urlscan.io logo urlscan.io
SecurityTrails logo

veolia.ozalid.quarantesix.fr Open in urlscan Pro
217.195.23.28  Public Scan

Go To Rescan Add Verdict Report
URL: https://veolia.ozalid.quarantesix.fr/
Submission: On June 20 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 17 HTTP transactions. The main IP is 217.195.23.28, located in Paris, France and belongs to VEEPEE-SDN, FR. The main domain is veolia.ozalid.quarantesix.fr.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on February 9th 2024. Valid for: a year.
This is the only time veolia.ozalid.quarantesix.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 217.195.23.28 204273 (VEEPEE-SDN)
1 2 104.17.3.184 13335 (CLOUDFLAR...)
1 2620:1ec:bdf::60 8075 (MICROSOFT...)
1 104.17.2.184 13335 (CLOUDFLAR...)
2 20.50.88.245 8075 (MICROSOFT...)
17 5
12    217.195.23.28 (Paris, France)

ASN204273 (VEEPEE-SDN, FR)
PTR: 28
veolia.ozalid.quarantesix.fr
2    104.17.3.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    104.17.2.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
2    20.50.88.245 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
12 quarantesix.fr
veolia.ozalid.quarantesix.fr
2 MB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4311
14 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 563
200 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 609
57 KB
17 4
Domain Requested by
12 veolia.ozalid.quarantesix.fr veolia.ozalid.quarantesix.fr
3 challenges.cloudflare.com 1 redirects veolia.ozalid.quarantesix.fr
challenges.cloudflare.com
2 dc.services.visualstudio.com js.monitor.azure.com
1 js.monitor.azure.com veolia.ozalid.quarantesix.fr
17 4

This site contains no links.

Subject Issuer Validity Valid
*.ozalid.quarantesix.fr
Sectigo RSA Organization Validation Secure Server CA		 2024-02-09 -
2025-03-07		 a year crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-05-22 -
2025-05-17		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-04-10 -
2025-04-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://veolia.ozalid.quarantesix.fr/
Frame ID: 5A511674ED971FFFAA6B2113D46345B9
Requests: 15 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t5y2a/0x4AAAAAAAC3eqmnmWzM1_aq/auto/normal
Frame ID: 4A82AA2477C8C4AD2849D46C83B5C80F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ozalid, plateforme Web-to-Print | Groupe QUARANTE SIX

Page Statistics

17
Requests

94 %
HTTPS

20 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

1719 kB
Transfer

1806 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
veolia.ozalid.quarantesix.fr/ 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://veolia.ozalid.quarantesix.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
882d8681c453ea82e689000c3f066dc229b88e87e7cf1cbb02cd367ee52c229e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
content-type
text/html; charset=utf-8
date
Thu, 20 Jun 2024 01:54:33 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
StyleSheet.css
veolia.ozalid.quarantesix.fr/css/ 		34 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://veolia.ozalid.quarantesix.fr/css/StyleSheet.css?v=0bmxJ4IGJzHRL9noGkixr0a7kinnYIJUZLSqHUILrW8
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
e3596893365a0a3e2aa1055b78d3d16b9a3d4d644807a53a1361de5547bb40a5
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 03:43:24 GMT
date
Thu, 20 Jun 2024 01:54:33 GMT
etag
"1dac131abc11e67"
content-type
text/css
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges
bytes
content-length
34919
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
main.css
veolia.ozalid.quarantesix.fr/dist/ 		279 KB
279 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://veolia.ozalid.quarantesix.fr/dist/main.css?v=mqSBNzH2qhdRx7ejSF-9SXsoK9ZIzq45k_rcW7SgAtM
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
9aa4813731f6aa1751c7b7a3485fbd497b282bd648ceae3993fadc5bb4a002d3
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 03:46:54 GMT
date
Thu, 20 Jun 2024 01:54:33 GMT
etag
"1dac13228e9575d"
content-type
text/css
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges
bytes
content-length
285789
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
main.js
veolia.ozalid.quarantesix.fr/dist/ 		346 KB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://veolia.ozalid.quarantesix.fr/dist/main.js?v=ewZF25103rtfti51btyOvm_Mmvu6odBV6NvADMhIb-0
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
7b0645db9d74debb5fb62e756edc8ebe6fcc9afbbaa1d055e8dbc00cc8486fed
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 03:46:54 GMT
date
Thu, 20 Jun 2024 01:54:33 GMT
etag
"1dac13228e86248"
content-type
application/javascript
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges
bytes
content-length
354632
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
api.js
challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js
42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/
Protocol
H3
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22401f58443400f39ce653a1736059092e1e5f85ffbbbaeda4b11c16b5bade6e

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://veolia.ozalid.quarantesix.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 01:54:33 GMT
content-encoding
br
last-modified
Thu, 06 Jun 2024 21:04:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
896821b2397c23d0-LHR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 20 Jun 2024 01:54:33 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/6aac8896f227/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
896821b1f95a23d0-LHR
alt-svc
h3=":443"; ma=86400
content-length
0
login.js
veolia.ozalid.quarantesix.fr/dist/ 		963 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://veolia.ozalid.quarantesix.fr/dist/login.js?v=4jEte1MxN_68jpoXq_X6WVl1XlkNY-r7hKj7TFVa8Ww
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
e2312d7b533137febc8e9a17abf5fa5959755e590d63eafb84a8fb4c555af16c
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 03:46:54 GMT
date
Thu, 20 Jun 2024 01:54:33 GMT
etag
"1dac13228ed08c3"
content-type
application/javascript
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges
bytes
content-length
963
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
veolia.png
veolia.ozalid.quarantesix.fr/images/webuser/Authentication/ 		894 KB
895 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://veolia.ozalid.quarantesix.fr/images/webuser/Authentication/veolia.png
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
2b85eb0ea0c3e2aba8e4337b34ef632c67477f9e4f25519001eab3997b7c9434
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 03:43:24 GMT
date
Thu, 20 Jun 2024 01:54:33 GMT
etag
"1dac131abcc6e95"
content-type
image/png
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges
bytes
content-length
915605
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
PICTO_Enveloppe.png
veolia.ozalid.quarantesix.fr/images/webuser/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://veolia.ozalid.quarantesix.fr/images/webuser/PICTO_Enveloppe.png
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
67f30df0394eb2a92de455d9a1703675cb2b568bc75ee53d83e1ee25164180c5
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 03:43:24 GMT
date
Thu, 20 Jun 2024 01:54:33 GMT
etag
"1dac131abc19157"
content-type
image/png
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges
bytes
content-length
1879
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
PICTO_Cadenas.png
veolia.ozalid.quarantesix.fr/images/webuser/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://veolia.ozalid.quarantesix.fr/images/webuser/PICTO_Cadenas.png
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
a5cc84be3252e1ceabfd1cb0be8e876680290f3d451215deb1bcae6f23ef8b49
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 03:43:24 GMT
date
Thu, 20 Jun 2024 01:54:33 GMT
etag
"1dac131abc190bb"
content-type
image/png
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges
bytes
content-length
1723
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
Checkbox_Active.png
veolia.ozalid.quarantesix.fr/images/checkbox/ 		355 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://veolia.ozalid.quarantesix.fr/images/checkbox/Checkbox_Active.png
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/css/StyleSheet.css?v=0bmxJ4IGJzHRL9noGkixr0a7kinnYIJUZLSqHUILrW8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
10e7018ef7e825c1e45f57ab11160f54d5ceebebaf2ba1b6cdd92e078f63eaa5
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/css/StyleSheet.css?v=0bmxJ4IGJzHRL9noGkixr0a7kinnYIJUZLSqHUILrW8
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 03:43:24 GMT
date
Thu, 20 Jun 2024 01:54:33 GMT
etag
"1dac131abc19763"
content-type
image/png
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges
bytes
content-length
355
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
f79edb4e1f8b7e51c9c2.ttf
veolia.ozalid.quarantesix.fr/dist/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://veolia.ozalid.quarantesix.fr/dist/f79edb4e1f8b7e51c9c2.ttf
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/dist/main.css?v=mqSBNzH2qhdRx7ejSF-9SXsoK9ZIzq45k_rcW7SgAtM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
640c3c0f84c9686dcfb16bcb3f070dfffb6548fff186138aae8860f628ee281e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/dist/main.css?v=mqSBNzH2qhdRx7ejSF-9SXsoK9ZIzq45k_rcW7SgAtM
Origin
https://veolia.ozalid.quarantesix.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 03:46:54 GMT
date
Thu, 20 Jun 2024 01:54:33 GMT
etag
"1dac13228ed92b8"
content-type
application/x-font-ttf
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges
bytes
content-length
39352
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
cdff27ff5c7d3785fc4d.ttf
veolia.ozalid.quarantesix.fr/dist/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://veolia.ozalid.quarantesix.fr/dist/cdff27ff5c7d3785fc4d.ttf
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/dist/main.css?v=mqSBNzH2qhdRx7ejSF-9SXsoK9ZIzq45k_rcW7SgAtM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
1b8800c44670b2f916e58a12cdf46bdaccb682b88a332298d49e8e4ba1e9d178
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/dist/main.css?v=mqSBNzH2qhdRx7ejSF-9SXsoK9ZIzq45k_rcW7SgAtM
Origin
https://veolia.ozalid.quarantesix.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 03:46:54 GMT
date
Thu, 20 Jun 2024 01:54:33 GMT
etag
"1dac13228ed92ac"
content-type
application/x-font-ttf
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges
bytes
content-length
39340
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		120 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: veolia.ozalid.quarantesix.fr
URL: https://veolia.ozalid.quarantesix.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/
Origin
https://veolia.ozalid.quarantesix.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 01:54:33 GMT
content-encoding
br
last-modified
Wed, 20 Mar 2024 17:31:27 GMT
x-ms-meta-aijssdkver
2.8.18
vary
Accept-Encoding
x-azure-ref
20240620T015433Z-174b4bdfd944bvhm54hk9153cg0000000a0g000000002zng
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9e582ec7-401e-0044-4275-b546e6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.min.js
x-fd-int-roxy-purgeid
0
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t5y2a/0x4AAAAAAAC3eqmnmWzM1_aq/auto/ Frame 4A82 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t5y2a/0x4AAAAAAAC3eqmnmWzM1_aq/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://veolia.ozalid.quarantesix.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
896821b2cc929564-LHR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 01:54:34 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
veolia.ozalid.quarantesix.fr/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://veolia.ozalid.quarantesix.fr/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.195.23.28 Paris, France, ASN204273 (VEEPEE-SDN, FR),
Reverse DNS
28
Software
/
Resource Hash
02f67256984a514b069ec0a563c0f6ea46d2f58e5551add6f220a718a0f22abd
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://veolia.ozalid.quarantesix.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 03:43:24 GMT
date
Thu, 20 Jun 2024 01:54:33 GMT
etag
"1dac131abc1927e"
content-type
image/x-icon
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=self, usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges
bytes
content-length
1150
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f493b3f1-7be7-4c9e-a703-9d5c64ba1c1d
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://veolia.ozalid.quarantesix.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Thu, 20 Jun 2024 01:54:33 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d609319078be5866c50cfc1c55903d0e6ec6821a3af8cfc5110226b10090dd99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://veolia.ozalid.quarantesix.fr/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Thu, 20 Jun 2024 01:54:33 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| webpackChunkozalid_web function| $ function| jQuery number| uidEvent function| openModal function| openModalConfirm function| openModalAlert function| closeModal function| requestAnimFrame boolean| gbIE number| _heightDoc number| _widthDoc number| _heightImg number| _widthImg number| x number| y number| xPg number| yPg object| appInsights function| ChangeLanguage object| turnstile object| Microsoft object| __dynProto$Gbl

3 Cookies

Domain/Path Name / Value
veolia.ozalid.quarantesix.fr/ Name: .AspNetCore.Antiforgery.71brwS7ryrM
Value: CfDJ8Ap5ap5lX99AuH9EMQfuCNqw517V4W-FTbdkxShkNPCNSsL8hYlW-URfJov8vd_HZHDy4l_Xxit5CPfY60b0OZQpJLB6eSOt1hdBkc4KxRqn_5dvusgu4aYcjrfIKeR00-kjA5u-WWd12bKvy5WFpXY
veolia.ozalid.quarantesix.fr/ Name: ai_user
Value: fIHdcArNv0a6vSAH18H45c|2024-06-20T01:54:34.058Z
veolia.ozalid.quarantesix.fr/ Name: ai_session
Value: q4uwHY26NS/Rynf4MounjF|1718848474260|1718848474260

14 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'conversion-measurement'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'focus-without-user-activation'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'trust-token-redemption'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'window-placement'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vertical-scroll'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.ozalid.quarantesix.fr js.monitor.azure.com dc.services.visualstudio.com pitchprint.io *.pitchprint.io challenges.cloudflare.com www.youtube.com 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block