www.fram.fr Open in urlscan Pro
178.33.46.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://voyages.fram.fr/optiext/optiextension.dll?ID=TpoTnFLS5kBbDMjkL1rqCeRLXyN9rmHss4Qv%2BQ2p6F7AN7GDeU_mu%2BToReLz2pf...
Effective URL:
https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD...
Submission: On July 22 via api (July 22nd 2022, 7:09:11 am UTC) from FR — Scanned from FR

Summary HTTP 98 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 39 domains to perform 98 HTTP transactions. The main IP is 178.33.46.193, located in Cavalaire-sur-Mer, France and belongs to OVH, FR. The main domain is www.fram.fr.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 9th 2022. Valid for: a year.

This is the only time www.fram.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.230.178.143 91.230.178.143	28836 (SELLIGENT...) (SELLIGENT Av. de Finlande 2)
18	178.33.46.193 178.33.46.193	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:a1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	193.46.206.2 193.46.206.2	29301 (KARAVEL-AS) (KARAVEL-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	13.32.121.117 13.32.121.117	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.2 108.138.17.2	16509 (AMAZON-02) (AMAZON-02)
2	52.213.248.76 52.213.248.76	16509 (AMAZON-02) (AMAZON-02)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	89.185.38.89 89.185.38.89	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
1	2001:41d0:202... 2001:41d0:202:100:145:239:192:103	16276 (OVH) (OVH)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	95.131.137.7 95.131.137.7	47841 (OXALIDE) (OXALIDE)
1	51.158.29.12 51.158.29.12	12876 (Online SAS) (Online SAS)
1 1	40.74.50.168 40.74.50.168	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	68.232.35.200 68.232.35.200	15133 (EDGECAST) (EDGECAST)
23	2001:41d0:301... 2001:41d0:301:100:145:239:193:53	16276 (OVH) (OVH)
2	2620:1ec:27::... 2620:1ec:27::cafe:1759	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.209.64.238 52.209.64.238	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5	216.59.56.23 216.59.56.23	53334 (TUT-AS) (TUT-AS)
2	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4 4	54.36.150.186 54.36.150.186	16276 (OVH) (OVH)
2 2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	51.38.250.93 51.38.250.93	16276 (OVH) (OVH)
1	18.200.221.133 18.200.221.133	16509 (AMAZON-02) (AMAZON-02)
2 4	13.36.62.238 13.36.62.238	16509 (AMAZON-02) (AMAZON-02)
98	33

1 91.230.178.143 (Belgium) 1 redirects

ASN28836 (SELLIGENT Av. de Finlande 2, NL)
PTR: webcpp143.slgnt.eu

voyages.fram.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 178.33.46.193 (Cavalaire-sur-Mer, France)

ASN16276 (OVH, FR)

www.fram.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a1e (United States)

ASN13335 (CLOUDFLARENET, US)

z7cpethotg.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.46.206.2 (Villepinte, France)

ASN29301 (KARAVEL-AS, FR)

static.service-voyages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csxd.service-voyages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

karavel.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-117.fra60.r.cloudfront.net

tracker.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-2.fra56.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.248.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-248-76.eu-west-1.compute.amazonaws.com

u360.d-bi.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.185.38.89 (Paris, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

u.logbor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:202:100:145:239:192:103 (France)

ASN16276 (OVH, FR)

atout.email-match.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.131.137.7 (France)

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net

guru.opthb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.29.12 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-29-12.rev.poneytelecom.eu

js.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.74.50.168 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.r66net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.200 (United States)

ASN15133 (EDGECAST, US)

static.r66net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2001:41d0:301:100:145:239:193:53 (France)

ASN16276 (OVH, FR)

asset.easydmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sq.leclubdesbonsplans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtg-sq.hopmailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sq.1jouruneoffre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
squa.squakon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1759 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.64.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-64-238.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.59.56.23 (United States)

ASN53334 (TUT-AS, US)
PTR: customer.ipv4.totaluptime.com

ks.invibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.videostep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.videostep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

rd.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.150.186 (Paris, France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip186.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.38.250.93 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip93.ip-51-38-250.eu

p.crm4d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.221.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-221-133.eu-west-1.compute.amazonaws.com

v3.api.optinproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.36.62.238 (Paris, France) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-62-238.eu-west-3.compute.amazonaws.com

sync.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	easydmp.net asset.easydmp.net — Cisco Umbrella Rank: 54102	30 KB
19	fram.fr 1 redirects voyages.fram.fr www.fram.fr	361 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 stats.g.doubleclick.net — Cisco Umbrella Rank: 117 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	4 KB
4	commander1.com 2 redirects sync.commander1.com — Cisco Umbrella Rank: 23177	3 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 1978	1 KB
4	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 542 j.clarity.ms — Cisco Umbrella Rank: 5385	25 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 344	13 KB
4	marinsm.com tracker.marinsm.com — Cisco Umbrella Rank: 15898	4 KB
4	service-voyages.com static.service-voyages.com — Cisco Umbrella Rank: 860790 csxd.service-voyages.com	159 KB
3	crm4d.com 2 redirects p.crm4d.com — Cisco Umbrella Rank: 143235	1 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 324	551 B
3	invibes.com ks.invibes.com — Cisco Umbrella Rank: 148196	334 B
3	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3224 c.contentsquare.net — Cisco Umbrella Rank: 3193	73 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 234	2 KB
2	weborama.fr 2 redirects rd.frontend.weborama.fr — Cisco Umbrella Rank: 16950	531 B
2	videostep.com u.videostep.com — Cisco Umbrella Rank: 139198 s.videostep.com — Cisco Umbrella Rank: 172261	499 B
2	google.fr www.google.fr — Cisco Umbrella Rank: 13968	656 B
2	google.com www.google.com — Cisco Umbrella Rank: 10	656 B
2	r66net.com 1 redirects k.r66net.com — Cisco Umbrella Rank: 34300 static.r66net.com — Cisco Umbrella Rank: 31318	15 KB
2	logbor.com u.logbor.com — Cisco Umbrella Rank: 128497	5 KB
2	d-bi.fr u360.d-bi.fr — Cisco Umbrella Rank: 88574	5 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	2o7.net 1 redirects karavel.112.2o7.net	1 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	squakon.eu squa.squakon.eu — Cisco Umbrella Rank: 630825	414 B
1	1jouruneoffre.com sq.1jouruneoffre.com — Cisco Umbrella Rank: 662033	415 B
1	hopmailing.com rtg-sq.hopmailing.com — Cisco Umbrella Rank: 661861	414 B
1	leclubdesbonsplans.com sq.leclubdesbonsplans.com — Cisco Umbrella Rank: 675606	413 B
1	optinproject.com v3.api.optinproject.com — Cisco Umbrella Rank: 319289	239 B
1	sddan.com js.sddan.com — Cisco Umbrella Rank: 30876	2 KB
1	opthb.com guru.opthb.com	661 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	26 KB
1	email-match.com atout.email-match.com — Cisco Umbrella Rank: 278601	4 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	82 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	1 KB
1	kameleoon.eu z7cpethotg.kameleoon.eu	52 KB
0	dynamo.one Failed tags.dynamo.one Failed
0	estat.com Failed w.estat.com Failed
98	39

	Domain	Requested by
19	asset.easydmp.net	www.fram.fr atout.email-match.com asset.easydmp.net
18	www.fram.fr	www.fram.fr z7cpethotg.kameleoon.eu
4	sync.commander1.com	2 redirects www.fram.fr
4	cookie-matching.mediarithmics.com	4 redirects
4	bat.bing.com	www.fram.fr bat.bing.com
4	tracker.marinsm.com	www.googletagmanager.com www.fram.fr
3	p.crm4d.com	2 redirects www.fram.fr
3	idsync.rlcdn.com	2 redirects www.fram.fr
3	ks.invibes.com	www.fram.fr
3	static.service-voyages.com	www.fram.fr
2	ib.adnxs.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	rd.frontend.weborama.fr	2 redirects
2	j.clarity.ms	www.clarity.ms
2	www.google.fr	www.fram.fr
2	www.google.com	www.fram.fr
2	c.contentsquare.net	www.fram.fr
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	googleads.g.doubleclick.net	www.googleadservices.com
2	u.logbor.com	www.fram.fr u.logbor.com
2	u360.d-bi.fr	www.fram.fr
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	karavel.112.2o7.net	1 redirects www.fram.fr
2	fonts.gstatic.com	fonts.googleapis.com
1	squa.squakon.eu	asset.easydmp.net
1	sq.1jouruneoffre.com	asset.easydmp.net
1	rtg-sq.hopmailing.com	asset.easydmp.net
1	sq.leclubdesbonsplans.com	asset.easydmp.net
1	v3.api.optinproject.com	www.fram.fr
1	s.videostep.com	www.fram.fr
1	u.videostep.com	k.r66net.com
1	static.r66net.com	www.fram.fr
1	k.r66net.com	1 redirects
1	js.sddan.com	www.fram.fr
1	guru.opthb.com	www.fram.fr
1	csxd.service-voyages.com	t.contentsquare.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	connect.facebook.net	www.fram.fr
1	atout.email-match.com	www.fram.fr
1	t.contentsquare.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.fram.fr
1	fonts.googleapis.com	www.fram.fr
1	z7cpethotg.kameleoon.eu	www.fram.fr
1	voyages.fram.fr	1 redirects
0	tags.dynamo.one Failed	www.fram.fr
0	w.estat.com Failed	www.fram.fr
98	47

This site contains links to these domains. Also see Links.

Domain
vol.fram.fr
croisiere.fram.fr
fr-fr.facebook.com
twitter.com
www.youtube.com
www.blog-fram.fr
www.pinterest.fr
www.instagram.com
www.tripadvisor.fr

Subject Issuer	Validity	Valid
*.fram.fr Sectigo RSA Domain Validation Secure Server CA	`2022-06-09` - `2023-07-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-31` - `2023-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.service-voyages.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-09` - `2023-07-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.marinsm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-27` - `2023-05-25`	a year	crt.sh
t.contentsquare.net Amazon	`2021-11-13` - `2022-12-11`	a year	crt.sh
d-bi.fr Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.logbor.com R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
er4.galardondelaweb.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-30` - `2022-07-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
guru.opthb.com R3	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.sddan.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-25` - `2023-05-16`	a year	crt.sh
icd.easydmp.net R3	`2022-05-26` - `2022-08-24`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
c.contentsquare.net Amazon	`2021-09-14` - `2022-10-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
content.videostep.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-03` - `2022-11-03`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
core.api.optincollect.com Amazon	`2021-09-14` - `2022-10-12`	a year	crt.sh
crm4d.com R3	`2022-06-23` - `2022-09-21`	3 months	crt.sh
asset.azdmp.com R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Frame ID: 565ED84D6F0F5AD6025FFA69FF78F2FF
Requests: 70 HTTP requests in this frame

Frame: https://csxd.service-voyages.com/xdframe-1.0.0.html
Frame ID: 6A80ED5A640F76C681968DD5A96C6F05
Requests: 1 HTTP requests in this frame

Frame: https://asset.easydmp.net/client_iframe.html?t=230344
Frame ID: 0C1135BA17282892E757345CD136DC09
Requests: 21 HTTP requests in this frame

Frame: https://asset.easydmp.net/collect_v2.img.php?dmp=comact&uid=165847374684353398&webo_id=7q7SSzrPUnu1yhnhHdONLu
Frame ID: 26E123E2EF6F87F66EDCCF50B60B0437
Requests: 1 HTTP requests in this frame

Frame: https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&mrm_id=vec%3A28276119576&rand=165847374684353398
Frame ID: A6D62DAFC2DF4FF014A2453625AC0965
Requests: 1 HTTP requests in this frame

