vwvu-loisirs.fr Open in urlscan Pro
178.33.249.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.info.consodunet.com/c/?t=328c9a1-42c-f0c-410-8feeq
Effective URL:
https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Submission: On August 13 via api (August 13th 2020, 10:39:12 pm UTC) from BE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 13 HTTP transactions. The main IP is 178.33.249.44, located in France and belongs to OVH, FR. The main domain is vwvu-loisirs.fr.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 3rd 2020. Valid for: 3 months.

This is the only time vwvu-loisirs.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a05:71c0:200... 2a05:71c0:2000::e	34993 (ODISO-AS) (ODISO-AS)
2 3	34.95.109.120 34.95.109.120	15169 (GOOGLE) (GOOGLE)
1	13.226.155.38 13.226.155.38	16509 (AMAZON-02) (AMAZON-02)
1 4	178.33.249.44 178.33.249.44	16276 (OVH) (OVH)
1	188.165.150.178 188.165.150.178	16276 (OVH) (OVH)
1	13.226.155.45 13.226.155.45	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1	87.98.129.92 87.98.129.92	16276 (OVH) (OVH)
4	152.195.51.35 152.195.51.35	15133 (EDGECAST) (EDGECAST)
13	8

1 2a05:71c0:2000::e (France) 1 redirects

ASN34993 (ODISO-AS, FR)

t.info.consodunet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.109.120 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-38.dus51.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.33.249.44 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: mail.noveocrm.fr

codtrk1.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vwvu-loisirs.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.150.178 (France)

ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com

analytics.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.45 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-45.dus51.r.cloudfront.net

hst.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.129.92 (France)

ASN16276 (OVH, FR)

www.insightondemand.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.51.35 (United States)

ASN15133 (EDGECAST, US)

www.volkswagen.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	tradedoubler.com 2 redirects clk.tradedoubler.com vht.tradedoubler.com analytics.tradedoubler.com hst.tradedoubler.com	9 KB
4	volkswagen.fr www.volkswagen.fr	139 KB
3	vwvu-loisirs.fr vwvu-loisirs.fr	393 KB
1	insightondemand.fr www.insightondemand.fr	4 KB
1	googleapis.com ajax.googleapis.com	34 KB
1	codtrk1.fr 1 redirects codtrk1.fr	597 B
1	consodunet.com 1 redirects t.info.consodunet.com	542 B
13	7

	Domain	Requested by
4	www.volkswagen.fr	vwvu-loisirs.fr
3	vwvu-loisirs.fr	clk.tradedoubler.com vwvu-loisirs.fr
3	clk.tradedoubler.com	2 redirects
1	www.insightondemand.fr	vwvu-loisirs.fr
1	ajax.googleapis.com	vwvu-loisirs.fr
1	hst.tradedoubler.com	vwvu-loisirs.fr
1	analytics.tradedoubler.com	vht.tradedoubler.com
1	codtrk1.fr	1 redirects
1	vht.tradedoubler.com	clk.tradedoubler.com
1	t.info.consodunet.com	1 redirects
13	10

This site contains no links.

Subject Issuer	Validity	Valid
*.tradedoubler.com GlobalSign Domain Validation CA - SHA256 - G2	`2018-12-10` - `2021-01-27`	2 years	crt.sh
vwvu-loisirs.fr Let's Encrypt Authority X3	`2020-08-03` - `2020-11-01`	3 months	crt.sh
analytics.tradedoubler.com COMODO RSA Domain Validation Secure Server CA	`2018-02-02` - `2021-02-01`	3 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
insightondemand.fr Let's Encrypt Authority X3	`2020-07-20` - `2020-10-18`	3 months	crt.sh
www.volkswagen.fr DigiCert SHA2 Secure Server CA	`2019-09-09` - `2021-11-10`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Frame ID: 64D1CC82BB5C1C4EDAA7FC67989A8669
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.info.consodunet.com/c/?t=328c9a1-42c-f0c-410-8feeq HTTP 302
http://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3... HTTP 302
https://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3... Page URL
https://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3... HTTP 302
http://codtrk1.fr/l_MAI_MAI_23445/?prenom=&nom=&email=guy.grolaux@gmail.com&telephone=&code_po... HTTP 302
https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&co... Page URL

