news.promovacances.com Open in urlscan Pro
91.230.178.143 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC...
Submission: On September 05 via api (September 5th 2023, 6:39:50 pm UTC) from FR — Scanned from FR

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 6 domains to perform 30 HTTP transactions. The main IP is 91.230.178.143, located in Belgium and belongs to SELLIGENT Av. de Finlande 2, NL. The main domain is news.promovacances.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 12th 2022. Valid for: a year.

This is the only time news.promovacances.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	91.230.178.143 91.230.178.143	28836 (SELLIGENT...) (SELLIGENT Av. de Finlande 2)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2 2	52.51.205.105 52.51.205.105	16509 (AMAZON-02) (AMAZON-02)
2	52.209.138.16 52.209.138.16	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.14 18.66.192.14	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700::68... 2606:4700::6811:7a12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	193.46.206.3 193.46.206.3	29301 (KARAVEL-AS) (KARAVEL-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
30	7

1 91.230.178.143 (Belgium)

ASN28836 (SELLIGENT Av. de Finlande 2, NL)
PTR: webcpp143.slgnt.eu

news.promovacances.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.205.105 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-205-105.eu-west-1.compute.amazonaws.com

ntf.promovacances.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pntf.promovacances.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.138.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-138-16.eu-west-1.compute.amazonaws.com

notify.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-14.muc50.r.cloudfront.net

www.promovacances.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6811:7a12 (United States)

ASN13335 (CLOUDFLARENET, US)

karavel.slgnt.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 193.46.206.3 (Paris, France)

ASN29301 (KARAVEL-AS, FR)

static2.service-voyages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	slgnt.eu karavel.slgnt.eu — Cisco Umbrella Rank: 854882	263 KB
10	service-voyages.com static2.service-voyages.com	366 KB
4	promovacances.com 2 redirects news.promovacances.com ntf.promovacances.com pntf.promovacances.com www.promovacances.com	140 KB
2	adleadevent.com notify.adleadevent.com — Cisco Umbrella Rank: 463295	1 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	1003 B
30	6

	Domain	Requested by
14	karavel.slgnt.eu	news.promovacances.com
10	static2.service-voyages.com	news.promovacances.com
2	notify.adleadevent.com	news.promovacances.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.promovacances.com	news.promovacances.com
1	pntf.promovacances.com	1 redirects
1	ntf.promovacances.com	1 redirects
1	fonts.googleapis.com	news.promovacances.com
1	news.promovacances.com
30	9

This site contains no links.

Subject Issuer	Validity	Valid
news.promovacances.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-12` - `2023-11-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.promovacances.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-24` - `2024-08-23`	a year	crt.sh
*.slgnt.eu DigiCert TLS RSA SHA256 2020 CA1	`2022-09-19` - `2023-09-26`	a year	crt.sh
*.service-voyages.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-26` - `2024-07-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Frame ID: 0ECEC5A1A616DD0B9872806490FB4E52
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Promovacances

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

30
Requests

93 %
HTTPS

38 %
IPv6

6
Domains

9
Subdomains

7
IPs

5
Countries

800 kB
Transfer

796 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://ntf.promovacances.com/notifyMail/open.html?u= HTTP 301
https://notify.adleadevent.com/notifyMail/open.html?u=

Request Chain 2

https://pntf.promovacances.com/content/ids_1651/s_3753/fmd_D65FC5C1BA11CDE525FDFAFEE8B46FE6/fsh_fb297a71ca75e7a737dc425751fb8dda1c7474f8224ac99a580d928a529e2e6b.gif HTTP 301
https://notify.adleadevent.com/content/ids_1651/s_3753/fmd_D65FC5C1BA11CDE525FDFAFEE8B46FE6/fsh_fb297a71ca75e7a737dc425751fb8dda1c7474f8224ac99a580d928a529e2e6b.gif

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request optiextension.dll Show response
news.promovacances.com/optiext/ 134 KB
135 KB 165ms
51ms Document
text/html 91.230.178.143
SELLIGENT Av. de ...

General

Check archive.org

Show headers Download Go to

Full URL

https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.230.178.143 , Belgium, ASN28836 (SELLIGENT Av. de Finlande 2, NL),

Reverse DNS

webcpp143.slgnt.eu

Software

Resource Hash

421692e0463355f1a35e4e17f2a0f9056808de8f3de4aa3f86bb882db6a5de4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Tag: 10692
Content-Length: 137540
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Sep 2023 18:39:44 GMT
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1003 B 93ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600&display=swap

Requested by

Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6bcf64e2a3d45fb47ca0347cce834f2120f4a4ce222d4711ca8d7b9168a4e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Sep 2023 18:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 18:38:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Sep 2023 18:39:45 GMT

GET
H/1.1

200
OK

open.html
notify.adleadevent.com/notifyMail/
Redirect Chain

https://ntf.promovacances.com/notifyMail/open.html?u=
https://notify.adleadevent.com/notifyMail/open.html?u=

43 B
340 B

143ms
29ms

Image
image/gif

52.209.138.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notify.adleadevent.com/notifyMail/open.html?u=
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: HTTP/1.1
Server: 52.209.138.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-138-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 18:39:45 GMT
Server: nginx
ETag: W/"2b-EasQqxCf21PZHURKx4EQH1pjYMY"
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 43
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://notify.adleadevent.com/notifyMail/open.html?u=
Date: Tue, 05 Sep 2023 18:39:45 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 194
Content-Type: text/html

GET
H/1.1

200
OK

fsh_fb297a71ca75e7a737dc425751fb8dda1c7474f8224ac99a580d928a529e2e6b.gif
notify.adleadevent.com/content/ids_1651/s_3753/fmd_D65FC5C1BA11CDE525FDFAFEE8B46FE6/
Redirect Chain

https://pntf.promovacances.com/content/ids_1651/s_3753/fmd_D65FC5C1BA11CDE525FDFAFEE8B46FE6/fsh_fb297a71ca75e7a737dc425751fb8dda1c7474f8224ac99a580d928a529e2e6b.gif
https://notify.adleadevent.com/content/ids_1651/s_3753/fmd_D65FC5C1BA11CDE525FDFAFEE8B46FE6/fsh_fb297a71ca75e7a737dc425751fb8dda1c7474f8224ac99a580d928a529e2e6b.gif

36 B
710 B

141ms
30ms

Image
image/gif

52.209.138.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notify.adleadevent.com/content/ids_1651/s_3753/fmd_D65FC5C1BA11CDE525FDFAFEE8B46FE6/fsh_fb297a71ca75e7a737dc425751fb8dda1c7474f8224ac99a580d928a529e2e6b.gif
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: HTTP/1.1
Server: 52.209.138.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-138-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c2c51d37fc23ec067ab80965bc97c2cac175427e67f6d07dbe9719e185b1f2a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 18:39:45 GMT
Server: nginx
ETag: W/"24-PwjYgg2UeYzKk0YLjXV0y9SSxYE"
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 36
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://notify.adleadevent.com/content/ids_1651/s_3753/fmd_D65FC5C1BA11CDE525FDFAFEE8B46FE6/fsh_fb297a71ca75e7a737dc425751fb8dda1c7474f8224ac99a580d928a529e2e6b.gif
Date: Tue, 05 Sep 2023 18:39:45 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 194
Content-Type: text/html

GET
H2 200 logo-pmvc.png
www.promovacances.com/v2/static/img/logos/ 4 KB
4 KB 132ms
34ms Image
image/avif 18.66.192.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.promovacances.com/v2/static/img/logos/logo-pmvc.png
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-14.muc50.r.cloudfront.net
Software: fasterize /
Resource Hash: 8cddad405371293125989f4d6ce4dba6c1b2c451aef38c0803fb4e1da1644271

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:14:24 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-unique-id: bd45f8e9bfa54ef6f9b32958bc8bd629
last-modified: Fri, 23 Dec 2022 14:05:10 GMT
x-fstrz: o,c
server: fasterize
x-amz-cf-pop: MUC50-P1
age: 1521
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: max-age=3600
content-length: 4095
x-gen-id: 064e48aebbceb7f719f1283f99c056f5
x-amz-cf-id: tGbsmBxrohVwPEy4kCXjJmd4wwAF_LLs0DMywY7RbnHAy7hQgT-_XQ==

GET
H2 200 Early_BookingHiver_nl_pmvc_600x180.jpg
karavel.slgnt.eu/images/pmvc/Thematique/2023/08-aout/ 110 KB
111 KB 72ms
29ms Image
image/jpeg 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/Thematique/2023/08-aout/Early_BookingHiver_nl_pmvc_600x180.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe16d0c134005c2f78ee24b369be6822a8580f0dd90df1c62d7e9c18dc4f650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 1382
cf-polished: origSize=118337
content-length: 112756
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Wed, 30 Aug 2023 08:18:22 GMT
server: cloudflare
etag: "4c96c68a1adbd91:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2cb9bd5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 formulaire.jpg
karavel.slgnt.eu/images/pmvc/BadSender_template/ 7 KB
7 KB 77ms
51ms Image
image/jpeg 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/formulaire.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

138bd1cf598c49599d29027c9c80353794af62b585c166828f92077940a3f70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 642
cf-polished: status=not_needed
content-length: 7134
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:37:38 GMT
server: cloudflare
etag: "ac5ca745e573d71:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2cb9ed5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 formulaire_mobile.jpg
karavel.slgnt.eu/images/pmvc/BadSender_template/ 6 KB
6 KB 78ms
52ms Image
image/jpeg 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/formulaire_mobile.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12a8d17b2d8dcd3d613e7c0f50e0b259987f232ef19db5ed9893761d5420c0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 861
cf-polished: status=not_needed
content-length: 5689
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:37:38 GMT
server: cloudflare
etag: "34f8b045e573d71:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2cb9fd5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 sejour_482185_pgbighdnl.jpg
static2.service-voyages.com/photos/vacances/voyage/ 32 KB
33 KB 151ms
42ms Image
image/jpeg 193.46.206.3
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.service-voyages.com/photos/vacances/voyage/sejour_482185_pgbighdnl.jpg
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.3 Paris, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: b213375a1f3cb1949afb26898e0d2b054e8f4a935188edce36032234996a0fc8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-krvl: 10.12.24.92%10,80
date: Tue, 05 Sep 2023 18:39:45 GMT
via: RPX04-H
last-modified: Wed, 15 Dec 2021 15:04:09 GMT
server: nginx
age: 11304
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 33065
x-lb: lb56

GET
H2 200 sejour_552922_pgbighdnl.jpg
static2.service-voyages.com/photos/vacances/voyage/ 53 KB
53 KB 191ms
83ms Image
image/jpeg 193.46.206.3
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.service-voyages.com/photos/vacances/voyage/sejour_552922_pgbighdnl.jpg
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.3 Paris, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9c21ccf8fb5297b82a85b49a1aab5b243c9d04321d36bbd47261b5a68ae47ba6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-krvl: 10.12.24.92%10,80
date: Tue, 05 Sep 2023 18:39:45 GMT
via: RPX04-H
last-modified: Wed, 15 Dec 2021 15:39:09 GMT
server: nginx
age: 9822
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 53788
x-lb: lb56

GET
H2 200 sejour_512980_pgbighdnl.jpg
static2.service-voyages.com/photos/vacances/voyage/ 34 KB
34 KB 150ms
63ms Image
image/jpeg 193.46.206.3
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.service-voyages.com/photos/vacances/voyage/sejour_512980_pgbighdnl.jpg
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.3 Paris, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: b464a56c4af78451b9210415a95f9a84c422aa466605995c5a2190b6b8b7da6d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-krvl: 10.12.24.92%10,80
date: Tue, 05 Sep 2023 18:39:45 GMT
via: RPX04-H
last-modified: Wed, 15 Dec 2021 15:18:35 GMT
server: nginx
age: 11307
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 34529
x-lb: lb56

GET
H2 200 sejour_595916_pgbighdnl.jpg
static2.service-voyages.com/photos/vacances/voyage/ 35 KB
35 KB 170ms
84ms Image
image/jpeg 193.46.206.3
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.service-voyages.com/photos/vacances/voyage/sejour_595916_pgbighdnl.jpg
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.3 Paris, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: ed0b905ca9dbda4e3d3bd31e33672c373148e8a15d97c9aa48cec4b0294ba660

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-krvl: 10.12.24.93%10,80
date: Tue, 05 Sep 2023 18:39:45 GMT
via: RPX04-H
last-modified: Fri, 12 Aug 2022 06:08:08 GMT
server: nginx
age: 11004
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 35557
x-lb: lb56

GET
H2 200 sejour_655415_pgbighdnl.jpg
static2.service-voyages.com/photos/vacances/voyage/ 33 KB
33 KB 114ms
84ms Image
image/jpeg 193.46.206.3
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.service-voyages.com/photos/vacances/voyage/sejour_655415_pgbighdnl.jpg
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.3 Paris, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 00c5b87a2ab9a23bd39fc65e065cfec6b6e3538701a81d658f38105dfbe4d253

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-krvl: 10.12.24.93%10,80
date: Tue, 05 Sep 2023 18:39:45 GMT
via: RPX04-H
last-modified: Fri, 16 Jun 2023 06:06:24 GMT
server: nginx
age: 217274
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 33528
x-lb: lb56

GET
H2 200 sejour_550955_pgbighdnl.jpg
static2.service-voyages.com/photos/vacances/voyage/ 27 KB
27 KB 94ms
84ms Image
image/jpeg 193.46.206.3
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.service-voyages.com/photos/vacances/voyage/sejour_550955_pgbighdnl.jpg
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.3 Paris, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: bb01f77ad1453331edc012d2e67c101d0799343678aa5baad46ea24d3f43309a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-krvl: 10.12.24.93%10,80
date: Tue, 05 Sep 2023 18:39:45 GMT
via: RPX04-H
last-modified: Wed, 15 Dec 2021 15:39:02 GMT
server: nginx
age: 9902
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 27840
x-lb: lb56

GET
H2 200 sejour_551358_pgbighdnl.jpg
static2.service-voyages.com/photos/vacances/voyage/ 31 KB
31 KB 76ms
76ms Image
image/jpeg 193.46.206.3
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.service-voyages.com/photos/vacances/voyage/sejour_551358_pgbighdnl.jpg
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.3 Paris, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: d03f554e8d8aa0a25bf4a295e3aba665374cf5caf679992607cc7d4e3ef1d368

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-krvl: 10.12.24.93%10,80
date: Tue, 05 Sep 2023 18:39:45 GMT
via: RPX04-H
last-modified: Wed, 15 Dec 2021 15:42:05 GMT
server: nginx
age: 8496
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 32014
x-lb: lb56

GET
H2 200 sejour_608523_pgbighdnl.jpg
static2.service-voyages.com/photos/vacances/voyage/ 40 KB
41 KB 77ms
76ms Image
image/jpeg 193.46.206.3
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.service-voyages.com/photos/vacances/voyage/sejour_608523_pgbighdnl.jpg
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.3 Paris, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 61ab10e308f77a2d2596353822be4655fe3ae97e2b887cb8f36ea03d48a11dbd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-krvl: 10.12.24.93%10,80
date: Tue, 05 Sep 2023 18:39:45 GMT
via: RPX04-H
last-modified: Tue, 18 Oct 2022 06:06:01 GMT
server: nginx
age: 554415
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 41335
x-lb: lb56

GET
H2 200 sejour_484171_pgbighdnl.jpg
static2.service-voyages.com/photos/vacances/voyage/ 47 KB
48 KB 77ms
76ms Image
image/jpeg 193.46.206.3
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.service-voyages.com/photos/vacances/voyage/sejour_484171_pgbighdnl.jpg
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.3 Paris, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 50676f5de371bf2264ba6a9048711d1f209781c70c6bed10b6999b2d4c44f586

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-krvl: 10.12.24.92%10,80
date: Tue, 05 Sep 2023 18:39:45 GMT
via: RPX04-H
last-modified: Tue, 25 Jan 2022 07:19:21 GMT
server: nginx
age: 11331
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 48430
x-lb: lb56

GET
H2 200 sejour_583460_pgbighdnl.jpg
static2.service-voyages.com/photos/vacances/voyage/ 31 KB
31 KB 77ms
77ms Image
image/jpeg 193.46.206.3
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.service-voyages.com/photos/vacances/voyage/sejour_583460_pgbighdnl.jpg
Requested by: Host: news.promovacances.com
URL: https://news.promovacances.com/optiext/optiextension.dll?ID=fNMfKIGVppU++SFyLhutuETcFcYn9hjUuAINr5Q85Jrx8Am1Ta_HY0ajUzrL+k8DaZC0gxf1tofnTfc2zVwgZqNrxr1hLHe0kCXosdfj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.3 Paris, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 73126b9bdceb538ceb0a7cf0db2d16c7de3fb420989d20084e31002ee244be4c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-krvl: 10.12.24.93%10,80
date: Tue, 05 Sep 2023 18:39:45 GMT
via: RPX04-H
last-modified: Wed, 15 Jun 2022 06:05:47 GMT
server: nginx
age: 5949
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 31976
x-lb: lb56

GET
H2 200 Rentr%C3%A9e_nl_pmvc_600x180.jpg
karavel.slgnt.eu/images/pmvc/Thematique/2023/08-aout/ 130 KB
130 KB 53ms
50ms Image
image/jpeg 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/Thematique/2023/08-aout/Rentr%C3%A9e_nl_pmvc_600x180.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8593121fdda66ba6f162f1b618a173b6c90a35b38a0bcbdca1d87a66a0aa29da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 1497
cf-polished: origSize=140939
content-length: 133317
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 31 Aug 2023 12:51:59 GMT
server: cloudflare
etag: "166476ee9dcd91:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2ebb5d5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 reassurance_01.png
karavel.slgnt.eu/images/pmvc/BadSender_template/ 509 B
626 B 45ms
42ms Image
image/png 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/reassurance_01.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05c8a610a82fb3458e6c0fac1fd3cc5d77fb82df693e444e149123266bdb25a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 107
cf-polished: status=not_needed
content-length: 509
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:41:18 GMT
server: cloudflare
etag: "72eae3c8e573d71:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2ebb6d5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 reassurance_02.png
karavel.slgnt.eu/images/pmvc/BadSender_template/ 835 B
922 B 46ms
44ms Image
image/png 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/reassurance_02.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd6e8c99fbad9e65a8e679ac89cb2ebbf64903c5f88f8cec87ac8fd22c056596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 972
cf-polished: status=not_needed
content-length: 835
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:41:18 GMT
server: cloudflare
etag: "e278eac8e573d71:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2ebb7d5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 reassurance_03.png
karavel.slgnt.eu/images/pmvc/BadSender_template/ 1 KB
2 KB 50ms
49ms Image
image/png 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/reassurance_03.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56f9d9ac8e022bdffe90e5ea222e0099084072bc37d46bccf64230558f6dfaab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 1393
cf-polished: status=not_needed
content-length: 1485
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:41:18 GMT
server: cloudflare
etag: "3c46f0c8e573d71:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2ebb8d5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 reassurance_04.png
karavel.slgnt.eu/images/pmvc/BadSender_template/ 2 KB
2 KB 49ms
48ms Image
image/png 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/reassurance_04.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6113fdc6fcb67bdceb7fc59bb6d1999ee8520b36ececdc828cad28fc6b2ccf75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 91
cf-polished: status=not_needed
content-length: 2080
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:41:18 GMT
server: cloudflare
etag: "9ac4f5c8e573d71:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2ebb9d5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 reseau_01.png
karavel.slgnt.eu/images/pmvc/BadSender_template/ 422 B
508 B 46ms
44ms Image
image/png 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/reseau_01.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b937a6724d0a4915fe19263cf02aa47a5d9701f01a5d4bd4593203a9245efd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 1393
cf-polished: status=not_needed
content-length: 422
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:41:18 GMT
server: cloudflare
etag: "c288ffc8e573d71:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2ebbad5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 reseau_02.png
karavel.slgnt.eu/images/pmvc/BadSender_template/ 515 B
600 B 53ms
51ms Image
image/png 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/reseau_02.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5ebe7b667f75cce0369db099978a387edfd901382f08e810c80c7106c3931a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 50
cf-polished: status=not_needed
content-length: 515
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:41:18 GMT
server: cloudflare
etag: "e6739c9e573d71:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2ebbbd5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 reseau_03.png
karavel.slgnt.eu/images/pmvc/BadSender_template/ 569 B
652 B 47ms
45ms Image
image/png 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/reseau_03.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca56a9981a7aa6b16b3358b131d1a3ab888f89e2fbf77b8f6ee753538e69b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 1393
cf-polished: status=not_needed
content-length: 569
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:41:18 GMT
server: cloudflare
etag: "ae6211c9e573d71:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2ebbdd5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 reseau_04.png
karavel.slgnt.eu/images/pmvc/BadSender_template/ 566 B
649 B 50ms
49ms Image
image/png 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/reseau_04.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78855da594035f29c6f9799362cd236be3d043a628cb753a8ed21df9df7a6a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 1393
cf-polished: status=not_needed
content-length: 566
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:41:18 GMT
server: cloudflare
etag: "b8451fc9e573d71:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c2ebbed5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 reseau_05.png
karavel.slgnt.eu/images/pmvc/BadSender_template/ 622 B
727 B 54ms
53ms Image
image/png 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/reseau_05.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fef1f8b8a8e917b71f27b6b06d522cfa5c88b5c36b21dc53925648d006acf643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 1393
cf-polished: status=not_needed
content-length: 622
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:41:19 GMT
server: cloudflare
etag: "58ba28c9e573d71:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c30bd1d5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 reseau_06.png
karavel.slgnt.eu/images/pmvc/BadSender_template/ 510 B
598 B 55ms
54ms Image
image/png 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.slgnt.eu/images/pmvc/BadSender_template/reseau_06.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4648593a37cd430a04e4d273500d1849078d949ef5e075c33c582304fb461771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.promovacances.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:39:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
age: 1300
cf-polished: status=not_needed
content-length: 510
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jul 2021 10:41:19 GMT
server: cloudflare
etag: "16bc31c9e573d71:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 802098c30bd2d5c9-CDG
expires: Tue, 05 Sep 2023 19:09:45 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 89ms
25ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.promovacances.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 06:58:18 GMT
x-content-type-options: nosniff
age: 301287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 06:58:18 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.adleadevent.com/	1970-01-21 00:02:33	Name: adtrck_st[1651] Value: eyJpZHMiOjE2NTEsInMiOiIzNzUzIiwiaGFzaCI6IkQ2NUZDNUMxQkExMUNERTUyNUZERkFGRUU4QjQ2RkU2IiwiaGFzaDI1NiI6ImZiMjk3YTcxY2E3NWU3YTczN2RjNDI1NzUxZmI4ZGRhMWM3NDc0ZjgyMjRhYzk5YTU4MGQ5MjhhNTI5ZTJlNmIiLCJjcmVhdGVkIjoiMjAyMy0wOS0wNSAxODozOTo0NSIsImlkY3RyIjoxfQ%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
karavel.slgnt.eu
news.promovacances.com
notify.adleadevent.com
ntf.promovacances.com
pntf.promovacances.com
static2.service-voyages.com
www.promovacances.com
18.66.192.14
193.46.206.3
2606:4700::6811:7a12
2a00:1450:4001:80b::2003
2a00:1450:4001:813::200a
52.209.138.16
52.51.205.105
91.230.178.143
00c5b87a2ab9a23bd39fc65e065cfec6b6e3538701a81d658f38105dfbe4d253
05c8a610a82fb3458e6c0fac1fd3cc5d77fb82df693e444e149123266bdb25a0
12a8d17b2d8dcd3d613e7c0f50e0b259987f232ef19db5ed9893761d5420c0a6
138bd1cf598c49599d29027c9c80353794af62b585c166828f92077940a3f70d
1b937a6724d0a4915fe19263cf02aa47a5d9701f01a5d4bd4593203a9245efd2
1ca56a9981a7aa6b16b3358b131d1a3ab888f89e2fbf77b8f6ee753538e69b20
421692e0463355f1a35e4e17f2a0f9056808de8f3de4aa3f86bb882db6a5de4a
4648593a37cd430a04e4d273500d1849078d949ef5e075c33c582304fb461771
50676f5de371bf2264ba6a9048711d1f209781c70c6bed10b6999b2d4c44f586
56f9d9ac8e022bdffe90e5ea222e0099084072bc37d46bccf64230558f6dfaab
5fe16d0c134005c2f78ee24b369be6822a8580f0dd90df1c62d7e9c18dc4f650
6113fdc6fcb67bdceb7fc59bb6d1999ee8520b36ececdc828cad28fc6b2ccf75
61ab10e308f77a2d2596353822be4655fe3ae97e2b887cb8f36ea03d48a11dbd
73126b9bdceb538ceb0a7cf0db2d16c7de3fb420989d20084e31002ee244be4c
78855da594035f29c6f9799362cd236be3d043a628cb753a8ed21df9df7a6a8a
8593121fdda66ba6f162f1b618a173b6c90a35b38a0bcbdca1d87a66a0aa29da
8cddad405371293125989f4d6ce4dba6c1b2c451aef38c0803fb4e1da1644271
9c21ccf8fb5297b82a85b49a1aab5b243c9d04321d36bbd47261b5a68ae47ba6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b213375a1f3cb1949afb26898e0d2b054e8f4a935188edce36032234996a0fc8
b464a56c4af78451b9210415a95f9a84c422aa466605995c5a2190b6b8b7da6d
b5ebe7b667f75cce0369db099978a387edfd901382f08e810c80c7106c3931a9
bb01f77ad1453331edc012d2e67c101d0799343678aa5baad46ea24d3f43309a
c2c51d37fc23ec067ab80965bc97c2cac175427e67f6d07dbe9719e185b1f2a5
c6bcf64e2a3d45fb47ca0347cce834f2120f4a4ce222d4711ca8d7b9168a4e33
d03f554e8d8aa0a25bf4a295e3aba665374cf5caf679992607cc7d4e3ef1d368
dd6e8c99fbad9e65a8e679ac89cb2ebbf64903c5f88f8cec87ac8fd22c056596
ed0b905ca9dbda4e3d3bd31e33672c373148e8a15d97c9aa48cec4b0294ba660
fef1f8b8a8e917b71f27b6b06d522cfa5c88b5c36b21dc53925648d006acf643

news.promovacances.com Open in urlscan Pro 91.230.178.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

30 Requests

93 %HTTPS

38 %IPv6

6 Domains

9 Subdomains

7 IPs

5 Countries

800 kBTransfer

796 kBSize

1 Cookies

0 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

news.promovacances.com Open in urlscan Pro
91.230.178.143 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

93 %
HTTPS

38 %
IPv6

6
Domains

9
Subdomains

7
IPs

5
Countries

800 kB
Transfer

796 kB
Size

1
Cookies

30 HTTP transactions
0 data transactions