www.codepromo-googleworkspace.slaaap.fr Open in urlscan Pro
2a02:4780:27:1068:0:1f28:fa76:2  Public Scan

URL: https://www.codepromo-googleworkspace.slaaap.fr/
Submission Tags: @phishunt_io
Submission: On April 04 via api from DE — Scanned from FR

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 32 HTTP transactions. The main IP is 2a02:4780:27:1068:0:1f28:fa76:2, located in Paris, France and belongs to AS-HOSTINGER, CY. The main domain is www.codepromo-googleworkspace.slaaap.fr.
TLS certificate: Issued by R3 on April 3rd 2023. Valid for: 3 months.
This is the only time www.codepromo-googleworkspace.slaaap.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
6 endorsal.io
cdn.endorsal.io — Cisco Umbrella Rank: 195761
api.endorsal.io — Cisco Umbrella Rank: 170648
15 KB
6 slaaap.fr
www.codepromo-googleworkspace.slaaap.fr
38 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com — Cisco Umbrella Rank: 357
34 KB
3 sendinblue.com
www.sendinblue.com — Cisco Umbrella Rank: 31091
in-automate.sendinblue.com — Cisco Umbrella Rank: 24792
568 B
3 gstatic.com
fonts.gstatic.com
48 KB
3 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 23038
5 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2284
325 B
2 axept.io
static.axept.io — Cisco Umbrella Rank: 52680
client.axept.io — Cisco Umbrella Rank: 46777
175 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
157 KB
1 cloudfront.net
d3gciqzneb4vr5.cloudfront.net
3 KB
32 10
Domain Requested by
6 www.codepromo-googleworkspace.slaaap.fr www.codepromo-googleworkspace.slaaap.fr
4 fonts.googleapis.com www.codepromo-googleworkspace.slaaap.fr
3 api.endorsal.io cdn.endorsal.io
3 fonts.gstatic.com fonts.googleapis.com
3 cdn.endorsal.io www.codepromo-googleworkspace.slaaap.fr
cdn.endorsal.io
3 sibautomation.com 1 redirects www.codepromo-googleworkspace.slaaap.fr
sibautomation.com
2 in-automate.sendinblue.com sibautomation.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com www.codepromo-googleworkspace.slaaap.fr
www.googletagmanager.com
1 d3gciqzneb4vr5.cloudfront.net
1 client.axept.io static.axept.io
1 www.sendinblue.com sibautomation.com
1 static.axept.io www.codepromo-googleworkspace.slaaap.fr
1 ajax.googleapis.com www.codepromo-googleworkspace.slaaap.fr
32 14

This site contains links to these domains. Also see Links.

Domain
slaaap.fr
codepromo-googleworkspace.slaaap.fr
www.kqzyfj.com
endorsal.io
forms.endorsal.io
Subject Issuer Validity Valid
codepromo-googleworkspace.slaaap.fr
R3
2023-04-03 -
2023-07-02
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-09 -
2023-06-09
a year crt.sh
*.endorsal.io
Amazon RSA 2048 M02
2023-02-28 -
2023-07-09
4 months crt.sh
static.axeptio.eu
Amazon RSA 2048 M02
2023-02-24 -
2023-08-17
6 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
client.axept.io
Amazon RSA 2048 M01
2023-02-22 -
2023-10-01
7 months crt.sh
sendinblue.com
Cloudflare Inc ECC CA-3
2022-09-26 -
2023-09-25
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.codepromo-googleworkspace.slaaap.fr/
Frame ID: 8F8785CFF6DF6F8E4011E615839E9A9F
Requests: 28 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=h5svkkdzghsqj3jk5qjvahdx
Frame ID: 2BE21D099B57D7B3325A9A26682A13E2
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Codes promo -10% pour Google Workspace / Avril 2023star-altstar-altstar-altstar-altstar-altstar-altstar-altstar-altstar-altstar-altstar-altstar-altstar-altstar-altstar-alt

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

93 %
IPv6

10
Domains

14
Subdomains

14
IPs

3
Countries

476 kB
Transfer

1449 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://sibautomation.com/ruxitagentjs_ICA2NVfqru_10261230220152234.js HTTP 302
  • https://www.sendinblue.com/404/

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.codepromo-googleworkspace.slaaap.fr/
7 KB
3 KB
Document
General
Full URL
https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:27:1068:0:1f28:fa76:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.1.16
Resource Hash
1fc094f4e9228c44594bcf84a4669979ff0b3117682afa35441f23b87349ce60
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
2990
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 04 Apr 2023 02:43:23 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.1.16
style.css
www.codepromo-googleworkspace.slaaap.fr/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.codepromo-googleworkspace.slaaap.fr/style.css
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:27:1068:0:1f28:fa76:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
de88a52916128668557dd12a76a794c2d17ef699e671af78d1d3a01baf2232c7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 02:43:23 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 08 Oct 2021 08:51:41 GMT
server
LiteSpeed
etag
"fc2-6160069d-950ac4b90f7c60e;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
950
expires
Tue, 11 Apr 2023 02:43:23 GMT
css
fonts.googleapis.com/
18 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0c67cecba913af1e9e03a0178856de49a74e961fd54da5220682f8dee73f1ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Apr 2023 02:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 02:34:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Apr 2023 02:43:23 GMT
css
fonts.googleapis.com/
1 KB
530 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5cadfdc5ea936fd397ee8e96131fb58cfc3fe24d036fc2c077acf39e206cff1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Apr 2023 02:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 01:22:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Apr 2023 02:43:23 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Apr 2024 09:47:20 GMT
script.js
www.codepromo-googleworkspace.slaaap.fr/
852 B
475 B
Script
General
Full URL
https://www.codepromo-googleworkspace.slaaap.fr/script.js
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:27:1068:0:1f28:fa76:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
40c927567343180bf39b958459a7b7ae09b24f2a2ff449e7361df4172f42f8ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 02:43:23 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 01 Dec 2021 13:35:57 GMT
server
LiteSpeed
etag
"354-61a77a3d-635b12781f263bf8;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
371
expires
Tue, 11 Apr 2023 02:43:23 GMT
js
www.googletagmanager.com/gtag/
230 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NQ7J4ZB4WS
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af1b5196fb7f207e08f399d5a3b172f15c8d243d46f93a34f870b967f1d93550
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 02:43:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81127
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 04 Apr 2023 02:43:23 GMT
google-workspace-banner.svg
www.codepromo-googleworkspace.slaaap.fr/
34 KB
12 KB
Image
General
Full URL
https://www.codepromo-googleworkspace.slaaap.fr/google-workspace-banner.svg
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:27:1068:0:1f28:fa76:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
92ccc1eca8d30b8e4f10ce92d02ff8f25acdf518bd12097d138c36f28a41ec0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 02:43:23 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 27 Sep 2021 09:12:53 GMT
server
LiteSpeed
etag
"86d6-61518b15-5b1f2be83075d3d9;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
11441
expires
Tue, 11 Apr 2023 02:43:23 GMT
google-workspace-starter-cover.jpg
www.codepromo-googleworkspace.slaaap.fr/
11 KB
11 KB
Image
General
Full URL
https://www.codepromo-googleworkspace.slaaap.fr/google-workspace-starter-cover.jpg
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:27:1068:0:1f28:fa76:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3c66f4c2356c1206a56c662a8c9519b927676240925a20b88fd92f95cdab29d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 02:43:23 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 06 Sep 2021 10:56:39 GMT
server
LiteSpeed
etag
"2c74-6135f3e7-7f22d3f3ab289009;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
11380
expires
Tue, 11 Apr 2023 02:43:23 GMT
google-workspace-standard-cover.jpg
www.codepromo-googleworkspace.slaaap.fr/
10 KB
10 KB
Image
General
Full URL
https://www.codepromo-googleworkspace.slaaap.fr/google-workspace-standard-cover.jpg
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:27:1068:0:1f28:fa76:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
aafd7e4b94ab1cfe154d1bf3dbbcf02cb7f74f9a9206cd07ccec26aba41144ca
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 02:43:23 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 06 Sep 2021 10:56:39 GMT
server
LiteSpeed
etag
"298a-6135f3e7-29f812696bbbd6c;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
10634
expires
Tue, 11 Apr 2023 02:43:23 GMT
css2
fonts.googleapis.com/
2 KB
622 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b3c83e050c374cfdd13f77640509c6bf68fd787b8f35bfeef2aae4a3372355d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Apr 2023 02:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 02:14:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Apr 2023 02:43:23 GMT
css2
fonts.googleapis.com/
5 KB
820 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&family=Roboto&display=swap
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
91380da43fa0cf6fc30fc4c94fa2ccf4f14bb3f43e3bc8b2f7ba3da18117cf01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Apr 2023 02:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 02:43:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Apr 2023 02:43:23 GMT
sa.js
sibautomation.com/
10 KB
3 KB
Script
General
Full URL
https://sibautomation.com/sa.js?key=h5svkkdzghsqj3jk5qjvahdx
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
acac5563cf1cdf5e78a084ae9c78266d551bf4508c8796d4386df6a80dc36a6c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 02:43:23 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
x-powered-by
Sails <sailsjs.com>
etag
W/"29d3-ZgfUjKXwax0eBwovArQqJMr8m7Y"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
server-timing
dtSInfo;desc="0", dtRpid;desc="-1418511771"
cf-ray
7b263417de8df174-CDG
expires
Tue, 04 Apr 2023 02:44:23 GMT
widget.min.js
cdn.endorsal.io/widgets/
18 KB
5 KB
Script
General
Full URL
https://cdn.endorsal.io/widgets/widget.min.js
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:cc00:14:4dac:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f4d316cbd28153db66e4b94fa13efa6243c82abdf6d1a2cf80e5bc610fce133

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 16:29:23 GMT
x-amz-version-id
awuyj_nZ6gHMDgMQbt49XVAcBhIE49o0
content-encoding
gzip
last-modified
Thu, 14 Jul 2022 10:25:00 GMT
server
AmazonS3
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
etag
W/"bdf92dff1b909b38590858afe94263ff"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max_age=31536000
age
36841
x-amz-cf-id
sFj8h3MgNsf-KLRLylOZE7zoFUfSoz3LNsh9LsWjJoezrqXJs4UJaQ==
sdk.js
static.axept.io/
663 KB
171 KB
Script
General
Full URL
https://static.axept.io/sdk.js
Requested by
Host: www.codepromo-googleworkspace.slaaap.fr
URL: https://www.codepromo-googleworkspace.slaaap.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
917b588bfcb63394d0aa94937d9d49bd2501440fb5681364e37363294c71a1f8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 13:29:10 GMT
content-encoding
br
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Mon, 03 Apr 2023 13:29:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
47654
etag
W/"762fd0e37d6b35a965f4bf2400ebec10"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
mI4QtPkZ6ZMMkbvOJgANR_pHayj0ln0XcHx8Rila74l0ASoqw-a89w==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.codepromo-googleworkspace.slaaap.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:11 GMT
x-content-type-options
nosniff
age
576732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:11 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.codepromo-googleworkspace.slaaap.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:47 GMT
x-content-type-options
nosniff
age
576696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:47 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.codepromo-googleworkspace.slaaap.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:10 GMT
x-content-type-options
nosniff
age
576733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:10 GMT
cm.html
sibautomation.com/ Frame 2BE2
3 KB
2 KB
Document
General
Full URL
https://sibautomation.com/cm.html?key=h5svkkdzghsqj3jk5qjvahdx
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=h5svkkdzghsqj3jk5qjvahdx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
6ec0b5c0cb43eb16289de0fab94f825db3b511b6ffd93a9a3b497f3e0bc9fc02

Request headers

Referer
https://www.codepromo-googleworkspace.slaaap.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=7200
cf-cache-status
MISS
cf-ray
7b2634186eccf174-CDG
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 04 Apr 2023 02:43:23 GMT
expires
Tue, 04 Apr 2023 04:43:23 GMT
server
cloudflare
server-timing
dtSInfo;desc="0", dtRpid;desc="1460492678"
vary
Accept-Encoding
x-oneagent-js-injection
true
x-powered-by
Sails <sailsjs.com>
x-ruxit-js-agent
true
614b09cc720f2244adbbd66f
api.endorsal.io/check/fomo/
17 B
283 B
Fetch
General
Full URL
https://api.endorsal.io/check/fomo/614b09cc720f2244adbbd66f?ref=https%3A%2F%2Fwww.codepromo-googleworkspace.slaaap.fr%2F
Requested by
Host: cdn.endorsal.io
URL: https://cdn.endorsal.io/widgets/widget.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.131.89.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-89-56.us-east-2.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 04 Apr 2023 02:43:24 GMT
Server
nginx/1.14.1
ETag
W/"11-UIVUdQWNarX1D9mk06okyEMbpS8"
X-Powered-By
Express
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
17
endorsal-testimonials.min.css
cdn.endorsal.io/widgets/
36 KB
6 KB
Stylesheet
General
Full URL
https://cdn.endorsal.io/widgets/endorsal-testimonials.min.css
Requested by
Host: cdn.endorsal.io
URL: https://cdn.endorsal.io/widgets/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:cc00:14:4dac:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a35ff1c18645509f529e76acde3c744948a738c1122238644c8c6daeb28cfc0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
Jmd8zUroXjNIu83o19F1WeSsk953os3G
content-encoding
gzip
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
date
Mon, 03 Apr 2023 04:19:02 GMT
last-modified
Wed, 20 Jul 2022 11:14:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
80698
etag
W/"722a6d5f0fc75664d1795f5027f74e74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max_age=31536000
x-amz-cf-id
TLkwJKVjYUjdTps2nj8lPhPIwk3fmztnMj8NKq9qUwhx49eOyp0cDg==
widget.min.css
cdn.endorsal.io/widgets/
8 KB
2 KB
Stylesheet
General
Full URL
https://cdn.endorsal.io/widgets/widget.min.css
Requested by
Host: cdn.endorsal.io
URL: https://cdn.endorsal.io/widgets/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:cc00:14:4dac:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a09bb19d9f53c68b75ae8d6d05a66b7cca7b04271d423db0051c0dda62168ba2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
MnSgBaEsVKp7EIsfO8q8ruwSDp4nLq._
content-encoding
gzip
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
date
Mon, 03 Apr 2023 19:43:23 GMT
last-modified
Wed, 20 Jul 2022 11:14:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
25248
etag
W/"c00b3e2755dce84ca081010997976422"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max_age=31536000
x-amz-cf-id
o-tGmDCL-Ke6VwUG5BAGqrY5kQtiJLS2t8rXqzKhPfkZPx-nt4oB3g==
614b09cc720f2244adbbd66f
api.endorsal.io/check/fomo/ Frame
0
0
Preflight
General
Full URL
https://api.endorsal.io/check/fomo/614b09cc720f2244adbbd66f?ref=https%3A%2F%2Fwww.codepromo-googleworkspace.slaaap.fr%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.131.89.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-89-56.us-east-2.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin
Access-Control-Request-Method
GET
Origin
https://www.codepromo-googleworkspace.slaaap.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-allow-origin
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Tue, 04 Apr 2023 02:43:24 GMT
Server
nginx/1.14.1
Vary
Access-Control-Request-Headers
X-Powered-By
Express
614b20e5720f2244adbbd845
api.endorsal.io/render/
19 KB
2 KB
Fetch
General
Full URL
https://api.endorsal.io/render/614b20e5720f2244adbbd845?ref=%2F
Requested by
Host: cdn.endorsal.io
URL: https://cdn.endorsal.io/widgets/widget.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.131.89.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-89-56.us-east-2.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash
8ad31e9181cd405a8006929109b707d3c230f923f92120f40f7e1bbb06c26097

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 04 Apr 2023 02:43:24 GMT
Content-Encoding
gzip
Server
nginx/1.14.1
ETag
W/"4b41-k/XM/TwfMwFMeXMDCrR7DfqT6cc"
X-Powered-By
Express
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
1499
/
www.sendinblue.com/404/ Frame 2BE2
Redirect Chain
  • https://sibautomation.com/ruxitagentjs_ICA2NVfqru_10261230220152234.js
  • https://www.sendinblue.com/404/
0
0
Script
General
Full URL
https://www.sendinblue.com/404/
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=h5svkkdzghsqj3jk5qjvahdx
Protocol
H2
Server
2606:4700::6811:8560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

date
Tue, 04 Apr 2023 02:43:23 GMT
cf-cache-status
HIT
server
cloudflare
age
1139
vary
Accept-Encoding
content-type
text/html
location
https://www.sendinblue.com/404/
access-control-allow-origin
*
cache-control
public, max-age=7200
cf-ray
7b2634195f2df174-CDG
expires
Tue, 04 Apr 2023 04:43:23 GMT
collect
region1.google-analytics.com/g/
0
271 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NQ7J4ZB4WS&gtm=45je3430&_p=368750996&cid=1200426329.1680576204&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680576203&sct=1&seg=0&dl=https%3A%2F%2Fwww.codepromo-googleworkspace.slaaap.fr%2F&dt=Codes%20promo%20-10%25%20pour%20Google%20Workspace%20%2F%20Avril%202023&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NQ7J4ZB4WS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Apr 2023 02:43:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.codepromo-googleworkspace.slaaap.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
223 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2VSNRFFXQQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NQ7J4ZB4WS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9821c8396df38e9bcc1a8902df7940a824f35b401ce09c8ef8a8739ccddb3bb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 02:43:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79305
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 04 Apr 2023 02:43:23 GMT
61322e4a43c7f36d5157e200.json
client.axept.io/
8 KB
4 KB
Fetch
General
Full URL
https://client.axept.io/61322e4a43c7f36d5157e200.json?r=0
Requested by
Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20fc:b600:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd11d2762ed773399967924128c45b6be803531dd328f7d862bf9db0562b96dc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 19:55:35 GMT
x-amz-version-id
rkGAZm_gg2qunyPjQKmxyhZV_sxsfEpg
content-encoding
gzip
via
1.1 a842e6ed7853f1a77f754cf5bae38910.cloudfront.net (CloudFront)
x-amz-cf-pop
ARN54-C1
age
24469
x-cache
Hit from cloudfront
last-modified
Mon, 29 Aug 2022 09:11:29 GMT
server
AmazonS3
etag
W/"b59e2e8c3fba4ab7c253fa9702c0a4e6"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
bTxjZVZ3HyvCZ59pdLc_g0lZln6MOZKsojK5x8fL_cYJVsq73NCHjA==
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2VSNRFFXQQ&gtm=45je3430&_p=368750996&cid=1200426329.1680576204&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680576203&sct=1&seg=0&dl=https%3A%2F%2Fwww.codepromo-googleworkspace.slaaap.fr%2F&dt=Codes%20promo%20-10%25%20pour%20Google%20Workspace%20%2F%20Avril%202023&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2VSNRFFXQQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Apr 2023 02:43:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.codepromo-googleworkspace.slaaap.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
in-automate.sendinblue.com/ Frame 2BE2
0
332 B
XHR
General
Full URL
https://in-automate.sendinblue.com/cm?uuid=dce670a6-60f7-4e76-8f39-6fc19244292d&key=h5svkkdzghsqj3jk5qjvahdx&cuid=94dfd37c-0151-48d3-9798-6f326058d253
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=h5svkkdzghsqj3jk5qjvahdx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 02:43:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-ray
7b26341b0e52d20d-CDG
p
in-automate.sendinblue.com/
0
236 B
XHR
General
Full URL
https://in-automate.sendinblue.com/p?key=h5svkkdzghsqj3jk5qjvahdx&cuid=94dfd37c-0151-48d3-9798-6f326058d253&ma_url=https%3A%2F%2Fwww.codepromo-googleworkspace.slaaap.fr%2F&sib_type=page&ma_title=Codes%20promo%20-10%25%20pour%20Google%20Workspace%20%2F%20Avril%202023&sib_name=Codes%20promo%20-10%25%20pour%20Google%20Workspace%20%2F%20Avril%202023&ma_referrer=&ma_path=%2F
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=h5svkkdzghsqj3jk5qjvahdx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 02:43:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-ray
7b26341beea3d20d-CDG
endorsal-icon.png
d3gciqzneb4vr5.cloudfront.net/fit-in/28x28/
2 KB
3 KB
Image
General
Full URL
https://d3gciqzneb4vr5.cloudfront.net/fit-in/28x28/endorsal-icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5200:18:4063:3040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6fefbbf9dfe9adb852f4e312d70da694b50a738a9ed839a3a33e053a99123524

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.codepromo-googleworkspace.slaaap.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 04:21:29 GMT
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
253315
x-amzn-requestid
7a4c37e5-f0d4-4427-a395-43f0fba34239
x-cache
Hit from cloudfront
x-amz-apigw-id
CrijXHyLoAMFmjQ=
content-length
2528
last-modified
Tue, 03 Sep 2019 19:24:06 GMT
x-amzn-trace-id
Root=1-6427b148-38a9f80710a9cca34d4fc28f;Sampled=0;lineage=d2eb4b7c:0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
2onHbyB6ywfdiTHD8tI2DCIQpU2q2fCJlD-d_ZVQULNGv_7w-iovrA==

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery function| gtag object| dataLayer object| j object| n object| sib object| sendinblue object| axeptioSettings object| NDRSL object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkcaas_styleguide function| setImmediate function| clearImmediate object| __axeptioSDK object| _axcb object| axeptioSDK string| axeptioBuildTimestamp function| axeptioHandleVendors function| openAxeptioCookies function| showAxeptioButton function| hideAxeptioButton

