espace.dons-gustaveroussy.fr Open in urlscan Pro
194.51.172.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://red.commandeproduits.fr/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVlZTI1MTZjZDc2OGRfMjE0Ijt9/am9zLnZhbl9oZXJja...
Effective URL:
https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm...
Submission: On June 18 via api (June 18th 2020, 11:57:56 am UTC) from BE

Summary HTTP 55 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 15 domains to perform 55 HTTP transactions. The main IP is 194.51.172.116, located in France and belongs to France Telecom - Orange, FR. The main domain is espace.dons-gustaveroussy.fr.
TLS certificate: Issued by GeoTrust RSA CA 2018 on September 17th 2019. Valid for: a year.

This is the only time espace.dons-gustaveroussy.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	46.105.116.30 46.105.116.30	16276 (OVH) (OVH)
1	35.162.71.55 35.162.71.55	16509 (AMAZON-02) (AMAZON-02)
2 2	18.202.12.61 18.202.12.61	16509 (AMAZON-02) (AMAZON-02)
33	194.51.172.116 194.51.172.116	3215 (France Te...) (France Telecom - Orange)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
1	194.213.114.24 194.213.114.24	34762 (COMBELL-AS) (COMBELL-AS)
1 2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	216.58.205.230 216.58.205.230	15169 (GOOGLE) (GOOGLE)
1	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
55	13

1 46.105.116.30 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: e11-webmxt.emslip.com

red.commandeproduits.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.162.71.55 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: info.rurgiechie.fr

lumbursel.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.12.61 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com

t.ocdn.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
orixamedia.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 194.51.172.116 (France)

ASN3215 (France Telecom - Orange, FR)

espace.dons-gustaveroussy.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.213.114.24 (Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: webapp24.emsecure.net

ediis.emsecure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.205.230 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f6.1e100.net

6056935.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	dons-gustaveroussy.fr espace.dons-gustaveroussy.fr	2 MB
5	doubleclick.net 2 redirects 6056935.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	4 KB
4	facebook.com www.facebook.com	821 B
3	google.de www.google.de	320 B
3	google.com 1 redirects www.google.com	420 B
3	facebook.net connect.facebook.net	290 KB
2	bing.com bat.bing.com	8 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	emsecure.net ediis.emsecure.net	2 KB
1	googletagmanager.com www.googletagmanager.com	42 KB
1	go2cloud.org 1 redirects orixamedia.go2cloud.org	2 KB
1	ocdn.fr 1 redirects t.ocdn.fr	476 B
1	lumbursel.fr lumbursel.fr	647 B
1	commandeproduits.fr 1 redirects red.commandeproduits.fr	660 B
55	15

	Domain	Requested by
33	espace.dons-gustaveroussy.fr	espace.dons-gustaveroussy.fr
4	www.facebook.com	espace.dons-gustaveroussy.fr
3	www.google.de	espace.dons-gustaveroussy.fr
3	www.google.com	1 redirects espace.dons-gustaveroussy.fr
3	connect.facebook.net	lumbursel.fr connect.facebook.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	bat.bing.com	www.googletagmanager.com espace.dons-gustaveroussy.fr
2	6056935.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	ediis.emsecure.net	espace.dons-gustaveroussy.fr
1	www.googletagmanager.com	espace.dons-gustaveroussy.fr
1	orixamedia.go2cloud.org	1 redirects
1	t.ocdn.fr	1 redirects
1	lumbursel.fr
1	red.commandeproduits.fr	1 redirects
55	17

This site contains links to these domains. Also see Links.

Domain
www.gustaveroussy.fr

Subject Issuer	Validity	Valid
espace.dons-gustaveroussy.fr GeoTrust RSA CA 2018	`2019-09-17` - `2020-11-15`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.emsecure.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-05-12`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
Frame ID: 290A6388EC26C2CEF71484E41FC87C37
Requests: 54 HTTP requests in this frame

Frame: https://6056935.fls.doubleclick.net/activityi;dc_pre=CLTFvN6ni-oCFcGjdwodtuQETQ;src=6056935;type=invmedia;cat=nvte1yuv;ord=8670762152854;gtm=2wg6a0;auiddc=1714726717.1592481461;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D
Frame ID: 391ADB59470270DBCBA6554F85A53A39
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://red.commandeproduits.fr/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVlZTI1MTZjZDc2OGRfMjE0Ij... HTTP 302
http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmN... Page URL
http://t.ocdn.fr/aff_c?offer_id=866&aff_id=1583 HTTP 302
https://orixamedia.go2cloud.org/aff_c?offer_id=866&aff_id=1583 HTTP 302
https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orix... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

55
Requests

98 %
HTTPS

56 %
IPv6

15
Domains

17
Subdomains

13
IPs

5
Countries

1976 kB
Transfer

2987 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.gustaveroussy.fr/
Title: Gustaveroussy.fr

Search URL Search Domain Scan URL

URL: https://www.gustaveroussy.fr/fr/politique-de-protection-des-donnees-personnelles-donateurs
Title: Mes données personnelles

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://red.commandeproduits.fr/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVlZTI1MTZjZDc2OGRfMjE0Ijt9/am9zLnZhbl9oZXJjayU0MHNreW5ldC5iZQ==/20171594/1199178 HTTP 302
http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html Page URL
http://t.ocdn.fr/aff_c?offer_id=866&aff_id=1583 HTTP 302
https://orixamedia.go2cloud.org/aff_c?offer_id=866&aff_id=1583 HTTP 302
https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://red.commandeproduits.fr/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVlZTI1MTZjZDc2OGRfMjE0Ijt9/am9zLnZhbl9oZXJjayU0MHNreW5ldC5iZQ==/20171594/1199178 HTTP 302
http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html

Request Chain 35

https://6056935.fls.doubleclick.net/activityi;src=6056935;type=invmedia;cat=nvte1yuv;ord=8670762152854;gtm=2wg6a0;auiddc=1714726717.1592481461;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D HTTP 302
https://6056935.fls.doubleclick.net/activityi;dc_pre=CLTFvN6ni-oCFcGjdwodtuQETQ;src=6056935;type=invmedia;cat=nvte1yuv;ord=8670762152854;gtm=2wg6a0;auiddc=1714726717.1592481461;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D

Request Chain 40

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1396129042&t=pageview&_s=1&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&dr=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&ul=en-us&de=UTF-8&dt=Gustave%20Roussy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=647609379&gjid=1849097782&cid=1223353273.1592481461&tid=UA-61992640-1&_gid=2097270415.1592481461&_r=1&gtm=2wg6a0KP6K7DB&cg1=null&cg2=null&cg3=null&cd1=null&cd2=null&cd3=null&cd4=fr&z=786833599 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61992640-1&cid=1223353273.1592481461&jid=647609379&_gid=2097270415.1592481461&gjid=1849097782&_v=j83&z=786833599 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=1223353273.1592481461&jid=647609379&_v=j83&z=786833599 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=1223353273.1592481461&jid=647609379&_v=j83&z=786833599&slf_rd=1&random=2127552692

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html
lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/
Redirect Chain

http://red.commandeproduits.fr/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVlZTI1MTZjZDc2OGRfMjE0Ijt9/am9zLnZhbl9oZXJjayU0MHNreW5ldC5iZQ==/20171594/1199178
http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBva...

103 B
647 B

417ms
403ms

Document
text/html

35.162.71.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html
Protocol: HTTP/1.1
Server: 35.162.71.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: info.rurgiechie.fr
Software: nginx/1.16.1 / PHP/5.3.3
Resource Hash

Request headers

Host: lumbursel.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.16.1
Date: Thu, 18 Jun 2020 11:57:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.3.3
Set-Cookie: clic48lpmdata-agencywebfrip185_217_171_12=0; expires=Thu, 18-Jun-2020 11:57:40 GMT; path=/; domain=data-agencyweb.fr clic48lpmdata-agencywebfrip185_217_171_12=198537; path=/; domain=data-agencyweb.fr
Last-Modified: Thursday, 18-Jun-2020 11:57:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

Redirect headers

Date: Thu, 18 Jun 2020 11:57:39 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.45-0+deb7u2
Set-Cookie: BMT__beverlymail__data_sendout_5ee2516cd768d_214=1592481459__jos.van_herck%40skynet.be; expires=Sun, 19-Jul-2020 11:57:39 GMT
Location: http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 25
Connection: close
Content-Type: text/html

GET
H/1.1

200
OK

Primary Request

Cookie set index.html Show response
espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/
Redirect Chain

http://t.ocdn.fr/aff_c?offer_id=866&aff_id=1583
https://orixamedia.go2cloud.org/aff_c?offer_id=866&aff_id=1583
https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=

47 KB
48 KB

320ms
193ms

Document
text/html

194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

ed35cc05cc6bf8439527fc861b45c2965969a8ec017dd16c488fb3377c554e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: espace.dons-gustaveroussy.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html

Response headers

Server: web server
Date: Thu, 18 Jun 2020 11:57:40 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=74aadada358f5a71c6b5c264fb3c; Path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=600;

Redirect headers

Server: nginx
Date: Thu, 18 Jun 2020 11:57:40 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 358
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
tracking_id: 10287f94d15c452fb69d0681f6aa42
Location: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
Set-Cookie: enc_aff_session_866=ENC0336ac1f5c1017cbb68813068fcf8a474ff7dee084041a72f4e2dac30bf4217782104284380646262a38f337862cf75c89023f1f99236939138f9ef04cf47ef1e9717932b43f1fc5fe7a4e82edea6386d80fbe09e1601321591000ece23b55c7186564f65247c945bb4df76b98c41ce7991669916a2e31b9ea286d975f85123f6588a372fff32f5e753655125598e60fa892aec85b1e4817899f08bc937b00e4c5b8e22732721940446ef93cbca1a7ab89afc4c059c83bbedd749c325c159c3b1e45f52762e6e2c673bbdf80d7368846434335471171bc519e3c1137e9dae2c3a862943eefbda82d3fc20d86c66bf52e17f91e9d35e6711336f66f2d373a441ce2a94a73f5a0133677b4566d00ad7c009c6a926581ef123eb8c25fca14e399e5ac69b0bb02a693d418812377b30ca50ba8154c0b8fa0a047dee576da8aeb55190d28690dc02969f5385607d76212a17d5bcf262d1b7ac7cee594d046daa3084e9423422629; expires=Sat, 18 Jul 2020 11:57:40 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 13 May 2023 22:37:40 GMT; path=/; SameSite=None; Secure
P3P: CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin: *
X-Request-Id: 28065272745ade53e9bda7d95662188f
Access-Control-Allow-Headers: Tune-SDK-Version

GET
H/1.1 200
OK jsf.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/ 41 KB
42 KB 197ms
106ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/jsf.js?ln=javax.faces

Requested by

Host: espace.dons-gustaveroussy.fr
URL: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

32bea907c1d03c95b274c5e12a0becc6bf89e5162b7c539dcc6ad3a4abeeed35

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 16 Mar 2016 14:43:58 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"42350-1458139438526"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK omnifaces.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/ 5 KB
6 KB 157ms
41ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/omnifaces.js?ln=omnifaces&v=2.6.9

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

758eb30fceccd128603dcc56da4069f8353c6ecabad81b5e0098bb3a423c3eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:23 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"5238-1588690703000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Connection: keep-alive
Content-Length: 5238
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK bootstrap.min.css
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/ 115 KB
115 KB 58ms
49ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/bootstrap.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

e4d01bd86a65c7a29591a13489ee66098ab00ae2743b55ce617d78d2421507b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"117305-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK material.css
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/ 8 KB
8 KB 113ms
41ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/material.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

5600e9acb7a9bedf61dba9912d9817f2a488b9c174383dde73aa949628184d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"7897-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Connection: keep-alive
Content-Length: 7897
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK jquery-ui.css
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/ 31 KB
31 KB 139ms
65ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/jquery-ui.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

5cadd78421350033a98e8bd9771a105664192a663aa7a483fdb3a8832c0a195b

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"31622-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK primefaces.css
espace.dons-gustaveroussy.fr/javax.faces.resource/ 54 KB
55 KB 140ms
66ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/primefaces.css?ln=primefaces&v=5.0.3-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

b2919398423ac1b26fd8ae35087077c20310cbc7c39744aabf2ba8843a451fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:23 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"55089-1588690703000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK jquery.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/jquery/ 106 KB
106 KB 182ms
68ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/jquery/jquery.js?ln=primefaces&v=5.0.3-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

c7377440c6b67578abf2e061a4dfb3d7fd3e369d3f1de4fc190e3920029d5126

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:23 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"108079-1588690703000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK script.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ 36 KB
37 KB 168ms
44ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/script.js?v=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

5ae802931b89e21c4007bfee3a429dc42a74a39ec438e8fd5c5dee13b7b82473

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"37078-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK primefaces.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/ 293 KB
294 KB 193ms
50ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/primefaces.js?ln=primefaces&v=5.0.3-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

8e2f54a78f2a49c4a07e2ded79fce72c0b1eac4151b58f445975be763281fd3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:23 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"300373-1588690703000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK primefaces-extensions.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/ 23 KB
23 KB 200ms
44ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/primefaces-extensions.js?ln=primefaces-extensions&v=2.1.0-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

2bbde4b66ec26ccfb47d451a99cd628548ec347a1726d830387b34276616271c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"23595-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK blockui.css
espace.dons-gustaveroussy.fr/javax.faces.resource/blockui/ 408 B
804 B 113ms
40ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/blockui/blockui.css?ln=primefaces-extensions&v=2.1.0-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

95c58d3ae930c39c6e3019ec50c0bc09c5103f01eb7778bf9bdee83d6d99e07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"408-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Connection: keep-alive
Content-Length: 408
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK blockui.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/blockui/ 12 KB
12 KB 202ms
40ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/blockui/blockui.js?ln=primefaces-extensions&v=2.1.0-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

8bd81de5f519793e1683dcb16e5f09cc52e6d1f74e4b63035b8994f5a1e77bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"11860-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK jquery-plugins.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/jquery/ 215 KB
216 KB 219ms
50ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/jquery/jquery-plugins.js?ln=primefaces&v=5.0.3-NETFUL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

2613f8dc4ca4eba72b799af479816c95c28e2d62f967dc85a393d4934b755556

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:23 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"220535-1588690703000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK style.css.xhtml
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/ 11 KB
11 KB 123ms
41ms Stylesheet
text/css 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

64d1e9835c95d788b70bb5157236e231ec1f374a53c74e5a93e02e94aade1d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"11190-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:39 GMT

GET
H/1.1 200
OK ajax-loader.gif
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 6 KB
6 KB 44ms
42ms Image
image/gif 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ajax-loader.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

95cee022d25238b06b20a7cd53028b4ad66f113a8dfd9fb371776317988b0341

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"6235-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: image/gif
Connection: keep-alive
Content-Length: 6235
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK desc_348527-0.img
espace.dons-gustaveroussy.fr/services/file/ 123 KB
124 KB 58ms
56ms Image
image/jpeg 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/services/file/desc_348527-0.img

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

6c699e92b30bff83c6ea48748d7f16f5bed122748e359b468a47b8a4ad63ae89

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 May 2020 11:08:43 CEST
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"0-1588756123000"
Strict-Transport-Security: max-age=600;
Content-Type: image/jpeg
Cache-Control: max-age=7200
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK desc_348527-1.img
espace.dons-gustaveroussy.fr/services/file/ 64 KB
64 KB 49ms
48ms Image
image/jpeg 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/services/file/desc_348527-1.img

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

31fe5f6bc79f7ce47537eea45ac5087bb71393b2c46626ab379f12bc627432e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 May 2020 11:08:43 CEST
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"0-1588756123000"
Strict-Transport-Security: max-age=600;
Content-Type: image/jpeg
Cache-Control: max-age=7200
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK crypto.jpg
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 11 KB
11 KB 43ms
43ms Image
image/jpeg 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/crypto.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

12058cf930e5807aefe692bb92d4f3201b03ede218e3642763132a52a32063e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"11279-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK cryptoAmex.jpg
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 11 KB
12 KB 42ms
42ms Image
image/jpeg 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/cryptoAmex.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

207db7a8845ea86abb7b230adbb82319d1d67615d43908c61ac0e032994d02e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"11503-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ 35 KB
36 KB 42ms
42ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/bootstrap.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"35951-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK material.min.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ 4 KB
4 KB 41ms
41ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/material.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

d98befd689b42c85c10b500c0fd743e34acacb4c4aa10b9de01673afbe6e6163

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"4095-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Connection: keep-alive
Content-Length: 4095
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK ripples.min.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ 3 KB
3 KB 44ms
42ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ripples.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

415f2d64fefbad43988b8432d4ff12e7f17adb8d8939e6ab35659a0136f05f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"2810-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Connection: keep-alive
Content-Length: 2810
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/ 232 KB
232 KB 49ms
47ms Script
text/javascript 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/js/jquery-ui.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"237548-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
42 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a4aca9aa362d4d5ff8ccc60fad3aa463a769726e75020bd68a34f1ab236312e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:57:41 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42703
x-xss-protection: 0
last-modified: Thu, 18 Jun 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jun 2020 11:57:41 GMT

GET
H/1.1 200
OK DINOT.otf
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/fonts/ 43 KB
43 KB 52ms
42ms Font
font/opentype 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/fonts/DINOT.otf

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

1ff1caa193614505793d8fbfc3a1ca2328df384334f4dcbf1fcaadf764604622

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
Origin: https://espace.dons-gustaveroussy.fr

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:23 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"43784-1588690703000"
Strict-Transport-Security: max-age=600;
Content-Type: font/opentype
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK webtracker.dll Show response
ediis.emsecure.net/optiext/ 4 KB
2 KB 83ms
19ms Script
application/x-javascript 194.213.114.24
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ediis.emsecure.net/optiext/webtracker.dll

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

194.213.114.24 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

webapp24.emsecure.net

Software

Resource Hash

c556b227bfbd10605877b9de41a1c52d9cf048baf154fbf5e6f5b878d089141b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Cache-Tag: 10820
Cache-Control: no-cache, no-store, no-transform
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Type: application/x-javascript
Content-Length: 1879

GET
H/1.1 200
OK hori.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 914 B
1 KB 63ms
52ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/hori.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

58b96c56da3ec730259a9ed4325df2010a348bf712be3e8170e7b6ed66742856

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"914-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 914
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK contact.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 2 KB
2 KB 52ms
51ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/contact.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

474d0e56536172ea154faf1dad3ff5e6bec24938f60fc0a0209d4657f526bc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"2101-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 2101
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK tel.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 195 B
592 B 43ms
42ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/tel.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

f62b0b7db8541f913f9bc992ea7278fd0d8af0615a4fddb092ed2b3ae05e4d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"195-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 195
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK deductions.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 1 KB
2 KB 86ms
48ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/deductions.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

11f6a2bb6a6dd9447b2525f9bce5840d628ffa2c2b3a8073cde3d254c9441b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:23 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"1400-1588690703000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 1400
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK securite.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 1 KB
1 KB 81ms
41ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/securite.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

5f810e4d929ee30ce0d3afacc01acad77d29b364d21d8866b597d2160c4f5c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"1028-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 1028
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK confiance.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/ 6 KB
6 KB 72ms
40ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/images/confiance.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

f3396a61930054c2d5b0c2a219877aa28210029bdc0975bc3aebf86a178277bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:22 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"5984-1588690702000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 5984
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H/1.1 200
OK DINOT-Bold.otf
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/fonts/ 45 KB
45 KB 61ms
47ms Font
font/opentype 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/fonts/DINOT-Bold.otf

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

81f54226eb806efc69b0f823900b4830b76621c7a5d84d27d08ac8020313310a

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/style.css.xhtml?v=1
Origin: https://espace.dons-gustaveroussy.fr

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:23 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"45608-1588690703000"
Strict-Transport-Security: max-age=600;
Content-Type: font/opentype
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 4683
date: Thu, 18 Jun 2020 10:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Thu, 18 Jun 2020 12:39:38 GMT

GET
H2

200

activityi;dc_pre=CLTFvN6ni-oCFcGjdwodtuQETQ;src=6056935;type=invmedia;cat=nvte1yuv;ord=8670762152854;gtm=2wg6a0;auiddc=1714726717.1592481461;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%...
6056935.fls.doubleclick.net/ Frame 391A
Redirect Chain

https://6056935.fls.doubleclick.net/activityi;src=6056935;type=invmedia;cat=nvte1yuv;ord=8670762152854;gtm=2wg6a0;auiddc=1714726717.1592481461;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsit...
https://6056935.fls.doubleclick.net/activityi;dc_pre=CLTFvN6ni-oCFcGjdwodtuQETQ;src=6056935;type=invmedia;cat=nvte1yuv;ord=8670762152854;gtm=2wg6a0;auiddc=1714726717.1592481461;~oref=https%3A%2F%2F...

0
0

33ms
32ms

Document
text/html

216.58.205.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6056935.fls.doubleclick.net/activityi;dc_pre=CLTFvN6ni-oCFcGjdwodtuQETQ;src=6056935;type=invmedia;cat=nvte1yuv;ord=8670762152854;gtm=2wg6a0;auiddc=1714726717.1592481461;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6056935.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLTFvN6ni-oCFcGjdwodtuQETQ;src=6056935;type=invmedia;cat=nvte1yuv;ord=8670762152854;gtm=2wg6a0;auiddc=1714726717.1592481461;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 18 Jun 2020 11:57:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 481
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Jun-2020 12:12:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 18 Jun 2020 11:57:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6056935.fls.doubleclick.net/activityi;dc_pre=CLTFvN6ni-oCFcGjdwodtuQETQ;src=6056935;type=invmedia;cat=nvte1yuv;ord=8670762152854;gtm=2wg6a0;auiddc=1714726717.1592481461;~oref=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 80ms
33ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
server: cafe
etag: 13497728949557021888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Jun 2020 11:57:41 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 25 KB
8 KB 30ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP6K7DB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:57:41 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 19:59:59 GMT
x-msedge-ref: Ref A: DD25D0D447BA4C08B09FDE5DB40EF1B2 Ref B: FRAEDGE1211 Ref C: 2020-06-18T11:57:41Z
status: 200
etag: "804946b8613fd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7791

