espace.dons-gustaveroussy.fr Open in urlscan Pro
194.51.172.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://red.commandeproduits.fr/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVlZTI1MTZjZDc2OGRfMjE0Ijt9/am9zLnZhbl9oZXJja...
Effective URL:
https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm...
Submission: On June 18 via api (June 18th 2020, 11:45:44 am UTC) from BE

Summary HTTP 56 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 15 domains to perform 56 HTTP transactions. The main IP is 194.51.172.116, located in France and belongs to France Telecom - Orange, FR. The main domain is espace.dons-gustaveroussy.fr.
TLS certificate: Issued by GeoTrust RSA CA 2018 on September 17th 2019. Valid for: a year.

This is the only time espace.dons-gustaveroussy.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	46.105.116.30 46.105.116.30	16276 (OVH) (OVH)
1	35.162.71.55 35.162.71.55	16509 (AMAZON-02) (AMAZON-02)
2 2	52.210.174.128 52.210.174.128	16509 (AMAZON-02) (AMAZON-02)
33	194.51.172.116 194.51.172.116	3215 (France Te...) (France Telecom - Orange)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 2	216.58.205.230 216.58.205.230	15169 (GOOGLE) (GOOGLE)
1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	194.213.114.24 194.213.114.24	34762 (COMBELL-AS) (COMBELL-AS)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	74.125.206.155 74.125.206.155	15169 (GOOGLE) (GOOGLE)
56	14

1 46.105.116.30 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: e11-webmxt.emslip.com

red.commandeproduits.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.162.71.55 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: info.rurgiechie.fr

lumbursel.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.174.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com

t.ocdn.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
orixamedia.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 194.51.172.116 (France)

ASN3215 (France Telecom - Orange, FR)

espace.dons-gustaveroussy.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.205.230 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f6.1e100.net

6056935.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.213.114.24 (Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: webapp24.emsecure.net

ediis.emsecure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	dons-gustaveroussy.fr espace.dons-gustaveroussy.fr	2 MB
6	doubleclick.net 2 redirects 6056935.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net	4 KB
4	facebook.com www.facebook.com	763 B
3	google.de www.google.de	320 B
3	google.com 1 redirects www.google.com	386 B
3	facebook.net connect.facebook.net	289 KB
2	bing.com bat.bing.com	8 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	emsecure.net ediis.emsecure.net	2 KB
1	googleadservices.com www.googleadservices.com	11 KB
1	googletagmanager.com www.googletagmanager.com	42 KB
1	go2cloud.org 1 redirects orixamedia.go2cloud.org	2 KB
1	ocdn.fr 1 redirects t.ocdn.fr	476 B
1	lumbursel.fr lumbursel.fr	649 B
1	commandeproduits.fr 1 redirects red.commandeproduits.fr	660 B
56	15

	Domain	Requested by
33	espace.dons-gustaveroussy.fr	espace.dons-gustaveroussy.fr www.googletagmanager.com
4	www.facebook.com	espace.dons-gustaveroussy.fr
3	www.google.de	espace.dons-gustaveroussy.fr
3	www.google.com	1 redirects espace.dons-gustaveroussy.fr
3	connect.facebook.net	lumbursel.fr connect.facebook.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	bat.bing.com	www.googletagmanager.com espace.dons-gustaveroussy.fr
2	6056935.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	bid.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	1 redirects
1	ediis.emsecure.net	espace.dons-gustaveroussy.fr
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	espace.dons-gustaveroussy.fr
1	orixamedia.go2cloud.org	1 redirects
1	t.ocdn.fr	1 redirects
1	lumbursel.fr
1	red.commandeproduits.fr	1 redirects
56	18

This site contains links to these domains. Also see Links.

Domain
www.gustaveroussy.fr

Subject Issuer	Validity	Valid
espace.dons-gustaveroussy.fr GeoTrust RSA CA 2018	`2019-09-17` - `2020-11-15`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.emsecure.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-05-12`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
Frame ID: C960D1449FE91D0841AB313C654B5F48
Requests: 54 HTTP requests in this frame

Frame: https://6056935.fls.doubleclick.net/activityi;dc_pre=CLmAhoGli-oCFVWVdwod5z8Lmg;src=6056935;type=invmedia;cat=nvte1yuv;ord=3890833097977;gtm=2wg6a0;auiddc=1965396081.1592480728;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D
Frame ID: 68CF248334E2069BCF34A2AAD38DB2FC
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 35B1FC25D28C129663DD032D17A7857B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://red.commandeproduits.fr/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVlZTI1MTZjZDc2OGRfMjE0Ij... HTTP 302
http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmN... Page URL
http://t.ocdn.fr/aff_c?offer_id=866&aff_id=1583 HTTP 302
https://orixamedia.go2cloud.org/aff_c?offer_id=866&aff_id=1583 HTTP 302
https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orix... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

56
Requests

98 %
HTTPS

53 %
IPv6

15
Domains

18
Subdomains

14
IPs

5
Countries

1973 kB
Transfer

2987 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.gustaveroussy.fr/
Title: Gustaveroussy.fr

Search URL Search Domain Scan URL

URL: https://www.gustaveroussy.fr/fr/politique-de-protection-des-donnees-personnelles-donateurs
Title: Mes données personnelles

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://red.commandeproduits.fr/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVlZTI1MTZjZDc2OGRfMjE0Ijt9/am9zLnZhbl9oZXJjayU0MHNreW5ldC5iZQ==/20171597/1199178 HTTP 302
http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html Page URL
http://t.ocdn.fr/aff_c?offer_id=866&aff_id=1583 HTTP 302
https://orixamedia.go2cloud.org/aff_c?offer_id=866&aff_id=1583 HTTP 302
https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://red.commandeproduits.fr/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVlZTI1MTZjZDc2OGRfMjE0Ijt9/am9zLnZhbl9oZXJjayU0MHNreW5ldC5iZQ==/20171597/1199178 HTTP 302
http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html

Request Chain 29

https://6056935.fls.doubleclick.net/activityi;src=6056935;type=invmedia;cat=nvte1yuv;ord=3890833097977;gtm=2wg6a0;auiddc=1965396081.1592480728;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D HTTP 302
https://6056935.fls.doubleclick.net/activityi;dc_pre=CLmAhoGli-oCFVWVdwod5z8Lmg;src=6056935;type=invmedia;cat=nvte1yuv;ord=3890833097977;gtm=2wg6a0;auiddc=1965396081.1592480728;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D

Request Chain 40

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=292356913&t=pageview&_s=1&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&dr=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&ul=en-us&de=UTF-8&dt=Gustave%20Roussy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1458916884&gjid=146616404&cid=111204496.1592480729&tid=UA-61992640-1&_gid=259806181.1592480729&_r=1&gtm=2wg6a0KP6K7DB&cg1=null&cg2=null&cg3=null&cd1=null&cd2=null&cd3=null&cd4=fr&z=1486828572 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61992640-1&cid=111204496.1592480729&jid=1458916884&_gid=259806181.1592480729&gjid=146616404&_v=j83&z=1486828572 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=111204496.1592480729&jid=1458916884&_v=j83&z=1486828572 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=111204496.1592480729&jid=1458916884&_v=j83&z=1486828572&slf_rd=1&random=2675184697

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html Show response
lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/
Redirect Chain

http://red.commandeproduits.fr/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVlZTI1MTZjZDc2OGRfMjE0Ijt9/am9zLnZhbl9oZXJjayU0MHNreW5ldC5iZQ==/20171597/1199178
http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBva...

103 B
649 B

425ms
411ms

Document
text/html

35.162.71.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html
Protocol: HTTP/1.1
Server: 35.162.71.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: info.rurgiechie.fr
Software: nginx/1.16.1 / PHP/5.3.3
Resource Hash: a27c7fc2d62741405a648aeeecb68535b47d6b82fc10684d7d47bb89dcc2f74b

Request headers

Host: lumbursel.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.16.1
Date: Thu, 18 Jun 2020 11:45:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.3.3
Set-Cookie: clic48lpmdata-agencywebfrip185_236_201_148=0; expires=Thu, 18-Jun-2020 11:45:27 GMT; path=/; domain=data-agencyweb.fr clic48lpmdata-agencywebfrip185_236_201_148=198537; path=/; domain=data-agencyweb.fr
Last-Modified: Thursday, 18-Jun-2020 11:45:28 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

Redirect headers

Date: Thu, 18 Jun 2020 11:45:27 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.45-0+deb7u2
Set-Cookie: BMT__beverlymail__data_sendout_5ee2516cd768d_214=1592480727__jos.van_herck%40skynet.be; expires=Sun, 19-Jul-2020 11:45:27 GMT
Location: http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 25
Connection: close
Content-Type: text/html

GET
H/1.1

200
OK

Primary Request

Cookie set index.html Show response
espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/
Redirect Chain

http://t.ocdn.fr/aff_c?offer_id=866&aff_id=1583
https://orixamedia.go2cloud.org/aff_c?offer_id=866&aff_id=1583
https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=

47 KB
48 KB

285ms
198ms

Document
text/html

194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

747f93100b8dde97bf7b25853f4343359b2717016bc34c521ebf9062d01f8ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: espace.dons-gustaveroussy.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html

Response headers

Server: web server
Date: Thu, 18 Jun 2020 11:45:27 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=73f8585edd234fd78a26bf5c545b; Path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=600;

Redirect headers

Server: nginx
Date: Thu, 18 Jun 2020 11:45:27 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 358
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
tracking_id: 1029b3fd04b8dc21cba8cfa2f1abf8
Location: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
Set-Cookie: enc_aff_session_866=ENC033666d8b2468ecf01b2c2a91ebfeba4cf03a3d3bae239b44b90326e71f64bd6aa4f2297afe03ac3b1b90947728265ee6ac15dd91780165f0baec926cb952b49ce3107c5431fb22dd994880d29dc5063dfe60e49d926a1cd1e340a0974ed100c77a89f20d1b00f4dd6569b9718d83c5a5e6d70ada4c14f80d9823b97c507ff31c89117a8ab8fc6d6a14c50d1b6af4a0fda401201459def6bd7417007beed1007b69cc073868a0e70727f5900068f486c70f5a6b9f217c811464f9530010fa963500af50a8a133ab48d27f89ede0ef19ef04196eed75529f34b62ac968cf6630c4af6a784460dc75cb2bbffe035ad37f7b5b9b6a25a15dd280b450995d4499b35d2821462bd3bec35b673dad64f56949e5a7b28ec7e4a35d127a0489c7311a70100d8248d550e50c3c2b541799386dcb3d571e7159c157bc4ef4a08712f5c4063732cff09d26b81a925f392955d54746a348a65b2d85cdb62bb9414d974332d6300341586f3; expires=Sat, 18 Jul 2020 11:45:27 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 13 May 2023 22:25:27 GMT; path=/; SameSite=None; Secure
P3P: CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin: *
X-Request-Id: fe8fdede76826dcb73bf1facec1737e4
Access-Control-Allow-Headers: Tune-SDK-Version

GET
H/1.1 200
OK jsf.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/ 41 KB
42 KB 184ms
83ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/jsf.js?ln=javax.faces

Requested by

Host: espace.dons-gustaveroussy.fr
URL: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

32bea907c1d03c95b274c5e12a0becc6bf89e5162b7c539dcc6ad3a4abeeed35

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 16 Mar 2016 15:01:45 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"42350-1458140505802"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK omnifaces.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/ 5 KB
6 KB 182ms
46ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/omnifaces.js?ln=omnifaces&v=2.6.9

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

758eb30fceccd128603dcc56da4069f8353c6ecabad81b5e0098bb3a423c3eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:14 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"5238-1588696694000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Connection: keep-alive
Content-Length: 5238
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK bootstrap.min.css
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/ 115 KB
115 KB 69ms
57ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/bootstrap.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

e4d01bd86a65c7a29591a13489ee66098ab00ae2743b55ce617d78d2421507b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"117305-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK material.css
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/ 8 KB
8 KB 133ms
48ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/material.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

5600e9acb7a9bedf61dba9912d9817f2a488b9c174383dde73aa949628184d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"7897-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Connection: keep-alive
Content-Length: 7897
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK jquery-ui.css
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/ 31 KB
31 KB 159ms
75ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/jquery-ui.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

5cadd78421350033a98e8bd9771a105664192a663aa7a483fdb3a8832c0a195b

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"31622-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK primefaces.css
espace.dons-gustaveroussy.fr/javax.faces.resource/ 54 KB
55 KB 165ms
80ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/primefaces.css?ln=primefaces&v=5.0.3-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

b2919398423ac1b26fd8ae35087077c20310cbc7c39744aabf2ba8843a451fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"55089-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK jquery.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/jquery/ 106 KB
106 KB 191ms
56ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/jquery/jquery.js?ln=primefaces&v=5.0.3-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

c7377440c6b67578abf2e061a4dfb3d7fd3e369d3f1de4fc190e3920029d5126

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"108079-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK script.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ 36 KB
37 KB 207ms
55ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/script.js?v=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

5ae802931b89e21c4007bfee3a429dc42a74a39ec438e8fd5c5dee13b7b82473

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:14 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"37078-1588696694000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK primefaces.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/ 293 KB
294 KB 221ms
57ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/primefaces.js?ln=primefaces&v=5.0.3-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

8e2f54a78f2a49c4a07e2ded79fce72c0b1eac4151b58f445975be763281fd3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"300373-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK primefaces-extensions.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/ 23 KB
23 KB 260ms
79ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/primefaces-extensions.js?ln=primefaces-extensions&v=2.1.0-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

2bbde4b66ec26ccfb47d451a99cd628548ec347a1726d830387b34276616271c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:14 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"23595-1588696694000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK blockui.css
espace.dons-gustaveroussy.fr/javax.faces.resource/blockui/ 408 B
804 B 132ms
48ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/blockui/blockui.css?ln=primefaces-extensions&v=2.1.0-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

95c58d3ae930c39c6e3019ec50c0bc09c5103f01eb7778bf9bdee83d6d99e07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:14 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"408-1588696694000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Connection: keep-alive
Content-Length: 408
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK blockui.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/blockui/ 12 KB
12 KB 235ms
49ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/blockui/blockui.js?ln=primefaces-extensions&v=2.1.0-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

8bd81de5f519793e1683dcb16e5f09cc52e6d1f74e4b63035b8994f5a1e77bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:14 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"11860-1588696694000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK jquery-plugins.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/jquery/ 215 KB
216 KB 255ms
61ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/jquery/jquery-plugins.js?ln=primefaces&v=5.0.3-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

2613f8dc4ca4eba72b799af479816c95c28e2d62f967dc85a393d4934b755556

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"220535-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK style.css.xhtml
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/ 11 KB
11 KB 149ms
62ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

64d1e9835c95d788b70bb5157236e231ec1f374a53c74e5a93e02e94aade1d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"11190-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK ajax-loader.gif
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 6 KB
6 KB 49ms
47ms Image
image/gif 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ajax-loader.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

95cee022d25238b06b20a7cd53028b4ad66f113a8dfd9fb371776317988b0341

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"6235-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: image/gif
Connection: keep-alive
Content-Length: 6235
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H/1.1 200
OK desc_348527-0.img
espace.dons-gustaveroussy.fr/services/file/ 123 KB
124 KB 69ms
67ms Image
image/jpeg 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/services/file/desc_348527-0.img

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

6c699e92b30bff83c6ea48748d7f16f5bed122748e359b468a47b8a4ad63ae89

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 May 2020 15:19:59 CEST
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"0-1588771199000"
Strict-Transport-Security: max-age=600;
Content-Type: image/jpeg
Cache-Control: max-age=7200
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK desc_348527-1.img
espace.dons-gustaveroussy.fr/services/file/ 64 KB
64 KB 56ms
56ms Image
image/jpeg 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/services/file/desc_348527-1.img

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

31fe5f6bc79f7ce47537eea45ac5087bb71393b2c46626ab379f12bc627432e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 May 2020 15:19:59 CEST
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"0-1588771199000"
Strict-Transport-Security: max-age=600;
Content-Type: image/jpeg
Cache-Control: max-age=7200
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK crypto.jpg
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 11 KB
11 KB 53ms
51ms Image
image/jpeg 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/crypto.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

12058cf930e5807aefe692bb92d4f3201b03ede218e3642763132a52a32063e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"11279-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H/1.1 200
OK cryptoAmex.jpg
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 11 KB
12 KB 53ms
52ms Image
image/jpeg 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/cryptoAmex.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

207db7a8845ea86abb7b230adbb82319d1d67615d43908c61ac0e032994d02e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"11503-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ 35 KB
36 KB 54ms
47ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/bootstrap.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:14 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"35951-1588696694000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK material.min.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ 4 KB
4 KB 49ms
46ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/material.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

d98befd689b42c85c10b500c0fd743e34acacb4c4aa10b9de01673afbe6e6163

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:14 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"4095-1588696694000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Connection: keep-alive
Content-Length: 4095
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK ripples.min.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ 3 KB
3 KB 72ms
70ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ripples.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

415f2d64fefbad43988b8432d4ff12e7f17adb8d8939e6ab35659a0136f05f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:14 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"2810-1588696694000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Connection: keep-alive
Content-Length: 2810
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ 232 KB
232 KB 58ms
56ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/jquery-ui.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"237548-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
42 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e4f9fd96a74e67cb92c09b58f515136e20d8aa653fb50bc56e7ea0d04984d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:45:28 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42701
x-xss-protection: 0
last-modified: Thu, 18 Jun 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jun 2020 11:45:28 GMT

GET
H/1.1 200
OK DINOT.otf
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/fonts/ 43 KB
43 KB 71ms
60ms Font
font/opentype 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/fonts/DINOT.otf

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

1ff1caa193614505793d8fbfc3a1ca2328df384334f4dcbf1fcaadf764604622

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
Origin: https://espace.dons-gustaveroussy.fr

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"43784-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: font/opentype
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H/1.1 200
OK hori.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 914 B
1 KB 50ms
48ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/hori.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

58b96c56da3ec730259a9ed4325df2010a348bf712be3e8170e7b6ed66742856

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:14 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"914-1588696694000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 914
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H/1.1 200
OK DINOT-Bold.otf
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/fonts/ 45 KB
45 KB 71ms
50ms Font
font/opentype 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/fonts/DINOT-Bold.otf

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

81f54226eb806efc69b0f823900b4830b76621c7a5d84d27d08ac8020313310a

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
Origin: https://espace.dons-gustaveroussy.fr

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"45608-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: font/opentype
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3950
date: Thu, 18 Jun 2020 10:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Thu, 18 Jun 2020 12:39:38 GMT

GET
H2

200

activityi;dc_pre=CLmAhoGli-oCFVWVdwod5z8Lmg;src=6056935;type=invmedia;cat=nvte1yuv;ord=3890833097977;gtm=2wg6a0;auiddc=1965396081.1592480728;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%...
6056935.fls.doubleclick.net/ Frame 68CF
Redirect Chain

https://6056935.fls.doubleclick.net/activityi;src=6056935;type=invmedia;cat=nvte1yuv;ord=3890833097977;gtm=2wg6a0;auiddc=1965396081.1592480728;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsit...
https://6056935.fls.doubleclick.net/activityi;dc_pre=CLmAhoGli-oCFVWVdwod5z8Lmg;src=6056935;type=invmedia;cat=nvte1yuv;ord=3890833097977;gtm=2wg6a0;auiddc=1965396081.1592480728;~oref=https%3A%2F%2F...

0
0

36ms
36ms

Document
text/html

216.58.205.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6056935.fls.doubleclick.net/activityi;dc_pre=CLmAhoGli-oCFVWVdwod5z8Lmg;src=6056935;type=invmedia;cat=nvte1yuv;ord=3890833097977;gtm=2wg6a0;auiddc=1965396081.1592480728;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6056935.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLmAhoGli-oCFVWVdwod5z8Lmg;src=6056935;type=invmedia;cat=nvte1yuv;ord=3890833097977;gtm=2wg6a0;auiddc=1965396081.1592480728;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 18 Jun 2020 11:45:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 482
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Jun-2020 12:00:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 18 Jun 2020 11:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6056935.fls.doubleclick.net/activityi;dc_pre=CLmAhoGli-oCFVWVdwod5z8Lmg;src=6056935;type=invmedia;cat=nvte1yuv;ord=3890833097977;gtm=2wg6a0;auiddc=1965396081.1592480728;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK contact.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 2 KB
2 KB 47ms
45ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/contact.png

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

474d0e56536172ea154faf1dad3ff5e6bec24938f60fc0a0209d4657f526bc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"2101-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 2101
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H/1.1 200
OK tel.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 195 B
592 B 50ms
49ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/tel.png

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

f62b0b7db8541f913f9bc992ea7278fd0d8af0615a4fddb092ed2b3ae05e4d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:14 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"195-1588696694000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 195
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H/1.1 200
OK deductions.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 1 KB
2 KB 59ms
44ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/deductions.png

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

11f6a2bb6a6dd9447b2525f9bce5840d628ffa2c2b3a8073cde3d254c9441b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"1400-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 1400
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H/1.1 200
OK securite.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 1 KB
1 KB 98ms
49ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/securite.png

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

5f810e4d929ee30ce0d3afacc01acad77d29b364d21d8866b597d2160c4f5c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:14 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"1028-1588696694000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 1028
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H/1.1 200
OK confiance.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 6 KB
6 KB 52ms
48ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/confiance.png

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

f3396a61930054c2d5b0c2a219877aa28210029bdc0975bc3aebf86a178277bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"5984-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 5984
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 33ms
31ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

760eb9892eb9014f738852a504554e1a90d5e06e2e3adb4e848323eb745d5c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11025
x-xss-protection: 0
server: cafe
etag: 15479961422638236731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Jun 2020 11:45:28 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 25 KB
8 KB 45ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:45:28 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 19:59:59 GMT
x-msedge-ref: Ref A: 2DF8B82FE9884B3282497B032007119A Ref B: FRAEDGE1306 Ref C: 2020-06-18T11:45:28Z
status: 200
etag: "804946b8613fd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7791

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lumbursel.fr
URL: http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: VLFC5FyY7+fW8PDWT1EFwlYs+FI6Cy3CRMT2tJ9K0Tm0UVR3N11KAWt8GkKAVp0Nux05pih1Qy9XyS9TPm9+IA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 18 Jun 2020 11:45:28 GMT, Thu, 18 Jun 2020 11:45:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK webtracker.dll Show response
ediis.emsecure.net/optiext/ 4 KB
2 KB 316ms
125ms Script
application/x-javascript 194.213.114.24
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ediis.emsecure.net/optiext/webtracker.dll

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

194.213.114.24 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

webapp24.emsecure.net

Software

Resource Hash

c556b227bfbd10605877b9de41a1c52d9cf048baf154fbf5e6f5b878d089141b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Cache-Tag: 10820
Cache-Control: no-cache, no-store, no-transform
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Type: application/x-javascript
Content-Length: 1879

GET
H/1.1 200
OK ui-bg_flat_75_ffffff_40x100.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/images/ 75 B
470 B 51ms
50ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/images/ui-bg_flat_75_ffffff_40x100.png

Requested by

Host: espace.dons-gustaveroussy.fr
URL: https://espace.dons-gustaveroussy.fr/javax.faces.resource/jquery/jquery.js?ln=primefaces&v=5.0.3-NETFUL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

22cb07523453ec16cd77425ef3c32000dfd6b606464da9672f85dc7673d797ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/jquery-ui.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:45:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 16:38:13 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"75-1588696693000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 75
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:45:29 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=292356913&t=pageview&_s=1&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ff...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61992640-1&cid=111204496.1592480729&jid=1458916884&_gid=259806181.1592480729&gjid=146616404&_v=j83&z=1486828572
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=111204496.1592480729&jid=1458916884&_v=j83&z=1486828572
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=111204496.1592480729&jid=1458916884&_v=j83&z=1486828572&slf_rd=1&random=2675184697

42 B
106 B

19ms
19ms

Image
image/gif

2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=111204496.1592480729&jid=1458916884&_v=j83&z=1486828572&slf_rd=1&random=2675184697

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:45:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:45:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=111204496.1592480729&jid=1458916884&_v=j83&z=1486828572&slf_rd=1&random=2675184697
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1975571949355924 Show response
connect.facebook.net/signals/config/ 517 KB
129 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1975571949355924?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3251dc4e9d1ed0df89df649935e7d8b4dc20daacb63a534d99017c2712475afd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 131701
x-xss-protection: 0
pragma: public
x-fb-debug: jdTepd7DJ6ecimO185npYueNTFVaBLdAoDqf15fuG5wgn1bwsA9RT8tjM8mQ8rjWrrB9NwS/sDUMaFRHwQdpaA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 18 Jun 2020 11:45:28 GMT, Thu, 18 Jun 2020 11:45:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-945035385/ 3 KB
2 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-945035385/?random=1592480728592&cv=9&fst=1592480728592&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb0038b646443e9a73982df2bd4bf27b2eb3dce4b28048ce56c38a63dcad5f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1000469438/ 3 KB
2 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1000469438/?random=1592480728597&cv=9&fst=1592480728597&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777b9322bd93d85ff9b31ba1ae8631103afe29bed9ee8df951f7b368fa961f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 30ms
16ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5902621&Ver=2&mid=3ace9610-f76a-cb63-fbe4-bf52461d1ea8&sid=a58acfc4-da6f-a2c5-3008-6330f4dbe9e4&vid=a66962fc-350d-3e6b-f91e-fe9b815d4698-1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Gustave%20Roussy&p=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&r=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&lt=1131&evt=pageLoad&msclkid=N&sv=1&rn=754239
Requested by: Host: espace.dons-gustaveroussy.fr
URL: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 18 Jun 2020 11:45:28 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: B58F1B15CD744D19A4DD4852CAE94109 Ref B: FRAEDGE1306 Ref C: 2020-06-18T11:45:28Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-945035385/ 42 B
107 B 23ms
22ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-945035385/?random=1592480728592&cv=9&fst=1592478000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&async=1&fmt=3&is_vtc=1&random=140416692&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:45:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-945035385/ 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-945035385/?random=1592480728592&cv=9&fst=1592478000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&async=1&fmt=3&is_vtc=1&random=140416692&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:45:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1000469438/ 42 B
107 B 23ms
22ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1000469438/?random=1592480728597&cv=9&fst=1592478000000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&async=1&fmt=3&is_vtc=1&random=1511366097&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:45:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1000469438/ 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1000469438/?random=1592480728597&cv=9&fst=1592478000000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&async=1&fmt=3&is_vtc=1&random=1511366097&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:45:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1816606671907520 Show response
connect.facebook.net/signals/config/ 516 KB
129 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1816606671907520?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1dadbadb967d528d04b38f23f59bee24e80f09c11a8f938fcd965eb86387f6a2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 131687
x-xss-protection: 0
pragma: public
x-fb-debug: /78Izq5HW7VxMq/6jrVg/f+u2EAgQwd3KIgNHjhyguJ1lQbt8hJu38pKyEG+pfDyVSFnQIKwRJETJMEzDNknKQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 18 Jun 2020 11:45:28 GMT, Thu, 18 Jun 2020 11:45:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
271 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1975571949355924&ev=PageView&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&rl=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&if=false&ts=1592480728655&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1592480728654.615092430&it=1592480728568&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:45:28 GMT, Thu, 18 Jun 2020 11:45:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Jun 2020 11:45:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
111 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1816606671907520&ev=PageView&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&rl=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&if=false&ts=1592480728698&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1592480728654.615092430&it=1592480728568&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:45:28 GMT, Thu, 18 Jun 2020 11:45:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Jun 2020 11:45:28 GMT

GET
H2 200 pixel
bid.g.doubleclick.net/xbbe/ Frame 35B1 0
0 94ms
32ms Document
text/html 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bid.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=KAE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnDgaTOaO8XPzpFxrZbk-MTrE7Qrqa_pnOausAUGhvir5gGm-lqNfNGuoDP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 18 Jun 2020 11:45:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
270 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1975571949355924&ev=Microdata&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&rl=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&if=false&ts=1592480730158&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gustave%20Roussy%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1592480730158.635528132&it=1592480728568&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:45:30 GMT, Thu, 18 Jun 2020 11:45:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Jun 2020 11:45:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
111 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1816606671907520&ev=Microdata&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&rl=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&if=false&ts=1592480730200&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gustave%20Roussy%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1592480730158.635528132&it=1592480728568&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:45:30 GMT, Thu, 18 Jun 2020 11:45:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Jun 2020 11:45:30 GMT

Verdicts & Comments Add Verdict or Comment

253 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.espace.dons-gustaveroussy.fr/	1969-12-31 23:59:59	Name: m_cnt Value: 0
.dons-gustaveroussy.fr/	1970-01-19 10:44:44	Name: _uetvid Value: a66962fc-350d-3e6b-f91e-fe9b815d4698
.dons-gustaveroussy.fr/	1970-01-19 10:22:47	Name: _uetsid Value: a58acfc4-da6f-a2c5-3008-6330f4dbe9e4
.doubleclick.net/	1970-01-19 19:42:56	Name: IDE Value: AHWqTUnDgaTOaO8XPzpFxrZbk-MTrE7Qrqa_pnOausAUGhvir5gGm-lqNfNGuoDP
.dons-gustaveroussy.fr/	1970-01-19 10:22:47	Name: _gid Value: GA1.2.259806181.1592480729
.dons-gustaveroussy.fr/	1970-01-19 10:21:20	Name: _gat_UA-61992640-1 Value: 1
.dons-gustaveroussy.fr/	1970-01-19 12:30:56	Name: _fbp Value: fb.1.1592480728654.615092430
.dons-gustaveroussy.fr/	1970-01-19 12:30:56	Name: _gcl_au Value: 1.1.1965396081.1592480728
.dons-gustaveroussy.fr/	1970-01-20 03:52:32	Name: _ga Value: GA1.2.111204496.1592480729
.espace.dons-gustaveroussy.fr/	1969-12-31 23:59:59	Name: m_ses Value: 20200618134528
espace.dons-gustaveroussy.fr/	1969-12-31 23:59:59	Name: JSESSIONID Value: 73f8585edd234fd78a26bf5c545b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=(Line 23) Message: Adresse du serveur : 10.1.11.125

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6056935.fls.doubleclick.net
bat.bing.com
bid.g.doubleclick.net
connect.facebook.net
ediis.emsecure.net
espace.dons-gustaveroussy.fr
googleads.g.doubleclick.net
lumbursel.fr
orixamedia.go2cloud.org
red.commandeproduits.fr
stats.g.doubleclick.net
t.ocdn.fr
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.22.66
194.213.114.24
194.51.172.116
216.58.205.230
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:814::2003
2a00:1450:4001:825::2008
2a00:1450:400c:c04::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.162.71.55
46.105.116.30
52.210.174.128
74.125.206.155
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f6a2bb6a6dd9447b2525f9bce5840d628ffa2c2b3a8073cde3d254c9441b0c
12058cf930e5807aefe692bb92d4f3201b03ede218e3642763132a52a32063e9
1dadbadb967d528d04b38f23f59bee24e80f09c11a8f938fcd965eb86387f6a2
1ff1caa193614505793d8fbfc3a1ca2328df384334f4dcbf1fcaadf764604622
207db7a8845ea86abb7b230adbb82319d1d67615d43908c61ac0e032994d02e9
22cb07523453ec16cd77425ef3c32000dfd6b606464da9672f85dc7673d797ba
2613f8dc4ca4eba72b799af479816c95c28e2d62f967dc85a393d4934b755556
2bbde4b66ec26ccfb47d451a99cd628548ec347a1726d830387b34276616271c
31fe5f6bc79f7ce47537eea45ac5087bb71393b2c46626ab379f12bc627432e5
3251dc4e9d1ed0df89df649935e7d8b4dc20daacb63a534d99017c2712475afd
32bea907c1d03c95b274c5e12a0becc6bf89e5162b7c539dcc6ad3a4abeeed35
415f2d64fefbad43988b8432d4ff12e7f17adb8d8939e6ab35659a0136f05f4b
474d0e56536172ea154faf1dad3ff5e6bec24938f60fc0a0209d4657f526bc2f
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
5600e9acb7a9bedf61dba9912d9817f2a488b9c174383dde73aa949628184d9c
58b96c56da3ec730259a9ed4325df2010a348bf712be3e8170e7b6ed66742856
5ae802931b89e21c4007bfee3a429dc42a74a39ec438e8fd5c5dee13b7b82473
5cadd78421350033a98e8bd9771a105664192a663aa7a483fdb3a8832c0a195b
5f810e4d929ee30ce0d3afacc01acad77d29b364d21d8866b597d2160c4f5c38
64d1e9835c95d788b70bb5157236e231ec1f374a53c74e5a93e02e94aade1d07
6c699e92b30bff83c6ea48748d7f16f5bed122748e359b468a47b8a4ad63ae89
747f93100b8dde97bf7b25853f4343359b2717016bc34c521ebf9062d01f8ab1
758eb30fceccd128603dcc56da4069f8353c6ecabad81b5e0098bb3a423c3eaf
760eb9892eb9014f738852a504554e1a90d5e06e2e3adb4e848323eb745d5c78
777b9322bd93d85ff9b31ba1ae8631103afe29bed9ee8df951f7b368fa961f34
7e4f9fd96a74e67cb92c09b58f515136e20d8aa653fb50bc56e7ea0d04984d1f
81f54226eb806efc69b0f823900b4830b76621c7a5d84d27d08ac8020313310a
8bd81de5f519793e1683dcb16e5f09cc52e6d1f74e4b63035b8994f5a1e77bf1
8e2f54a78f2a49c4a07e2ded79fce72c0b1eac4151b58f445975be763281fd3c
94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484
95c58d3ae930c39c6e3019ec50c0bc09c5103f01eb7778bf9bdee83d6d99e07f
95cee022d25238b06b20a7cd53028b4ad66f113a8dfd9fb371776317988b0341
a27c7fc2d62741405a648aeeecb68535b47d6b82fc10684d7d47bb89dcc2f74b
b2919398423ac1b26fd8ae35087077c20310cbc7c39744aabf2ba8843a451fc1
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe
c556b227bfbd10605877b9de41a1c52d9cf048baf154fbf5e6f5b878d089141b
c7377440c6b67578abf2e061a4dfb3d7fd3e369d3f1de4fc190e3920029d5126
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d98befd689b42c85c10b500c0fd743e34acacb4c4aa10b9de01673afbe6e6163
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d01bd86a65c7a29591a13489ee66098ab00ae2743b55ce617d78d2421507b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3396a61930054c2d5b0c2a219877aa28210029bdc0975bc3aebf86a178277bc
f62b0b7db8541f913f9bc992ea7278fd0d8af0615a4fddb092ed2b3ae05e4d57
fb0038b646443e9a73982df2bd4bf27b2eb3dce4b28048ce56c38a63dcad5f19
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

espace.dons-gustaveroussy.fr Open in urlscan Pro 194.51.172.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

53 %IPv6

15 Domains

18 Subdomains

14 IPs

5 Countries

1973 kBTransfer

2987 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

espace.dons-gustaveroussy.fr Open in urlscan Pro
194.51.172.116 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

53 %
IPv6

15
Domains

18
Subdomains

14
IPs

5
Countries

1973 kB
Transfer

2987 kB
Size

11
Cookies

56 HTTP transactions
0 data transactions