Frame: https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=pi5ZVcNqA-AFKdSKoU9tu1CQxfsuP9C9eRQt-Aef3EA
Frame ID: 2AE053B3DA31C0FF23A61097295B071F
Requests: 1 HTTP requests in this frame

Frame: https://v3.api.optinproject.com/sqdt/picking
Frame ID: 7A1C024F9E29D66A8E4BFE2C688F2DC9
Requests: 1 HTTP requests in this frame

Frame: https://p.crm4d.com/smarttag/squadatast/orphan/userinfo?redirect=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Demdmpeasy%26p%3D2098%26s%3D2098%26uid%3D165847374684353398%26m%3D%24EMAILS
Frame ID: 3DDDF278D94BD3F5FE122DC1ACB40379
Requests: 1 HTTP requests in this frame

Frame: https://www.fram.fr/static/html/kameleoon-iframe.html
Frame ID: B61D2EECB7763702F95C477CF9B7CC5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Agence de voyage FRAM : des offres de vacances à petits prix

Page URL History Show full URLs

https://voyages.fram.fr/optiext/optiextension.dll?ID=TpoTnFLS5kBbDMjkL1rqCeRLXyN9rmHss4Qv%2BQ2p6F7AN... HTTP 302
https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

98
Requests

89 %
HTTPS

37 %
IPv6

39
Domains

47
Subdomains

33
IPs

6
Countries

934 kB
Transfer

2425 kB
Size

38
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://vol.fram.fr/
Title: VOLS

Search URL Search Domain Scan URL

URL: http://croisiere.fram.fr/
Title: CROISIÈRE

Search URL Search Domain Scan URL

URL: https://fr-fr.facebook.com/voyagesfram

Search URL Search Domain Scan URL

URL: https://twitter.com/LesVoyagesFram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/VoyagesFRAM

Search URL Search Domain Scan URL

URL: http://www.blog-fram.fr/

Search URL Search Domain Scan URL

URL: https://www.pinterest.fr/lesvoyagesfram/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fram_voyages/

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.fr/pages/service.html
Title: cliquer ici

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://voyages.fram.fr/optiext/optiextension.dll?ID=TpoTnFLS5kBbDMjkL1rqCeRLXyN9rmHss4Qv%2BQ2p6F7AN7GDeU_mu%2BToReLz2pf6zk3jjT9DW4sKr3Epuj2WlcD0Ue0G35sHXPWug5nW HTTP 302
https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://karavel.112.2o7.net/b/ss/karavelfram/1/H.25.2/s21474861639548?AQB=1&ndh=1&t=22%2F6%2F2022%207%3A9%3A6%205%200&ce=UTF-8&ns=karavel&pageName=Maintenance%7CFront%7C500&g=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&cc=EUR&server=www.fram.fr&v0=email-PGI-J05_qualif-Bascule_PMVC-293-NA&events=event34&c24=Maintenance%7CFront&c25=Maintenance&c26=Maintenance%7CFront%7C500&v28=A23B3C48ED2FA548409509AD2CEB59B4&v32=email-PGI-J05_qualif-Bascule_PMVC-293-NA&c33=9%3A00AM&v33=9%3A00AM-Friday&c34=Friday&c35=Weekday&c49=%2Fnewsletter%2Fsejour%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1 HTTP 302
https://karavel.112.2o7.net/b/ss/karavelfram/1/H.25.2/s21474861639548?AQB=1&pccr=true&vidn=316D2689326C21A8-40000F8291BCEA52&ndh=1&t=22%2F6%2F2022%207%3A9%3A6%205%200&ce=UTF-8&ns=karavel&pageName=Maintenance%7CFront%7C500&g=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&cc=EUR&server=www.fram.fr&v0=email-PGI-J05_qualif-Bascule_PMVC-293-NA&events=event34&c24=Maintenance%7CFront&c25=Maintenance&c26=Maintenance%7CFront%7C500&v28=A23B3C48ED2FA548409509AD2CEB59B4&v32=email-PGI-J05_qualif-Bascule_PMVC-293-NA&c33=9%3A00AM&v33=9%3A00AM-Friday&c34=Friday&c35=Weekday&c49=%2Fnewsletter%2Fsejour%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1

Request Chain 49

https://ads2.adverline.com/retargetproduit/partnertag/105436_tag.js HTTP 302
https://tags.dynamo.one/105436_tag.js

Request Chain 52

https://k.r66net.com/GetAnalytics HTTP 302
https://static.r66net.com/script_s1/a8.4.js

Request Chain 72

https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D165847374684353398%26webo_id%3D{WEBO_CID} HTTP 302
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D165847374684353398%26webo_id%3D%7BWEBO_CID%7D&bounce=1&random=3551591320 HTTP 302
https://asset.easydmp.net/collect_v2.img.php?dmp=comact&uid=165847374684353398&webo_id=7q7SSzrPUnu1yhnhHdONLu

Request Chain 73

https://idsync.rlcdn.com/461249.gif?partner_uid=165847374684353398 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMGTHBIeChoIARC38wEaEjE2NTg0NzM3NDY4NDM1MzM5OBAAGg0Ik5rplgYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOLoVuMVElWY4Wi40GYeUpo&google_cver=1

Request Chain 74

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=squa17&rand=165847374684353398 HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?rand=165847374684353398&domid=1023 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&rand=165847374684353398&action=GET_ID&opid=goo&etid=&domid=1023&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&rand=165847374684353398&action=GET_ID&opid=goo&etid=&domid=1023&ops=apx&google_gid=CAESEMDeXPF8xR0WcHyeoPgxAE8&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEMDeXPF8xR0WcHyeoPgxAE8&rand=165847374684353398&action=GET_ID&etid=&domid=1023 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEMDeXPF8xR0WcHyeoPgxAE8%26rand%3D165847374684353398%26action%3DGET_ID%26etid%3D%26domid%3D1023 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5364325850793916569&opid=apx&ops=&utidl=tech:goo:CAESEMDeXPF8xR0WcHyeoPgxAE8&rand=165847374684353398&action=GET_ID&etid=&domid=1023 HTTP 303
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&mrm_id=vec%3A28276119576&rand=165847374684353398

Request Chain 80

https://p.crm4d.com/sync/ematch/getuid?uid=165847374684353398&redirect=https://asset.easydmp.net/collect_v2.img.php?dmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D$C4D_UID HTTP 303
https://p.crm4d.com/sync/ematch/getuid?uid=165847374684353398&redirect=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D%24C4D_UID&bounce=1 HTTP 303
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=pi5ZVcNqA-AFKdSKoU9tu1CQxfsuP9C9eRQt-Aef3EA

Request Chain 85

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId HTTP 302
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1

Request Chain 86

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165847374684353398 HTTP 302
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165847374684353398&firsttime=1

98 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

500

Primary Request / Show response
www.fram.fr/newsletter/sejour/
Redirect Chain

https://voyages.fram.fr/optiext/optiextension.dll?ID=TpoTnFLS5kBbDMjkL1rqCeRLXyN9rmHss4Qv%2BQ2p6F7AN7GDeU_mu%2BToReLz2pf6zk3jjT9DW4sKr3Epuj2WlcD0Ue0G35sHXPWug5nW
https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=...

39 KB
9 KB

280ms
221ms

Document
text/html

178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: b4d6f6d8094bb80b84067103159c69a9b86d16feb13bfc0b437a929243861302

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 0
cache-control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
content-encoding: gzip
content-language: fr-FR
content-type: text/html;charset=UTF-8
date: Fri, 22 Jul 2022 07:09:05 GMT
server: nginx
vary: X-Forwarded-Proto
via: be_lb56_ssl,RPX07-M
x-device: desktop
x-krvl: 10.12.84.57%10,10360
x-lb: lb56

Redirect headers

Cache-Tag: 10692
Content-Length: 377
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Jul 2022 07:09:05 GMT
Location: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block

GET
H2 200 kameleoon.js Show response
z7cpethotg.kameleoon.eu/ 213 KB
52 KB 83ms
42ms Script
application/javascript 2606:4700:20::681a:a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z7cpethotg.kameleoon.eu/kameleoon.js

Requested by

Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c2d27b1be25045afbd52cdc600e89b23d7d0e9978f551a1567221721df342dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:09:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 729
last-modified: Sat, 09 Jul 2022 19:05:10 GMT
server: cloudflare
etag: W/"62c9d166-35527"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ya2lulBMhfXxjUb1oL6xEQqCu2bS9pHxp%2BdeCj67Sj3fF2L%2B6bwiPS4NmQIQE6Qx6B9lUrDwBrJBUoftBUaki8wXCy%2BheFICTHJ%2BxVEpRZPwWyGqpQYuLjYQya14rvMSNxxUhf6Cu0Jmz1vERk8e5SBxTyoe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=5400
cf-ray: 72ea59504da53bb0-CDG
expires: Fri, 22 Jul 2022 08:26:56 GMT

GET
H2 200 error.css
www.fram.fr/static/css/error/ 42 KB
8 KB 48ms
47ms Stylesheet
text/css 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/static/css/error/error.css?r=20200716
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8c2a77cf780392b82cc1fa46b67bb5135adfc46d1b9938082e43a7f1158219cb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.53%10,10360
date: Fri, 22 Jul 2022 07:09:05 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 08:32:46 GMT
server: nginx
age: 42673
vary: X-Forwarded-Proto
content-type: text/css
via: RPX07-H
cache-control: max-age=864000
content-length: 7779
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 combined.js.h46a2aff13483e0e21ac78daa909ce3b681664a87.pack Show response
www.fram.fr/pack/ 27 KB
9 KB 16ms
15ms Script
text/javascript 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/pack/combined.js.h46a2aff13483e0e21ac78daa909ce3b681664a87.pack
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8857613ea0d09d6c871beb9eed8c0c358f66c5bb3c8a77573ec142d59d09c08e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.58%10,10360
date: Fri, 22 Jul 2022 07:09:05 GMT
content-encoding: gzip
server: nginx
age: 257557
vary: X-Forwarded-Proto
content-type: text/javascript;charset=utf-8
via: RPX07-H
cache-control: max-age=864000
content-length: 8670
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 combined.js.hf3893f2e17e879c5da35136577cd0ab95d6ae79b.pack Show response
www.fram.fr/pack/ 127 KB
43 KB 34ms
33ms Script
text/javascript 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/pack/combined.js.hf3893f2e17e879c5da35136577cd0ab95d6ae79b.pack
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: b725a0a0d422f124c9bf59065965692947df103f0a70be55bbb9b621f2a05a68

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.56%10,10360
date: Fri, 22 Jul 2022 07:09:05 GMT
content-encoding: gzip
server: nginx
age: 257557
vary: X-Forwarded-Proto
content-type: text/javascript;charset=utf-8
via: RPX07-H
cache-control: max-age=864000
content-length: 43566
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 obflnk.js Show response
www.fram.fr/static/js/common/ 1 KB
807 B 47ms
46ms Script
application/javascript 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/static/js/common/obflnk.js
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: a977dfe3a544b98588c800fb08c594ca12b454afd5d3dd4b545ea96bc38bf6fe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.58%10,10360
date: Fri, 22 Jul 2022 07:09:05 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 08:32:02 GMT
server: nginx
age: 257557
vary: X-Forwarded-Proto
content-type: application/javascript
via: RPX07-H
cache-control: max-age=864000
content-length: 557
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 93ms
34ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Sofia&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8d7860a1288508f6037b3b14ec3c3febcd82ef20ea687293e9d12b25a97cf75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 07:09:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Jul 2022 07:09:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Jul 2022 07:09:05 GMT

GET
H2 200 fram.svg
www.fram.fr/static/img/logos/ 3 KB
3 KB 16ms
15ms Image
image/svg+xml 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fram.fr/static/img/logos/fram.svg
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9843197a5c6c0bdd99ce907308ce10a6876080f5d5dd53ee3e5ee68da48b62de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.53%10,10360
date: Fri, 22 Jul 2022 07:09:06 GMT
via: RPX07-H
last-modified: Tue, 05 Jul 2022 08:32:00 GMT
server: nginx
age: 257557
vary: X-Forwarded-Proto
content-type: image/svg+xml
cache-control: max-age=864000
content-length: 2702
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 20220127183902-fram-tan_fram_632x52.jpg
static.service-voyages.com/photos/vignettes/fram/ 24 KB
24 KB 130ms
71ms Image
image/jpeg 193.46.206.2
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.service-voyages.com/photos/vignettes/fram/20220127183902-fram-tan_fram_632x52.jpg
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.2 Villepinte, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 05c952fb44584fdbcff0bdecb26d2d51019d4a8a18ca7634e244ef93583b2a82

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.24.92%10,80
date: Fri, 22 Jul 2022 07:09:06 GMT
via: RPX03-H
last-modified: Thu, 27 Jan 2022 17:40:55 GMT
server: nginx
age: 257593
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 24219
x-lb: lb56

GET
H2 200 20220512142634-fram-vacance-france-E22-NewsB2C-responsive.jpg
static.service-voyages.com/photos/vignettes/fram/ 100 KB
100 KB 130ms
71ms Image
image/jpeg 193.46.206.2
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.service-voyages.com/photos/vignettes/fram/20220512142634-fram-vacance-france-E22-NewsB2C-responsive.jpg
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.2 Villepinte, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: b31773a9122de17b5c5ed77982c07e01abfc35f58edb1f3d6e045a825d5efe6d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.24.93%10,80
date: Fri, 22 Jul 2022 07:09:06 GMT
via: RPX03-H
last-modified: Thu, 12 May 2022 12:30:37 GMT
server: nginx
age: 257593
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 102563
x-lb: lb56

GET
H2 200 20220127183836-fram-framissima_fram_632x52.jpg
static.service-voyages.com/photos/vignettes/fram/ 34 KB
35 KB 108ms
49ms Image
image/jpeg 193.46.206.2
KARAVEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.service-voyages.com/photos/vignettes/fram/20220127183836-fram-framissima_fram_632x52.jpg
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.2 Villepinte, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: a2a775987716e67ef284111990de629a19e76aeaf5e4ecf2d87fd60588dddf2b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.24.93%10,80
date: Fri, 22 Jul 2022 07:09:06 GMT
via: RPX03-H
last-modified: Thu, 27 Jan 2022 17:40:37 GMT
server: nginx
age: 257591
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 35184
x-lb: lb56

GET
H2 200 bandeau-hp-fram-generique.jpg
www.fram.fr/static/img/common/ 25 KB
25 KB 57ms
56ms Image
image/jpeg 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fram.fr/static/img/common/bandeau-hp-fram-generique.jpg
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: a0429e96edfa76cf8b2029c28ce732b74433a5e86a6c2d581cde7a940b277772

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.58%10,10360
date: Fri, 22 Jul 2022 07:09:06 GMT
via: be_lb56_ssl,RPX07-M
last-modified: Tue, 05 Jul 2022 08:32:02 GMT
server: nginx
age: 0
vary: X-Forwarded-Proto
content-type: image/jpeg
cache-control: max-age=864000
content-length: 25507
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 vacances-en-famille.jpg
www.fram.fr/static/img/home/ 9 KB
9 KB 56ms
55ms Image
image/jpeg 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fram.fr/static/img/home/vacances-en-famille.jpg
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0f41b9912fe42b70805941b8fc42eaf142cb12eeb5d475d7a849e861d7a74dde

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.58%10,10360
date: Fri, 22 Jul 2022 07:09:06 GMT
via: be_lb56_ssl,RPX07-M
last-modified: Tue, 05 Jul 2022 08:32:02 GMT
server: nginx
age: 0
vary: X-Forwarded-Proto
content-type: image/jpeg
cache-control: max-age=864000
content-length: 9046
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 combined.js.h27292324fb73ff6b01b7425fd86f7b869d3339de.pack Show response
www.fram.fr/pack/ 171 KB
57 KB 30ms
28ms Script
text/javascript 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/pack/combined.js.h27292324fb73ff6b01b7425fd86f7b869d3339de.pack
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 541ab14f8f92aa43ec95cd86d754f0c95900fbb673f884bfa49ebfe8ed66da93

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.58%10,10360
date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: gzip
server: nginx
age: 257557
vary: X-Forwarded-Proto
content-type: text/javascript;charset=utf-8
via: RPX07-H
cache-control: max-age=864000
content-length: 57822
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 commons.widgets.js Show response
www.fram.fr/static/widgets/commons.widgets/ 263 KB
75 KB 31ms
29ms Script
application/javascript 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/static/widgets/commons.widgets/commons.widgets.js
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9b0c3b0561d091793e2be860374656fe5f3e9bfade99cb91ef4548f4d0fcdcac

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.58%10,10360
date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 13:11:11 GMT
server: nginx
age: 257487
vary: X-Forwarded-Proto
content-type: application/javascript
via: RPX07-H
cache-control: max-age=864000
content-length: 76670
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 miseenavant.bons.plans.widget-min.js Show response
www.fram.fr/static/widgets/miseenavant.bons.plans.widget/ 144 KB
15 KB 17ms
16ms Script
application/javascript 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/static/widgets/miseenavant.bons.plans.widget/miseenavant.bons.plans.widget-min.js
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 5102756e407a9bb8d32d20bfdcf58e3faa814ca48c88212573628ce11ec3b7d4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.58%10,10360
date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 13:11:11 GMT
server: nginx
age: 257556
vary: X-Forwarded-Proto
content-type: application/javascript
via: RPX07-H
cache-control: max-age=864000
content-length: 15496
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 combined.js.h765562ebd8bc1e58e334112545793aaac2b38d16.pack Show response
www.fram.fr/pack/ 1 KB
1009 B 31ms
29ms Script
text/javascript 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/pack/combined.js.h765562ebd8bc1e58e334112545793aaac2b38d16.pack
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7e2dde692df9ae07316f2b35c3680849c0b2b23669d0aba5cf81ad7ea2b638c6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.53%10,10360
date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: gzip
server: nginx
age: 42672
vary: X-Forwarded-Proto
content-type: text/javascript;charset=utf-8
via: RPX07-H
cache-control: max-age=864000
content-length: 789
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 263 KB
82 KB 108ms
47ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJ3WB72

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8b6052ba36f7ef75a197e38b9d32fa166cd49e3b5737ba03689be8e88b44d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83475
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Jul 2022 07:09:06 GMT

GET
H2 200 bg-error-500.jpg
www.fram.fr/static/img/error/ 38 KB
39 KB 47ms
47ms Image
image/jpeg 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fram.fr/static/img/error/bg-error-500.jpg
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/static/css/error/error.css?r=20200716
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4660947fce90785298d653e3b1bda2c6c23959fda094ca05800309e9aa13e0b4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/static/css/error/error.css?r=20200716
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.53%10,10360
date: Fri, 22 Jul 2022 07:09:06 GMT
via: be_lb56_ssl,RPX07-M
last-modified: Tue, 05 Jul 2022 08:32:02 GMT
server: nginx
age: 0
vary: X-Forwarded-Proto
content-type: image/jpeg
cache-control: max-age=864000
content-length: 39299
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 83ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Sofia&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fram.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 22:18:51 GMT
x-content-type-options: nosniff
age: 204615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 22:18:51 GMT

GET
H2 200 icomoon.ttf
www.fram.fr/static/fonts/ 38 KB
38 KB 14ms
14ms Font
application/x-font-ttf 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/static/fonts/icomoon.ttf?pqdxk1
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/static/css/error/error.css?r=20200716
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 288ba0fa2b21522e29cb8fd62ad3bf25a9167c92068eb0d3a260dc43528b6a57

Request headers

Referer: https://www.fram.fr/static/css/error/error.css?r=20200716
Origin: https://www.fram.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:09:06 GMT
via: RPX07-H
age: 257557
x-device: desktop
content-length: 38608
x-krvl: 10.12.84.53%10,10360
last-modified: Tue, 05 Jul 2022 08:32:00 GMT
server: nginx
vary: X-Forwarded-Proto
access-control-allow-methods: GET, OPTIONS
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-lb: lb56

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 89ms
32ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Sofia&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fram.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 22:04:48 GMT
x-content-type-options: nosniff
age: 378258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 22:04:48 GMT

GET whap.js
w.estat.com/js/ 0
0

GET
H2 200 sprite-payment.png
www.fram.fr/static/img/common/ 5 KB
5 KB 17ms
16ms Image
image/png 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fram.fr/static/img/common/sprite-payment.png
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/static/css/error/error.css?r=20200716
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: ff381d6a1dafb5afc49d9fd29e0cb31c6bf6f548a004d7cc5f7ae7b52468b319

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/static/css/error/error.css?r=20200716
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.56%10,10360
date: Fri, 22 Jul 2022 07:09:06 GMT
via: RPX07-H
last-modified: Tue, 05 Jul 2022 08:32:02 GMT
server: nginx
age: 257556
vary: X-Forwarded-Proto
content-type: image/png
cache-control: max-age=864000
content-length: 4878
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 omniture.js Show response
www.fram.fr/static/js/taggage/ 17 KB
4 KB 29ms
29ms Script
application/javascript 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/static/js/taggage/omniture.js
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/pack/combined.js.h27292324fb73ff6b01b7425fd86f7b869d3339de.pack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: d54e2d2195d6a0ecabfcf6d5797292b8133fcca4329eea60a5ee922477bfd576

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.58%10,10360
date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 08:32:02 GMT
server: nginx
age: 257573
vary: X-Forwarded-Proto
content-type: application/javascript
via: RPX07-H
cache-control: max-age=864000
content-length: 4066
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2 200 s_code.js Show response
www.fram.fr/static/js/taggage/ 42 KB
17 KB 30ms
29ms Script
application/javascript 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/static/js/taggage/s_code.js
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/pack/combined.js.h27292324fb73ff6b01b7425fd86f7b869d3339de.pack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: c44fcdf5b446cb0c75590fb68ac0ac92a90949dfee111febe5dc72f9daf75df0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-krvl: 10.12.84.53%10,10360
date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 08:32:02 GMT
server: nginx
age: 257573
vary: X-Forwarded-Proto
content-type: application/javascript
via: RPX07-H
cache-control: max-age=864000
content-length: 16639
accept-ranges: bytes
x-device: desktop
x-lb: lb56

GET
H2

200

s21474861639548
karavel.112.2o7.net/b/ss/karavelfram/1/H.25.2/
Redirect Chain

https://karavel.112.2o7.net/b/ss/karavelfram/1/H.25.2/s21474861639548?AQB=1&ndh=1&t=22%2F6%2F2022%207%3A9%3A6%205%200&ce=UTF-8&ns=karavel&pageName=Maintenance%7CFront%7C500&g=https%3A%2F%2Fwww.fram...
https://karavel.112.2o7.net/b/ss/karavelfram/1/H.25.2/s21474861639548?AQB=1&pccr=true&vidn=316D2689326C21A8-40000F8291BCEA52&ndh=1&t=22%2F6%2F2022%207%3A9%3A6%205%200&ce=UTF-8&ns=karavel&pageName=M...

43 B
292 B

21ms
21ms

Image
image/gif

15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://karavel.112.2o7.net/b/ss/karavelfram/1/H.25.2/s21474861639548?AQB=1&pccr=true&vidn=316D2689326C21A8-40000F8291BCEA52&ndh=1&t=22%2F6%2F2022%207%3A9%3A6%205%200&ce=UTF-8&ns=karavel&pageName=Maintenance%7CFront%7C500&g=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&cc=EUR&server=www.fram.fr&v0=email-PGI-J05_qualif-Bascule_PMVC-293-NA&events=event34&c24=Maintenance%7CFront&c25=Maintenance&c26=Maintenance%7CFront%7C500&v28=A23B3C48ED2FA548409509AD2CEB59B4&v32=email-PGI-J05_qualif-Bascule_PMVC-293-NA&c33=9%3A00AM&v33=9%3A00AM-Friday&c34=Friday&c35=Weekday&c49=%2Fnewsletter%2Fsejour%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1

Requested by

Protocol

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:09:06 GMT
x-content-type-options: nosniff
x-c: main-1661.I2f39db.M0-585
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 23 Jul 2022 07:09:06 GMT
server: jag
xserver: anedge-69c8d8cc76-tjqk6
etag: 3561545250756067328-4619435336950950045
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 21 Jul 2022 07:09:06 GMT

Redirect headers

date: Fri, 22 Jul 2022 07:09:06 GMT
x-content-type-options: nosniff
x-c: main-1661.I2f39db.M0-585
p3p: CP="This is not a P3P policy"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
location: https://karavel.112.2o7.net/b/ss/karavelfram/1/H.25.2/s21474861639548?AQB=1&pccr=true&vidn=316D2689326C21A8-40000F8291BCEA52&ndh=1&t=22%2F6%2F2022%207%3A9%3A6%205%200&ce=UTF-8&ns=karavel&pageName=Maintenance%7CFront%7C500&g=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&cc=EUR&server=www.fram.fr&v0=email-PGI-J05_qualif-Bascule_PMVC-293-NA&events=event34&c24=Maintenance%7CFront&c25=Maintenance&c26=Maintenance%7CFront%7C500&v28=A23B3C48ED2FA548409509AD2CEB59B4&v32=email-PGI-J05_qualif-Bascule_PMVC-293-NA&c33=9%3A00AM&v33=9%3A00AM-Friday&c34=Friday&c35=Weekday&c49=%2Fnewsletter%2Fsejour%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1
last-modified: Sat, 23 Jul 2022 07:09:06 GMT
server: jag
xserver: anedge-69c8d8cc76-4k5n9
vary: Origin
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 21 Jul 2022 07:09:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 60ms
17ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3WB72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1170
date: Fri, 22 Jul 2022 06:49:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 22 Jul 2022 08:49:36 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 110ms
53ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3WB72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 07:09:06 GMT

GET
H2 200 1290m6f55852.js Show response
tracker.marinsm.com/tracker/async/ 5 KB
2 KB 79ms
23ms Script
text/javascript 13.32.121.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.marinsm.com/tracker/async/1290m6f55852.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3WB72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-117.fra60.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) /
Resource Hash: 0d5a8de0857374a03053702c6ee3472dd541cde75f503b8e8b4b9195ea5c50b7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 01:59:07 GMT
content-encoding: gzip
server: Apache/2.4.6 (CentOS)
age: 18599
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-marintrackerversion: 3
x-amz-cf-id: k21wDTDwl_w8Ge0YIEgObnidmYGTBXhcgQi1-Hhr3q4Kc-pcgXcr6g==
expires: Fri, 22 Jul 2022 02:02:00 GMT

GET
H2 200 undefined.js Show response
tracker.marinsm.com/tracker/async/ 0
330 B 81ms
26ms Script
text/javascript 13.32.121.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.marinsm.com/tracker/async/undefined.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3WB72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-117.fra60.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 01:08:54 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
server: Apache/2.4.6 (CentOS)
age: 21612
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-marintrackerversion: 3
content-length: 0
x-amz-cf-id: 8vRdjbExy-Zd8e6XHGRDzVLQTz5Pmz_C7cM0l-28QTcr8U8HPzNL2w==
expires: Fri, 22 Jul 2022 01:11:47 GMT

GET
H2 200 be8724bc7d7df.js Show response
t.contentsquare.net/uxa/ 325 KB
72 KB 85ms
28ms Script
application/javascript 108.138.17.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/be8724bc7d7df.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3WB72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-2.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cb92b495af15d562228942cfd455f5889266634b4a01c43760f6ee5e1c6f2e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:37:41 GMT
content-encoding: gzip
age: 77486
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 73600
last-modified: Mon, 18 Jul 2022 09:34:44 GMT
server: AmazonS3
etag: "03311299f8849f9bda374657c2cdc3f5"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
via: 1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: beU5TwDm_3xiCXUotwCszfKcxH6nRb7ic4Agze_GGxX0S3Bv9_hEEg==

GET
H2 200 hmx000000000690.js Show response
u360.d-bi.fr/ 10 KB
4 KB 134ms
40ms Script
application/javascript 52.213.248.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u360.d-bi.fr/hmx000000000690.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.248.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-248-76.eu-west-1.compute.amazonaws.com

Software

hmxps /

Resource Hash

18469a35c0c83bd95c94ef40fe5b6d6fb92bac9f25aa1312502d745831edf3b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:09:06 GMT
cache-control: public, max-age=60
x-myname: 07a7d0e353505014e
server: hmxps
content-encoding: gzip
strict-transport-security: max-age=63072000
content-type: application/javascript

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 90ms
39ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B2172CEE19D74758AA26EABB5F0DABA0 Ref B: AMBEDGE0807 Ref C: 2022-07-22T07:09:06Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 22 Jul 2022 07:09:05 GMT
accept-ranges: bytes
content-length: 11360

GET
H/1.1 200
OK / Show response
u.logbor.com/p/ 6 KB
3 KB 108ms
23ms Script
text/javascript 89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/p/?i=2528&n=__dot

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx /

Resource Hash

20f941648c5c6770e7b43deb644c8fc18a6bf2800efc766ba61927f52fd395a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 07:09:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"181e-7Ys0z50ZRxG7szbAwU/ovUSoMy4"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK emafunc.js Show response
atout.email-match.com/ 9 KB
4 KB 77ms
14ms Script
application/javascript 2001:41d0:202:100:145:239:192:103
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://atout.email-match.com/emafunc.js?t=230344

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:202:100:145:239:192:103 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

3928aa513b32706876d3ed41a83588300c37abdf2032ccedfb81230e4b3f082e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 07:09:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jul 2022 15:28:39 GMT
X-IPLB-Request-ID: 00000000:DFAE_00000000:01BB_62DA4D12_44CCFF3:29206
ETag: "62d57c27-dde"
X-IPLB-Instance: 33674
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 3550

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 85ms
36ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: KbImeBY7W3occWLLMX6YlGeWx8fxtWO+OFk9YOU/UPg98+HCbTZQ4YMhZznAnkcCN3opUnAjqKw3m2wLygQ6bQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 22 Jul 2022 07:09:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 45ms
15ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=89087653&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&ul=en-us&de=UTF-8&dt=Agence%20de%20voyage%20FRAM%20%3A%20des%20offres%20de%20vacances%20%C3%A0%20petits%20prix&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=2062576789&gjid=16714238&cid=1819335854.1658473746&tid=UA-73816058-1&_gid=998714449.1658473746&_r=1&gtm=2wg7k0TJ3WB72&z=1168363716

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fram.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fram.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tp
tracker.marinsm.com/ 36 B
490 B 48ms
38ms Image
image/gif 13.32.121.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.marinsm.com/tp?act=1&cid=1290m6f55852&tz=&ref=&page=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&uuid=7A1E40B4-3A5D-43DE-B702-A97FE2D1917E&rnd=1421561150
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-117.fra60.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) /
Resource Hash: be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
server: Apache/2.4.6 (CentOS)
x-amz-cf-pop: FRA60-P1
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-cache
x-marintrackerversion: 3
content-length: 36
x-amz-cf-id: sxJekEW2iJjuFokAmYM6mqddM4AhdF9kJIJOc6RMkmFR9dpOj7g8vw==

GET
H2 200 tp
tracker.marinsm.com/ 36 B
490 B 47ms
37ms Image
image/gif 13.32.121.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.marinsm.com/tp?act=1&cid=1290m6f55852&tz=&ref=&page=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&uuid=7A1E40B4-3A5D-43DE-B702-A97FE2D1917E&rnd=1836796773
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-117.fra60.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) /
Resource Hash: be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
server: Apache/2.4.6 (CentOS)
x-amz-cf-pop: FRA60-P1
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-cache
x-marintrackerversion: 3
content-length: 36
x-amz-cf-id: ts4H9_DMkdQDaJygyZkGYmyMboc_6KL0jaTy1hD94mslZMAOXZWM2Q==

GET
H2 200 5600050.js Show response
bat.bing.com/p/action/ 827 B
745 B 42ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5600050.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

106d669bc5061d732a771cfaee0cda656e9c92377d797f8ff589cace190ef4c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 43A33B7D528D49218C5C213D40A13F19 Ref B: AMBEDGE0807 Ref C: 2022-07-22T07:09:06Z
date: Fri, 22 Jul 2022 07:09:05 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 570

GET
H2 204 0
bat.bing.com/action/ 0
175 B 62ms
61ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5600050&Ver=2&mid=0d7519ea-cec3-4817-9e3a-b65370bbdf9b&sid=2cc136b0098d11ed91fe3bf306f92dfd&vid=2cc15a20098d11ed968255ed56eb7c6e&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Agence%20de%20voyage%20FRAM%20%3A%20des%20offres%20de%20vacances%20%C3%A0%20petits%20prix&kw=agence%20voyage,%20vacances,%20voyage,%20derni%C3%A8re%20minute&p=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&r=&lt=825&evt=pageLoad&msclkid=N&sv=1&rn=275942

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A92B67D56C5F423B8E1E8B06495B88C6 Ref B: AMBEDGE0807 Ref C: 2022-07-22T07:09:06Z
date: Fri, 22 Jul 2022 07:09:05 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 0
bat.bing.com/actionp/ 0
120 B 61ms
60ms Ping
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/actionp/0?ti=5600050&Ver=2&mid=0d7519ea-cec3-4817-9e3a-b65370bbdf9b&sid=2cc136b0098d11ed91fe3bf306f92dfd&vid=2cc15a20098d11ed968255ed56eb7c6e&vids=1&evt=dedup

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F0603BE5BED14E52A41D1A66B93D1BF7 Ref B: AMBEDGE0807 Ref C: 2022-07-22T07:09:06Z
date: Fri, 22 Jul 2022 07:09:05 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930108399/ 3 KB
2 KB 133ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930108399/?random=1658473746433&cv=9&fst=1658473746433&num=1&label=uofSCPmChmYQ76fBuwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&tiba=Agence%20de%20voyage%20FRAM%20%3A%20des%20offres%20de%20vacances%20%C3%A0%20petits%20prix&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9040bd5ca81b922b97bed395c8111f6227866f08ac7c8cffd4e9ffc072be249b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/ 3 KB
1 KB 134ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1658473746435&cv=9&fst=1658473746435&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&data=dynx_itemid%3D%3Bdynx_locid%3D%3Btravel_originid%3DPAR&frm=0&url=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&tiba=Agence%20de%20voyage%20FRAM%20%3A%20des%20offres%20de%20vacances%20%C3%A0%20petits%20prix&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b01dac2996f854d1bdb6c9c63eff572afe06cd0dd4c527f48a4776639a5c82c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 94ms
24ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-73816058-1&cid=1819335854.1658473746&jid=2062576789&gjid=16714238&_gid=998714449.1658473746&_u=YGBACEAABAAAAC~&z=1739454010

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fram.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 22 Jul 2022 07:09:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.fram.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tcs Show response
u.logbor.com/ 10 KB
2 KB 25ms
25ms Script
text/javascript 89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/tcs?cxid=2528&cu=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&d_categoryID=&d_productID=&d_cartProductsID=&d_cartAmount=&d_orderID=

Requested by

Host: u.logbor.com
URL: https://u.logbor.com/p/?i=2528&n=__dot

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx /

Resource Hash

53086bddb651527e4eef8b37c11bba8c99b4fda83569a6b550fbb2e976f8c9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 07:09:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"267e-G0GHd8Y0t4y5159zi6zD4HuON+g"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 xdframe-1.0.0.html Show response
csxd.service-voyages.com/ Frame 6A80 311 B
464 B 22ms
20ms Document
text/html 193.46.206.2
KARAVEL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://csxd.service-voyages.com/xdframe-1.0.0.html
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/be8724bc7d7df.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.46.206.2 Villepinte, France, ASN29301 (KARAVEL-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 01c5f3d7746282875c8967061c478f1170c9fceb13eb94ccf785f8d0f48cd7a3

Request headers

Referer: https://www.fram.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 257595
cache-control: max-age=864000
content-encoding: gzip
content-length: 260
content-type: text/html
date: Fri, 22 Jul 2022 07:09:06 GMT
last-modified: Tue, 25 Jun 2019 15:49:50 GMT
server: nginx
via: RPX03-H
x-krvl: 10.12.24.93%10,80
x-lb: lb56

GET
BLOB 200
OK 0e48b7b6-61d7-42e0-b4fa-5e755a83c95a
https://www.fram.fr/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fram.fr/0e48b7b6-61d7-42e0-b4fa-5e755a83c95a
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2b564356b51002c3aaf5bd235ecaf7734c1252141abd78fdbc03770f26277b8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 6483
Content-Type: application/javascript

GET
H2 200 000000000690.gif
u360.d-bi.fr/ 43 B
255 B 50ms
43ms Image
image/gif 52.213.248.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u360.d-bi.fr/000000000690.gif?c=7A5E50A255F1C2B6B17B6481CB70066C-2d3a4ec1acb2&cgen=1&step=b3RoZXI=&hmxtagid=4.3.0&u=aHR0cHM6Ly93d3cuZnJhbS5mci9uZXdzbGV0dGVyL3Nlam91ci8/aWQ9JmNpZD1lbWFpbC1QR0ktSjA1X3F1YWxpZi1CYXNjdWxlX1BNVkMtMjkzLU5BJnVpZD1BMjNCM0M0OEVEMkZBNTQ4NDA5NTA5QUQyQ0VCNTlCNCZ1dG1fc291cmNlPXNlbGxpZ2VudCZ1dG1fbWVkaXVtPXBnaSZ1dG1fY2FtcGFpZ249ajA1X3F1YWxpZiZ1dG1fY29udGVudD1QUk9EVUlUUytTRUxFQ1RJT05fJnV0bV90ZXJtPQ==&hmxts=1658473746533&hmxtzoffset=MA==&hmxtzname=RXRjL1Vua25vd24=&navlang=ZW4tVVM=&hmxdnt=MA==&r=&hmx_send_ts=1658473746534&hmx_new_session=1
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.248.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-248-76.eu-west-1.compute.amazonaws.com
Software: hmxps /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Jul 2022 07:09:06 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate
server: hmxps
content-type: image/gif
x-myname: 07a7d0e353505014e
expires: Mon, 21 Jan 1980 12:00:00 GMT

GET

105436_tag.js
tags.dynamo.one/
Redirect Chain

https://ads2.adverline.com/retargetproduit/partnertag/105436_tag.js
https://tags.dynamo.one/105436_tag.js

0
0

GET
H/1.1 200
OK / Show response
guru.opthb.com/opt/hb/ 29 B
661 B 115ms
24ms Script
text/javascript 95.131.137.7
OXALIDE

General

Check archive.org

Show headers Download Go to

Full URL: https://guru.opthb.com/opt/hb/?pid=2184&action=Category&categoryId=&jotfr=https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=&jotfr2=
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.137.7 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: not.updated.oxalide.net
Software: nginx /
Resource Hash: dccc118d9e491455c9f1934ecbe69e97787c00f254a6bd4aca18c73e13c4578c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 07:09:06 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: close
Expires: Tue, 12 Jul 2022 09:09:06 GMT

GET
H/1.1 200
OK product.d Show response
js.sddan.com/ 4 KB
2 KB 98ms
21ms Script
text/javascript 51.158.29.12
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sddan.com/product.d?pa=22550&u=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&r=&product_id=&product_name=PRODUCT_NAME&product_price=PRODUCT_PRICE&cat_name=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.29.12 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-29-12.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

01dacf99b9583e6e465be19682482deed5bf13c34be16edabea028c0ad8f4e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 07:09:06 GMT
Content-Encoding: gzip
Server: nginx/1.20.2
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: text/javascript
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2

200

a8.4.js Show response
static.r66net.com/script_s1/
Redirect Chain

https://k.r66net.com/GetAnalytics
https://static.r66net.com/script_s1/a8.4.js

40 KB
15 KB

105ms
30ms

Script
application/javascript

68.232.35.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.r66net.com/script_s1/a8.4.js
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Server: 68.232.35.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FB8) /
Resource Hash: 66365569a0725d951ef0624506a8f10ce30a48b57acd3b2afde5960be44d0403

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 04:45:31 GMT
server: ECS (pab/6FB8)
age: 94568
etag: "62cf9f6b-9f8a"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800, public, no-transform
accept-ranges: bytes
content-length: 15374
expires: Fri, 29 Jul 2022 07:09:06 GMT

Redirect headers

location: https://static.r66net.com/script_s1/a8.4.js
pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
cache-control: no-cache, no-store, must-revalidate
expires: -1
content-length: 160
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK mt.js Show response
asset.easydmp.net/mt/squadata/ 8 KB
4 KB 97ms
18ms Script
application/javascript 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/mt/squadata/mt.js?t=230344

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d3808618a578edbd95df72fb31f62c1b0d51add9affe0ea9704997b9a442bf10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 07:09:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jul 2022 15:28:39 GMT
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D12_5B036C0:2F33C
ETag: "62d57c27-c54"
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 3156

GET
H2 200 5600050 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 237ms
127ms Script
application/x-javascript 2620:1ec:27::cafe:1759
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5600050
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5600050.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1759 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e492a033926643e2389ba017a3efa1c3952740c4ba4774729c7b0dff50805f9e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:09:05 GMT
x-powered-by: ASP.NET
x-azure-ref: 0Ek3aYgAAAADcuRjpCCncR6S/ddwDqe3BRlJBMzFFREdFMDkxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H/1.1 200
OK client.js Show response
asset.easydmp.net/js/ 11 KB
5 KB 90ms
23ms Script
application/javascript 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/js/client.js?t=230344

Requested by

Host: atout.email-match.com
URL: https://atout.email-match.com/emafunc.js?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

77760c8bd5c4a66cd047d267874d928bfbc0ca249afc3c9422b33f1351b090b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 07:09:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jul 2022 15:28:39 GMT
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D12_5B036C2:2F33C
ETag: "62d57c27-104a"
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 4170

GET
H2 204 pageview
c.contentsquare.net/ 0
319 B 96ms
31ms Image
text/plain 52.209.64.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=1889&uu=8bfaf160-5957-a0e9-b99a-2bd8a3b4e8e2&sn=1&lv=1658473746&lhd=1658473746&hd=1658473746&pn=1&dw=1600&dh=1551&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&uc=0&la=en-US&v=11.33.0&r=650850
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.64.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-64-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/930108399/ 42 B
548 B 98ms
38ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930108399/?random=1658473746433&cv=9&fst=1658473200000&num=1&label=uofSCPmChmYQ76fBuwM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&frm=0&url=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&tiba=Agence%20de%20voyage%20FRAM%20%3A%20des%20offres%20de%20vacances%20%C3%A0%20petits%20prix&async=1&fmt=3&is_vtc=1&random=674461030&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/930108399/ 42 B
108 B 126ms
38ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/930108399/?random=1658473746433&cv=9&fst=1658473200000&num=1&label=uofSCPmChmYQ76fBuwM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&frm=0&url=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&tiba=Agence%20de%20voyage%20FRAM%20%3A%20des%20offres%20de%20vacances%20%C3%A0%20petits%20prix&async=1&fmt=3&is_vtc=1&random=674461030&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/undefined/ 42 B
108 B 70ms
39ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/undefined/?random=1658473746435&cv=9&fst=1658473200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&data=dynx_itemid%3D%3Bdynx_locid%3D%3Btravel_originid%3DPAR&frm=0&url=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&tiba=Agence%20de%20voyage%20FRAM%20%3A%20des%20offres%20de%20vacances%20%C3%A0%20petits%20prix&async=1&fmt=3&is_vtc=1&random=2287999336&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/undefined/ 42 B
548 B 108ms
37ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/undefined/?random=1658473746435&cv=9&fst=1658473200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&data=dynx_itemid%3D%3Bdynx_locid%3D%3Btravel_originid%3DPAR&frm=0&url=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F%3Fid%3D%26cid%3Demail-PGI-J05_qualif-Bascule_PMVC-293-NA%26uid%3DA23B3C48ED2FA548409509AD2CEB59B4%26utm_source%3Dselligent%26utm_medium%3Dpgi%26utm_campaign%3Dj05_qualif%26utm_content%3DPRODUITS%2BSELECTION_%26utm_term%3D&tiba=Agence%20de%20voyage%20FRAM%20%3A%20des%20offres%20de%20vacances%20%C3%A0%20petits%20prix&async=1&fmt=3&is_vtc=1&random=2287999336&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 dvar
c.contentsquare.net/ 0
320 B 36ms
30ms Image
text/plain 52.209.64.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=11.33.0&pid=1889&uu=8bfaf160-5957-a0e9-b99a-2bd8a3b4e8e2&sn=1&pn=1&dv=N4IgsgpgJglgrgWxALhABwOYxAGhAZQHs4AnAYwhRAGcIAbOmDCAOwBdcQBhAQwTR5MWVAFYAGAKwB9AI5wejAGYgAvkAA%3D%3D&r=596288
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.64.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-64-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H/1.1 200
OK client_iframe.html Show response
asset.easydmp.net/ Frame 0C11 26 KB
9 KB 31ms
31ms Document
text/html 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/client_iframe.html?t=230344

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/js/client.js?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

57c13ea5f4d0389107637297dbea055387d8c611892739671df017456668d9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fram.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: max-age=900, s-maxage=900, public
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Jul 2022 07:09:06 GMT
ETag: W/"62d57c27-6431"
Last-Modified: Mon, 18 Jul 2022 15:28:39 GMT
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-IPLB-Instance: 25256
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D12_5B036C3:2F33C

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 0C11 0
416 B 33ms
32ms XHR
text/html 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: only-if-cached
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 07:09:06 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D12_5B036C6:2F33C
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-d/s/0.6.36/ 52 KB
23 KB 120ms
117ms Script
application/javascript 2620:1ec:27::cafe:1759
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-d/s/0.6.36/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5600050
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1759 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:09:05 GMT
content-encoding: br
etag: "1d897c159e34826"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0Ek3aYgAAAABW6ls9NHakTJ8IIc4XiQ8GRlJBMzFFREdFMDkxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 PixelUve
ks.invibes.com/Stat/ 35 B
158 B 276ms
181ms Image
image/gif 216.59.56.23
TUT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ks.invibes.com/Stat/PixelUve?eventType=1006&additionalInfo=0%7C1&location=www.fram.fr&cacheb=1658473746786
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.23 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: / ASP.NET
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
cache-control: no-cache, no-store, must-revalidate
expires: -1
x-powered-by: ASP.NET
content-length: 35
content-type: image/gif

GET
H2 200 GetOptIn Show response
u.videostep.com/User/ 66 B
365 B 237ms
150ms Script
application/x-javascript 216.59.56.23
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://u.videostep.com/User/GetOptIn?callback=invibes.cb_azqwdxc1
Requested by: Host: k.r66net.com
URL: https://k.r66net.com/GetAnalytics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.23 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bcfa16974c4cead10db25ee52f05ec918411c48ba8a0f27a0dd8331d6726806a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:09:06 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private
content-length: 183

POST
H/1.1 200
OK collect_v3.php Show response
asset.easydmp.net/ Frame 0C11 109 B
569 B 57ms
56ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/collect_v3.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

07a54546e6a4e0062a756f4261e6d47a3328160280e9b7aae1ce8b2523a7e6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 07:09:06 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D12_5B036C9:2F33C
X-UID: 165847374684353398
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 0C11 84 B
530 B 44ms
43ms XHR
text/html 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

c09bce3da64967a89d5932ad825bf56e10009e9dbe8577845e2a053e8caaffd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwLCnIT4cnkEOQrK08slpVm9mOJ44mrdM0sD6nncJIvEBcptM6XBgCrfwlc;
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Warning: set

Response headers

Date: Fri, 22 Jul 2022 07:09:06 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D12_5B036CC:2F33C
Etag: W/"bb52ea8662a8a9c9dec12bfa6d3bd54e"
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK get_delivery_data.php Show response
asset.easydmp.net/ Frame 0C11 653 B
1 KB 52ms
52ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/get_delivery_data.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

fc10f044478ba172bf71d6d5fa2277fa1277fee43191da10b21a4112353b917d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 07:09:07 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D12_5B036D2:2F33C
X-UID: 165847374684353398
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

POST
H2 204 collect Show response
j.clarity.ms/ 0
174 B 667ms
204ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.fram.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://www.fram.fr
date: Fri, 22 Jul 2022 07:09:07 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 statPixel
s.videostep.com/ 95 B
134 B 181ms
154ms Image
image/png 216.59.56.23
TUT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.videostep.com/statPixel?location=https%3A%2F%2Fwww.fram.fr%2Fnewsletter%2Fsejour%2F&additionalInfo=j05_qualif&actionType=5
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.23 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:09:06 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
cache-control: private
content-length: 95

GET
H/1.1

200
OK

collect_v2.img.php
asset.easydmp.net/ Frame 26E1
Redirect Chain

https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D165847374684353398%26webo_id%3D{WEBO_CID}
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D165847374684353398%26webo_id%3D%7BWEBO_CID%7D&bounce=1&random=3551591320
https://asset.easydmp.net/collect_v2.img.php?dmp=comact&uid=165847374684353398&webo_id=7q7SSzrPUnu1yhnhHdONLu

43 B
701 B

91ms
69ms

Image
image/gif

2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.easydmp.net/collect_v2.img.php?dmp=comact&uid=165847374684353398&webo_id=7q7SSzrPUnu1yhnhHdONLu

Requested by

Protocol

HTTP/1.1

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 07:09:07 GMT
X-IPLB-Request-ID: 00000000:852A_00000000:01BB_62DA4D12_750EF82:20CC2
X-IPLB-Instance: 36820
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-store, no-cache
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:06 GMT
via: 1.1 google
last-modified: Fri, 22 Jul 2022 07:09:07 GMT
server: Weborama Collect Frontend
location: https://asset.easydmp.net/collect_v2.img.php?dmp=comact&uid=165847374684353398&webo_id=7q7SSzrPUnu1yhnhHdONLu
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 0C11
Redirect Chain

https://idsync.rlcdn.com/461249.gif?partner_uid=165847374684353398
https://idsync.rlcdn.com/1000.gif?memo=CMGTHBIeChoIARC38wEaEjE2NTg0NzM3NDY4NDM1MzM5OBAAGg0Ik5rplgYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOLoVuMVElWY4Wi40GYeUpo&google_cver=1

42 B
60 B

25ms
23ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOLoVuMVElWY4Wi40GYeUpo&google_cver=1
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 07:09:07 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOLoVuMVElWY4Wi40GYeUpo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

collect_v2.img.php
asset.easydmp.net/ Frame A6D6
Redirect Chain

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=squa17&rand=165847374684353398
https://cookie-matching.mediarithmics.com/v1/get_or_create?rand=165847374684353398&domid=1023
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&rand=165847374684353398&action=GET_ID&opid=goo&etid=&domid=1023&ops=apx
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&rand=165847374684353398&action=GET_ID&opid=goo&etid=&domid=1023&ops=apx&google_gid=CAESEMDeXPF8xR0WcHyeoPgxAE8&google_cver=1
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEMDeXPF8xR0WcHyeoPgxAE8&rand=165847374684353398&action=GET_ID&etid=...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEMDeXPF8xR0WcHyeoPgxA...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5364325850793916569&opid=apx&ops=&utidl=tech:goo:CAESEMDeXPF8xR0WcHyeoPgxAE8&rand=165847374684353398&action=GET_ID&etid=&domid=1023
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&mrm_id=vec%3A28276119576&rand=165847374684353398

43 B
815 B

33ms
33ms

Image
image/gif

2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&mrm_id=vec%3A28276119576&rand=165847374684353398

Requested by

Protocol

HTTP/1.1

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 07:09:07 GMT
X-IPLB-Request-ID: 00000000:852A_00000000:01BB_62DA4D13_750EFEA:20CC2
X-IPLB-Instance: 36820
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-store, no-cache
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

location: https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&mrm_id=vec%3A28276119576&rand=165847374684353398
date: Fri, 22 Jul 2022 07:09:07 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

POST
H/1.1 200
OK get_delivery_data.php Show response
asset.easydmp.net/ Frame 0C11 130 B
872 B 31ms
30ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/get_delivery_data.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

ba2023f0f82e35a565a1b2851b8c453c4fac9b6508ac1fb752f7ca32da9e5f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 07:09:07 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D13_5B036D9:2F33C
X-UID: 165847374684353398
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

POST
H/1.1 200
OK get_delivery_data.php Show response
asset.easydmp.net/ Frame 0C11 130 B
872 B 251ms
250ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/get_delivery_data.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

ba2023f0f82e35a565a1b2851b8c453c4fac9b6508ac1fb752f7ca32da9e5f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 07:09:07 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D13_5B036DE:2F33C
X-UID: 165847374684353398
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

POST
H/1.1 200
OK collect_v3.php Show response
asset.easydmp.net/ Frame 0C11 206 B
761 B 34ms
34ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/collect_v3.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

5208f29d6edd55fdf61511bfe3dfdc5ac30dfab71ea4ce436ecaa2a9a3301b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 07:09:07 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D13_5B036E0:2F33C
X-UID: 165847374684353398
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 0C11 180 B
613 B 27ms
25ms XHR
text/html 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3d3f2e9ecb5f389d52ffde376e917764da99f03cd14f3dddd0f88262cbad251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwLCnIT4cnkEOQrK08slpVm9mOJ44mrdM0sD6nncJIvEBcplBZgVXcUDhEWc/eLcROIj9HkDGUIZAjgd6qrUvZySeP3cvPSVbXTTXCvMK+WkQqS0qpI8K5l9+dOc2GtCWH1qJZwYwtnV8hg9uFwAACMfxm1;
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Warning: set

Response headers

Date: Fri, 22 Jul 2022 07:09:07 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D13_5B036FB:2F33C
Etag: W/"2c8eef7c3cec4d7f11e0d7c1ebc301f2"
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK get_delivery_data.php Show response
asset.easydmp.net/ Frame 0C11 873 B
1 KB 32ms
32ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/get_delivery_data.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

198b5bc9800adb28f2b62400d9020fc43a986be8997e72030950ce308c8ab8b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 07:09:07 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D13_5B036FF:2F33C
X-UID: 165847374684353398
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1

200
OK

collect_v2.img.php
asset.easydmp.net/ Frame 2AE0
Redirect Chain

https://p.crm4d.com/sync/ematch/getuid?uid=165847374684353398&redirect=https://asset.easydmp.net/collect_v2.img.php?dmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D$C4D_UID
https://p.crm4d.com/sync/ematch/getuid?uid=165847374684353398&redirect=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D%24C4D_UID&bounce=1
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=pi5ZVcNqA-AFKdSKoU9tu1CQxfsuP9C9eRQt-Aef3EA

43 B
749 B

26ms
24ms

Image
image/gif

2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=pi5ZVcNqA-AFKdSKoU9tu1CQxfsuP9C9eRQt-Aef3EA

Requested by

Protocol

HTTP/1.1

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 07:09:07 GMT
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D13_5B03707:2F33C
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-store, no-cache
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Location: https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=pi5ZVcNqA-AFKdSKoU9tu1CQxfsuP9C9eRQt-Aef3EA
Date: Fri, 22 Jul 2022 07:09:07 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

GET
H2 200 picking
v3.api.optinproject.com/sqdt/ Frame 7A1C 43 B
239 B 123ms
50ms Image
image/gif 18.200.221.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v3.api.optinproject.com/sqdt/picking
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.221.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-221-133.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:07 GMT
cache-control: must_revalidate, no_cache, no_store, post_check="", pre_check="", private
x-correlation-id: e5f59868-3a8a-4bca-8838-e81075a33627
server: nginx
content-type: image/gif

GET
H/1.1 200
OK userinfo
p.crm4d.com/smarttag/squadatast/orphan/ Frame 3DDD 42 B
414 B 79ms
17ms Image
image/gif 51.38.250.93
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/smarttag/squadatast/orphan/userinfo?redirect=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Demdmpeasy%26p%3D2098%26s%3D2098%26uid%3D165847374684353398%26m%3D%24EMAILS
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.93 , France, ASN16276 (OVH, FR),
Reverse DNS: ip93.ip-51-38-250.eu
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 07:09:07 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

POST
H/1.1 200
OK collect_v3.php Show response
asset.easydmp.net/ Frame 0C11 206 B
652 B 76ms
75ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/collect_v3.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

5208f29d6edd55fdf61511bfe3dfdc5ac30dfab71ea4ce436ecaa2a9a3301b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 07:09:07 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:851E_00000000:01BB_62DA4D13_5B03702:2F33C
X-UID: 165847374684353398
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

POST
H/1.1 200
OK get_delivery_data.php Show response
asset.easydmp.net/ Frame 0C11 881 B
1 KB 29ms
29ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/get_delivery_data.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

fe8f7e208f81494c22704bd8a2958d3fa9b77d34180848ff2d77c624384220fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 07:09:07 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:852A_00000000:01BB_62DA4D13_750EFCA:20CC2
X-UID: 165847374684353398
X-IPLB-Instance: 36820
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1

200
OK

getuid&callback=sqdComActOnGetTcId&firsttime=1 Show response
sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/ Frame 0C11
Redirect Chain

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1

126 B
766 B

20ms
19ms

Script
text/javascript

13.36.62.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: HTTP/1.1
Server: 13.36.62.238 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-62-238.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 962be7a76205aa1568765b2c7cafe8eb2df3cc5f49514f97ebed4bd4dcd31362

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: private
Date: Fri, 22 Jul 2022 07:09:07 GMT
Content-Encoding: gzip
Server: web
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8', true
Expires: Thu, 20 Oct 22 09:09:07 +0200

Redirect headers

Pragma: private
Date: Fri, 22 Jul 2022 07:09:07 GMT
Server: web
location: https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Expires: Thu, 20 Oct 22 09:09:07 +0200

GET
H/1.1

200
OK

165847374684353398&firsttime=1
sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/ Frame 0C11
Redirect Chain

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165847374684353398
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165847374684353398&firsttime=1

95 B
705 B

21ms
20ms

Image
image/png

13.36.62.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165847374684353398&firsttime=1
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: HTTP/1.1
Server: 13.36.62.238 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-62-238.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: private
Date: Fri, 22 Jul 2022 07:09:07 GMT
Content-Encoding: gzip
Server: web
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/png
Expires: Thu, 20 Oct 22 09:09:07 +0200

Redirect headers

Pragma: private
Date: Fri, 22 Jul 2022 07:09:07 GMT
Server: web
location: https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165847374684353398&firsttime=1
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Expires: Thu, 20 Oct 22 09:09:07 +0200

GET
H/1.1 200
OK get Show response
sq.leclubdesbonsplans.com/tmpPds/ Frame 0C11 27 B
413 B 122ms
21ms Script
application/javascript 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://sq.leclubdesbonsplans.com/tmpPds/get?callback=callback59349471

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

b3b105ca31596051c3789c9938d9a523b73078fabf98d2bbea81745ec6758a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:85D2_00000000:01BB_62DA4D13_3AB033F:359E
Date: Fri, 22 Jul 2022 07:09:07 GMT
X-IPLB-Instance: 25257
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK get Show response
rtg-sq.hopmailing.com/tmpPds/ Frame 0C11 28 B
414 B 83ms
24ms Script
application/javascript 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://rtg-sq.hopmailing.com/tmpPds/get?callback=callback718998453

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

5bc5ec0e4e300e67accb79e1c31b5df4eae15fe466fd5459d152bf115e66e547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:85D4_00000000:01BB_62DA4D13_3AAE0BA:359D
Date: Fri, 22 Jul 2022 07:09:07 GMT
X-IPLB-Instance: 25257
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK get Show response
sq.1jouruneoffre.com/tmpPds/ Frame 0C11 28 B
415 B 78ms
20ms Script
application/javascript 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://sq.1jouruneoffre.com/tmpPds/get?callback=callback236668930

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

47e267aae056a4c98a69e5b7f66d8fd89979b4edecd4c0ad3255f7173d089e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:85E4_00000000:01BB_62DA4D14_5B0B42A:2F341
Date: Fri, 22 Jul 2022 07:09:08 GMT
X-IPLB-Instance: 25256
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type: application/javascript; charset=utf-8

POST
H/1.1 200
OK collect_v3.php Show response
asset.easydmp.net/ Frame 0C11 533 B
1012 B 53ms
53ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/collect_v3.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

72dc90225a69a1e462b7e9712c02b5b87058df9f0f56fe714b7e023e7d4bda3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 07:09:08 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:852A_00000000:01BB_62DA4D13_750EFF6:20CC2
X-UID: 165847374684353398
X-IPLB-Instance: 36820
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 0C11 500 B
857 B 82ms
82ms XHR
text/html 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

11844ba54ce0b890033267974d9a7e0d4a110c3db7f47ad0541eb2d60a8c94ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwFwftPgkAAAGBFTkiJi0ApsLD10pyt1Vo/tLU4EAqLuItEHYmtzcd6zHzb81/v+wixJK7PCvx09jTaUBMu3eJai0p/5v+xSBvI0oe6AvZ10RezthtaK1FYXHqI4ZgH0e/ntmN2oGM55d2Lctuen33lFKIczNvVH+Yu3THBtw+uvtasZMDke4mbhlZT6ZDwSlwXRoTcUwTgpjadlbp1h0roqdp6Pjzf4QpICPcddIGxfOTEkby8yakGfb0pg0DgFY/qraZlFFjHt4+rW/lhfz1D6YlWOppY43E0oQ0aHla7KJJ2R+p9hU/KrJ+FaTNgxCayIXgRSy+SNM0A93XRnWpyLIAhDAc2oyltkfeWFdJvXptl1aAiyqzZlJ5KIUxbzeol6xVyhs8wPZ3RTufP+aqC73jINYaXbzt47LnkxEkOG9ib5yq4wu+9h2KDA0YdZOo3VmxjIVyxkGIWbrJ49A/821Ej;
Referer: https://asset.easydmp.net/client_iframe.html?t=230344
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Warning: set

Response headers

Date: Fri, 22 Jul 2022 07:09:08 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:852A_00000000:01BB_62DA4D14_750F00D:20CC2
Etag: W/"538a7b870b7dc6800a8775517da97f5a"
X-IPLB-Instance: 36820
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK get Show response
squa.squakon.eu/tmpPds/ Frame 0C11 28 B
414 B 78ms
19ms Script
application/javascript 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://squa.squakon.eu/tmpPds/get?callback=callback575881586

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230344

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

3d784d584eee8e80f8ab9da94f755962483f31fcd9fbf2ef4c78a30218d2c155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:85F2_00000000:01BB_62DA4D14_3AC9638:D5F9
Date: Fri, 22 Jul 2022 07:09:08 GMT
X-IPLB-Instance: 25143
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type: application/javascript; charset=utf-8

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 129ms
129ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.fram.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://www.fram.fr
date: Fri, 22 Jul 2022 07:09:08 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 PixelUve
ks.invibes.com/Stat/ 35 B
88 B 135ms
134ms Image
image/gif 216.59.56.23
TUT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ks.invibes.com/Stat/PixelUve?eventType=1006&additionalInfo=0%7C3&location=www.fram.fr&cacheb=1658473749077
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.23 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: / ASP.NET
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:08 GMT
cache-control: no-cache, no-store, must-revalidate
expires: -1
x-powered-by: ASP.NET
content-length: 35
content-type: image/gif

GET
H2 200 kameleoon-iframe.html Show response
www.fram.fr/static/html/ Frame B61D 11 KB
3 KB 14ms
14ms Document
text/html 178.33.46.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fram.fr/static/html/kameleoon-iframe.html
Requested by: Host: z7cpethotg.kameleoon.eu
URL: https://z7cpethotg.kameleoon.eu/kameleoon.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.46.193 Cavalaire-sur-Mer, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8fdba1f1b96332e8d8d5c7a2faa232afafa8955dba382544f59696afe9fd10df

Request headers

Referer: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 257556
cache-control: max-age=864000
content-encoding: gzip
content-length: 3104
content-type: text/html
date: Fri, 22 Jul 2022 07:09:11 GMT
last-modified: Tue, 05 Jul 2022 12:57:40 GMT
server: nginx
vary: X-Forwarded-Proto
via: RPX07-H
x-device: desktop
x-krvl: 10.12.84.57%10,10360
x-lb: lb56

GET
H2 200 PixelUve
ks.invibes.com/Stat/ 35 B
88 B 140ms
139ms Image
image/gif 216.59.56.23
TUT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ks.invibes.com/Stat/PixelUve?eventType=1006&additionalInfo=0%7C5&location=www.fram.fr&cacheb=1658473751213
Requested by: Host: www.fram.fr
URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.23 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: / ASP.NET
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.fram.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 07:09:10 GMT
cache-control: no-cache, no-store, must-revalidate
expires: -1
x-powered-by: ASP.NET
content-length: 35
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: w.estat.com
URL: https://w.estat.com/js/whap.js

Domain: tags.dynamo.one
URL: https://tags.dynamo.one/105436_tag.js

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fram.fr/	1970-01-20 04:41:15	Name: pn_test Value: Maintenance%7CFront%7C500
.fram.fr/	1969-12-31 23:59:59	Name: s_cc Value: true
.fram.fr/	1969-12-31 23:59:59	Name: cf Value: 1
.fram.fr/	1969-12-31 23:59:59	Name: cid_c Value: email-PGI-J05_qualif-Bascule_PMVC-293-NA
.fram.fr/	1970-01-22 00:30:40	Name: stack_c Value: %5B%5B%27email-PGI-J05_qualif-Bascule_PMVC-293-NA%27%2C%271658473746228%27%5D%5D
.fram.fr/	1969-12-31 23:59:59	Name: s_sq Value: %5B%5BB%5D%5D
.fram.fr/	1970-01-20 06:50:49	Name: _gcl_au Value: 1.1.1657839076.1658473746
.karavel.112.2o7.net/	1970-01-20 22:12:25	Name: s_vi Value: [CS]v1\|316D2689326C21A8-40000F8291BCEA52[CE]
www.fram.fr/	1969-12-31 23:59:59	Name: cookie_cid Value: email-PGI-J05_qualif-Bascule_PMVC-293-NA
.fram.fr/	1970-01-20 22:12:25	Name: _ga Value: GA1.2.1819335854.1658473746
.fram.fr/	1970-01-20 04:42:40	Name: _gid Value: GA1.2.998714449.1658473746
.fram.fr/	1970-01-20 04:41:13	Name: _gat_UA-73816058-1 Value: 1
.fram.fr/	1970-01-20 13:26:49	Name: _msuuid_1290m6f55852 Value: 7A1E40B4-3A5D-43DE-B702-A97FE2D1917E
.bing.com/	1970-01-20 14:02:49	Name: MUID Value: 1995B12A2464688B2838A0C325916958
.fram.fr/	1970-01-20 04:42:40	Name: _uetsid Value: 2cc136b0098d11ed91fe3bf306f92dfd
.fram.fr/	1970-01-20 14:02:49	Name: _uetvid Value: 2cc15a20098d11ed968255ed56eb7c6e
.marinsm.com/	1970-01-20 13:26:49	Name: _msuuid Value: 7A1E40B4-3A5D-43DE-B702-A97FE2D1917E
.fram.fr/	1970-01-20 13:26:49	Name: C360i Value: 7A5E50A255F1C2B6B17B6481CB70066C\|eyJjcmVhdGVkIjoxNjU4NDczNzQ2NTMyLCJ1cGRhdGVkIjoxNjU4NDczNzQ2NTMyLCJ0YWdfaWQiOiI0LjMuMCIsImNvdW50IjoxLCJleHAiOjE2OTAwMDk3NDY1MzJ9
.fram.fr/	1970-01-20 14:10:37	Name: _cs_c Value: 0
.fram.fr/	1970-01-20 14:10:37	Name: _cs_id Value: 8bfaf160-5957-a0e9-b99a-2bd8a3b4e8e2.1658473746.1.1658473746.1658473746.1561718719.1692637746599
.fram.fr/	1970-01-20 04:41:15	Name: _cs_s Value: 1.0.0.1658475546601
www.fram.fr/	1970-01-20 04:41:15	Name: sqd_nwvst Value: 1
www.fram.fr/	1970-01-20 04:55:39	Name: sqd_vst Value: 1
www.clarity.ms/	1970-01-20 13:26:49	Name: CLID Value: fff305d742f84a108525a2a1ff134f31.20220722.20230722
.fram.fr/	1970-01-20 13:26:49	Name: _clck Value: w0zykx\|1\|f3d\|0
.weborama.fr/	1970-01-20 14:07:08	Name: AFFICHE_W Value: TsV3idwJcKZO45
.doubleclick.net/	1970-01-20 14:02:49	Name: IDE Value: AHWqTUktpUkU1Bd-MUtTVEbcDGAE4taWwXGF31kVxtpyu5lV49ij0f_sZFv1YsZJiEA
.rlcdn.com/	1970-01-20 13:26:49	Name: rlas3 Value: XSyRpRT+Ml4BqUQ//Mv8WCQg/GDGpW7QYSQaUyjGJik=
.adnxs.com/	1970-01-20 06:50:49	Name: uuid2 Value: 5364325850793916569
.rlcdn.com/	1970-01-20 06:07:37	Name: pxrc Value: CJOa6ZYGEgUI6AcQABIGCLrqARAA
.crm4d.com/	1970-01-20 11:53:13	Name: c4d Value: gra61V0GgexBap4Jya5tJqaOHiNrelHwPtbbROVvALk4x8Cg2lsuXGg0pM
.fram.fr/	1970-01-20 04:42:40	Name: _clsk Value: 3ui7kv\|1658473747694\|1\|1\|j.clarity.ms/collect
.easydmp.net/	1970-01-20 13:26:16	Name: capping Value: eyJlbWRtcGVhc3k6ZWFzeWRtcHN5bmN1aWQiOiIxNjU4NDczNzQ3IiwiZW1kbXBlYXN5OmdyYXBoaW5pdW1fcGlja2luZyI6IjE2NTg0NzM3NDciLCJlbWRtcGVhc3k6Z3JhcGhpbml1bV9zeW5jIjoiMTY1ODQ3Mzc0NyIsImVtZG1wZWFzeTpsaXZlcmFtcCI6IjE2NTg0NzM3NDciLCJlbWRtcGVhc3k6bWVkaWFyaXRobWljc19waWNraW5nIjoiMTY1ODQ3Mzc0NyIsImVtZG1wZWFzeTp3ZWJvcmFtYV9tcmt0ZXNwX3N5bmMiOiIxNjU4NDczNzQ3IiwiZW1kbXBlYXN5OndlYnJpdmFnZV9waWNraW5nIjoiMTY1ODQ3Mzc0NyJ9
.commander1.com/	1970-01-20 13:26:49	Name: TCID Value: 202207220909076453321520
.mediarithmics.com/	1970-01-20 13:26:49	Name: mics_vid Value: 28276119576
.mediarithmics.com/	1970-01-20 13:26:49	Name: mics_uaid Value: web:1:d3606b54-fa05-41f3-a0d0-1a02c2c7b537
.mediarithmics.com/	1970-01-20 13:26:49	Name: mics_lts Value: 1658473747820
.easydmp.net/	1970-01-20 04:59:56	Name: ecdstpds1 Value: 000000000000000002%3As%3A0%3AeJwFwftPgkAAAGBFTkiJi0ApsLD10pyt1Vo%2FtLU4EAqLuItEHYmtzcd6zHzb81%2Fv%2BwixJK7PCvx09jTaUBMu3eJai0p%2F5v%2BxSBvI0oe6AvZ10RezthtaK1FYXHqI4ZgH0e%2FntmN2oGM55d2Lctuen33lFKIczNvVH%2BYu3THBtw%2BuvtasZMDke4mbhlZT6ZDwSlwXRoTcUwTgpjadlbp1h0roqdp6Pjzf4QpICPcddIGxfOTEkby8yakGfb0pg0DgFY%2FqraZlFFjHt4%2BrW%2Flhfz1D6YlWOppY43E0oQ0aHla7KJJ2R%2Bp9hU%2FKrJ%2BFaTNgxCayIXgRSy%2BSNM0A93XRnWpyLIAhDAc2oyltkfeWFdJvXptl1aAiyqzZlJ5KIUxbzeol6xVyhs8wPZ3RTufP%2BaqC73jINYaXbzt47LnkxEkOG9ib5yq4wu%2B9h2KDA0YdZOo3VmxjIVyxkGIWbrJ49A%2F821Ej%3B

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.fram.fr/newsletter/sejour/?id=&cid=email-PGI-J05_qualif-Bascule_PMVC-293-NA&uid=A23B3C48ED2FA548409509AD2CEB59B4&utm_source=selligent&utm_medium=pgi&utm_campaign=j05_qualif&utm_content=PRODUITS+SELECTION_&utm_term= Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://tags.dynamo.one/105436_tag.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asset.easydmp.net
atout.email-match.com
bat.bing.com
c.contentsquare.net
cm.g.doubleclick.net
connect.facebook.net
cookie-matching.mediarithmics.com
csxd.service-voyages.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
guru.opthb.com
ib.adnxs.com
idsync.rlcdn.com
j.clarity.ms
js.sddan.com
k.r66net.com
karavel.112.2o7.net
ks.invibes.com
p.crm4d.com
rd.frontend.weborama.fr
rtg-sq.hopmailing.com
s.videostep.com
sq.1jouruneoffre.com
sq.leclubdesbonsplans.com
squa.squakon.eu
static.r66net.com
static.service-voyages.com
stats.g.doubleclick.net
sync.commander1.com
t.contentsquare.net
tags.dynamo.one
tracker.marinsm.com
u.logbor.com
u.videostep.com
u360.d-bi.fr
v3.api.optinproject.com
voyages.fram.fr
w.estat.com
www.clarity.ms
www.fram.fr
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
z7cpethotg.kameleoon.eu
tags.dynamo.one
w.estat.com
108.138.17.2
13.32.121.117
13.36.62.238
142.250.185.98
15.236.176.210
172.217.18.2
178.33.46.193
18.200.221.133
193.46.206.2
20.85.30.134
2001:41d0:202:100:145:239:192:103
2001:41d0:301:100:145:239:193:53
2001:4860:4802:32::178
216.59.56.23
2606:4700:20::681a:a1e
2620:1ec:27::cafe:1759
2620:1ec:c11::200
2a00:1450:4001:802::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:400c:c0c::9c
2a03:2880:f01c:8012:face:b00c:0:3
35.190.24.218
35.244.174.68
37.252.172.249
40.74.50.168
51.158.29.12
51.38.250.93
52.209.64.238
52.213.248.76
54.36.150.186
68.232.35.200
89.185.38.89
91.230.178.143
95.131.137.7
01c5f3d7746282875c8967061c478f1170c9fceb13eb94ccf785f8d0f48cd7a3
01dacf99b9583e6e465be19682482deed5bf13c34be16edabea028c0ad8f4e73
05c952fb44584fdbcff0bdecb26d2d51019d4a8a18ca7634e244ef93583b2a82
07a54546e6a4e0062a756f4261e6d47a3328160280e9b7aae1ce8b2523a7e6ce
0d5a8de0857374a03053702c6ee3472dd541cde75f503b8e8b4b9195ea5c50b7
0f41b9912fe42b70805941b8fc42eaf142cb12eeb5d475d7a849e861d7a74dde
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
106d669bc5061d732a771cfaee0cda656e9c92377d797f8ff589cace190ef4c0
11844ba54ce0b890033267974d9a7e0d4a110c3db7f47ad0541eb2d60a8c94ca
18469a35c0c83bd95c94ef40fe5b6d6fb92bac9f25aa1312502d745831edf3b2
198b5bc9800adb28f2b62400d9020fc43a986be8997e72030950ce308c8ab8b8
20f941648c5c6770e7b43deb644c8fc18a6bf2800efc766ba61927f52fd395a7
288ba0fa2b21522e29cb8fd62ad3bf25a9167c92068eb0d3a260dc43528b6a57
3928aa513b32706876d3ed41a83588300c37abdf2032ccedfb81230e4b3f082e
3d784d584eee8e80f8ab9da94f755962483f31fcd9fbf2ef4c78a30218d2c155
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4660947fce90785298d653e3b1bda2c6c23959fda094ca05800309e9aa13e0b4
47e267aae056a4c98a69e5b7f66d8fd89979b4edecd4c0ad3255f7173d089e7b
5102756e407a9bb8d32d20bfdcf58e3faa814ca48c88212573628ce11ec3b7d4
5208f29d6edd55fdf61511bfe3dfdc5ac30dfab71ea4ce436ecaa2a9a3301b10
53086bddb651527e4eef8b37c11bba8c99b4fda83569a6b550fbb2e976f8c9d1
541ab14f8f92aa43ec95cd86d754f0c95900fbb673f884bfa49ebfe8ed66da93
57c13ea5f4d0389107637297dbea055387d8c611892739671df017456668d9c7
5bc5ec0e4e300e67accb79e1c31b5df4eae15fe466fd5459d152bf115e66e547
66365569a0725d951ef0624506a8f10ce30a48b57acd3b2afde5960be44d0403
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2d27b1be25045afbd52cdc600e89b23d7d0e9978f551a1567221721df342dc
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
72dc90225a69a1e462b7e9712c02b5b87058df9f0f56fe714b7e023e7d4bda3a
77760c8bd5c4a66cd047d267874d928bfbc0ca249afc3c9422b33f1351b090b3
7e2dde692df9ae07316f2b35c3680849c0b2b23669d0aba5cf81ad7ea2b638c6
8857613ea0d09d6c871beb9eed8c0c358f66c5bb3c8a77573ec142d59d09c08e
8c2a77cf780392b82cc1fa46b67bb5135adfc46d1b9938082e43a7f1158219cb
8fdba1f1b96332e8d8d5c7a2faa232afafa8955dba382544f59696afe9fd10df
9040bd5ca81b922b97bed395c8111f6227866f08ac7c8cffd4e9ffc072be249b
962be7a76205aa1568765b2c7cafe8eb2df3cc5f49514f97ebed4bd4dcd31362
9843197a5c6c0bdd99ce907308ce10a6876080f5d5dd53ee3e5ee68da48b62de
9b0c3b0561d091793e2be860374656fe5f3e9bfade99cb91ef4548f4d0fcdcac
9cb92b495af15d562228942cfd455f5889266634b4a01c43760f6ee5e1c6f2e2
a0429e96edfa76cf8b2029c28ce732b74433a5e86a6c2d581cde7a940b277772
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2a775987716e67ef284111990de629a19e76aeaf5e4ecf2d87fd60588dddf2b
a977dfe3a544b98588c800fb08c594ca12b454afd5d3dd4b545ea96bc38bf6fe
b01dac2996f854d1bdb6c9c63eff572afe06cd0dd4c527f48a4776639a5c82c1
b31773a9122de17b5c5ed77982c07e01abfc35f58edb1f3d6e045a825d5efe6d
b3b105ca31596051c3789c9938d9a523b73078fabf98d2bbea81745ec6758a4a
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b4d6f6d8094bb80b84067103159c69a9b86d16feb13bfc0b437a929243861302
b725a0a0d422f124c9bf59065965692947df103f0a70be55bbb9b621f2a05a68
ba2023f0f82e35a565a1b2851b8c453c4fac9b6508ac1fb752f7ca32da9e5f94
bcfa16974c4cead10db25ee52f05ec918411c48ba8a0f27a0dd8331d6726806a
be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f
c09bce3da64967a89d5932ad825bf56e10009e9dbe8577845e2a053e8caaffd1
c44fcdf5b446cb0c75590fb68ac0ac92a90949dfee111febe5dc72f9daf75df0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3808618a578edbd95df72fb31f62c1b0d51add9affe0ea9704997b9a442bf10
d54e2d2195d6a0ecabfcf6d5797292b8133fcca4329eea60a5ee922477bfd576
dccc118d9e491455c9f1934ecbe69e97787c00f254a6bd4aca18c73e13c4578c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d3f2e9ecb5f389d52ffde376e917764da99f03cd14f3dddd0f88262cbad251
e492a033926643e2389ba017a3efa1c3952740c4ba4774729c7b0dff50805f9e
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
e8b6052ba36f7ef75a197e38b9d32fa166cd49e3b5737ba03689be8e88b44d5a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b564356b51002c3aaf5bd235ecaf7734c1252141abd78fdbc03770f26277b8
f8d7860a1288508f6037b3b14ec3c3febcd82ef20ea687293e9d12b25a97cf75
fc10f044478ba172bf71d6d5fa2277fa1277fee43191da10b21a4112353b917d
fe8f7e208f81494c22704bd8a2958d3fa9b77d34180848ff2d77c624384220fc
ff381d6a1dafb5afc49d9fd29e0cb31c6bf6f548a004d7cc5f7ae7b52468b319

www.fram.fr Open in urlscan Pro 178.33.46.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

89 %HTTPS

37 %IPv6

39 Domains

47 Subdomains

33 IPs

6 Countries

934 kBTransfer

2425 kBSize

38 Cookies

9 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.fram.fr Open in urlscan Pro
178.33.46.193 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

89 %
HTTPS

37 %
IPv6

39
Domains

47
Subdomains

33
IPs

6
Countries

934 kB
Transfer

2425 kB
Size

38
Cookies

98 HTTP transactions
0 data transactions