Submitted URL: https://ml.fashion-mag.fr/l2/7B3xoiJsf30/743141/297013471.html
Effective URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Na...
Submission: On September 01 via api from BE

Summary

This website contacted 14 IPs in 6 countries across 18 domains to perform 28 HTTP transactions. The main IP is 51.254.52.174, located in France and belongs to OVH, FR. The main domain is www.jetcost.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on November 12th 2018. Valid for: a year.
This is the only time www.jetcost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 91.190.170.12 31688 (SPLIO-AS)
1 2 2001:41d0:8:8... 16276 (OVH)
2 2001:41d0:203... 16276 (OVH)
1 2 54.246.228.167 16509 (AMAZON-02)
2 3 80.70.210.161 34913 (DALENYS)
1 1 35.244.174.68 15169 (GOOGLE)
2 2 185.33.223.218 29990 (ASN-APPNEXUS)
1 35.190.72.21 15169 (GOOGLE)
2 2 35.190.16.14 15169 (GOOGLE)
1 1 2600:1901:0:3... 15169 (GOOGLE)
1 1 104.155.63.91 15169 (GOOGLE)
1 3 51.254.52.174 16276 (OVH)
11 13.35.253.13 16509 (AMAZON-02)
1 151.101.114.111 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
28 14
Domain Requested by
11 a.jtcstatic.com www.jetcost.com
3 www.google-analytics.com 2 redirects www.googletagmanager.com
3 www.jetcost.com 1 redirects wtm.fashion-mag.fr
2 www.google.de www.jetcost.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 bat.bing.com www.googletagmanager.com
www.jetcost.com
2 redirect.frontend.weborama.fr 2 redirects
2 ib.adnxs.com 2 redirects
2 email-reflex.com 1 redirects wtm.fashion-mag.fr
2 er.cloud-media.fr 1 redirects wtm.fashion-mag.fr
2 r.phywi.org wtm.fashion-mag.fr
2 wtm.fashion-mag.fr 1 redirects wtm.fashion-mag.fr
1 www.googletagmanager.com www.jetcost.com
1 a.cdn.intentmedia.net www.jetcost.com
1 csync.pwspace.com 1 redirects
1 pws.fashion-mag.fr 1 redirects
1 idsync.rlcdn.com wtm.fashion-mag.fr
1 ejp.rlcdn.com 1 redirects
1 ep.la-meteo-mail.fr 1 redirects
1 ml.fashion-mag.fr
28 21
Subject Issuer Validity Valid
ml.fashion-mag.fr
Let's Encrypt Authority X3
2019-07-05 -
2019-10-03
3 months crt.sh

1970-01-01 -
1970-01-01
a few seconds crt.sh
*.cloud-media.fr
Amazon
2018-10-18 -
2019-11-18
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-04-24 -
2020-04-23
a year crt.sh
*.phywi.org
Gandi Standard SSL CA 2
2018-02-21 -
2020-03-02
2 years crt.sh
jetcost.com
COMODO RSA Domain Validation Secure Server CA
2018-11-12 -
2019-11-12
a year crt.sh
*.cdn.intentmedia.net
Go Daddy Secure Certificate Authority - G2
2018-09-18 -
2020-06-06
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2019-08-13 -
2019-11-11
3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2
2019-04-30 -
2021-04-30
2 years crt.sh
www.google.de
GTS CA 1O1
2019-08-13 -
2019-11-11
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Frame ID: 59E756781A1BFE550AF25082BB24DC49
Requests: 29 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://ml.fashion-mag.fr/l2/7B3xoiJsf30/743141/297013471.html Page URL
  2. http://wtm.fashion-mag.fr/w/118122/33422bf1fac2fa87717ed96be03aaf0d/1835/600/?mid=31a90cc261815090553d... HTTP 302
    http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws... Page URL
  3. https://pws.fashion-mag.fr/ndc/7ZEL10W4?ps_ee=33422bf1fac2fa87717ed96be03aaf0d&ps_g=MME&ps_a=1968&ps_z=... HTTP 302
    https://csync.pwspace.com/dpt?destUrl=aHR0cDovL3d3dy5qZXRjb3N0LmNvbS9zcGVjaWFsL2ZyX3N0b3BfcGgvP3V0bV9z... HTTP 307
    http://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_... HTTP 301
    https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

28
Requests

86 %
HTTPS

45 %
IPv6

18
Domains

21
Subdomains

14
IPs

6
Countries

1160 kB
Transfer

2596 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ml.fashion-mag.fr/l2/7B3xoiJsf30/743141/297013471.html Page URL
  2. http://wtm.fashion-mag.fr/w/118122/33422bf1fac2fa87717ed96be03aaf0d/1835/600/?mid=31a90cc261815090553d0f84bf2bf5bc&ct=nl&n=31&l=a&bi=4&ai=7028&u=http%3A%2F%2Fwtm.fashion-mag.fr%2Fredirection.html%3Fm%3D33422bf1fac2fa87717ed96be03aaf0d%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.fashion-mag.fr%252Fndc%252F7ZEL10W4%253Fps_ee%253D33422bf1fac2fa87717ed96be03aaf0d%2526ps_g%253DMME%2526ps_a%253D1968%2526ps_z%253D1190%2526z%253D4&dc=bUa7kH90spTuFwyNKa%252F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%252BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%252Fm68kwTsx3ltwEgtlC4F5SnlGByKA%253D%253D HTTP 302
    http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D Page URL
  3. https://pws.fashion-mag.fr/ndc/7ZEL10W4?ps_ee=33422bf1fac2fa87717ed96be03aaf0d&ps_g=MME&ps_a=1968&ps_z=1190&z=4 HTTP 302
    https://csync.pwspace.com/dpt?destUrl=aHR0cDovL3d3dy5qZXRjb3N0LmNvbS9zcGVjaWFsL2ZyX3N0b3BfcGgvP3V0bV9zb3VyY2U9cG93ZXJzcGFjZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249RlItRlJfcG93ZXJzcGFjZV9GX0NfSkNfTmF0aXZlX0RIUC1TVE9QLU5FV19kZXNrdG9wJnV0bV9jb250ZW50PUltYWdlXzExNjNfVGV4dGVfMiZ1dG1fdGVybT1PaE15TWFnJmNsaWNrSWQ9MTRhMTM4NzUtODY0Yy0zNjAzLThhNDYtMWYzY2U1ZTQ0NWM3&pstuid=db06251e-6b69-3b9b-9540-f28e00b9ef68 HTTP 307
    http://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7 HTTP 301
    https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://wtm.fashion-mag.fr/w/118122/33422bf1fac2fa87717ed96be03aaf0d/1835/600/?mid=31a90cc261815090553d0f84bf2bf5bc&ct=nl&n=31&l=a&bi=4&ai=7028&u=http%3A%2F%2Fwtm.fashion-mag.fr%2Fredirection.html%3Fm%3D33422bf1fac2fa87717ed96be03aaf0d%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.fashion-mag.fr%252Fndc%252F7ZEL10W4%253Fps_ee%253D33422bf1fac2fa87717ed96be03aaf0d%2526ps_g%253DMME%2526ps_a%253D1968%2526ps_z%253D1190%2526z%253D4&dc=bUa7kH90spTuFwyNKa%252F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%252BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%252Fm68kwTsx3ltwEgtlC4F5SnlGByKA%253D%253D HTTP 302
  • http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
Request Chain 4
  • http://er.cloud-media.fr/r/33422bf1fac2fa87717ed96be03aaf0d/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
  • https://er.cloud-media.fr/c/33422bf1fac2fa87717ed96be03aaf0d/20305b1d-4a14-4990-b6a1-7765863e4041
Request Chain 5
  • http://ep.la-meteo-mail.fr/tags/redirect.php?h=33422bf1fac2fa87717ed96be03aaf0d&source=38 HTTP 301
  • http://email-reflex.com/tags/redirect.php?h=33422bf1fac2fa87717ed96be03aaf0d&source=38 HTTP 302
  • http://email-reflex.com/tags/pixel.php?h=33422bf1fac2fa87717ed96be03aaf0d&source=38
Request Chain 6
  • https://ejp.rlcdn.com/472906.gif?m=33422bf1fac2fa87717ed96be03aaf0d&n=1 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7069781793246363616
Request Chain 7
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D33422bf1fac2fa87717ed96be03aaf0d%26wb%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D33422bf1fac2fa87717ed96be03aaf0d%26wb%3D%7BWEBO_CID%7D&bounce=1&random=2928692823 HTTP 302
  • https://r.phywi.org/webo.gif?md=33422bf1fac2fa87717ed96be03aaf0d&wb=JhaUn8LzPWjMveofYQl7Uu
Request Chain 24
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=877855562&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jetcost.com%2Fspecial%2Ffr_stop_ph%2F%3Futm_source%3Dpowerspace%26utm_medium%3Dcpc%26utm_campaign%3DFR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop%26utm_content%3DImage_1163_Texte_2%26utm_term%3DOhMyMag%26clickId%3D14a13875-864c-3603-8a46-1f3ce5e445c7&dr=http%3A%2F%2Fwtm.fashion-mag.fr%2Fredirection.html%3Fm%3D33422bf1fac2fa87717ed96be03aaf0d%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.fashion-mag.fr%252Fndc%252F7ZEL10W4%253Fps_ee%253D33422bf1fac2fa87717ed96be03aaf0d%2526ps_g%253DMME%2526ps_a%253D1968%2526ps_z%253D1190%2526z%253D4%26dc%3DbUa7kH90spTuFwyNKa%252F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%252BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%252Fm68kwTsx3ltwEgtlC4F5SnlGByKA%253D%253D&dp=FR-fr-flights-cms%2Fspecials%2Ffr_stop_ph%2Fhttps%3A%2F%2Fwww.jetcost.com%2Fspecial%2Ffr_stop_ph%2F%3Futm_source%3Dpowerspace%26utm_medium%3Dcpc%26utm_campaign%3DFR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop%26utm_content%3DImage_1163_Texte_2%26utm_term%3DOhMyMag%26clickId%3D14a13875-864c-3603-8a46-1f3ce5e445c7&ul=en-us&de=UTF-8&dt=Arr%C3%AAtez%20de%20payer%20vos%20billets%20trop%20chers%2C%20comparez%20les%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=100635396&gjid=705048119&cid=592566220.1567355004&tid=UA-475839-1&_gid=840106861.1567355004&_r=1&gtm=2wg8l2WCBM&cd1=FR%7Cfr%7Cjetcost&z=230527580 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-475839-1&cid=592566220.1567355004&jid=100635396&_gid=840106861.1567355004&gjid=705048119&_v=j79&z=230527580 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-1&cid=592566220.1567355004&jid=100635396&_v=j79&z=230527580 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-1&cid=592566220.1567355004&jid=100635396&_v=j79&z=230527580&slf_rd=1&random=859921287
Request Chain 25
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=877855562&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jetcost.com%2Fspecial%2Ffr_stop_ph%2F%3Futm_source%3Dpowerspace%26utm_medium%3Dcpc%26utm_campaign%3DFR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop%26utm_content%3DImage_1163_Texte_2%26utm_term%3DOhMyMag%26clickId%3D14a13875-864c-3603-8a46-1f3ce5e445c7&dr=http%3A%2F%2Fwtm.fashion-mag.fr%2Fredirection.html%3Fm%3D33422bf1fac2fa87717ed96be03aaf0d%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.fashion-mag.fr%252Fndc%252F7ZEL10W4%253Fps_ee%253D33422bf1fac2fa87717ed96be03aaf0d%2526ps_g%253DMME%2526ps_a%253D1968%2526ps_z%253D1190%2526z%253D4%26dc%3DbUa7kH90spTuFwyNKa%252F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%252BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%252Fm68kwTsx3ltwEgtlC4F5SnlGByKA%253D%253D&ul=en-us&de=UTF-8&dt=Arr%C3%AAtez%20de%20payer%20vos%20billets%20trop%20chers%2C%20comparez%20les%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAAB~&jid=1033434404&gjid=2028848094&cid=592566220.1567355004&tid=UA-475839-39&_gid=840106861.1567355004&_r=1&gtm=2wg8l2WCBM&cd3=FR%7Cfr%7Cjetcost&cd4=SFRfr_5d6bf07b9acb8&z=1522165437 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-475839-39&cid=592566220.1567355004&jid=1033434404&_gid=840106861.1567355004&gjid=2028848094&_v=j79&z=1522165437 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-39&cid=592566220.1567355004&jid=1033434404&_v=j79&z=1522165437 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-39&cid=592566220.1567355004&jid=1033434404&_v=j79&z=1522165437&slf_rd=1&random=2547531063

