mesdevisgratuits.be Open in urlscan Pro
91.121.105.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zdatastamp.top/AkSgL2315003-l7n53055/wiPM7872/eXEKH.html
Effective URL:
http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319
Submission: On June 22 via api (June 22nd 2019, 1:02:27 pm UTC) from BE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 7 domains to perform 13 HTTP transactions. The main IP is 91.121.105.190, located in France and belongs to OVH, FR. The main domain is mesdevisgratuits.be.

This is the only time mesdevisgratuits.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.182.8.23 217.182.8.23	16276 (OVH) (OVH)
1 2	52.19.68.199 52.19.68.199	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.222.157.71 52.222.157.71	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	188.165.150.177 188.165.150.177	16276 (OVH) (OVH)
1	37.252.172.250 37.252.172.250	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 4	91.121.105.190 91.121.105.190	16276 (OVH) (OVH)
1 2	54.36.212.233 54.36.212.233	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
13	9

1 217.182.8.23 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: zdatastamp.top

zdatastamp.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.68.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-68-199.eu-west-1.compute.amazonaws.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.71 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-71.fra53.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.150.177 (France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com

analytics.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.121.105.190 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns354472.ovh.net

mesdevisgratuits.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.36.212.233 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip233.ip-54-36-212.eu

www.companeo.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	mesdevisgratuits.be 1 redirects mesdevisgratuits.be	40 KB
4	tradedoubler.com 1 redirects clk.tradedoubler.com vht.tradedoubler.com analytics.tradedoubler.com	14 KB
2	companeo.be 1 redirects www.companeo.be	3 KB
1	jquery.com code.jquery.com	3 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	adnxs.com ib.adnxs.com	709 B
1	zdatastamp.top 1 redirects zdatastamp.top	389 B
13	7

	Domain	Requested by
4	mesdevisgratuits.be	1 redirects clk.tradedoubler.com mesdevisgratuits.be
2	www.companeo.be	1 redirects mesdevisgratuits.be ajax.googleapis.com
2	clk.tradedoubler.com	1 redirects
1	code.jquery.com	ajax.googleapis.com
1	ajax.googleapis.com	www.companeo.be
1	ib.adnxs.com	clk.tradedoubler.com
1	analytics.tradedoubler.com	vht.tradedoubler.com
1	vht.tradedoubler.com	clk.tradedoubler.com
1	zdatastamp.top	1 redirects
13	9

This site contains no links.

Subject Issuer	Validity	Valid
*.tradedoubler.com GlobalSign Domain Validation CA - SHA256 - G2	`2018-12-10` - `2021-01-27`	2 years	crt.sh
analytics.tradedoubler.com COMODO RSA Domain Validation Secure Server CA	`2018-02-02` - `2021-02-01`	3 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
companeo.be Let's Encrypt Authority X3	`2019-06-02` - `2019-08-31`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319
Frame ID: 1F19A624615E113851F03F4DFF7279E7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://zdatastamp.top/AkSgL2315003-l7n53055/wiPM7872/eXEKH.html HTTP 302
https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_B... Page URL
https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_B... HTTP 302
http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319 HTTP 301
http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

54 %
HTTPS

11 %
IPv6

7
Domains

9
Subdomains

9
IPs

5
Countries

92 kB
Transfer

164 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zdatastamp.top/AkSgL2315003-l7n53055/wiPM7872/eXEKH.html HTTP 302
https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319 Page URL
https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319 HTTP 302
http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319 HTTP 301
http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://zdatastamp.top/AkSgL2315003-l7n53055/wiPM7872/eXEKH.html HTTP 302
https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319

Request Chain 5

http://www.companeo.be/api.php?lang=fr_BE&key=c518e6e6d1d34849104547888d4eb39a HTTP 301
https://www.companeo.be/api.php?lang=fr_BE&key=c518e6e6d1d34849104547888d4eb39a

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set click Show response
clk.tradedoubler.com/
Redirect Chain

http://zdatastamp.top/AkSgL2315003-l7n53055/wiPM7872/eXEKH.html
https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319

2 KB
3 KB

144ms
27ms

Document
text/html

52.19.68.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.68.199 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-68-199.eu-west-1.compute.amazonaws.com
Software: TXServerHttp /
Resource Hash: 4050c16cf15c89a06c36353dc7255e1b7a60d352268d82b224f67828fa150016

Request headers

Host: clk.tradedoubler.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
Date: Sat, 22 Jun 2019 13:02:11 GMT
P3P: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
Pragma: no-cache
Server: TXServerHttp
Set-Cookie: SYNC=1z11zzcjz1u5thizy1561208532490;expires=Sun, 21-Jun-2020 13:02:12 GMT;path=/;domain=.tradedoubler.com
Content-Length: 2536
Connection: keep-alive

Redirect headers

Date: Sat, 22 Jun 2019 13:02:11 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.6.38
X-Powered-By: PHP/5.6.38
Location: https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK prefs.js Show response
vht.tradedoubler.com/fp/ 9 KB
10 KB 104ms
6ms Script
application/javascript 52.222.157.71
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vht.tradedoubler.com/fp/prefs.js
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.157.71 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-157-71.fra53.r.cloudfront.net
Software: Apache /
Resource Hash: 17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer: https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 May 2019 17:21:32 GMT
Via: 1.1 831ce605dd77f58786c993787cdac90b.cloudfront.net (CloudFront)
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Server: Apache
Age: 416440
ETag: "2509-57841106334e6"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: FRA53
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9481
X-Amz-Cf-Id: SiQCuql3FU_wGX1Jy-bsjTn4SkM5ffu4xZqEc6AvgwLfaBQlUwg-Wg==
Expires: Mon, 03 Jun 2019 17:21:32 GMT

POST
H/1.1 200
OK /
analytics.tradedoubler.com/ 0
241 B 76ms
16ms Other
text/html 188.165.150.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tradedoubler.com/
Requested by: Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS: lb01.net.royalcactus.com
Software: nginx /
Resource Hash

Request headers

Referer: https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319
Origin: https://clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 22 Jun 2019 13:02:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK getuidj
ib.adnxs.com/ 11 B
709 B 39ms
5ms XHR
application/json 37.252.172.250
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319
Origin: https://clk.tradedoubler.com

Response headers

Pragma: no-cache
Date: Sat, 22 Jun 2019 13:02:14 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.13:80
AN-X-Request-Uuid: e0628c4a-af90-4b93-a63c-b72f5382a841
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://clk.tradedoubler.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Primary Request / Show response
mesdevisgratuits.be/NP_3623_BEFR_0319/
Redirect Chain

https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319
http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319
http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319

2 KB
1 KB

14ms
14ms

Document
text/html

91.121.105.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=278071&a=3032681&g=24568602&url=http://mesdevisgratuits.be/NP_3623_BEFR_0319?qcp=NP_3623_BEFR_0319
Protocol: HTTP/1.1
Server: 91.121.105.190 , France, ASN16276 (OVH, FR),
Reverse DNS: ns354472.ovh.net
Software: Apache/2.2.16 (Debian) /
Resource Hash: 97f337b7957cc48cc07f45b0fee0a6e262bf41358cd6357b5d8d371fadfc67a0

Request headers

Host: mesdevisgratuits.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Origin: https://clk.tradedoubler.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 22 Jun 2019 13:33:54 GMT
Server: Apache/2.2.16 (Debian)
Last-Modified: Thu, 25 Apr 2019 10:37:28 GMT
ETag: "140b22-622-58758679c1a0f"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 785
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Sat, 22 Jun 2019 13:33:54 GMT
Server: Apache/2.2.16 (Debian)
Location: http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 269
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK styles.css
mesdevisgratuits.be/NP_3623_BEFR_0319/css/ 7 KB
2 KB 15ms
13ms Stylesheet
text/css 91.121.105.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://mesdevisgratuits.be/NP_3623_BEFR_0319/css/styles.css
Requested by: Host: mesdevisgratuits.be
URL: http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319
Protocol: HTTP/1.1
Security: , ,
Server: 91.121.105.190 , France, ASN16276 (OVH, FR),
Reverse DNS: ns354472.ovh.net
Software: Apache/2.2.16 (Debian) /
Resource Hash: 98f1fe8a530588f4d5da59d20592e8547d794fa90f7386b282a7bc725d4ee3dc

Request headers

Referer: http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 22 Jun 2019 13:33:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Apr 2019 10:37:28 GMT
Server: Apache/2.2.16 (Debian)
ETag: "140b23-1bd8-58758679cf4cf"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 1646

GET
H2

200

api.php Show response
www.companeo.be/
Redirect Chain

http://www.companeo.be/api.php?lang=fr_BE&key=c518e6e6d1d34849104547888d4eb39a
https://www.companeo.be/api.php?lang=fr_BE&key=c518e6e6d1d34849104547888d4eb39a

8 KB
3 KB

128ms
96ms

Script
application/javascript

54.36.212.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.companeo.be/api.php?lang=fr_BE&key=c518e6e6d1d34849104547888d4eb39a

Requested by

Host: mesdevisgratuits.be
URL: http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.212.233 , France, ASN16276 (OVH, FR),

Reverse DNS

ip233.ip-54-36-212.eu

Software

Apache/2.4.37 (Ubuntu) / PHP/5.6.40-1+ubuntu16.04.1+deb.sury.org+1

Resource Hash

d1555b733eec6ec6b2265ef76a10059fe16462ce0818eb6d868054faef496daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2019 13:02:12 GMT
content-encoding: gzip
server: Apache/2.4.37 (Ubuntu)
x-powered-by: PHP/5.6.40-1+ubuntu16.04.1+deb.sury.org+1
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=utf-8
content-length: 2144
expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Location: https://www.companeo.be/api.php?lang=fr_BE&key=c518e6e6d1d34849104547888d4eb39a
Content-length: 0

GET
H/1.1 200
OK image_lps.jpg
mesdevisgratuits.be/NP_3623_BEFR_0319/img/ 36 KB
36 KB 27ms
13ms Image
image/jpeg 91.121.105.190
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mesdevisgratuits.be/NP_3623_BEFR_0319/img/image_lps.jpg
Requested by: Host: mesdevisgratuits.be
URL: http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319
Protocol: HTTP/1.1
Security: , ,
Server: 91.121.105.190 , France, ASN16276 (OVH, FR),
Reverse DNS: ns354472.ovh.net
Software: Apache/2.2.16 (Debian) /
Resource Hash: cac5f6442f5b3a50f4a225744fc1276ee9ee3710e6efe62d0b75d4abb68dbb14

Request headers

Referer: http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 22 Jun 2019 13:33:54 GMT
Last-Modified: Thu, 25 Apr 2019 10:37:28 GMT
Server: Apache/2.2.16 (Debian)
ETag: "140b26-8f68-58758679f756f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 36712

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:81b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.companeo.be
URL: https://www.companeo.be/api.php?lang=fr_BE&key=c518e6e6d1d34849104547888d4eb39a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 02:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 728875
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jun 2020 02:34:18 GMT

GET puce.jpg
mesdevisgratuits.be/NP_3623_BEFR_0319/img/ 0
0

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 83ms
18ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Referer: http://mesdevisgratuits.be/NP_3623_BEFR_0319/?qcp=NP_3623_BEFR_0319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 22 Jun 2019 13:02:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:08 GMT
Server: nginx
ETag: W/"54499a48-1c1f"
Vary: Accept-Encoding
X-HW: 1561208533.dop033.lo4.t,1561208533.cds008.lo4.shn,1561208533.cds008.lo4.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3063

GET css_api_form_only.min.css
www.companeo.be/c/ 0
0

GET api4api.min.js
www.companeo.be/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mesdevisgratuits.be
URL: http://mesdevisgratuits.be/NP_3623_BEFR_0319/img/puce.jpg

Domain: www.companeo.be
URL: https://www.companeo.be/c/css_api_form_only.min.css

Domain: www.companeo.be
URL: https://www.companeo.be/js/api4api.min.js?_v=&_=1561208533045

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tradedoubler.com/	1970-01-19 10:25:44	Name: SYNC Value: 1z11zzcjz1u5thizy1561208532490

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.tradedoubler.com
clk.tradedoubler.com
code.jquery.com
ib.adnxs.com
mesdevisgratuits.be
vht.tradedoubler.com
www.companeo.be
zdatastamp.top
mesdevisgratuits.be
www.companeo.be
188.165.150.177
205.185.208.52
217.182.8.23
2a00:1450:4001:81b::200a
37.252.172.250
52.19.68.199
52.222.157.71
54.36.212.233
91.121.105.190
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
4050c16cf15c89a06c36353dc7255e1b7a60d352268d82b224f67828fa150016
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
97f337b7957cc48cc07f45b0fee0a6e262bf41358cd6357b5d8d371fadfc67a0
98f1fe8a530588f4d5da59d20592e8547d794fa90f7386b282a7bc725d4ee3dc
cac5f6442f5b3a50f4a225744fc1276ee9ee3710e6efe62d0b75d4abb68dbb14
d1555b733eec6ec6b2265ef76a10059fe16462ce0818eb6d868054faef496daa

mesdevisgratuits.be Open in urlscan Pro 91.121.105.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

54 %HTTPS

11 %IPv6

7 Domains

9 Subdomains

9 IPs

5 Countries

92 kBTransfer

164 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

1 Cookies

Indicators

mesdevisgratuits.be Open in urlscan Pro
91.121.105.190 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

54 %
HTTPS

11 %
IPv6

7
Domains

9
Subdomains

9
IPs

5
Countries

92 kB
Transfer

164 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions