz-cf-id
XKfFpqWvGPvgjmSUhlej1RaBZfLDt45EKea8G1PIv-WwXoYHR3aX6Q==
ui-gdpr-fr-web.d35c8e0dd5a6b909ad13ea661ef6519a69263cde.js
sdk.privacy-center.org/sdk/d35c8e0dd5a6b909ad13ea661ef6519a69263cde/modern/ 		261 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/d35c8e0dd5a6b909ad13ea661ef6519a69263cde/modern/ui-gdpr-fr-web.d35c8e0dd5a6b909ad13ea661ef6519a69263cde.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/d35c8e0dd5a6b909ad13ea661ef6519a69263cde/modern/sdk.d35c8e0dd5a6b909ad13ea661ef6519a69263cde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1200:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8db5c10c11174390bd5147f6a1a90471f8485b1d3f98e300e9134e87617d2972

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://epargne-salariale.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 13:51:17 GMT
content-encoding
gzip
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified
Mon, 30 Oct 2023 13:51:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
236676
etag
W/"7201f3a54644717de500ad1f19dbf408-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
Eyoks6IUWka1R6uWRu47WdctmFY5bInlJFe8LZCiNVA_i57JROfx6w==
piano-analytics.js
tag.aticdn.net/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/piano-analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54MM6T3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
205033b4ef43b5debc08ee8753f8564409f114ac67c9428cb8af1b578e161aad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://epargne-salariale.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
qqveWTYUc8Glbfvng8af40peqrRZ8V6b
content-encoding
br
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
date
Thu, 02 Nov 2023 07:08:20 GMT
x-amz-cf-pop
FRA60-P4
age
1653
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Tue, 24 Oct 2023 15:33:19 GMT
server
AmazonS3
etag
W/"da9edfe390e8ae7db0bd1d18f2ccc14a"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
x-amz-cf-id
e2AnIroRdXa7wBSwgqObYPtUoKGX_eRUgLTTPssTufUsDJn519tWlg==
logo_PoC_ooreka_PJ.svg
static.ooreka.fr/static/common/ 		20 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ooreka.fr/static/common/logo_PoC_ooreka_PJ.svg
Requested by
Host: epargne-salariale.ooreka.fr
URL: https://epargne-salariale.ooreka.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:94bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf5ab4aa12b3308eb4f6260d62a94afefdb390c76fb6b02a302c80278eea9b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://epargne-salariale.ooreka.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:35:52 GMT
content-encoding
br
cf-cache-status
HIT
age
254800
x-guploader-uploadid
ADPycdtc_0UzVIZaQ5XGD-lc32Z_qzKbbURyzjjXKYLC6Wpac_9nvAo1E5YkJUedVGskDPPbl4XC6NGwy5rK5ABOLjQt
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 03 Apr 2023 15:22:31 GMT
server
cloudflare
etag
W/"80b40dd05b2ad8e00943d86db1b28e22"
vary
Accept-Encoding
x-goog-hash
crc32c=aW/meg==, md5=gLQN0Fsq2OAJQ9htsbKOIg==
x-goog-generation
1680535351767544
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=345600
x-goog-stored-content-length
20384
cf-ray
81fab40adc1b029a-CDG
expires
Mon, 06 Nov 2023 07:35:52 GMT
event
at.pagesjaunes.fr/ 		0
597 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.pagesjaunes.fr/event?s=564527&idclient=logvh87spp135prc
Requested by
Host: tag.aticdn.net
URL: https://tag.aticdn.net/piano-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.196.85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://epargne-salariale.ooreka.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Nov 2023 07:35:52 GMT
via
1.1 b8d17fb37d43a7408dc92e906fd36568.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG52-P6
access-control-max-age
600
x-cache
Miss from cloudfront
access-control-allow-origin
https://epargne-salariale.ooreka.fr
cache-control
no-store
access-control-allow-credentials
true
cf-ray
81fab40b7b8cf09f-CDG
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
kmJ3zkjuYBYP-g5OHleszKEOc3UmC3QUsID4g-RImA1Fklnskdah5w==

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture boolean| gdprAppliesGlobally function| __tcfapi function| atSelfPromoImpression function| atSelfPromoClick function| atClick function| addToDataLayer object| dataLayer function| extend function| getCookie object| g object| authInfos object| xtcustom object| mvp_xtcustom object| googletag function| fetchAds function| waitingAuthorizationForFetchingAds object| didomiOnReady function| WidthChange function| loadPJHOnUserConsent object| cssLink object| godefer object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| hubjs object| _pbjsGlobals object| sas object| invibes function| Hubvisor object| __tcfapiBuffer object| bundle function| setImmediate function| clearImmediate object| __algolia object| channels function| _ object| mvpContentCommerce function| $ object| mvpAuth object| mvpAuthentication object| mvpBloc object| mvpCommon object| mvpFacebook object| mvpPros object| mvpTracking object| mvpStepper object| mvpFolder object| mvpFormulaireDevis boolean| isScriptsLoading object| didomiRemoteConfig string| didomiCountry object| didomiRegion object| didomiGeoRegulations object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| webpackChunkDidomi object| Didomi object| didomiEventListeners object| DidomiSanitizing object| adsbygoogle object| didomiState object| ATInternet function| ATCustomEvent object| pianoAnalytics object| _pac object| pdl object| _paq object| pa object| config object| context object| tag object| typeMapping string| xtPage string| level string| universe object| chaptersList object| xtCustom object| data object| stopwords object| compatibleNiche boolean| isPython function| sendTrackClick function| getFormat function| getNiche function| isCurrentNicheCompatible function| getCategory function| isNotAStopWord function| prepareCritere function| getTemplate function| fillTemplate function| constructAmazonBox undefined| pubRight undefined| pubBottom

7 Cookies

Domain/Path Name / Value
.ooreka.fr/ Name: SessionComprendreChoisir
Value: d81dbf5f85b1848967bf84d2126d8a44
.ooreka.fr/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMThiOGVmNWMtMWZlNS02MmYxLTgzY2UtODc3ZTc3NGEzMzhhIiwiY3JlYXRlZCI6IjIwMjMtMTEtMDJUMDc6MzU6NTIuNjIwWiIsInVwZGF0ZWQiOiIyMDIzLTExLTAyVDA3OjM1OjUyLjYyMFoiLCJ2ZXJzaW9uIjpudWxsfQ==
epargne-salariale.ooreka.fr/ Name: atuserid
Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%22f658dbe5-609b-4891-a130-b1988537f671%22%2C%22options%22%3A%7B%22end%22%3A%222024-12-03T07%3A35%3A52.800Z%22%2C%22path%22%3A%22%2F%22%7D%7D
epargne-salariale.ooreka.fr/ Name: pa_privacy
Value: %22exempt%22
epargne-salariale.ooreka.fr/ Name: _pcid
Value: %7B%22browserId%22%3A%22logvh87spp135prc%22%2C%22_t%22%3A%22m45aepk7%7Clogvh887%22%7D
epargne-salariale.ooreka.fr/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXSwH18yBbACwBWQlAAOAawCcAH1SUA5gDcAFgA510kAF8gA
.pagesjaunes.fr/ Name: __cf_bm
Value: MCTjYtIe1P8_YnH_88YKAwgKiiVOoYaaBJaIthzkbH8-1698910552-0-AcrzndOxA2u53Qq2svfRqYnHPml5biCtWzXIQGpOJ9wWPk8O6+F4ffa1UpnC7rfXd1oTQ0QkIcRaXg/9n8J/+7RoydqvpCoqzUB0LHR8hbqt

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.pagesjaunes.fr
cdn.hubvisor.io
epargne-salariale.ooreka.fr
sdk.privacy-center.org
securepubads.g.doubleclick.net
static.ooreka.fr
tag.aticdn.net
www.googletagmanager.com
104.17.196.85
151.101.194.132
18.66.147.21
2600:9000:2251:1200:5:b7cc:d3c0:93a1
2606:4700:4400::6812:2745
2606:4700:4400::ac40:94bb
2a00:1450:4001:80b::2002
2a00:1450:4001:830::2008
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
0b18431e871418bca8e4511041d670b453cf47afc0eb7d351471337ece8af2c6
1bc47ee618fd9ce528fdce7542f7195a154b4a986c23cb6c4df17faeee61e916
205033b4ef43b5debc08ee8753f8564409f114ac67c9428cb8af1b578e161aad
2d731866a89bd1066deff68dcce10727dd9b37372fceb2e100ca9e019ee16d99
399e7b36a65f63b7ca8bce850e687d173dbd165007a1405ea07d53572babf7ca
4bf5ab4aa12b3308eb4f6260d62a94afefdb390c76fb6b02a302c80278eea9b8
68c6038a92761eea67e7280272fa965eaba9142ccc0e42fadfeafb5585a806a3
6e52ebe37da001ef8846a88edc1c1063f2cdf5c1ce54d9002e0a691ac1810474
8db5c10c11174390bd5147f6a1a90471f8485b1d3f98e300e9134e87617d2972
8f37dd40f3bc596672d0f727e271a7e03aceb23d08c3778daf545a2854d9a81f
93389eb347ebdeffd077b6e1c0e38e506ad76201bd1b99c65ab98129965d20ac
a90532601fe45ffd40e046cf8800a923327e1488990ac165ed45933012245ef7
a90ce09fc68a01d17a5a9a00f3d2afea3c6f9e9ca3900b03f1f8d730c12064a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9f0e00af14453eacee95a639ce8c7960e034f3ef42670f916b0d4afd0c3d09
f838024ade4e84537e30b7e001e8111db5f81b3c9cd94b73eecd2137f15aa575