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
32 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lumbursel.fr
URL: http://lumbursel.fr/0260f6eac0a73b6fd7fded0407939bdb/c9119af1f16aacc2d3fb78d8cd5c770d/Xy0GZ0FYmNzRYLXZ/clt/198537/3628/em_jos.van_herck@skynet.be_ail/u_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%3D%3D_rl.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: eDFeTa56d8bqqVW8Q/2wuNxECTDuJuRjpXa9u9dgzsOwAv8ygv/L/aRAuVfJdmBixl56HxIPjH1UixCxAxAhkA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 18 Jun 2020 11:57:41 GMT, Thu, 18 Jun 2020 11:57:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ui-bg_flat_75_ffffff_40x100.png
espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/images/ 75 B
470 B 42ms
41ms Image
image/png 194.51.172.116
Orange

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/images/ui-bg_flat_75_ffffff_40x100.png

Requested by

Host: espace.dons-gustaveroussy.fr
URL: https://espace.dons-gustaveroussy.fr/javax.faces.resource/jquery/jquery.js?ln=primefaces&v=5.0.3-NETFUL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.51.172.116 , France, ASN3215 (France Telecom - Orange, FR),

Reverse DNS

Software

web server /

Resource Hash

22cb07523453ec16cd77425ef3c32000dfd6b606464da9672f85dc7673d797ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=600;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://espace.dons-gustaveroussy.fr/javax.faces.resource/gr/css/jquery-ui.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 11:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 14:58:23 GMT
Server: web server
X-Frame-Options: SAMEORIGIN
ETag: W/"75-1588690703000"
Strict-Transport-Security: max-age=600;
Content-Type: image/png
Connection: keep-alive
Content-Length: 75
X-XSS-Protection: 1; mode=block
Expires: Thu, 25 Jun 2020 11:57:40 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1396129042&t=pageview&_s=1&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3F...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61992640-1&cid=1223353273.1592481461&jid=647609379&_gid=2097270415.1592481461&gjid=1849097782&_v=j83&z=786833599
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=1223353273.1592481461&jid=647609379&_v=j83&z=786833599
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=1223353273.1592481461&jid=647609379&_v=j83&z=786833599&slf_rd=1&random=2127552692

42 B
106 B

18ms
18ms

Image
image/gif

2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=1223353273.1592481461&jid=647609379&_v=j83&z=786833599&slf_rd=1&random=2127552692

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:57:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61992640-1&cid=1223353273.1592481461&jid=647609379&_v=j83&z=786833599&slf_rd=1&random=2127552692
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5902621&Ver=2&mid=7a5c270b-36a6-0c20-954a-2942fab4668b&sid=86459df4-80bf-899b-286b-569d5c183f11&vid=41944ac2-d02d-43c8-2b6c-d0a56b747c9b-1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Gustave%20Roussy&p=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&r=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&lt=1014&evt=pageLoad&msclkid=N&sv=1&rn=55988
Requested by: Host: espace.dons-gustaveroussy.fr
URL: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 18 Jun 2020 11:57:41 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 787DAD5F36234FF6A497D16A93078413 Ref B: FRAEDGE1211 Ref C: 2020-06-18T11:57:41Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1975571949355924 Show response
connect.facebook.net/signals/config/ 517 KB
129 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1975571949355924?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3251dc4e9d1ed0df89df649935e7d8b4dc20daacb63a534d99017c2712475afd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: w2Y4+/obb2C7IY/+PhUtQ4uPtDa+aRLTmA11f+gcJJjd24hvnenUQgYf76J7qv7smAFJ7GGaJ1NtyNoskyHKsg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 18 Jun 2020 11:57:41 GMT, Thu, 18 Jun 2020 11:57:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1000469438/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1000469438/?random=1592481461284&cv=9&fst=1592481461284&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c15634b9405ae1be92c892ae4ed00057a850ff094b43cc33e9082ff4b71bc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-945035385/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-945035385/?random=1592481461286&cv=9&fst=1592481461286&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da5563f645279b3d2ec87218e84c40225f64e18c5b992fa988e355ddba88979f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1000469438/ 42 B
119 B 23ms
22ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1000469438/?random=1592481461284&cv=9&fst=1592478000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&async=1&fmt=3&is_vtc=1&random=1087394253&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1000469438/ 42 B
107 B 22ms
21ms Image
image/gif 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1000469438/?random=1592481461284&cv=9&fst=1592478000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&async=1&fmt=3&is_vtc=1&random=1087394253&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-945035385/ 42 B
119 B 22ms
22ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-945035385/?random=1592481461286&cv=9&fst=1592478000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&async=1&fmt=3&is_vtc=1&random=243355583&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-945035385/ 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-945035385/?random=1592481461286&cv=9&fst=1592478000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&ref=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&tiba=Gustave%20Roussy&async=1&fmt=3&is_vtc=1&random=243355583&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 11:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1816606671907520 Show response
connect.facebook.net/signals/config/ 516 KB
130 KB 57ms
57ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1816606671907520?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1dadbadb967d528d04b38f23f59bee24e80f09c11a8f938fcd965eb86387f6a2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: sYWvbn2Q2ec+zgospzkRwMrPwGvejnawac1nI9SsSWdLymH4IzIRBRDeWMFG3fCu+zso2u1y04N9ZH2ERasaBA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 18 Jun 2020 11:57:41 GMT, Thu, 18 Jun 2020 11:57:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
360 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1975571949355924&ev=PageView&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&rl=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&if=false&ts=1592481461379&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1592481461378.569864321&it=1592481461280&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:57:41 GMT, Thu, 18 Jun 2020 11:57:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Jun 2020 11:57:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1816606671907520&ev=PageView&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&rl=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&if=false&ts=1592481461472&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1592481461378.569864321&it=1592481461280&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:57:41 GMT, Thu, 18 Jun 2020 11:57:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Jun 2020 11:57:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1975571949355924&ev=Microdata&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&rl=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&if=false&ts=1592481462882&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gustave%20Roussy%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1592481462882.622010811&it=1592481461280&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:57:42 GMT, Thu, 18 Jun 2020 11:57:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Jun 2020 11:57:42 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1816606671907520&ev=Microdata&dl=https%3A%2F%2Fespace.dons-gustaveroussy.fr%2Fsite%2Fgr%2Fcovid_recherche_orixa%2Ffr%2Fdon%2Findex.html%3Ffrom%3D20AEM11%26utm_source%3Dorixa%26utm_medium%3Dcpc%26utm_campaign%3Demail%26utm_term%3D&rl=http%3A%2F%2Flumbursel.fr%2F0260f6eac0a73b6fd7fded0407939bdb%2Fc9119af1f16aacc2d3fb78d8cd5c770d%2FXy0GZ0FYmNzRYLXZ%2Fclt%2F198537%2F3628%2Fem_jos.van_herck%40skynet.be_ail%2Fu_aHR0cCUzQSUyRiUyRnRkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZhZmZfYyUzRm9mZmVyX2lkJTNEODY2JTI2YWZmX2lkJTNEMTU4Mw%253D%253D_rl.html&if=false&ts=1592481462973&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gustave%20Roussy%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1592481462882.622010811&it=1592481461280&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 11:57:42 GMT, Thu, 18 Jun 2020 11:57:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Jun 2020 11:57:42 GMT

Verdicts & Comments Add Verdict or Comment

253 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dons-gustaveroussy.fr/	1970-01-19 10:44:45	Name: _uetvid Value: 41944ac2-d02d-43c8-2b6c-d0a56b747c9b
.dons-gustaveroussy.fr/	1970-01-19 10:22:47	Name: _uetsid Value: 86459df4-80bf-899b-286b-569d5c183f11
.dons-gustaveroussy.fr/	1970-01-19 10:21:21	Name: _gat_UA-61992640-1 Value: 1
.dons-gustaveroussy.fr/	1970-01-19 10:22:47	Name: _gid Value: GA1.2.2097270415.1592481461
.espace.dons-gustaveroussy.fr/	1969-12-31 23:59:59	Name: m_cnt Value: 0
espace.dons-gustaveroussy.fr/	1969-12-31 23:59:59	Name: JSESSIONID Value: 74aadada358f5a71c6b5c264fb3c
.espace.dons-gustaveroussy.fr/	1969-12-31 23:59:59	Name: m_ses Value: 20200618135741
.doubleclick.net/	1970-01-19 10:21:22	Name: test_cookie Value: CheckForPermission
.dons-gustaveroussy.fr/	1970-01-19 12:30:57	Name: _fbp Value: fb.1.1592481461378.569864321
.dons-gustaveroussy.fr/	1970-01-19 12:30:57	Name: _gcl_au Value: 1.1.1714726717.1592481461
.dons-gustaveroussy.fr/	1970-01-20 03:52:33	Name: _ga Value: GA1.2.1223353273.1592481461

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://espace.dons-gustaveroussy.fr/site/gr/covid_recherche_orixa/fr/don/index.html?from=20AEM11&utm_source=orixa&utm_medium=cpc&utm_campaign=email&utm_term=(Line 23) Message: Adresse du serveur : 10.1.11.34

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6056935.fls.doubleclick.net
bat.bing.com
connect.facebook.net
ediis.emsecure.net
espace.dons-gustaveroussy.fr
googleads.g.doubleclick.net
lumbursel.fr
orixamedia.go2cloud.org
red.commandeproduits.fr
stats.g.doubleclick.net
t.ocdn.fr
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.21.226
18.202.12.61
194.213.114.24
194.51.172.116
216.58.205.230
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:814::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:825::2008
2a00:1450:400c:c04::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.162.71.55
46.105.116.30
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f6a2bb6a6dd9447b2525f9bce5840d628ffa2c2b3a8073cde3d254c9441b0c
12058cf930e5807aefe692bb92d4f3201b03ede218e3642763132a52a32063e9
1dadbadb967d528d04b38f23f59bee24e80f09c11a8f938fcd965eb86387f6a2
1ff1caa193614505793d8fbfc3a1ca2328df384334f4dcbf1fcaadf764604622
207db7a8845ea86abb7b230adbb82319d1d67615d43908c61ac0e032994d02e9
22cb07523453ec16cd77425ef3c32000dfd6b606464da9672f85dc7673d797ba
2613f8dc4ca4eba72b799af479816c95c28e2d62f967dc85a393d4934b755556
2bbde4b66ec26ccfb47d451a99cd628548ec347a1726d830387b34276616271c
31fe5f6bc79f7ce47537eea45ac5087bb71393b2c46626ab379f12bc627432e5
3251dc4e9d1ed0df89df649935e7d8b4dc20daacb63a534d99017c2712475afd
32bea907c1d03c95b274c5e12a0becc6bf89e5162b7c539dcc6ad3a4abeeed35
3c15634b9405ae1be92c892ae4ed00057a850ff094b43cc33e9082ff4b71bc9d
415f2d64fefbad43988b8432d4ff12e7f17adb8d8939e6ab35659a0136f05f4b
474d0e56536172ea154faf1dad3ff5e6bec24938f60fc0a0209d4657f526bc2f
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
5600e9acb7a9bedf61dba9912d9817f2a488b9c174383dde73aa949628184d9c
58b96c56da3ec730259a9ed4325df2010a348bf712be3e8170e7b6ed66742856
5ae802931b89e21c4007bfee3a429dc42a74a39ec438e8fd5c5dee13b7b82473
5cadd78421350033a98e8bd9771a105664192a663aa7a483fdb3a8832c0a195b
5f810e4d929ee30ce0d3afacc01acad77d29b364d21d8866b597d2160c4f5c38
64d1e9835c95d788b70bb5157236e231ec1f374a53c74e5a93e02e94aade1d07
6a4aca9aa362d4d5ff8ccc60fad3aa463a769726e75020bd68a34f1ab236312e
6c699e92b30bff83c6ea48748d7f16f5bed122748e359b468a47b8a4ad63ae89
758eb30fceccd128603dcc56da4069f8353c6ecabad81b5e0098bb3a423c3eaf
81f54226eb806efc69b0f823900b4830b76621c7a5d84d27d08ac8020313310a
8bd81de5f519793e1683dcb16e5f09cc52e6d1f74e4b63035b8994f5a1e77bf1
8e2f54a78f2a49c4a07e2ded79fce72c0b1eac4151b58f445975be763281fd3c
94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484
95c58d3ae930c39c6e3019ec50c0bc09c5103f01eb7778bf9bdee83d6d99e07f
95cee022d25238b06b20a7cd53028b4ad66f113a8dfd9fb371776317988b0341
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
b2919398423ac1b26fd8ae35087077c20310cbc7c39744aabf2ba8843a451fc1
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe
c556b227bfbd10605877b9de41a1c52d9cf048baf154fbf5e6f5b878d089141b
c7377440c6b67578abf2e061a4dfb3d7fd3e369d3f1de4fc190e3920029d5126
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d98befd689b42c85c10b500c0fd743e34acacb4c4aa10b9de01673afbe6e6163
da5563f645279b3d2ec87218e84c40225f64e18c5b992fa988e355ddba88979f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d01bd86a65c7a29591a13489ee66098ab00ae2743b55ce617d78d2421507b9
ed35cc05cc6bf8439527fc861b45c2965969a8ec017dd16c488fb3377c554e94
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3396a61930054c2d5b0c2a219877aa28210029bdc0975bc3aebf86a178277bc
f62b0b7db8541f913f9bc992ea7278fd0d8af0615a4fddb092ed2b3ae05e4d57
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

espace.dons-gustaveroussy.fr Open in urlscan Pro 194.51.172.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

56 %IPv6

15 Domains

17 Subdomains

13 IPs

5 Countries

1976 kBTransfer

2987 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

espace.dons-gustaveroussy.fr Open in urlscan Pro
194.51.172.116 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

56 %
IPv6

15
Domains

17
Subdomains

13
IPs

5
Countries

1976 kB
Transfer

2987 kB
Size

11
Cookies

55 HTTP transactions
0 data transactions