Detected technologies

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

13
Requests

100 %
HTTPS

22 %
IPv6

7
Domains

10
Subdomains

8
IPs

3
Countries

578 kB
Transfer

661 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.info.consodunet.com/c/?t=328c9a1-42c-f0c-410-8feeq HTTP 302
http://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=& HTTP 302
https://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=& Page URL
https://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=& HTTP 302
http://codtrk1.fr/l_MAI_MAI_23445/?prenom=&nom=&email=guy.grolaux@gmail.com&telephone=&code_postal=& HTTP 302
https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://t.info.consodunet.com/c/?t=328c9a1-42c-f0c-410-8feeq HTTP 302
http://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=& HTTP 302
https://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click Show response
clk.tradedoubler.com/
Redirect Chain

https://t.info.consodunet.com/c/?t=328c9a1-42c-f0c-410-8feeq
http://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&
https://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&

1 KB
1 KB

95ms
35ms

Document
text/html

34.95.109.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.109.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.109.95.34.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: 95e05f124cae13b8165b698a9ce8ebcae22fca0dca64dfad37fded7d11781577

Request headers

:method: GET
:authority: clk.tradedoubler.com
:scheme: https
:path: /click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=ISO-8859-1
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Thu, 13 Aug 2020 22:38:54 GMT
content-length: 1143
via: 1.1 google
alt-svc: clear

Redirect headers

Location: https://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&
Date: Thu, 13 Aug 2020 22:38:54 GMT
Content-Length: 378
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 google

GET
H/1.1 200
OK prefs.js Show response
vht.tradedoubler.com/fp/ 9 KB
4 KB 100ms
23ms Script
application/javascript 13.226.155.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vht.tradedoubler.com/fp/prefs.js
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-38.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 12:39:57 GMT
Content-Encoding: gzip
Age: 35941
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Server: Apache
ETag: W/"2509-57841106334e6"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: XV_9QzxpzC2JkAUDtSNred2UhfFXMKOaQpPnm0z5-sctIv7iCLcFtQ==
Expires: Thu, 20 Aug 2020 12:39:53 GMT

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
vwvu-loisirs.fr/
Redirect Chain

https://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&
http://codtrk1.fr/l_MAI_MAI_23445/?prenom=&nom=&email=guy.grolaux@gmail.com&telephone=&code_postal=&
https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445

14 KB
4 KB

176ms
54ms

Document
text/html

178.33.249.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=306264&a=3034094&g=24780836&url=http://codtrk1.fr/l_MAI_MAI_23445/%3Fprenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.33.249.44 , France, ASN16276 (OVH, FR),
Reverse DNS: mail.noveocrm.fr
Software: Apache / PHP/5.4.45-0+deb7u6
Resource Hash: b033d0813ccfd6748120591cd94d620955461d8e4134d87c6fdd7db794b6f9a9

Request headers

Host: vwvu-loisirs.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://clk.tradedoubler.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://clk.tradedoubler.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://clk.tradedoubler.com/

Response headers

Date: Thu, 13 Aug 2020 22:38:54 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u6
Set-Cookie: PHPSESSID=vs060gob56119h2jabc5u7qh90; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3717
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Thu, 13 Aug 2020 22:38:54 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u6
Set-Cookie: PHPSESSID=ropmjln71kf26uho40uepr80k6; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
X-Robots-Tag: noindex, nofollow
Location: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

POST
H/1.1 200
OK /
analytics.tradedoubler.com/ 0
241 B 176ms
33ms Other
text/html 188.165.150.178
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tradedoubler.com/
Requested by: Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS: lb02.net.royalcactus.com
Software: nginx /
Resource Hash

Request headers

Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 13 Aug 2020 22:38:54 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK logo.png
hst.tradedoubler.com/file/306264/img_lp/ 2 KB
2 KB 119ms
32ms Image
image/png 13.226.155.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hst.tradedoubler.com/file/306264/img_lp/logo.png
Requested by: Host: vwvu-loisirs.fr
URL: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.45 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-45.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 3357547d61a3649c772c028449a208ad6af49dd558f57671bd8c80cbb6b6fc66

Request headers

Referer: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 09:53:24 GMT
Via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 26 May 2020 17:08:14 GMT
Server: Apache
Age: 391531
ETag: "734-5a690240ebb80"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 1844
X-Amz-Cf-Id: 7rinExI_zdNtlgz_PVThNWX-6kkFjxmaurzFPFcaAm4VMKzzV8B1ew==
Expires: Sun, 16 Aug 2020 09:53:24 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: vwvu-loisirs.fr
URL: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 05:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580835
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Aug 2021 05:18:20 GMT

GET
H/1.1 200
OK functions.js Show response
www.insightondemand.fr/js/ 9 KB
4 KB 155ms
30ms Script
application/javascript 87.98.129.92
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insightondemand.fr/js/functions.js?v=140124b
Requested by: Host: vwvu-loisirs.fr
URL: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.98.129.92 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 12612c4d456e0c56ccc23f7d92ac3e4ea87ed542aedd7ebc495e06c9083af8c5

Request headers

Referer: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:38:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2017 10:07:25 GMT
Server: Apache
ETag: "18c1ea3-256d-55549bb2fd140"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3473

GET
H/1.1 200
OK form-validator.js Show response
vwvu-loisirs.fr/js/ 5 KB
2 KB 31ms
30ms Script
application/javascript 178.33.249.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vwvu-loisirs.fr/js/form-validator.js?v=20160302g
Requested by: Host: vwvu-loisirs.fr
URL: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.33.249.44 , France, ASN16276 (OVH, FR),
Reverse DNS: mail.noveocrm.fr
Software: Apache /
Resource Hash: ab0067f4230dcf7dab2746f9da79af99d98143b31557dbeec2f6da02c33b1472

Request headers

Referer: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:38:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Mar 2017 15:38:24 GMT
Server: Apache
ETag: "de109a-13df-54bb8223c5c00"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1444

GET
H/1.1 200
OK bg.png
vwvu-loisirs.fr/images/ 387 KB
387 KB 60ms
30ms Image
image/png 178.33.249.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vwvu-loisirs.fr/images/bg.png
Requested by: Host: vwvu-loisirs.fr
URL: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.33.249.44 , France, ASN16276 (OVH, FR),
Reverse DNS: mail.noveocrm.fr
Software: Apache /
Resource Hash: afb97b9bcb6dd204e8005e0766227a3d1dce2e7956755cef459ae70b11b38b7b

Request headers

Referer: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:38:55 GMT
Last-Modified: Tue, 26 May 2020 14:28:24 GMT
Server: Apache
ETag: "de10b7-60bf9-5a68de872f200"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 396281

GET
H2 200 vwhead-bold.woff2
www.volkswagen.fr/idhub/etc/clientlibs/vwa-ngw18/ngw18-frontend/clientlibs/statics/fonts/ 35 KB
35 KB 143ms
79ms Font
font/woff2 152.195.51.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.volkswagen.fr/idhub/etc/clientlibs/vwa-ngw18/ngw18-frontend/clientlibs/statics/fonts/vwhead-bold.woff2

Requested by

Host: vwvu-loisirs.fr
URL: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.51.35 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Apache /

Resource Hash

ca11cd7dd66a5837b58e53491ba5d37876d988bf6fc63bd18b0a453d0be37590

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: blob: ; media-src https: data: blob: ; object-src 'none'; frame-ancestors 'none'; connect-src *; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Origin: https://vwvu-loisirs.fr

Response headers

x-dispatcher: dispatcher1eucentral1
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: blob: *; media-src https: data: blob: *; object-src 'none'; frame-ancestors 'none'; connect-src *; base-uri 'self'; upgrade-insecure-requests;
content-encoding: gzip
etag: "8b94-575d21c2f5800-gzip"
x-vhost: publish
status: 200
content-disposition: attachment
strict-transport-security: max-age=31536000
content-length: 35719
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Sep 2018 10:16:00 GMT
server: Apache
x-frame-options: DENY
date: Thu, 13 Aug 2020 22:38:55 GMT
vary: Host,Accept-Encoding,User-Agent
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
feature-policy: autoplay *; camera 'none'; display-capture 'none'; document-domain *; encrypted-media *; fullscreen *; geolocation *; microphone 'none'; midi 'none'; payment 'none'; vr 'none';
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 20 Aug 2020 22:38:55 GMT

GET
H2 200 vwhead-light.woff2
www.volkswagen.fr/idhub/etc/clientlibs/vwa-ngw18/ngw18-frontend/clientlibs/statics/fonts/ 35 KB
35 KB 168ms
105ms Font
font/woff2 152.195.51.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.volkswagen.fr/idhub/etc/clientlibs/vwa-ngw18/ngw18-frontend/clientlibs/statics/fonts/vwhead-light.woff2

Requested by

Host: vwvu-loisirs.fr
URL: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.51.35 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Apache /

Resource Hash

cc59a156c794e614b75c4788fca7619ad5f8246a9375fa0df342f80842e4bdbd

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: blob: ; media-src https: data: blob: ; object-src 'none'; frame-ancestors 'none'; connect-src *; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Origin: https://vwvu-loisirs.fr

Response headers

x-dispatcher: dispatcher2eucentral1
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: blob: *; media-src https: data: blob: *; object-src 'none'; frame-ancestors 'none'; connect-src *; base-uri 'self'; upgrade-insecure-requests;
content-encoding: gzip
etag: "8d04-575d21c6c6100-gzip"
x-vhost: publish
status: 200
content-disposition: attachment
strict-transport-security: max-age=31536000
content-length: 36077
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Sep 2018 10:16:04 GMT
server: Apache
x-frame-options: DENY
date: Thu, 13 Aug 2020 22:38:55 GMT
vary: Host,Accept-Encoding,User-Agent
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
feature-policy: autoplay *; camera 'none'; display-capture 'none'; document-domain *; encrypted-media *; fullscreen *; geolocation *; microphone 'none'; midi 'none'; payment 'none'; vr 'none';
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 20 Aug 2020 22:38:55 GMT

GET
H2 200 vwtext-regular.woff2
www.volkswagen.fr/idhub/etc/clientlibs/vwa-ngw18/ngw18-frontend/clientlibs/statics/fonts/ 34 KB
34 KB 125ms
61ms Font
font/woff2 152.195.51.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.volkswagen.fr/idhub/etc/clientlibs/vwa-ngw18/ngw18-frontend/clientlibs/statics/fonts/vwtext-regular.woff2

Requested by

Host: vwvu-loisirs.fr
URL: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.51.35 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Apache /

Resource Hash

334e49a96aa95aee5aa8bfe396e2ac21958fa52d9907afdb6688cf471961e8e8

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: blob: ; media-src https: data: blob: ; object-src 'none'; frame-ancestors 'none'; connect-src *; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Origin: https://vwvu-loisirs.fr

Response headers

x-dispatcher: dispatcher4eucentral1
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: blob: *; media-src https: data: blob: *; object-src 'none'; frame-ancestors 'none'; connect-src *; base-uri 'self'; upgrade-insecure-requests;
content-encoding: gzip
etag: "8628-575d21c2f5800-gzip"
x-vhost: publish
status: 200
content-disposition: attachment
strict-transport-security: max-age=31536000
content-length: 34350
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Sep 2018 10:16:00 GMT
server: Apache
x-frame-options: DENY
date: Thu, 13 Aug 2020 22:38:55 GMT
vary: Host,Accept-Encoding,User-Agent
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
feature-policy: autoplay *; camera 'none'; display-capture 'none'; document-domain *; encrypted-media *; fullscreen *; geolocation *; microphone 'none'; midi 'none'; payment 'none'; vr 'none';
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 20 Aug 2020 22:38:55 GMT

GET
H2 200 vwhead-regular.woff2
www.volkswagen.fr/idhub/etc/clientlibs/vwa-ngw18/ngw18-frontend/clientlibs/statics/fonts/ 35 KB
35 KB 158ms
94ms Font
font/woff2 152.195.51.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.volkswagen.fr/idhub/etc/clientlibs/vwa-ngw18/ngw18-frontend/clientlibs/statics/fonts/vwhead-regular.woff2

Requested by

Host: vwvu-loisirs.fr
URL: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.51.35 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Apache /

Resource Hash

4fba7263d01377189954eb8ea8ea1dbf8a086e3c5e389c54c6281fba5cc4578d

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: blob: ; media-src https: data: blob: ; object-src 'none'; frame-ancestors 'none'; connect-src *; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vwvu-loisirs.fr/?levier=CPL&crea=V1&prenom=&nom=&email=guy.grolaux%40gmail.com&telephone=&code_postal=&_did=23445
Origin: https://vwvu-loisirs.fr

Response headers

x-dispatcher: dispatcher1eucentral1
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: blob: *; media-src https: data: blob: *; object-src 'none'; frame-ancestors 'none'; connect-src *; base-uri 'self'; upgrade-insecure-requests;
content-encoding: gzip
etag: "8a10-575d21c2f5800-gzip"
x-vhost: publish
status: 200
content-disposition: attachment
strict-transport-security: max-age=31536000
content-length: 35301
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Sep 2018 10:16:00 GMT
server: Apache
x-frame-options: DENY
date: Thu, 13 Aug 2020 22:38:55 GMT
vary: Host,Accept-Encoding,User-Agent
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
feature-policy: autoplay *; camera 'none'; display-capture 'none'; document-domain *; encrypted-media *; fullscreen *; geolocation *; microphone 'none'; midi 'none'; payment 'none'; vr 'none';
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 20 Aug 2020 22:38:55 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			vwvu-loisirs.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: vs060gob56119h2jabc5u7qh90

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.tradedoubler.com
clk.tradedoubler.com
codtrk1.fr
hst.tradedoubler.com
t.info.consodunet.com
vht.tradedoubler.com
vwvu-loisirs.fr
www.insightondemand.fr
www.volkswagen.fr
13.226.155.38
13.226.155.45
152.195.51.35
178.33.249.44
188.165.150.178
2a00:1450:4001:815::200a
2a05:71c0:2000::e
34.95.109.120
87.98.129.92
12612c4d456e0c56ccc23f7d92ac3e4ea87ed542aedd7ebc495e06c9083af8c5
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
334e49a96aa95aee5aa8bfe396e2ac21958fa52d9907afdb6688cf471961e8e8
3357547d61a3649c772c028449a208ad6af49dd558f57671bd8c80cbb6b6fc66
4fba7263d01377189954eb8ea8ea1dbf8a086e3c5e389c54c6281fba5cc4578d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
95e05f124cae13b8165b698a9ce8ebcae22fca0dca64dfad37fded7d11781577
ab0067f4230dcf7dab2746f9da79af99d98143b31557dbeec2f6da02c33b1472
afb97b9bcb6dd204e8005e0766227a3d1dce2e7956755cef459ae70b11b38b7b
b033d0813ccfd6748120591cd94d620955461d8e4134d87c6fdd7db794b6f9a9
ca11cd7dd66a5837b58e53491ba5d37876d988bf6fc63bd18b0a453d0be37590
cc59a156c794e614b75c4788fca7619ad5f8246a9375fa0df342f80842e4bdbd

vwvu-loisirs.fr Open in urlscan Pro 178.33.249.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

22 %IPv6

7 Domains

10 Subdomains

8 IPs

3 Countries

578 kBTransfer

661 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

1 Cookies

Indicators

vwvu-loisirs.fr Open in urlscan Pro
178.33.249.44 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

22 %
IPv6

7
Domains

10
Subdomains

8
IPs

3
Countries

578 kB
Transfer

661 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions