urlscan.io logo urlscan.io
SecurityTrails logo

mirror.e.touslesplansvoyages.com Open in urlscan Pro
2a05:71c0:2000::e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.e.touslesplansvoyages.com/c/?t=3cd0a6d-449-1wcl-z!!-2qic8
Effective URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Submission: On July 07 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2a05:71c0:2000::e, located in France and belongs to ODISO-AS, FR. The main domain is mirror.e.touslesplansvoyages.com.
TLS certificate: Issued by R3 on July 5th 2021. Valid for: 3 months.
This is the only time mirror.e.touslesplansvoyages.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2a05:71c0:200... 34993 (ODISO-AS)
10 31.15.30.142 41628 (ALTERWAYH...)
1 104.111.239.217 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
14 4
3    2a05:71c0:2000::e (France)

ASN34993 (ODISO-AS, FR)
t.e.touslesplansvoyages.com
mirror.e.touslesplansvoyages.com
10    31.15.30.142 (France)

ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR)
PTR: secprdemailinglamp01.vm.awh.nexen.net
www.campagnesaffvs.fr
1    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
10 www.campagnesaffvs.fr mirror.e.touslesplansvoyages.com
2 t.e.touslesplansvoyages.com 1 redirects mirror.e.touslesplansvoyages.com
1 fonts.gstatic.com mirror.e.touslesplansvoyages.com
1 www.awin1.com mirror.e.touslesplansvoyages.com
1 mirror.e.touslesplansvoyages.com
14 5

This site contains links to these domains. Also see Links.

Domain
t.e.touslesplansvoyages.com
www.awin1.com
Subject Issuer Validity Valid
mirror.e.touslesplansvoyages.com
R3		 2021-07-05 -
2021-10-03		 3 months crt.sh
t.e.touslesplansvoyages.com
R3		 2021-06-30 -
2021-09-28		 3 months crt.sh
campagnesaffvs.fr
Sectigo RSA Organization Validation Secure Server CA		 2021-05-21 -
2022-06-21		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Frame ID: A50E52B3427D3B78347F09337BE8A286
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.e.touslesplansvoyages.com/c/?t=3cd0a6d-449-1wcl-z!!-2qic8 HTTP 302
    https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

654 kB
Transfer

710 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.e.touslesplansvoyages.com/c/?t=3cd0a6d-449-1wcl-z!!-2qic8 HTTP 302
    https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mirror.e.touslesplansvoyages.com/
Redirect Chain
  • https://t.e.touslesplansvoyages.com/c/?t=3cd0a6d-449-1wcl-z!!-2qic8
  • https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
69 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:71c0:2000::e , France, ASN34993 (ODISO-AS, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5fab1fa6453ae370a5b793403345070aa1cd525bbd7c8002a89851ece7172da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
mirror.e.touslesplansvoyages.com
:scheme
https
:path
/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=pcjqrsdhxvzf3r3ryksbfkiw; path=/; HttpOnly; SameSite=Lax SERVERID=mindweb3.odiso.net; path=/; HttpOnly; Secure
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Wed, 07 Jul 2021 12:50:30 GMT
content-length
10078
strict-transport-security
max-age=31536000;
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff

Redirect headers

cache-control
private
content-type
text/html; charset=utf-8
location
https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=wmvaormzbpk1hjqyomvfylx1; path=/; HttpOnly; SameSite=Lax SERVERID=mindtrack4.odiso.net; path=/; HttpOnly; Secure
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Wed, 07 Jul 2021 12:50:29 GMT
content-length
230
strict-transport-security
max-age=31536000;
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
/
t.e.touslesplansvoyages.com/o/ 		180 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.e.touslesplansvoyages.com/o/?t=449-z!!-2qic8
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:71c0:2000::e , France, ASN34993 (ODISO-AS, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 12:50:30 GMT
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private
strict-transport-security
max-age=31536000;
content-length
180
verisure-logo.jpg
www.campagnesaffvs.fr/202008/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.campagnesaffvs.fr/202008/verisure-logo.jpg
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.15.30.142 , France, ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR),
Reverse DNS
secprdemailinglamp01.vm.awh.nexen.net
Software
/
Resource Hash
98baf92054aff345779f9e0f81f0450446eee33c3c1af377ce7ac85d9017c7e5

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Jul 2021 12:46:45 GMT
Last-Modified
Mon, 27 Jul 2020 06:59:53 GMT
Age
224
ETag
"2e84-5ab66de9ec63c"
X-Cache
HIT
Content-Type
image/jpeg
X-Apache-Server-ID
secprdemailinglamp01
Accept-Ranges
bytes
Content-Length
11908
X-Cache-Hits
52
vs-offre-juin-2021.jpg
www.campagnesaffvs.fr/external20210521/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.campagnesaffvs.fr/external20210521/vs-offre-juin-2021.jpg
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.15.30.142 , France, ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR),
Reverse DNS
secprdemailinglamp01.vm.awh.nexen.net
Software
/
Resource Hash
3528acec49bb4b04c10e2fdb35d6af27b8a80ab14652e0b682375f88212e592c

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Jul 2021 12:46:46 GMT
Last-Modified
Fri, 21 May 2021 09:49:55 GMT
Age
224
ETag
"f7f3-5c2d3fb62d6c0"
X-Cache
HIT
Content-Type
image/jpeg
X-Apache-Server-ID
secprdemailinglamp01
Accept-Ranges
bytes
Content-Length
63475
X-Cache-Hits
53
divider.jpg
www.campagnesaffvs.fr/202008/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.campagnesaffvs.fr/202008/divider.jpg
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.15.30.142 , France, ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR),
Reverse DNS
secprdemailinglamp01.vm.awh.nexen.net
Software
/
Resource Hash
303ffb9d48b80c8f7b9d52fddc3848564a7a5c1fc2cc5043b64a395332d1ba19

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Jul 2021 12:49:01 GMT
Last-Modified
Mon, 27 Jul 2020 06:59:53 GMT
Age
88
ETag
"4d4-5ab66de9d2ffb"
X-Cache
HIT
Content-Type
image/jpeg
X-Apache-Server-ID
secprdemailinglamp01
Accept-Ranges
bytes
Content-Length
1236
X-Cache-Hits
22
ts.png
www.campagnesaffvs.fr/202008/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.campagnesaffvs.fr/202008/ts.png
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.15.30.142 , France, ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR),
Reverse DNS
secprdemailinglamp01.vm.awh.nexen.net
Software
/
Resource Hash
e7033702f4c8c2b5bd199045440642e3dc74166fbc9a42de8b52ddb6c4533dfa

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Jul 2021 12:49:01 GMT
Last-Modified
Mon, 27 Jul 2020 06:59:53 GMT
Age
88
ETag
"242f-5ab66de9ea6fc"
X-Cache
HIT
Content-Type
image/png
X-Apache-Server-ID
secprdemailinglamp01
Accept-Ranges
bytes
Content-Length
9263
X-Cache-Hits
22
app.png
www.campagnesaffvs.fr/202008/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.campagnesaffvs.fr/202008/app.png
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.15.30.142 , France, ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR),
Reverse DNS
secprdemailinglamp01.vm.awh.nexen.net
Software
/
Resource Hash
bd9fb6349440dfa9a805982d77b9b625e974e905c93e7316676739129ab91314

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Jul 2021 12:49:10 GMT
Last-Modified
Mon, 27 Jul 2020 06:59:53 GMT
Age
80
ETag
"23ce-5ab66de9c553a"
X-Cache
HIT
Content-Type
image/png
X-Apache-Server-ID
secprdemailinglamp01
Accept-Ranges
bytes
Content-Length
9166
X-Cache-Hits
19
police.png
www.campagnesaffvs.fr/202008/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.campagnesaffvs.fr/202008/police.png
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.15.30.142 , France, ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR),
Reverse DNS
secprdemailinglamp01.vm.awh.nexen.net
Software
/
Resource Hash
648192b15b788fa8ce98a653ca3e6e88b37dbe6f7dae24158c9fc4f081d3d683