9 Cookies

Domain/Path Name / Value
.www.codepromo-googleworkspace.slaaap.fr/ Name: sib_cuid
Value: 94dfd37c-0151-48d3-9798-6f326058d253
.slaaap.fr/ Name: _ga_NQ7J4ZB4WS
Value: GS1.1.1680576203.1.0.1680576203.0.0.0
.slaaap.fr/ Name: _ga
Value: GA1.1.1200426329.1680576204
www.codepromo-googleworkspace.slaaap.fr/ Name: axeptio_cookies
Value: {%22$$token%22:%229ucxro35id87tvuirx0duf%22%2C%22$$date%22:%222023-04-04T02:43:23.821Z%22%2C%22$$completed%22:false}
www.codepromo-googleworkspace.slaaap.fr/ Name: axeptio_authorized_vendors
Value: %2C%2C
www.codepromo-googleworkspace.slaaap.fr/ Name: axeptio_all_vendors
Value: %2C%2C
.slaaap.fr/ Name: _ga_2VSNRFFXQQ
Value: GS1.1.1680576203.1.0.1680576203.0.0.0
.sendinblue.com/ Name: __cf_bm
Value: TNm0Yf4YK_F9SnL4SACBuO9rsz22N1NLmUAb3xqHsYM-1680576203-0-AQG9wZSKahWl72Pitoks8xYELBCGj1u6EzjJ2feYI+MH8yXZEOw1ghNEMJd2rZ9v5eJw5cJSX6SeSOmiYmxlo0o=
sibautomation.com/ Name: uuid
Value: dce670a6-60f7-4e76-8f39-6fc19244292d

1 Console Messages

Source Level URL
Text
network error URL: https://www.sendinblue.com/404/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.endorsal.io
cdn.endorsal.io
client.axept.io
d3gciqzneb4vr5.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
in-automate.sendinblue.com
region1.google-analytics.com
sibautomation.com
static.axept.io
www.codepromo-googleworkspace.slaaap.fr
www.googletagmanager.com
www.sendinblue.com
2001:4860:4802:32::36
2600:9000:2057:5000:1c:f638:2940:93a1
2600:9000:20fc:b600:19:61a3:b200:93a1
2600:9000:214f:5200:18:4063:3040:21
2600:9000:223e:cc00:14:4dac:ddc0:93a1
2606:4700::6810:ff60
2606:4700::6811:8560
2606:4700::6812:1f68
2a00:1450:4001:812::2003
2a00:1450:4001:813::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a02:4780:27:1068:0:1f28:fa76:2
3.131.89.56
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
1fc094f4e9228c44594bcf84a4669979ff0b3117682afa35441f23b87349ce60
2a35ff1c18645509f529e76acde3c744948a738c1122238644c8c6daeb28cfc0
3c66f4c2356c1206a56c662a8c9519b927676240925a20b88fd92f95cdab29d5
40c927567343180bf39b958459a7b7ae09b24f2a2ff449e7361df4172f42f8ad
4f4d316cbd28153db66e4b94fa13efa6243c82abdf6d1a2cf80e5bc610fce133
5cadfdc5ea936fd397ee8e96131fb58cfc3fe24d036fc2c077acf39e206cff1f
6b3c83e050c374cfdd13f77640509c6bf68fd787b8f35bfeef2aae4a3372355d
6ec0b5c0cb43eb16289de0fab94f825db3b511b6ffd93a9a3b497f3e0bc9fc02
6fefbbf9dfe9adb852f4e312d70da694b50a738a9ed839a3a33e053a99123524
8ad31e9181cd405a8006929109b707d3c230f923f92120f40f7e1bbb06c26097
91380da43fa0cf6fc30fc4c94fa2ccf4f14bb3f43e3bc8b2f7ba3da18117cf01
917b588bfcb63394d0aa94937d9d49bd2501440fb5681364e37363294c71a1f8
92ccc1eca8d30b8e4f10ce92d02ff8f25acdf518bd12097d138c36f28a41ec0b
9821c8396df38e9bcc1a8902df7940a824f35b401ce09c8ef8a8739ccddb3bb2
a09bb19d9f53c68b75ae8d6d05a66b7cca7b04271d423db0051c0dda62168ba2
aafd7e4b94ab1cfe154d1bf3dbbcf02cb7f74f9a9206cd07ccec26aba41144ca
acac5563cf1cdf5e78a084ae9c78266d551bf4508c8796d4386df6a80dc36a6c
af1b5196fb7f207e08f399d5a3b172f15c8d243d46f93a34f870b967f1d93550
b0c67cecba913af1e9e03a0178856de49a74e961fd54da5220682f8dee73f1ff
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
dd11d2762ed773399967924128c45b6be803531dd328f7d862bf9db0562b96dc
de88a52916128668557dd12a76a794c2d17ef699e671af78d1d3a01baf2232c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e