app.fr.orange.lpass.tv Open in urlscan Pro
52.212.25.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.fr.orange.lpass.tv/
Effective URL:
https://app.fr.orange.lpass.tv/login
Submission: On June 07 via api (June 7th 2024, 8:42:28 am UTC) from US — Scanned from FR

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 52.212.25.118, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is app.fr.orange.lpass.tv.
TLS certificate: Issued by R3 on June 6th 2024. Valid for: 3 months.

This is the only time app.fr.orange.lpass.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	52.212.25.118 52.212.25.118	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	130.211.5.208 130.211.5.208	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	107.178.240.159 107.178.240.159	15169 (GOOGLE) (GOOGLE)
14	5

8 52.212.25.118 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-25-118.eu-west-1.compute.amazonaws.com

app.fr.orange.lpass.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.5.208 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.5.211.130.bc.googleusercontent.com

cdn4.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.240.178.107.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	lpass.tv 1 redirects app.fr.orange.lpass.tv	167 KB
2	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2462	483 B
2	gstatic.com fonts.gstatic.com	32 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	2 KB
1	mxpnl.com cdn4.mxpnl.com — Cisco Umbrella Rank: 18066	19 KB
14	5

	Domain	Requested by
8	app.fr.orange.lpass.tv	1 redirects app.fr.orange.lpass.tv
2	api-js.mixpanel.com	cdn4.mxpnl.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	app.fr.orange.lpass.tv
1	cdn4.mxpnl.com	app.fr.orange.lpass.tv
14	5

This site contains no links.

Subject Issuer	Validity	Valid
app.fr.orange.lpass.tv R3	`2024-06-06` - `2024-09-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.mixpanel.com GeoTrust TLS RSA CA G1	`2024-02-08` - `2025-03-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.fr.orange.lpass.tv/login
Frame ID: 95AA4C90251876A4AA79435E56B86179
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NBA League Pass

Page URL History Show full URLs

https://app.fr.orange.lpass.tv/ HTTP 302
https://app.fr.orange.lpass.tv/login Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

218 kB
Transfer

585 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.fr.orange.lpass.tv/ HTTP 302
https://app.fr.orange.lpass.tv/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
app.fr.orange.lpass.tv/
Redirect Chain

https://app.fr.orange.lpass.tv/
https://app.fr.orange.lpass.tv/login

8 KB
4 KB

156ms
156ms

Document
text/html

52.212.25.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.fr.orange.lpass.tv/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.212.25.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-25-118.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8c44f915c45c6518c93936b20a27b904d2eaeb6838209f8d7f4fbbbf4e028f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 08:42:23 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-eks-cluster: EKSE2753513-82ad5775eda642daaa3762d1029c2f4f
x-pmc-cluster: production
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 08:42:23 GMT
location: https://app.fr.orange.lpass.tv/login
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-eks-cluster: EKSE2753513-82ad5775eda642daaa3762d1029c2f4f
x-pmc-cluster: production
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 3 KB
980 B 120ms
42ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,600

Requested by

Host: app.fr.orange.lpass.tv
URL: https://app.fr.orange.lpass.tv/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f14de749ddf2b4c41dc85056d37eebbe615203b8ee6106dc92f11c1527bec35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.fr.orange.lpass.tv/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 08:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 07:55:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 08:42:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
738 B 186ms
108ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;500&display=swap

Requested by

Host: app.fr.orange.lpass.tv
URL: https://app.fr.orange.lpass.tv/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

859407cf936ee45dabd060619e85cfca4fa104f1ca78fc4961636d2d290d5e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.fr.orange.lpass.tv/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 08:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 07:51:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 08:42:24 GMT

GET
H2 200 universal-login.css
app.fr.orange.lpass.tv/css/ 63 KB
17 KB 43ms
42ms Stylesheet
text/css 52.212.25.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.fr.orange.lpass.tv/css/universal-login.css?id=ecbc21bd59daa274e47cdd1cfa67f80d

Requested by

Host: app.fr.orange.lpass.tv
URL: https://app.fr.orange.lpass.tv/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.212.25.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-25-118.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ae4897d269bd96311ec1607cf824d50ba61e909bada1392b4143489e7be66469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.fr.orange.lpass.tv/login
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pmc-cluster: production
date: Fri, 07 Jun 2024 08:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Fri, 31 May 2024 11:07:01 GMT
server: nginx
etag: W/"6659af55-fc02"
x-eks-cluster: EKSE2753513-82ad5775eda642daaa3762d1029c2f4f
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 14 Jun 2024 08:42:24 GMT

GET
H2 200 app.css
app.fr.orange.lpass.tv/css/ 11 KB
3 KB 42ms
41ms Stylesheet
text/css 52.212.25.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.fr.orange.lpass.tv/css/app.css?id=ea966b17a821d735719518db72513432

Requested by

Host: app.fr.orange.lpass.tv
URL: https://app.fr.orange.lpass.tv/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.212.25.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-25-118.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7bb2e77ea348d69ff4bfb88c86dd6a532ef3a1bd144f03acfebd3d7422dba726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.fr.orange.lpass.tv/login
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pmc-cluster: production
date: Fri, 07 Jun 2024 08:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Fri, 31 May 2024 11:07:01 GMT
server: nginx
etag: W/"6659af55-2d24"
x-eks-cluster: EKSE2753513-82ad5775eda642daaa3762d1029c2f4f
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 14 Jun 2024 08:42:24 GMT

GET
H2 200 universal-login.js Show response
app.fr.orange.lpass.tv/js/ 218 KB
75 KB 77ms
76ms Script
application/javascript 52.212.25.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.fr.orange.lpass.tv/js/universal-login.js?id=cb9879c2c331cee90d48eb72ae7a4351

Requested by

Host: app.fr.orange.lpass.tv
URL: https://app.fr.orange.lpass.tv/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.212.25.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-25-118.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1eda45e7e2dc8433559939081689b884ebdcb2d9036416fc13255d0f72ca11c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.fr.orange.lpass.tv/login
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pmc-cluster: production
date: Fri, 07 Jun 2024 08:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Fri, 31 May 2024 11:07:01 GMT
server: nginx
etag: W/"6659af55-369a4"
x-eks-cluster: EKSE2753513-82ad5775eda642daaa3762d1029c2f4f
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 14 Jun 2024 08:42:24 GMT

GET
H2 200 app.js Show response
app.fr.orange.lpass.tv/js/ 189 KB
65 KB 145ms
145ms Script
application/javascript 52.212.25.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.fr.orange.lpass.tv/js/app.js?id=81d2297b0ffa32570b7ea26a7d4c6e6e

Requested by

Host: app.fr.orange.lpass.tv
URL: https://app.fr.orange.lpass.tv/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.212.25.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-25-118.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

51f16d79340dd0c59bc288fb45a37feb25ccb306ea2009d27da00d3bb6ef5710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.fr.orange.lpass.tv/login
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pmc-cluster: production
date: Fri, 07 Jun 2024 08:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Fri, 31 May 2024 11:07:01 GMT
server: nginx
etag: W/"6659af55-2f480"
x-eks-cluster: EKSE2753513-82ad5775eda642daaa3762d1029c2f4f
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 14 Jun 2024 08:42:24 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn4.mxpnl.com/libs/ 55 KB
19 KB 118ms
26ms Script
text/javascript 130.211.5.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: app.fr.orange.lpass.tv
URL: https://app.fr.orange.lpass.tv/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.5.208 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 208.5.211.130.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c81896eb5b02fa8350f6753d96ff154143e2c48d357c32f035d703b8716aea8d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.fr.orange.lpass.tv/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 08:41:53 GMT
content-encoding: gzip
age: 31
x-guploader-uploadid: ABPtcPr9Fpcpxn-vNoGrpAQHYGWeFqLZBRVk0C8iaDsjqNT7i8mZlBleQyCUrPt7ghcoxNfmYErNF5mieg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18819
last-modified: Wed, 29 May 2024 01:49:19 GMT
server: UploadServer
etag: "d53b55223e2f05d176a53e2cd950b378"
vary: Accept-Encoding
x-goog-generation: 1716947359732123
x-goog-hash: crc32c=H3ruDA==, md5=1TtVIj4vBdF2pT4s2VCzeA==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18819
accept-ranges: bytes
expires: Fri, 07 Jun 2024 08:51:53 GMT

GET
H2 200 phone.svg
app.fr.orange.lpass.tv/vendor/universal-login/images/ 460 B
359 B 45ms
45ms Image
image/svg+xml 52.212.25.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.fr.orange.lpass.tv/vendor/universal-login/images/phone.svg

Requested by

Host: app.fr.orange.lpass.tv
URL: https://app.fr.orange.lpass.tv/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.212.25.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-25-118.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

402e99c6a8f3e32ced4f3a9e1637220af87a888a9fa9bd370c5c18c7aa71c07c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.fr.orange.lpass.tv/login
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pmc-cluster: production
date: Fri, 07 Jun 2024 08:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Fri, 31 May 2024 11:07:01 GMT
server: nginx
etag: W/"6659af55-1cc"
x-eks-cluster: EKSE2753513-82ad5775eda642daaa3762d1029c2f4f
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 14 Jun 2024 08:42:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 106ms
34ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://app.fr.orange.lpass.tv
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 18:30:08 GMT
x-content-type-options: nosniff
age: 310336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Jun 2025 18:30:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 114ms
43ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://app.fr.orange.lpass.tv
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:34:19 GMT
x-content-type-options: nosniff
age: 11285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 05:34:19 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
387 B 138ms
82ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1717749744340

Requested by

Host: cdn4.mxpnl.com
URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app.fr.orange.lpass.tv/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Fri, 07 Jun 2024 08:42:24 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://app.fr.orange.lpass.tv
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 50
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
96 B 81ms
81ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1717749744485

Requested by

Host: cdn4.mxpnl.com
URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app.fr.orange.lpass.tv/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Fri, 07 Jun 2024 08:42:24 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://app.fr.orange.lpass.tv
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 48
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25
alt-svc: clear

GET
H2 200 favicon-32x32.png
app.fr.orange.lpass.tv/images/favicons/ 2 KB
2 KB 35ms
35ms Other
image/png 52.212.25.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.fr.orange.lpass.tv/images/favicons/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.212.25.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-25-118.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

25d1b25133ddfd5799d42436172c2acfe4b8bed539cf17a7cbb41a6a465133c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.fr.orange.lpass.tv/login
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pmc-cluster: production
date: Fri, 07 Jun 2024 08:42:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 31 May 2024 11:07:01 GMT
server: nginx
etag: "6659af55-65e"
x-eks-cluster: EKSE2753513-82ad5775eda642daaa3762d1029c2f4f
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1630
x-xss-protection: 1; mode=block
expires: Fri, 14 Jun 2024 08:42:24 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.fr.orange.lpass.tv/	1970-01-20 21:09:16	Name: XSRF-TOKEN Value: eyJpdiI6IlhHYzFUamZEN0RwME1wY3RMVTE1ZHc9PSIsInZhbHVlIjoicml2b0hnMVJHV2IwRmxUb0s1bmcvZVUxUnBmTG1CdjVSRUpOTVJDc010SkloVGd6UXB5cGZ4SGxBZmhpK3BKUTZZMURCMmU3YlllNno2TFRqK2dpaVcyelJHem5ESTJUNWJZNUdUOGhSTCt5ZGJKanFxKzkvODk0T2F0S2d2NWIiLCJtYWMiOiJmNjE2YzAwYTkxOGVkOTUxNjZhYTRhMzE3OTVjY2JiMzE5ZDJkNjgwM2IyNjRiOGIwZThmOWNkZjhjM2U1NDNlIiwidGFnIjoiIn0%3D
app.fr.orange.lpass.tv/	1970-01-20 21:09:16	Name: nba_league_pass_product_session Value: eyJpdiI6InBvMkdRcGdGbTNiRzFxdUdYTzBVb1E9PSIsInZhbHVlIjoieTgxQmYzejFqYVdMT0hoSms0N2pnaDNvbk44R3FSb0V1R2JqdTczckpuQjh0ckl2SHppM0pCdEVNYjRRMUdRMWdPZ0ZKZ1RJSFdVUzJjZGpha1lGdG5ja21aa3lSSUJmWXBzYTU1SVFqRTJRdmNubmdLamxlNUxlZDIzNlZxeXEiLCJtYWMiOiI2YmE5NmU0OGQ0NzU2M2EwYmZhYTAxMThlYmQxMGI3ZWM5ZGNjYTM5YmI2MGEyZTg0YWNjOTcyNGJmZWNkMDE2IiwidGFnIjoiIn0%3D
.lpass.tv/	1970-01-21 05:54:45	Name: mp_52ec6733d8918bb2f5d43424ffdfce32_mixpanel Value: %7B%22distinct_id%22%3A%20%22XEnfMrCYHPLC1x78AcZrYbYNeq0Xo1NvgOD2RtCF%22%2C%22%24device_id%22%3A%20%2218ff1dd02cf2d2-06f6a90122138f-26001c51-1d4c00-18ff1dd02cf2d2%22%2C%22%24user_id%22%3A%20%22XEnfMrCYHPLC1x78AcZrYbYNeq0Xo1NvgOD2RtCF%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22product_slug%22%3A%20%22nba-league-pass-orange-fr%22%2C%22is_product%22%3A%20true%2C%22user_agent%22%3A%20%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36%22%2C%22client_ip%22%3A%20%22178.33.144.179%22%2C%22access_type%22%3A%20%22free-browsing%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
app.fr.orange.lpass.tv
cdn4.mxpnl.com
fonts.googleapis.com
fonts.gstatic.com
107.178.240.159
130.211.5.208
2a00:1450:4001:803::200a
2a00:1450:4001:812::2003
52.212.25.118
1eda45e7e2dc8433559939081689b884ebdcb2d9036416fc13255d0f72ca11c2
25d1b25133ddfd5799d42436172c2acfe4b8bed539cf17a7cbb41a6a465133c0
402e99c6a8f3e32ced4f3a9e1637220af87a888a9fa9bd370c5c18c7aa71c07c
51f16d79340dd0c59bc288fb45a37feb25ccb306ea2009d27da00d3bb6ef5710
7bb2e77ea348d69ff4bfb88c86dd6a532ef3a1bd144f03acfebd3d7422dba726
859407cf936ee45dabd060619e85cfca4fa104f1ca78fc4961636d2d290d5e6c
8c44f915c45c6518c93936b20a27b904d2eaeb6838209f8d7f4fbbbf4e028f2d
ae4897d269bd96311ec1607cf824d50ba61e909bada1392b4143489e7be66469
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c81896eb5b02fa8350f6753d96ff154143e2c48d357c32f035d703b8716aea8d
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
f14de749ddf2b4c41dc85056d37eebbe615203b8ee6106dc92f11c1527bec35c
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

app.fr.orange.lpass.tv Open in urlscan Pro 52.212.25.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

218 kBTransfer

585 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

app.fr.orange.lpass.tv Open in urlscan Pro
52.212.25.118 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

218 kB
Transfer

585 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions