urlscan.io logo urlscan.io
SecurityTrails logo

mirror.newsletter.club-des-affaires.fr Open in urlscan Pro
89.248.209.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.newsletter.club-des-affaires.fr/c/?t=923ab70-csq-c3xl-zzz-e5ie4
Effective URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Submission: On October 20 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 31 HTTP transactions. The main IP is 89.248.209.41, located in Lambersart, France and belongs to ODISO-AS, FR. The main domain is mirror.newsletter.club-des-affaires.fr.
This is the only time mirror.newsletter.club-des-affaires.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 89.248.211.29 34993 (ODISO-AS)
1 89.248.209.41 34993 (ODISO-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 213.186.50.122 16276 (OVH)
1 11 62.210.221.53 12876 (Online SAS)
11 213.186.49.194 16276 (OVH)
2 213.186.49.195 16276 (OVH)
1 62.210.221.54 12876 (Online SAS)
3 3 213.251.152.43 16276 (OVH)
1 2 99.80.250.78 16509 (AMAZON-02)
1 145.239.193.53 16276 (OVH)
1 18.202.127.238 16509 (AMAZON-02)
31 11
2    89.248.211.29 (Lambersart, France)

ASN34993 (ODISO-AS, FR)
PTR: mindproxy.odiso.net
t.newsletter.club-des-affaires.fr
1    89.248.209.41 (Lambersart, France)

ASN34993 (ODISO-AS, FR)
mirror.newsletter.club-des-affaires.fr
1    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    213.186.50.122 (France)

ASN16276 (OVH, FR)
img.planet.fr
preprod-img.planet.fr
11    62.210.221.53 (France)

ASN12876 (Online SAS, FR)
ipe.medisite.fr
11    213.186.49.194 (France)

ASN16276 (OVH, FR)
PTR: mailer.anotherlight.com
m.mcdn.fr
2    213.186.49.195 (France)

ASN16276 (OVH, FR)
p.mcdn.fr
1    62.210.221.54 (France)

ASN12876 (Online SAS, FR)
opn.ivitrack.com
3    213.251.152.43 (France)

ASN16276 (OVH, FR)
preprod-img.medisite.fr
2    99.80.250.78 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-80-250-78.eu-west-1.compute.amazonaws.com
not.club-des-affaires.fr
notify.adleadevent.com
1    145.239.193.53 (France)

ASN16276 (OVH, FR)
pmd.car817.fr
1    18.202.127.238 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-202-127-238.eu-west-1.compute.amazonaws.com
trcd.club-des-affaires.fr
Domain Requested by
11 m.mcdn.fr mirror.newsletter.club-des-affaires.fr
11 ipe.medisite.fr 1 redirects mirror.newsletter.club-des-affaires.fr
3 preprod-img.medisite.fr 3 redirects
2 p.mcdn.fr mirror.newsletter.club-des-affaires.fr
2 preprod-img.planet.fr 2 redirects
2 t.newsletter.club-des-affaires.fr 1 redirects mirror.newsletter.club-des-affaires.fr
1 trcd.club-des-affaires.fr mirror.newsletter.club-des-affaires.fr
1 pmd.car817.fr mirror.newsletter.club-des-affaires.fr
1 notify.adleadevent.com mirror.newsletter.club-des-affaires.fr
1 not.club-des-affaires.fr 1 redirects
1 opn.ivitrack.com mirror.newsletter.club-des-affaires.fr
1 img.planet.fr mirror.newsletter.club-des-affaires.fr
1 www.google-analytics.com mirror.newsletter.club-des-affaires.fr
1 mirror.newsletter.club-des-affaires.fr
31 14

This site contains links to these domains. Also see Links.

Domain
t.newsletter.club-des-affaires.fr
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
*.mcdn.fr
Gandi Standard SSL CA 2		 2018-10-31 -
2020-11-20		 2 years crt.sh
notify.adleadevent.com
Amazon		 2019-01-15 -
2020-02-15		 a year crt.sh
em.cybercartes.com
Let's Encrypt Authority X3		 2019-10-03 -
2020-01-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Frame ID: 99DAECEAF1EA592217690DDB43645927
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.newsletter.club-des-affaires.fr/c/?t=923ab70-csq-c3xl-zzz-e5ie4 HTTP 302
    http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247 Page URL

Page Statistics

31
Requests

52 %
HTTPS

8 %
IPv6

8
Domains

14
Subdomains

11
IPs

3
Countries

174 kB
Transfer

189 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.newsletter.club-des-affaires.fr/c/?t=923ab70-csq-c3xl-zzz-e5ie4 HTTP 302
    http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017 HTTP 307
  • https://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017
Request Chain 9
  • http://preprod-img.planet.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif HTTP 301
  • https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif
Request Chain 13
  • http://ipe.medisite.fr/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail] HTTP 302
  • http://opn.ivitrack.com/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail]
Request Chain 23
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png HTTP 301
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png
Request Chain 24
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png HTTP 301
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png
Request Chain 25
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png HTTP 301
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png
Request Chain 26
  • http://not.club-des-affaires.fr/adtckrtg.php?ids=1240&hash=d89a49469cc482a0e1ea42bdabfae7dd&hash256= HTTP 302
  • https://notify.adleadevent.com/adtckrtg.php?ids=1240&hash=d89a49469cc482a0e1ea42bdabfae7dd&hash256=
Request Chain 29
  • http://preprod-img.planet.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif HTTP 301
  • https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
mirror.newsletter.club-des-affaires.fr/
Redirect Chain
  • http://t.newsletter.club-des-affaires.fr/c/?t=923ab70-csq-c3xl-zzz-e5ie4
  • http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
33 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
89.248.209.41 Lambersart, France, ASN34993 (ODISO-AS, FR),
Reverse DNS
Software
/
Resource Hash
24f854ed8a2635e5e29dea6766087dcd2d79360c39835012f9e55b94e4bc9808

Request headers

Host
mirror.newsletter.club-des-affaires.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Sun, 20 Oct 2019 05:22:18 GMT
Content-Length
8260
X-Robots-Tag
noindex
Set-Cookie
SERVERID=server2; path=/

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Set-Cookie
ASP.NET_SessionId=u1pow3d1m5pgx0a1l4ggjdky; path=/; HttpOnly
Date
Sun, 20 Oct 2019 05:22:19 GMT
Content-Length
210
/
t.newsletter.club-des-affaires.fr/o/ 		180 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t.newsletter.club-des-affaires.fr/o/?t=csq-zzz-e5ie4
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
89.248.211.29 Lambersart, France, ASN34993 (ODISO-AS, FR),
Reverse DNS
mindproxy.odiso.net
Software
/
Resource Hash
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 20 Oct 2019 05:22:19 GMT
Cache-Control
private
Content-Length
180
Content-Type
image/png
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017
  • https://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 05:03:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
346711
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&tid=UA-68493860-1&cid=68493860&t=event&ec=email&ea=open&cs=xchange&cm=capdecision&cn=MDU-BestOf-T42017
Non-Authoritative-Reason
HSTS
Header_Medisite.png
img.planet.fr//partenaires/Nl_bestof/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.planet.fr//partenaires/Nl_bestof/Header_Medisite.png
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
213.186.50.122 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
acfb4ce9036f2c3018799003ea69e25af7d1595cde4c1fd6f2785b67e1efe558

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Fri, 03 Mar 2017 11:31:16 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=259200, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30388
Expires
Wed, 23 Oct 2019 05:22:19 GMT
nli
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nli?n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=1
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Sun, 20 Oct 2019 05:22:26 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-scq9p
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
nlp
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nlp?p=1&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=1
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Sun, 20 Oct 2019 05:22:19 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-scq9p
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
nlp
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nlp?p=2&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=1
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Sun, 20 Oct 2019 05:22:20 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-scq9p
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
rd
ipe.medisite.fr/ 		42 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/rd?k=nlpi&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=1
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 20 Oct 2019 05:22:26 GMT
Server
nginx/1.15.6
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-scq9p
Content-Length
42
Content-Type
image/gif
rd
ipe.medisite.fr/ 		42 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/rd?k=nlai&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=1
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 20 Oct 2019 05:22:26 GMT
Server
nginx/1.15.6
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-scq9p
Content-Length
42
Content-Type
image/gif
3857218-inline.jpg
m.mcdn.fr/files/styles/pano_m/public/images/article/0/8/2/2193280/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/pano_m/public/images/article/0/8/2/2193280/3857218-inline.jpg?itok=Hx7JMcO5
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
fe074efcd997267e492d0bea419322229e3179d70242d5b256332ec8f777c3a4

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Wed, 30 Jan 2019 10:18:26 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14019
Expires
Tue, 19 Nov 2019 05:22:19 GMT
puce_noire.gif
p.mcdn.fr/sites/all/themes/at3_planet/images/nl/
Redirect Chain
  • http://preprod-img.planet.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif
  • https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif
78 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.195 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
751802f7233c8de4254d726022c5913059949d5d43e2e68d1133735631228c6c

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Fri, 18 Oct 2019 10:11:20 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache3
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78
Expires
Tue, 19 Nov 2019 05:22:19 GMT

Redirect headers

Location
https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire.gif
Date
Sun, 20 Oct 2019 05:22:19 GMT
Server
nginx/1.2.1
Connection
keep-alive
Content-Length
184
Content-Type
text/html
vignette-focus_0.jpg
m.mcdn.fr/files/styles/pano_m/public/images/diaporama/0/0/4/5489400/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/pano_m/public/images/diaporama/0/0/4/5489400/vignette-focus_0.jpg?itok=Aozt2CU_
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
afa2693689e5c5acb4907dc1f37e33c89e0d27457b2a7e21af589fb8505006f2

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Thu, 17 Jan 2019 17:50:53 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache4
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9514
Expires
Tue, 19 Nov 2019 05:22:19 GMT
1848859-focus.jpg
m.mcdn.fr/files/styles/pano_m/public/images/diaporama/8/4/4/698448/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/pano_m/public/images/diaporama/8/4/4/698448/1848859-focus.jpg?itok=7nDUypo9
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
34044c3befbe6b368b6b631a473aceac3059d4189d073ceb17ef2f5418e1b845

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Thu, 17 Jan 2019 18:20:45 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6747
Expires
Tue, 19 Nov 2019 05:22:19 GMT
vignette-focus.jpg
m.mcdn.fr/files/styles/pano_m/public/images/article/6/0/5/5484506/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/pano_m/public/images/article/6/0/5/5484506/vignette-focus.jpg?itok=mONJ-Np3
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
803d416ebb1aea31cbe3818ad0079e1c65245ef43bd5cfdebb101cbd305d1920

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Mon, 28 Jan 2019 03:50:20 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache4
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8609
Expires
Tue, 19 Nov 2019 05:22:19 GMT
nlo
opn.ivitrack.com/
Redirect Chain
  • http://ipe.medisite.fr/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail]
  • http://opn.ivitrack.com/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail]
42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://opn.ivitrack.com/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail]
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
62.210.221.54 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Sun, 20 Oct 2019 05:22:21 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-455ds
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT

Redirect headers

Location
http://opn.ivitrack.com/nlo?n=570225f3928b220e59066fec&h=[gc_complexnews-subscriber:md5-mail]
Date
Sun, 20 Oct 2019 05:22:22 GMT
Server
nginx/1.15.6
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-455ds
Content-Length
120
Content-Type
text/html; charset=utf-8
vignette-focus-wide.jpg
m.mcdn.fr/files/styles/pano_m/public/images/article/0/1/7/1758710/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/pano_m/public/images/article/0/1/7/1758710/vignette-focus-wide.jpg?itok=T6dDzGi7
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
76b312d4257b84e7d8294f04b3baa7c41c3e3b9682a194baed263e2866640021

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Fri, 06 Sep 2019 18:46:30 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache4
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10213
Expires
Tue, 19 Nov 2019 05:22:19 GMT
vignette-focus.jpg
m.mcdn.fr/files/styles/pano_m/public/images/article/3/8/3/1221383/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/pano_m/public/images/article/3/8/3/1221383/vignette-focus.jpg?itok=lrTdq4xu
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
580b84099a5eed5964f660583a031989dfe1be2b52c291fa24722ae4afd9e7b2

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Thu, 17 Jan 2019 18:20:44 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10862
Expires
Tue, 19 Nov 2019 05:22:19 GMT
vignette-focus.jpg
m.mcdn.fr/files/styles/pano_m/public/images/article/8/4/0/5531048/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/pano_m/public/images/article/8/4/0/5531048/vignette-focus.jpg?itok=kO1WcqqI
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
d5e7e8d12b5ac15314015d4f60bae05de7dfda1fba890f5bd8a804762aa3716d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Tue, 03 Sep 2019 15:09:45 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache4
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13256
Expires
Tue, 19 Nov 2019 05:22:19 GMT
nli
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nli?n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=0
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Sun, 20 Oct 2019 05:22:21 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-scq9p
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
nlp
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nlp?p=1&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=0
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Sun, 20 Oct 2019 05:22:20 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-scq9p
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
nlp
ipe.medisite.fr/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/nlp?p=2&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=0
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
nocache
Date
Sun, 20 Oct 2019 05:22:26 GMT
Server
nginx/1.15.6
Content-Type
image/gif
Cache-Control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-scq9p
Content-Length
42
Expires
Fri, 24 Oct 1980 17:30:00 GMT
rd
ipe.medisite.fr/ 		42 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/rd?k=nlpi&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=0
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 20 Oct 2019 05:22:21 GMT
Server
nginx/1.15.6
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-scq9p
Content-Length
42
Content-Type
image/gif
rd
ipe.medisite.fr/ 		42 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ipe.medisite.fr/rd?k=nlai&n=570225f3928b220e59066fec&h=%MD5-EMAIL%&o=0
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 20 Oct 2019 05:22:26 GMT
Server
nginx/1.15.6
Connection
keep-alive
X-Ivi-Hostname
programmatic-api-5cb9d9d554-scq9p
Content-Length
42
Content-Type
image/gif
6777138-inline.jpg
m.mcdn.fr/files/styles/pano_m/public/images/article/1/6/3/60361/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/files/styles/pano_m/public/images/article/1/6/3/60361/6777138-inline.jpg?itok=AvXBNwJs
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
ca3c53d1768dff9ecb54cdd4feab485eb6e3970c90dd2547d2a60750ae74b6cf

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Mon, 05 Aug 2019 11:13:59 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache4
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6942
Expires
Tue, 19 Nov 2019 05:22:19 GMT
label_excellence.png
m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/
Redirect Chain
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png
20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
f6f5667c4443bad915b8a1e572a9ed998931e87a2fda353e9246349da2445cd5

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Fri, 18 Oct 2019 08:24:42 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20814
Expires
Tue, 19 Nov 2019 05:22:19 GMT

Redirect headers

Location
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence.png
Date
Sun, 20 Oct 2019 05:22:19 GMT
Server
nginx/1.2.1
Connection
keep-alive
Content-Length
184
Content-Type
text/html
label_excellence2.png
m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/
Redirect Chain
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
00c9b1e28406fcc853d8126977564af889ce1cdc4f294f32192b9a2df7602dfe

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Fri, 18 Oct 2019 08:24:42 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache4
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7917
Expires
Tue, 19 Nov 2019 05:22:19 GMT

Redirect headers

Location
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence2.png
Date
Sun, 20 Oct 2019 05:22:19 GMT
Server
nginx/1.2.1
Connection
keep-alive
Content-Length
184
Content-Type
text/html
label_excellence3.png
m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/
Redirect Chain
  • http://preprod-img.medisite.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png
  • https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png
19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.194 , France, ASN16276 (OVH, FR),
Reverse DNS
mailer.anotherlight.com
Software
nginx/1.6.2 /
Resource Hash
38471f0308ef0532b0ef61e1c7989e96d201941a690f53b365c8b8888267c599

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Fri, 18 Oct 2019 08:24:42 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache1
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19624
Expires
Tue, 19 Nov 2019 05:22:19 GMT

Redirect headers

Location
https://m.mcdn.fr/sites/all/themes/at3_medisite/images/nl/label_excellence3.png
Date
Sun, 20 Oct 2019 05:22:19 GMT
Server
nginx/1.2.1
Connection
keep-alive
Content-Length
184
Content-Type
text/html
adtckrtg.php
notify.adleadevent.com/
Redirect Chain
  • http://not.club-des-affaires.fr/adtckrtg.php?ids=1240&hash=d89a49469cc482a0e1ea42bdabfae7dd&hash256=
  • https://notify.adleadevent.com/adtckrtg.php?ids=1240&hash=d89a49469cc482a0e1ea42bdabfae7dd&hash256=
43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notify.adleadevent.com/adtckrtg.php?ids=1240&hash=d89a49469cc482a0e1ea42bdabfae7dd&hash256=
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.250.78 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-99-80-250-78.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.3 / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 20 Oct 2019 05:22:19 GMT
Server
nginx/1.10.3
X-Powered-By
Express
ETag
W/"2b-2eaaa083"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 20 Oct 2019 05:22:19 GMT
Server
nginx/1.10.3
X-Powered-By
Express
Vary
Accept
Content-Type
text/plain; charset=utf-8
Location
https://notify.adleadevent.com/adtckrtg.php?ids=1240&hash=d89a49469cc482a0e1ea42bdabfae7dd&hash256=
Connection
keep-alive
Content-Length
121
collect_v2.img.php
pmd.car817.fr/ 		43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmd.car817.fr/collect_v2.img.php?dmp=emdmpeasy&p=1449&s=1449&m=d89a49469cc482a0e1ea42bdabfae7dd&email_sha256=
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 20 Oct 2019 05:22:20 GMT
Cache-Control
no-store, no-cache
Transfer-Encoding
chunked
Content-Type
image/gif
X-IPLB-Instance
25256
Strict-Transport-Security
max-age=31536000
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
trcdo.php
trcd.club-des-affaires.fr/trcd/ 		42 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://trcd.club-des-affaires.fr/trcd/trcdo.php?cid=237090&em=suspect@safeonweb.be&emcdrmd5=d89a49469cc482a0e1ea42bdabfae7dd&emcdrsha256=&do=club-des-affaires.fr&rout=mbz&ts=1571213308
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Server
18.202.127.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-127-238.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.16
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Sun, 20 Oct 2019 05:22:19 GMT
Server
Apache/2.4.7 (Ubuntu)
X-Powered-By
PHP/5.5.9-1ubuntu4.16
P3P
CP="NOI NID ADMa OUR IND UNI COM NAV"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sat, 22 Apr 1978 02:19:00 GMT
puce_noire2.gif
p.mcdn.fr/sites/all/themes/at3_planet/images/nl/
Redirect Chain
  • http://preprod-img.planet.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif
  • https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif
169 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif
Requested by
Host: mirror.newsletter.club-des-affaires.fr
URL: http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.186.49.195 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
0871e9f60e9b502d02ff1b05b9a16f3c5a145dfbd0af92a4be028d312f969a66

Request headers

Referer
http://mirror.newsletter.club-des-affaires.fr/?e=suspect%40safeonweb.be&s=2028&b=1247
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Sun, 20 Oct 2019 05:22:19 GMT
Last-Modified
Fri, 18 Oct 2019 10:11:20 GMT
Server
nginx/1.6.2
X-Cache
mcdn.fr@snpcache2
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
169
Expires
Tue, 19 Nov 2019 05:22:19 GMT

Redirect headers

Location
https://p.mcdn.fr/sites/all/themes/at3_planet/images/nl/puce_noire2.gif
Date
Sun, 20 Oct 2019 05:22:19 GMT
Server
nginx/1.2.1
Connection
keep-alive
Content-Length
184
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Domain/Path Name / Value
mirror.newsletter.club-des-affaires.fr/ Name: SERVERID
Value: server2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.planet.fr
ipe.medisite.fr
m.mcdn.fr
mirror.newsletter.club-des-affaires.fr
not.club-des-affaires.fr
notify.adleadevent.com
opn.ivitrack.com
p.mcdn.fr
pmd.car817.fr
preprod-img.medisite.fr
preprod-img.planet.fr
t.newsletter.club-des-affaires.fr
trcd.club-des-affaires.fr
www.google-analytics.com
145.239.193.53
18.202.127.238
213.186.49.194
213.186.49.195
213.186.50.122
213.251.152.43
2a00:1450:4001:825::200e
62.210.221.53
62.210.221.54
89.248.209.41
89.248.211.29
99.80.250.78
00c9b1e28406fcc853d8126977564af889ce1cdc4f294f32192b9a2df7602dfe
0871e9f60e9b502d02ff1b05b9a16f3c5a145dfbd0af92a4be028d312f969a66
24f854ed8a2635e5e29dea6766087dcd2d79360c39835012f9e55b94e4bc9808
34044c3befbe6b368b6b631a473aceac3059d4189d073ceb17ef2f5418e1b845
38471f0308ef0532b0ef61e1c7989e96d201941a690f53b365c8b8888267c599
580b84099a5eed5964f660583a031989dfe1be2b52c291fa24722ae4afd9e7b2
751802f7233c8de4254d726022c5913059949d5d43e2e68d1133735631228c6c
76b312d4257b84e7d8294f04b3baa7c41c3e3b9682a194baed263e2866640021
803d416ebb1aea31cbe3818ad0079e1c65245ef43bd5cfdebb101cbd305d1920
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acfb4ce9036f2c3018799003ea69e25af7d1595cde4c1fd6f2785b67e1efe558
afa2693689e5c5acb4907dc1f37e33c89e0d27457b2a7e21af589fb8505006f2
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
ca3c53d1768dff9ecb54cdd4feab485eb6e3970c90dd2547d2a60750ae74b6cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5e7e8d12b5ac15314015d4f60bae05de7dfda1fba890f5bd8a804762aa3716d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6f5667c4443bad915b8a1e572a9ed998931e87a2fda353e9246349da2445cd5
fe074efcd997267e492d0bea419322229e3179d70242d5b256332ec8f777c3a4