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
297013471.html
ml.fashion-mag.fr/l2/7B3xoiJsf30/743141/
746 B
1 KB
Document
General
Full URL
https://ml.fashion-mag.fr/l2/7B3xoiJsf30/743141/297013471.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash
71ea32ceac3fc4f266c310caa22a18c741f16158461f60eaa2690f747dba763f

Request headers

Host
ml.fashion-mag.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Sun, 01 Sep 2019 16:23:21 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag
noindex,nofollow
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Content-Length
746
Connection
close
Content-Type
text/html
redirection.html
wtm.fashion-mag.fr/
Redirect Chain
  • http://wtm.fashion-mag.fr/w/118122/33422bf1fac2fa87717ed96be03aaf0d/1835/600/?mid=31a90cc261815090553d0f84bf2bf5bc&ct=nl&n=31&l=a&bi=4&ai=7028&u=http%3A%2F%2Fwtm.fashion-mag.fr%2Fredirection.html%3...
  • http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a...
4 KB
5 KB
Document
General
Full URL
http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
Protocol
HTTP/1.1
Server
2001:41d0:8:88c8:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
2c8a0fac82d2ab4060f550fb72e9926c3f5f76c1c2c336cc5c1536ee77ce8d2e
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Host
wtm.fashion-mag.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Sun, 01 Sep 2019 16:23:21 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
4366
Connection
close
Expires
Sun, 01 Sep 2019 16:23:20 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=0;

Redirect headers

Server
nginx
Date
Sun, 01 Sep 2019 16:23:21 GMT
Content-Length
0
Connection
close
Expires
Sun, 01 Sep 2019 16:23:20 GMT
Cache-Control
no-cache
Pragma
no-cache
Location
http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
Strict-Transport-Security
max-age=0;
https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4
wtm.fashion-mag.fr/
0
0

cl.gif
r.phywi.org/
43 B
406 B
Image
General
Full URL
http://r.phywi.org/cl.gif?m=33422bf1fac2fa87717ed96be03aaf0d
Requested by
Host: wtm.fashion-mag.fr
URL: http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
Protocol
HTTP/1.1
Security
, ,
Server
2001:41d0:203:3919:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 01 Sep 2019 16:23:21 GMT
transfer-encoding
chunked
server
nginx
strict-transport-security
max-age=15768000
content-type
image/gif
20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/33422bf1fac2fa87717ed96be03aaf0d/
Redirect Chain
  • http://er.cloud-media.fr/r/33422bf1fac2fa87717ed96be03aaf0d/20305b1d-4a14-4990-b6a1-7765863e4041
  • https://er.cloud-media.fr/c/33422bf1fac2fa87717ed96be03aaf0d/20305b1d-4a14-4990-b6a1-7765863e4041
35 B
213 B
Image
General
Full URL
https://er.cloud-media.fr/c/33422bf1fac2fa87717ed96be03aaf0d/20305b1d-4a14-4990-b6a1-7765863e4041
Requested by
Host: wtm.fashion-mag.fr
URL: http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.228.167 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-228-167.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 01 Sep 2019 16:23:21 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

Date
Sun, 01 Sep 2019 16:23:21 GMT
X-Content-Type-Options
nosniff
Server
awselb/2.0
Content-Type
text/html
Location
https://er.cloud-media.fr/c/33422bf1fac2fa87717ed96be03aaf0d/20305b1d-4a14-4990-b6a1-7765863e4041
Connection
keep-alive
Content-Length
126
X-XSS-Protection
1; mode=block
pixel.php
email-reflex.com/tags/
Redirect Chain
  • http://ep.la-meteo-mail.fr/tags/redirect.php?h=33422bf1fac2fa87717ed96be03aaf0d&source=38
  • http://email-reflex.com/tags/redirect.php?h=33422bf1fac2fa87717ed96be03aaf0d&source=38
  • http://email-reflex.com/tags/pixel.php?h=33422bf1fac2fa87717ed96be03aaf0d&source=38
43 B
597 B
Image
General
Full URL
http://email-reflex.com/tags/pixel.php?h=33422bf1fac2fa87717ed96be03aaf0d&source=38
Requested by
Host: wtm.fashion-mag.fr
URL: http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
Protocol
HTTP/1.1
Security
, ,
Server
80.70.210.161 , France, ASN34913 (DALENYS, FR),
Reverse DNS
email-reflex.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 01 Sep 2019 16:23:21 GMT
Via
1.1 varnish
Server
Apache
Age
0
X-Cache
MISS
P3P
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
X-Server-IP
10.67.37.21
X-Server
rp-front2-1
X-Varnish
1934593627
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Sun, 01 Sep 2019 16:23:21 GMT
Content-Encoding
gzip
Server
Apache
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/html
Location
http://email-reflex.com/tags/pixel.php?h=33422bf1fac2fa87717ed96be03aaf0d&source=38
X-Server-IP
10.67.37.22
X-Server
rp-front2-2
X-Varnish
1870880653
Content-Length
20
Via
1.1 varnish
52154.gif
idsync.rlcdn.com/
Redirect Chain
  • https://ejp.rlcdn.com/472906.gif?m=33422bf1fac2fa87717ed96be03aaf0d&n=1
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7069781793246363616
42 B
412 B
Image
General
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7069781793246363616
Requested by
Host: wtm.fashion-mag.fr
URL: http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 Sep 2019 16:23:21 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
200
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

Pragma
no-cache
Date
Sun, 01 Sep 2019 16:23:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid
2736851b-897b-42a3-a104-1f82418dc587
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7069781793246363616
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
webo.gif
r.phywi.org/
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D33422bf1fac2fa87717ed96be03aaf0d%26wb%3D{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D33422bf1fac2fa87717ed96be03aaf0d%26wb%3D%7BWEBO_CID%7D&bounce=1&random=2928692823
  • https://r.phywi.org/webo.gif?md=33422bf1fac2fa87717ed96be03aaf0d&wb=JhaUn8LzPWjMveofYQl7Uu
43 B
310 B
Image
General
Full URL
https://r.phywi.org/webo.gif?md=33422bf1fac2fa87717ed96be03aaf0d&wb=JhaUn8LzPWjMveofYQl7Uu
Requested by
Host: wtm.fashion-mag.fr
URL: http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:203:3919:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 01 Sep 2019 16:23:21 GMT
server
nginx
strict-transport-security
max-age=15768000
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 01 Sep 2019 16:23:21 GMT
via
1.1 google
last-modified
Sun, 01 Sep 2019 16:23:21 GMT
server
nginx/1.12.0
status
302
location
https://r.phywi.org/webo.gif?md=33422bf1fac2fa87717ed96be03aaf0d&wb=JhaUn8LzPWjMveofYQl7Uu
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
Primary Request Cookie set /
www.jetcost.com/special/fr_stop_ph/
Redirect Chain
  • https://pws.fashion-mag.fr/ndc/7ZEL10W4?ps_ee=33422bf1fac2fa87717ed96be03aaf0d&ps_g=MME&ps_a=1968&ps_z=1190&z=4
  • https://csync.pwspace.com/dpt?destUrl=aHR0cDovL3d3dy5qZXRjb3N0LmNvbS9zcGVjaWFsL2ZyX3N0b3BfcGgvP3V0bV9zb3VyY2U9cG93ZXJzcGFjZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249RlItRlJfcG93ZXJzcGFjZV9GX0NfSkNfTmF...
  • http://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clic...
  • https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&cli...
71 KB
12 KB
Document
General
Full URL
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Requested by
Host: wtm.fashion-mag.fr
URL: http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.254.52.174 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Application-server /
Resource Hash
2a1a47783a688e173ce6f21138d740548a4513e2025881cccf5c10d737766d4f

Request headers

Host
www.jetcost.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
http://wtm.fashion-mag.fr/redirection.html?m=33422bf1fac2fa87717ed96be03aaf0d&c=fr&u=https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4&dc=bUa7kH90spTuFwyNKa%2F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%2BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%2Fm68kwTsx3ltwEgtlC4F5SnlGByKA%3D%3D

Response headers

Date
Sun, 01 Sep 2019 16:23:23 GMT
Server
Application-server
Cache-Control
no-cache, private
Set-Cookie
JETSESS_GA=deleted; expires=Sat, 01-Sep-2018 16:23:22 GMT; Max-Age=0; path=/; domain=www.jetcost.com; httponly JETSESS=SFRfr_5d6bf07b9acb8; expires=Sun, 01-Sep-2019 16:53:23 GMT; Max-Age=1800; path=/; domain=www.jetcost.com; httponly JETUSER=5d6bf07b9bea0; expires=Mon, 08-Aug-2118 16:23:23 GMT; Max-Age=3122064000; path=/; domain=www.jetcost.com; httponly JETORIGINE=cpc%7Cpowerspace%7CFR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop; path=/; domain=www.jetcost.com; httponly JETMKTGSESS=MS_5d6bf07bbbcc2; expires=Mon, 08-Aug-2118 16:23:23 GMT; Max-Age=3122064000; path=/; domain=www.jetcost.com; httponly
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
11795
Content-Type
text/html; charset=UTF-8

Redirect headers

Content-length
0
Location
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
app.min.css
a.jtcstatic.com/CSS/themes/old-jetcost/jetcost/
342 KB
67 KB
Stylesheet
General
Full URL
https://a.jtcstatic.com/CSS/themes/old-jetcost/jetcost/app.min.css?v_1370492826
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Application-server /
Resource Hash
fc8ecf2d57c9435c520edc1e6440aaeb49c49a29a2bbaa2c2d3e51b08e26926d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 29 Aug 2019 08:33:24 GMT
Content-Encoding
gzip
Age
287400
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Server
Application-server
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
qHBobFV3g-BOJSCqK5SWLIYT3qSijY00qFlF8fTXVxtRZp7Ra3Bf4w==
Expires
Sat, 28 Sep 2019 08:33:24 GMT
app.min-blessed1.css
a.jtcstatic.com/CSS/themes/old-jetcost/jetcost/
84 KB
13 KB
Stylesheet
General
Full URL
https://a.jtcstatic.com/CSS/themes/old-jetcost/jetcost/app.min-blessed1.css?v_1370492826
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Application-server /
Resource Hash
4d6baa9efe149a84c57336f61569b5ddddec7393a5e625114352f9fb631eb46c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 29 Aug 2019 08:33:23 GMT
Content-Encoding
gzip
Age
287401
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
12659
Access-Control-Allow-Origin
*
Server
Application-server
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
JUPbghZ2CIHBBlto_Vp1ZHauRW6JaqpJLAmed1Bclwz9eRzXpidyZQ==
Expires
Sat, 28 Sep 2019 08:33:23 GMT
flights-partners.css
a.jtcstatic.com/upload/auto/sprites/bootstrap/
161 KB
20 KB
Stylesheet
General
Full URL
https://a.jtcstatic.com/upload/auto/sprites/bootstrap/flights-partners.css?v_4225969173
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Application-server /
Resource Hash
757ac68ec77ea0a7001d024fd49f80defa6245c5c86c652841bc3916f8d3b21f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 07 Aug 2019 09:04:58 GMT
Content-Encoding
gzip
Connection
keep-alive
Server
Application-server
Age
2186301
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
20034
X-Amz-Cf-Id
p7pUe8u_-CddsimsB62IC1nIMWLPd-_hvHlPOfv7x0NwGVXmordZQQ==
Expires
Fri, 06 Sep 2019 09:04:58 GMT
polyfill-old.min.js
a.jtcstatic.com/JS/polyfill/
36 KB
12 KB
Script
General
Full URL
https://a.jtcstatic.com/JS/polyfill/polyfill-old.min.js?v_1370492826
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Application-server /
Resource Hash
dad39f1d0ad903a881640550f93d98ab1ec1ee3f60d41a8166fbd8715897672e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 12:53:53 GMT
Content-Encoding
gzip
Age
185371
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
11421
Access-Control-Allow-Origin
*
Server
Application-server
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
G5QbdXPPGqNkmWRV7mOdAP4hCmAJae_Jpi6YdyRITuopNAXVrmoKsA==
Expires
Sun, 29 Sep 2019 12:53:53 GMT
theme.min.js
a.jtcstatic.com/JS/themes/old-jetcost/
972 KB
265 KB
Script
General
Full URL
https://a.jtcstatic.com/JS/themes/old-jetcost/theme.min.js?v_490524153
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Application-server /
Resource Hash
59b218b1c647c85f5b13e18c3c680c3b022e27ca11bbf3fa3235543a19b2d6f7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 12:54:04 GMT
Content-Encoding
gzip
Age
185360
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Server
Application-server
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
sf5n2mLtlzNiUlSdSBj5e5LrG93KpB3UVORj73EeqFOGpGqRmsFHcQ==
Expires
Sun, 29 Sep 2019 12:54:04 GMT
fr.js
a.jtcstatic.com/JS/common/flatpickr/
1 KB
1 KB
Script
General
Full URL
https://a.jtcstatic.com/JS/common/flatpickr/fr.js?v_1952995756
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Application-server /
Resource Hash
6a92b378ded857124e3cdecb39221d5be90ffaf060c1757c110154bceb7007e0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 12:53:56 GMT
Content-Encoding
gzip
Age
185368
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
659
Access-Control-Allow-Origin
*
Server
Application-server
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
v6TIU4YvNWhmIYGmMm1zhEqtCkkQUuPC0hB9FYVR7-ok6m7gIMElyQ==
Expires
Sun, 29 Sep 2019 12:53:56 GMT
fr-FR.js
a.jtcstatic.com/JS/moment/
3 KB
2 KB
Script
General
Full URL
https://a.jtcstatic.com/JS/moment/fr-FR.js?v_2522780909
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Application-server /
Resource Hash
6ee65e99fb7d3f7714ba0b7aa9fbc719762ce826136704ec512f9bf93a83f48d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 12:53:56 GMT
Content-Encoding
gzip
Age
185368
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1147
Access-Control-Allow-Origin
*
Server
Application-server
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
vux10ii-ApVdYGovt74B0qw0Uy9kc26jZKYbw8-sziiKR5EOFgRnMw==
Expires
Sun, 29 Sep 2019 12:53:56 GMT
logo.png
a.jtcstatic.com/images/WL/jetcost/
6 KB
7 KB
Image
General
Full URL
https://a.jtcstatic.com/images/WL/jetcost/logo.png
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Application-server /
Resource Hash
8b8bb0d2d412beed5225bc32ba1137bd6b4e7bf182cc0d88c89b40efb89cd65c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 27 Aug 2019 00:38:13 GMT
Via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Application-server
Age
488711
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
6247
X-Amz-Cf-Id
vrXTRtlI6GvBG6R18rWMIgFSJiY4AHqbOZbbcA--h6xD6WXOh0w9cA==
Expires
Thu, 26 Sep 2019 00:38:13 GMT
ad.png
a.cdn.intentmedia.net/images/
35 B
426 B
Image
General
Full URL
https://a.cdn.intentmedia.net/images/ad.png
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.111 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 01 Sep 2019 16:23:24 GMT
content-encoding
gzip
age
260
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
status
200
content-length
48
x-amz-id-2
8aNEacLAFEzSxezSo/jXdPJEwZgHo/mmWML9iwNuaVigtQ6tZroIBVIYHdEMO/aZ+GaFjrD0i/A=
x-served-by
cache-iad2142-IAD, cache-hhn4050-HHN
timing-allow-origin
*
last-modified
Fri, 30 Aug 2019 19:08:57 GMT
server
AmazonS3
x-timer
S1567355004.310865,VS0,VE0
etag
"87aec5a94c94ec7a5dd1c0839eb0182b"
vary
Origin
x-amz-request-id
642F5C5935B6AD97
access-control-allow-origin
*
cache-control
max-age=0
accept-ranges
bytes
content-type
image/png
x-cache-hits
2, 105
gtm.js
www.googletagmanager.com/
127 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WCBM
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
57c07eff540e2729547f98e4177b4e5943976637604a6f0b724db253f0deea73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 01 Sep 2019 16:23:24 GMT
content-encoding
br
last-modified
Sun, 01 Sep 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
28644
x-xss-protection
0
expires
Sun, 01 Sep 2019 16:23:24 GMT
ck-modal-close.png
a.jtcstatic.com/images/
12 KB
12 KB
Image
General
Full URL
https://a.jtcstatic.com/images/ck-modal-close.png
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Application-server /
Resource Hash
996f6ac014d3fdfe78837660300f2f1647f03ed33a2075fb22b02f39615004ec

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://a.jtcstatic.com/CSS/themes/old-jetcost/jetcost/app.min.css?v_1370492826
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 25 Aug 2019 11:02:52 GMT
Via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Application-server
Age
624032
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
12263
X-Amz-Cf-Id
eobcy2NrFbINtNssxfiS_Iibgf-Z6IsTLgIAKmdmT8CxXVEc1iJo-Q==
Expires
Tue, 24 Sep 2019 11:02:52 GMT
truncated
/
23 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd319e0d76ec856f8768f1c39254f3a1bda25a06da7d122747722eb7bd798cb2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
flights-partners.jpg
a.jtcstatic.com/upload/auto/sprites/
681 KB
682 KB
Image
General
Full URL
https://a.jtcstatic.com/upload/auto/sprites/flights-partners.jpg?61e3e254746de55d224e4dc1a8f2cde6
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Application-server /
Resource Hash
9f7a92d07657a281e5db053d0a34c508dae2a132be47bca13ba14adade40559d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://a.jtcstatic.com/upload/auto/sprites/bootstrap/flights-partners.css?v_4225969173
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 07 Aug 2019 09:04:58 GMT
Via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Application-server
Age
2186300
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
697697
X-Amz-Cf-Id
LLAmuua9HaMAbV5To-pdaGm9c5Hkga7_owfHVLkvhaT0Rl4n9pyhrQ==
Expires
Fri, 06 Sep 2019 09:04:58 GMT
jetcost-font.woff2
a.jtcstatic.com/fonts/jetcost/
5 KB
6 KB
Font
General
Full URL
https://a.jtcstatic.com/fonts/jetcost/jetcost-font.woff2?c4381ebad61482befa577a5d2bcf0950
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Application-server /
Resource Hash
249fc6adb399ec7ca919f78b7105e92dadf67dbac2d6fd42c938a8d45abc7b03

Request headers

Sec-Fetch-Mode
cors
Referer
https://a.jtcstatic.com/CSS/themes/old-jetcost/jetcost/app.min.css?v_1370492826
Origin
https://www.jetcost.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 22 Aug 2019 12:24:30 GMT
Content-Encoding
gzip
Age
878334
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5395
Access-Control-Allow-Origin
*
Server
Application-server
Vary
Accept-Encoding
Content-Type
application/font-woff2
Via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
UNNwO1_z93rvZc39oSYTc14PmZVQnJ_Yyfa7Dl86EQU5yRx2pLHVVQ==
Expires
Sat, 21 Sep 2019 12:24:30 GMT
analytics.js
www.google-analytics.com/
43 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3447
date
Sun, 01 Sep 2019 15:25:57 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Sun, 01 Sep 2019 17:25:57 GMT
bat.js
bat.bing.com/
23 KB
7 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
6b4c72b8214beaceed57a85c54eed2c61cfc4911b3d677db9a6e00849ef6be05

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 01 Sep 2019 16:23:23 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2019 18:53:49 GMT
x-msedge-ref
Ref A: 3A23344F359F45BB882DAFA308F97D7F Ref B: VIEEDGE0817 Ref C: 2019-09-01T16:23:24Z
status
200
etag
"809cac9e6349d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7126
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=877855562&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jetcost.com%2Fspecial%2Ffr_stop_ph%2F%3Futm_source%3Dpowerspace%26utm_medium%3Dcpc%26utm_campa...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-475839-1&cid=592566220.1567355004&jid=100635396&_gid=840106861.1567355004&gjid=705048119&_v=j79&z=230527580
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-1&cid=592566220.1567355004&jid=100635396&_v=j79&z=230527580
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-1&cid=592566220.1567355004&jid=100635396&_v=j79&z=230527580&slf_rd=1&random=859921287
42 B
374 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-1&cid=592566220.1567355004&jid=100635396&_v=j79&z=230527580&slf_rd=1&random=859921287
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Sep 2019 16:23:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Sep 2019 16:23:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-1&cid=592566220.1567355004&jid=100635396&_v=j79&z=230527580&slf_rd=1&random=859921287
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=877855562&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jetcost.com%2Fspecial%2Ffr_stop_ph%2F%3Futm_source%3Dpowerspace%26utm_medium%3Dcpc%26utm_campa...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-475839-39&cid=592566220.1567355004&jid=1033434404&_gid=840106861.1567355004&gjid=2028848094&_v=j79&z=1522165437
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-39&cid=592566220.1567355004&jid=1033434404&_v=j79&z=1522165437
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-39&cid=592566220.1567355004&jid=1033434404&_v=j79&z=1522165437&slf_rd=1&random=2547531063
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-39&cid=592566220.1567355004&jid=1033434404&_v=j79&z=1522165437&slf_rd=1&random=2547531063
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Sep 2019 16:23:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Sep 2019 16:23:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-475839-39&cid=592566220.1567355004&jid=1033434404&_v=j79&z=1522165437&slf_rd=1&random=2547531063
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/
0
94 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5140922&Ver=2&mid=e1af5aa8-3589-a1be-2974-44f27f759309&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Arr%C3%AAtez%20de%20payer%20vos%20billets%20trop%20chers,%20comparez%20les%20!&p=https%3A%2F%2Fwww.jetcost.com%2Fspecial%2Ffr_stop_ph%2F%3Futm_source%3Dpowerspace%26utm_medium%3Dcpc%26utm_campaign%3DFR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop%26utm_content%3DImage_1163_Texte_2%26utm_term%3DOhMyMag%26clickId%3D14a13875-864c-3603-8a46-1f3ce5e445c7&r=http%3A%2F%2Fwtm.fashion-mag.fr%2Fredirection.html%3Fm%3D33422bf1fac2fa87717ed96be03aaf0d%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.fashion-mag.fr%252Fndc%252F7ZEL10W4%253Fps_ee%253D33422bf1fac2fa87717ed96be03aaf0d%2526ps_g%253DMME%2526ps_a%253D1968%2526ps_z%253D1190%2526z%253D4%26dc%3DbUa7kH90spTuFwyNKa%252F3NuYHTHnsVOEVw0h8ZPXynyHLleZA6O1sPHrEYvaDHqyDvRUNEPBihPyyFPJOwCiPvwYUsYaka6VELLmHO32eYXCnpX9ONO5HBVv%252BpjGkpuwS28OTLVlMhGXeeOxjCFQ7uUxhwntdz7donMmVCgWQoCQdc2D0BVCb0sNS1%252Fm68kwTsx3ltwEgtlC4F5SnlGByKA%253D%253D&lt=2140&evt=pageLoad&msclkid=N&rn=784788
Requested by
Host: www.jetcost.com
URL: https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Sun, 01 Sep 2019 16:23:23 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: C429BB4A2E664E768EDE51FA6B1673F4 Ref B: VIEEDGE0817 Ref C: 2019-09-01T16:23:24Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
storeGaCid
www.jetcost.com/
16 B
16 B
Image
General
Full URL
https://www.jetcost.com/storeGaCid?cid=592566220.1567355004
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.254.52.174 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Application-server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.jetcost.com/special/fr_stop_ph/?utm_source=powerspace&utm_medium=cpc&utm_campaign=FR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop&utm_content=Image_1163_Texte_2&utm_term=OhMyMag&clickId=14a13875-864c-3603-8a46-1f3ce5e445c7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 01 Sep 2019 16:23:24 GMT
Cache-Control
no-cache, private
Server
Application-server
Content-Length
16
Vary
User-Agent
Content-Type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wtm.fashion-mag.fr
URL
http://wtm.fashion-mag.fr/https%3A%2F%2Fpws.fashion-mag.fr%2Fndc%2F7ZEL10W4%3Fps_ee%3D33422bf1fac2fa87717ed96be03aaf0d%26ps_g%3DMME%26ps_a%3D1968%26ps_z%3D1190%26z%3D4

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| app function| $ function| jQuery object| modernizr function| moment function| Vue object| EventBus object| platform function| _ function| flatpickr function| Flatpickr object| VueScrollTo object| fr number| hours number| minutes string| method object| google_tag_manager string| GoogleAnalyticsObject function| ga object| uetq function| setCookie function| getParam object| gclid undefined| gclsrc object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| UET

12 Cookies

Domain/Path Name / Value
.jetcost.com/ Name: _gat_UA-475839-39
Value: 1
.www.jetcost.com/ Name: JETORIGINE
Value: cpc%7Cpowerspace%7CFR-FR_powerspace_F_C_JC_Native_DHP-STOP-NEW_desktop
.jetcost.com/ Name: _ga
Value: GA1.2.592566220.1567355004
.www.jetcost.com/ Name: _gat_UA-475839-1
Value: 1
.jetcost.com/ Name: _gcl_au
Value: 1.1.645828879.1567355004
.www.jetcost.com/ Name: _gid
Value: GA1.3.840106861.1567355004
.jetcost.com/ Name: _gid
Value: GA1.2.840106861.1567355004
.www.jetcost.com/ Name: _ga
Value: GA1.3.592566220.1567355004
www.jetcost.com/ Name: GA-source-medium
Value: powerspace/cpc
.www.jetcost.com/ Name: JETUSER
Value: 5d6bf07b9bea0
.www.jetcost.com/ Name: JETMKTGSESS
Value: MS_5d6bf07bbbcc2
.www.jetcost.com/ Name: JETSESS
Value: SFRfr_5d6bf07b9acb8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.cdn.intentmedia.net
a.jtcstatic.com
bat.bing.com
csync.pwspace.com
ejp.rlcdn.com
email-reflex.com
ep.la-meteo-mail.fr
er.cloud-media.fr
ib.adnxs.com
idsync.rlcdn.com
ml.fashion-mag.fr
pws.fashion-mag.fr
r.phywi.org
redirect.frontend.weborama.fr
stats.g.doubleclick.net
wtm.fashion-mag.fr
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.jetcost.com
wtm.fashion-mag.fr
104.155.63.91
13.35.253.13
151.101.114.111
185.33.223.218
2001:41d0:203:3919::
2001:41d0:8:88c8::
2600:1901:0:37f::a:1
2620:1ec:c11::200
2a00:1450:4001:814::200e
2a00:1450:4001:818::2004
2a00:1450:4001:81a::2008
2a00:1450:4001:821::2003
2a00:1450:400c:c00::9b
35.190.16.14
35.190.72.21
35.244.174.68
51.254.52.174
54.246.228.167
80.70.210.161
91.190.170.12
249fc6adb399ec7ca919f78b7105e92dadf67dbac2d6fd42c938a8d45abc7b03
2a1a47783a688e173ce6f21138d740548a4513e2025881cccf5c10d737766d4f
2c8a0fac82d2ab4060f550fb72e9926c3f5f76c1c2c336cc5c1536ee77ce8d2e
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
4d6baa9efe149a84c57336f61569b5ddddec7393a5e625114352f9fb631eb46c
57c07eff540e2729547f98e4177b4e5943976637604a6f0b724db253f0deea73
59b218b1c647c85f5b13e18c3c680c3b022e27ca11bbf3fa3235543a19b2d6f7
6a92b378ded857124e3cdecb39221d5be90ffaf060c1757c110154bceb7007e0
6b4c72b8214beaceed57a85c54eed2c61cfc4911b3d677db9a6e00849ef6be05
6ee65e99fb7d3f7714ba0b7aa9fbc719762ce826136704ec512f9bf93a83f48d
71ea32ceac3fc4f266c310caa22a18c741f16158461f60eaa2690f747dba763f
757ac68ec77ea0a7001d024fd49f80defa6245c5c86c652841bc3916f8d3b21f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b8bb0d2d412beed5225bc32ba1137bd6b4e7bf182cc0d88c89b40efb89cd65c
996f6ac014d3fdfe78837660300f2f1647f03ed33a2075fb22b02f39615004ec
9f7a92d07657a281e5db053d0a34c508dae2a132be47bca13ba14adade40559d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bd319e0d76ec856f8768f1c39254f3a1bda25a06da7d122747722eb7bd798cb2
dad39f1d0ad903a881640550f93d98ab1ec1ee3f60d41a8166fbd8715897672e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc8ecf2d57c9435c520edc1e6440aaeb49c49a29a2bbaa2c2d3e51b08e26926d