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Jul 2021 12:49:01 GMT
Last-Modified
Mon, 27 Jul 2020 06:59:53 GMT
Age
88
ETag
"1c7e-5ab66de9e687b"
X-Cache
HIT
Content-Type
image/png
X-Apache-Server-ID
secprdemailinglamp01
Accept-Ranges
bytes
Content-Length
7294
X-Cache-Hits
23
bain.png
www.campagnesaffvs.fr/202008/ 		270 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.campagnesaffvs.fr/202008/bain.png
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.15.30.142 , France, ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR),
Reverse DNS
secprdemailinglamp01.vm.awh.nexen.net
Software
/
Resource Hash
b6027b10bd15290c1fb508145e974397143c5f3a01613e49046fa96f179f14a9

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Jul 2021 12:48:10 GMT
Last-Modified
Mon, 27 Jul 2020 06:59:53 GMT
Age
140
ETag
"4360f-5ab66de9cf17a"
X-Cache
HIT
Content-Type
image/png
X-Apache-Server-ID
secprdemailinglamp01
Accept-Ranges
bytes
Content-Length
275983
X-Cache-Hits
32
callActionArrow.png
www.campagnesaffvs.fr/202008/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.campagnesaffvs.fr/202008/callActionArrow.png
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.15.30.142 , France, ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR),
Reverse DNS
secprdemailinglamp01.vm.awh.nexen.net
Software
/
Resource Hash
dfb0ef8d1545caaf0c0668845fcf1e2bb077744d8ac72ce8ba9693294bd11467

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Jul 2021 12:49:01 GMT
Last-Modified
Mon, 27 Jul 2020 06:59:53 GMT
Age
88
ETag
"7aa-5ab66de9cf17a"
X-Cache
HIT
Content-Type
image/png
X-Apache-Server-ID
secprdemailinglamp01
Accept-Ranges
bytes
Content-Length
1962
X-Cache-Hits
21
new_img.png
www.campagnesaffvs.fr/external20210427/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.campagnesaffvs.fr/external20210427/new_img.png
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.15.30.142 , France, ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR),
Reverse DNS
secprdemailinglamp01.vm.awh.nexen.net
Software
/
Resource Hash
bac73807b55e2729e855e9185f4dea542a40a29abf1d7a1485983d6694865845

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Jul 2021 12:48:10 GMT
Last-Modified
Wed, 12 May 2021 09:21:34 GMT
Age
140
ETag
"37d64-5c21e896d4380"
X-Cache
HIT
Content-Type
image/png
X-Apache-Server-ID
secprdemailinglamp01
Accept-Ranges
bytes
Content-Length
228708
X-Cache-Hits
33
offre-juin-2021.jpg
www.campagnesaffvs.fr/external20210521/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.campagnesaffvs.fr/external20210521/offre-juin-2021.jpg
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.15.30.142 , France, ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR),
Reverse DNS
secprdemailinglamp01.vm.awh.nexen.net
Software
/
Resource Hash
853ca72f53c8d62a2e66ba93e3f9a561b00bfa940a1e0917c3639a21c9065302

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Jul 2021 12:48:10 GMT
Last-Modified
Fri, 21 May 2021 09:49:55 GMT
Age
139
ETag
"60fd-5c2d3fb62d6c0"
X-Cache
HIT
Content-Type
image/jpeg
X-Apache-Server-ID
secprdemailinglamp01
Accept-Ranges
bytes
Content-Length
24829
X-Cache-Hits
34
cshow.php
www.awin1.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2880823&v=18962&q=385055&r=427453
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v9/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v9/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
Requested by
Host: mirror.e.touslesplansvoyages.com
URL: https://mirror.e.touslesplansvoyages.com/?eis=Qhi4rbs5yTKsohcYR1ai%7em2UzCNInPv8AqvSSFbX1cg&s=2097&b=1526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://mirror.e.touslesplansvoyages.com
Referer
https://mirror.e.touslesplansvoyages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 10:31:42 GMT
x-content-type-options
nosniff
age
94728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22336
x-xss-protection
0
last-modified
Tue, 19 Feb 2019 22:29:41 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 10:31:42 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Domain/Path Name / Value
mirror.e.touslesplansvoyages.com/ Name: SERVERID
Value: mindweb3.odiso.net
mirror.e.touslesplansvoyages.com/ Name: ASP.NET_SessionId
Value: pcjqrsdhxvzf3r3ryksbfkiw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN