urlscan.io logo urlscan.io
SecurityTrails logo

mirror.newsletter.atylia-deco.fr Open in urlscan Pro
89.248.209.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.newsletter.atylia-deco.fr/c/?t=47eac38-c4!-4c49-943-1xi2mq
Effective URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Submission: On September 19 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 31 HTTP transactions. The main IP is 89.248.209.41, located in Halluin, France and belongs to ODISO-AS, FR. The main domain is mirror.newsletter.atylia-deco.fr.
This is the only time mirror.newsletter.atylia-deco.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 89.248.211.29 34993 (ODISO-AS)
1 89.248.209.41 34993 (ODISO-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 213.186.50.122 16276 (OVH)
1 12 62.210.221.54 12876 (AS12876)
11 213.186.49.194 16276 (OVH)
2 213.186.49.195 16276 (OVH)
3 3 213.251.152.43 16276 (OVH)
1 2001:41d0:301... 16276 (OVH)
1 18.202.127.238 16509 (AMAZON-02)
1 2 165.227.230.235 14061 (DIGITALOC...)
31 10
2    89.248.211.29 (Halluin, France)

ASN34993 (ODISO-AS, FR)
PTR: mindproxy.odiso.net
t.newsletter.atylia-deco.fr
1    89.248.209.41 (Halluin, France)

ASN34993 (ODISO-AS, FR)
mirror.newsletter.atylia-deco.fr
1    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    213.186.50.122 (France)

ASN16276 (OVH, FR)
img.planet.fr
preprod-img.planet.fr
12    62.210.221.54 (France)

ASN12876 (AS12876, FR)
ipe.medisite.fr
opn.ivitrack.com
11    213.186.49.194 (France)

ASN16276 (OVH, FR)
PTR: mailer.anotherlight.com
m.mcdn.fr
2    213.186.49.195 (France)

ASN16276 (OVH, FR)
p.mcdn.fr
3    213.251.152.43 (France)

ASN16276 (OVH, FR)
preprod-img.medisite.fr
1    2001:41d0:301:100:145:239:193:53 (France)

ASN16276 (OVH, FR)
pmd.car817.fr
1    18.202.127.238 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-202-127-238.eu-west-1.compute.amazonaws.com
trcd.atylia-deco.fr
2    165.227.230.235 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
t.dedidom.fr
dev.scribouille.fr
Domain Requested by
11 m.mcdn.fr mirror.newsletter.atylia-deco.fr
11 ipe.medisite.fr 1 redirects mirror.newsletter.atylia-deco.fr
3 preprod-img.medisite.fr 3 redirects
2 p.mcdn.fr mirror.newsletter.atylia-deco.fr
2 preprod-img.planet.fr 2 redirects
2 t.newsletter.atylia-deco.fr 1 redirects mirror.newsletter.atylia-deco.fr
1 dev.scribouille.fr mirror.newsletter.atylia-deco.fr
1 t.dedidom.fr 1 redirects
1 trcd.atylia-deco.fr mirror.newsletter.atylia-deco.fr
1 pmd.car817.fr mirror.newsletter.atylia-deco.fr
1 opn.ivitrack.com mirror.newsletter.atylia-deco.fr
1 img.planet.fr mirror.newsletter.atylia-deco.fr
1 www.google-analytics.com mirror.newsletter.atylia-deco.fr
1 mirror.newsletter.atylia-deco.fr
31 14

This site contains links to these domains. Also see Links.

Domain
t.newsletter.atylia-deco.fr
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.mcdn.fr
Gandi Standard SSL CA 2		 2018-10-31 -
2020-11-20		 2 years crt.sh
em.cybercartes.com
Let's Encrypt Authority X3		 2019-09-03 -
2019-12-02		 3 months crt.sh
dev.scribouille.fr
Let's Encrypt Authority X3		 2018-08-24 -
2018-11-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Frame ID: A52AAB9F860CC839935EDD16DEAF63F0
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.newsletter.atylia-deco.fr/c/?t=47eac38-c4!-4c49-943-1xi2mq HTTP 302
    http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041 Page URL

Page Statistics

31
Requests

48 %
HTTPS

18 %
IPv6

9
Domains

14
Subdomains

10
IPs

4
Countries

159 kB
Transfer

174 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.newsletter.atylia-deco.fr/c/?t=47eac38-c4!-4c49-943-1xi2mq HTTP 302
    http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017 HTTP 307
  • https://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017
Request Chain 9
  • http://preprod-img.planet.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif HTTP 301
  • https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif
Request Chain 13
  • http://ipe.medisite.fr/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail] HTTP 302
  • http://opn.ivitrack.com/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail]
Request Chain 23
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png HTTP 301
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png
Request Chain 24
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png HTTP 301
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png
Request Chain 25
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png HTTP 301
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png
Request Chain 28
  • https://t.dedidom.fr/rdrct/2/2/d89a49469cc482a0e1ea42bdabfae7dd HTTP 301
  • https://dev.scribouille.fr/rdrct/2/2/d89a49469cc482a0e1ea42bdabfae7dd
Request Chain 29
  • http://preprod-img.planet.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif HTTP 301
  • https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
mirror.newsletter.atylia-deco.fr/
Redirect Chain
  • http://t.newsletter.atylia-deco.fr/c/?t=47eac38-c4!-4c49-943-1xi2mq
  • http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
89.248.209.41 Halluin, France, ASN34993 (ODISO-AS, FR),
Reverse DNS
Software
/
Resource Hash
6af930f1b64232e0b45430a03c602c0976b2e114fe6bcac101891646c2faff83

Request headers

Host
mirror.newsletter.atylia-deco.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Thu, 19 Sep 2019 11:15:15 GMT
Content-Length
7917
X-Robots-Tag
noindex
Set-Cookie
SERVERID=server1; path=/

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Set-Cookie
ASP.NET_SessionId=p4aou2z1mmzvuwmo5frfaz2v; path=/; HttpOnly
Date
Thu, 19 Sep 2019 11:15:15 GMT
Content-Length
204
/
t.newsletter.atylia-deco.fr/o/ 		180 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t.newsletter.atylia-deco.fr/o/?t=c4!-943-1xi2mq
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
89.248.211.29 Halluin, France, ASN34993 (ODISO-AS, FR),
Reverse DNS
mindproxy.odiso.net
Software
/
Resource Hash
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Sep 2019 11:15:15 GMT
Cache-Control
private
Content-Length
180
Content-Type
image/png
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017
  • https://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017
35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2019 11:30:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2072715
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017
Non-Authoritative-Reason
HSTS
Header_Medisite.png
img.planet.fr//partenaires/Nl_bestof/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.planet.fr//partenaires/Nl_bestof/Header_Medisite.png
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
213.186.50.122 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
acfb4ce9036f2c3018799003ea69e25af7d1595cde4c1fd6f2785b67e1efe558

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Sep 2019 11:15:22 GMT
Last-Modified
Fri, 03 Mar 2017 11:31:16 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=259200, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30388
Expires
Sun, 22 Sep 2019 11:15:22 GMT
nli
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nli?n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=1
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Thu, 19 Sep 2019 11:15:22 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-wtzhn
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
nlp
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nlp?p=1&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=1
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Thu, 19 Sep 2019 11:15:27 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-wtzhn
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
nlp
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nlp?p=2&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=1
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Thu, 19 Sep 2019 11:15:22 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-wtzhn
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
rd
ipe.medisite.fr/ 		42 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/rd?k=nlpi&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=1
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Sep 2019 11:15:27 GMT
Server
nginx/1.15.6
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-wtzhn
Content-Length
42
Content-Type
image/gif
rd
ipe.medisite.fr/ 		42 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/rd?k=nlai&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=1
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Sep 2019 11:15:27 GMT
Server
nginx/1.15.6
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-wtzhn
Content-Length
42
Content-Type
image/gif
vignette-focus.jpg
m.mcdn.fr/files/styles/node_nl_inline/public/images/article/2/2/6/4592622/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/node_nl_inline/public/images/article/2/2/6/4592622/vignette-focus.jpg?itok=AnE4Qkak
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
1d3ac2d35ad94bf6a28fdbacf3ca4bb0b96456af192ee13177f39eb5b0e0eb24

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:15 GMT
Last-Modified
Fri, 16 Aug 2019 16:34:18 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache4
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9016
Expires
Sat, 19 Oct 2019 11:15:15 GMT
puce_noire.gif
p.mcdn.fr/sites/all/themes/at3_planet/images/nl/
Redirect Chain
  • http://preprod-img.planet.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif
  • https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif
78 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.195 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
751802f7233c8de4254d726022c5913059949d5d43e2e68d1133735631228c6c

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:19 GMT
Last-Modified
Wed, 18 Sep 2019 14:13:51 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache3
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78
Expires
Sat, 19 Oct 2019 11:15:19 GMT

Redirect headers

Location
https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif
Date
Thu, 19 Sep 2019 11:15:19 GMT
Server
nginx/1.2.1
Connection
keep-alive
Content-Length
184
Content-Type
text/html
vignette-focus.jpg
m.mcdn.fr/files/styles/node_nl_inline/public/images/article/5/4/4/5484445/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/node_nl_inline/public/images/article/5/4/4/5484445/vignette-focus.jpg?itok=W0PTmXpU
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
b3293128b130b60c4fd32ad15962746be60c02d98f355ee3761813dc80afa172

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:15 GMT
Last-Modified
Thu, 17 Jan 2019 17:49:02 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6211
Expires
Sat, 19 Oct 2019 11:15:15 GMT
3558747-inline.jpg
m.mcdn.fr/files/styles/node_nl_inline/public/images/article/5/5/9/1900955/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/node_nl_inline/public/images/article/5/5/9/1900955/3558747-inline.jpg?itok=2QWeXWen
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
d48a9b30561a153886c83236edda377e01a822dbadc78d18519952fb9a4c5da4

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:15 GMT
Last-Modified
Thu, 01 Aug 2019 08:09:20 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6597
Expires
Sat, 19 Oct 2019 11:15:15 GMT
188x140_couv.jpg
m.mcdn.fr/files/styles/nl_image_default/public/nl_images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/nl_image_default/public/nl_images/188x140_couv.jpg?itok=97lBMUWb
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
04a401df7cf66f67816703b57b0f5a9757d445db6a3882d4f558a680a6226c97

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:15 GMT
Last-Modified
Thu, 17 Jan 2019 18:33:50 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6156
Expires
Sat, 19 Oct 2019 11:15:15 GMT
nlo
opn.ivitrack.com/
Redirect Chain
  • http://ipe.medisite.fr/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail]
  • http://opn.ivitrack.com/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail]
42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://opn.ivitrack.com/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail]
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Thu, 19 Sep 2019 11:15:21 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-vnkrp
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT

Redirect headers

Location
http://opn.ivitrack.com/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail]
Date
Thu, 19 Sep 2019 11:15:21 GMT
Server
nginx/1.15.6
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-vnkrp
Content-Length
120
Content-Type
text/html; charset=utf-8
6775596-inline.jpg
m.mcdn.fr/files/styles/node_nl_inline/public/images/article/7/3/7/5518737/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/node_nl_inline/public/images/article/7/3/7/5518737/6775596-inline.jpg?itok=78Umx_-c
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
ad39466a8fe2195debe0dcae9e7aaa6cb22f9507a79991574c74d338cf77af39

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:15 GMT
Last-Modified
Wed, 03 Jul 2019 16:19:21 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache4
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8247
Expires
Sat, 19 Oct 2019 11:15:15 GMT
vignette-focus_0.jpg
m.mcdn.fr/files/styles/node_nl_inline/public/images/article/4/5/2/3942254/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/node_nl_inline/public/images/article/4/5/2/3942254/vignette-focus_0.jpg?itok=f_tLQa-P
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
78b6ba9de0fc9f23b1b3f011ef8cd7605d20204ca18ae4661252ee363cb460af

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:15 GMT
Last-Modified
Thu, 17 Jan 2019 19:36:14 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4452
Expires
Sat, 19 Oct 2019 11:15:15 GMT
6777102-inline.jpg
m.mcdn.fr/files/styles/node_nl_inline/public/images/article/7/6/4/5525467/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/node_nl_inline/public/images/article/7/6/4/5525467/6777102-inline.jpg?itok=SeTZTFI7
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
951fe671b83dfdb45b40083f57c9fadd8843121b3db88cf9648bdaa5088893ea

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:15 GMT
Last-Modified
Fri, 02 Aug 2019 14:09:08 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12232
Expires
Sat, 19 Oct 2019 11:15:15 GMT
nli
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nli?n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=0
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Thu, 19 Sep 2019 11:15:21 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-wtzhn
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
nlp
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nlp?p=1&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=0
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Thu, 19 Sep 2019 11:15:22 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-wtzhn
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
nlp
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nlp?p=2&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=0
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Thu, 19 Sep 2019 11:15:27 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-wtzhn
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
rd
ipe.medisite.fr/ 		42 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/rd?k=nlpi&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=0
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Sep 2019 11:15:27 GMT
Server
nginx/1.15.6
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-wtzhn
Content-Length
42
Content-Type
image/gif
rd
ipe.medisite.fr/ 		42 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/rd?k=nlai&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=0
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Sep 2019 11:15:22 GMT
Server
nginx/1.15.6
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-85b8d796d7-wtzhn
Content-Length
42
Content-Type
image/gif
vignette-focus_0.jpg
m.mcdn.fr/files/styles/node_nl_inline/public/images/article/9/1/8/2834819/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/node_nl_inline/public/images/article/9/1/8/2834819/vignette-focus_0.jpg?itok=tSQwJMfY
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
58636ab54014201ed120c8fe4e3f92d18e03fcb1fc4318ab28dbf037a51d3a82

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:15 GMT
Last-Modified
Thu, 17 Jan 2019 18:13:30 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7493
Expires
Sat, 19 Oct 2019 11:15:15 GMT
label_excellence.png
m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/
Redirect Chain
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png
20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
f6f5667c4443bad915b8a1e572a9ed998931e87a2fda353e9246349da2445cd5

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:18 GMT
Last-Modified
Wed, 18 Sep 2019 11:40:57 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20814
Expires
Sat, 19 Oct 2019 11:15:18 GMT

Redirect headers

Location
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png
Date
Thu, 19 Sep 2019 11:15:18 GMT
Server
nginx/1.2.1
Connection
keep-alive
Content-Length
184
Content-Type
text/html
label_excellence2.png
m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/
Redirect Chain
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
00c9b1e28406fcc853d8126977564af889ce1cdc4f294f32192b9a2df7602dfe

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:18 GMT
Last-Modified
Wed, 18 Sep 2019 11:40:57 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7917
Expires
Sat, 19 Oct 2019 11:15:18 GMT

Redirect headers

Location
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png
Date
Thu, 19 Sep 2019 11:15:18 GMT
Server
nginx/1.2.1
Connection
keep-alive
Content-Length
184
Content-Type
text/html
label_excellence3.png
m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/
Redirect Chain
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png
19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
38471f0308ef0532b0ef61e1c7989e96d201941a690f53b365c8b8888267c599

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:18 GMT
Last-Modified
Wed, 18 Sep 2019 11:40:57 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19624
Expires
Sat, 19 Oct 2019 11:15:18 GMT

Redirect headers

Location
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png
Date
Thu, 19 Sep 2019 11:15:18 GMT
Server
nginx/1.2.1
Connection
keep-alive
Content-Length
184
Content-Type
text/html
collect_v2.img.php
pmd.car817.fr/ 		43 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmd.car817.fr/collect_v2.img.php?dmp=emdmpeasy&p=1449&s=1449&m=d89a49469cc482a0e1ea42bdabfae7dd&email_sha256=d6f96d5a49e5b615cad4c073489574276dbdc1dd3a8475d7b53f1ccead3d6dd3
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Sep 2019 11:15:15 GMT
Cache-Control
no-store, no-cache
Transfer-Encoding
chunked
Content-Type
image/gif
X-IPLB-Instance
25257
Strict-Transport-Security
max-age=31536000
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
trcdo.php
trcd.atylia-deco.fr/trcd/ 		42 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://trcd.atylia-deco.fr/trcd/trcdo.php?cid=232772&em=suspect@safeonweb.be&emcdrmd5=d89a49469cc482a0e1ea42bdabfae7dd&emcdrsha256=d6f96d5a49e5b615cad4c073489574276dbdc1dd3a8475d7b53f1ccead3d6dd3&do=atylia-deco.fr&rout=mbz&ts=1568792761
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Server
18.202.127.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-127-238.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.16
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Sep 2019 11:15:15 GMT
Last-Modified
Thu, 19 Sep 2019 11:15:15 GMT
Server
Apache/2.4.7 (Ubuntu)
X-Powered-By
PHP/5.5.9-1ubuntu4.16
P3P
CP="NOI NID ADMa OUR IND UNI COM NAV"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sat, 22 Apr 1978 02:19:00 GMT
d89a49469cc482a0e1ea42bdabfae7dd
dev.scribouille.fr/rdrct/2/2/
Redirect Chain
  • https://t.dedidom.fr/rdrct/2/2/d89a49469cc482a0e1ea42bdabfae7dd
  • https://dev.scribouille.fr/rdrct/2/2/d89a49469cc482a0e1ea42bdabfae7dd
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.scribouille.fr/rdrct/2/2/d89a49469cc482a0e1ea42bdabfae7dd
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.230.235 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx/1.13.12 /
Resource Hash
0e14219903e0f56f725539d80e431d4158329b07f0c02ead70af4ddd32d6e2cf

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
500
date
Thu, 19 Sep 2019 11:15:16 GMT
cache-control
no-cache, private
server
nginx/1.13.12
content-type
text/html; charset=UTF-8

Redirect headers

status
301
date
Thu, 19 Sep 2019 11:15:15 GMT
server
nginx/1.13.12
content-length
186
location
https://dev.scribouille.fr/rdrct/2/2/d89a49469cc482a0e1ea42bdabfae7dd
content-type
text/html
puce_noire2.gif
p.mcdn.fr/sites/all/themes/at3_planet/images/nl/
Redirect Chain
  • http://preprod-img.planet.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif
  • https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif
169 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif
Requested by
Host: mirror.newsletter.atylia-deco.fr
URL: http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.195 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
0871e9f60e9b502d02ff1b05b9a16f3c5a145dfbd0af92a4be028d312f969a66

Request headers

Referer
http://mirror.newsletter.atylia-deco.fr/?e=suspect%40safeonweb.be&s=3949&b=1041
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 19 Sep 2019 11:15:19 GMT
Last-Modified
Wed, 18 Sep 2019 14:13:51 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache2
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
169
Expires
Sat, 19 Oct 2019 11:15:19 GMT

Redirect headers

Location
https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif
Date
Thu, 19 Sep 2019 11:15:19 GMT
Server
nginx/1.2.1
Connection
keep-alive
Content-Length
184
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dev.scribouille.fr
img.planet.fr
ipe.medisite.fr
m.mcdn.fr
mirror.newsletter.atylia-deco.fr
opn.ivitrack.com
p.mcdn.fr
pmd.car817.fr
preprod-img.medisite.fr
preprod-img.planet.fr
t.dedidom.fr
t.newsletter.atylia-deco.fr
trcd.atylia-deco.fr
www.google-analytics.com
165.227.230.235
18.202.127.238
2001:41d0:301:100:145:239:193:53
213.186.49.194
213.186.49.195
213.186.50.122
213.251.152.43
2a00:1450:4001:825::200e
62.210.221.54
89.248.209.41
89.248.211.29
00c9b1e28406fcc853d8126977564af889ce1cdc4f294f32192b9a2df7602dfe
04a401df7cf66f67816703b57b0f5a9757d445db6a3882d4f558a680a6226c97
0871e9f60e9b502d02ff1b05b9a16f3c5a145dfbd0af92a4be028d312f969a66
0e14219903e0f56f725539d80e431d4158329b07f0c02ead70af4ddd32d6e2cf
1d3ac2d35ad94bf6a28fdbacf3ca4bb0b96456af192ee13177f39eb5b0e0eb24
38471f0308ef0532b0ef61e1c7989e96d201941a690f53b365c8b8888267c599
58636ab54014201ed120c8fe4e3f92d18e03fcb1fc4318ab28dbf037a51d3a82
6af930f1b64232e0b45430a03c602c0976b2e114fe6bcac101891646c2faff83
751802f7233c8de4254d726022c5913059949d5d43e2e68d1133735631228c6c
78b6ba9de0fc9f23b1b3f011ef8cd7605d20204ca18ae4661252ee363cb460af
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
951fe671b83dfdb45b40083f57c9fadd8843121b3db88cf9648bdaa5088893ea
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba
acfb4ce9036f2c3018799003ea69e25af7d1595cde4c1fd6f2785b67e1efe558
ad39466a8fe2195debe0dcae9e7aaa6cb22f9507a79991574c74d338cf77af39
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3293128b130b60c4fd32ad15962746be60c02d98f355ee3761813dc80afa172
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d48a9b30561a153886c83236edda377e01a822dbadc78d18519952fb9a4c5da4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6f5667c4443bad915b8a1e572a9ed998931e87a2fda353e9246349da2445cd5