mld.pleinderreduc.com Open in urlscan Pro
54.220.219.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
Effective URL:
https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
Submission: On March 10 via api (March 10th 2024, 10:05:02 pm UTC) from US — Scanned from US

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 54.220.219.147, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is mld.pleinderreduc.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on September 5th 2023. Valid for: a year.

This is the only time mld.pleinderreduc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.30.13.244 52.30.13.244	16509 (AMAZON-02) (AMAZON-02)
6 9	54.220.219.147 54.220.219.147	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:80f::2001	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3033::ac43:ab8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::6815:3973	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	3

1 52.30.13.244 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-13-244.eu-west-1.compute.amazonaws.com

mld.pleinderreduc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.220.219.147 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-219-147.eu-west-1.compute.amazonaws.com

mld.pleinderreduc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:ab8e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

collecte.adc.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:3973 (United States)

ASN13335 (CLOUDFLARENET, US)

collecte.gamzadv.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	pleinderreduc.com 7 redirects mld.pleinderreduc.com	33 KB
5	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	180 KB
1	gamzadv.im collecte.gamzadv.im	523 B
1	adc.im 1 redirects collecte.adc.im	498 B
9	4

	Domain	Requested by
10	mld.pleinderreduc.com	7 redirects mld.pleinderreduc.com
5	lh3.googleusercontent.com	mld.pleinderreduc.com
1	collecte.gamzadv.im	mld.pleinderreduc.com
1	collecte.adc.im	1 redirects
9	4

This site contains links to these domains. Also see Links.

Domain
www.pleinderreduc.com

Subject Issuer	Validity	Valid
mld.pleinderreduc.com Amazon RSA 2048 M03	`2023-09-05` - `2024-10-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
Frame ID: BDBB5F2505190115DC68C7AE74EC190E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offre de travail à domicile

Page URL History Show full URLs

http://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4 HTTP 301
https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4 Page URL

Page Statistics

9
Requests

33 %
HTTPS

60 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

211 kB
Transfer

226 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pleinderreduc.com/unsubscribe?cid=5661597&email=kuhn.jerome%40sfr.fr
Title: désabonnez-vous

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4 HTTP 301
https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://mld.pleinderreduc.com/r/ef65ec72988f23c5e1c240ef7b4bbaa0/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3B3L0FMOW5aRVdCOVBqSlBTdlQ4aHpsZHljVFdKWEFkdG5GaFMzU183R01pWTQ2U0txV2RpYVlzV1Y1OFNaaE1tbEFIeklzMklhUV9GZmVHa2VVaUlJUjNWckFicWxRYy1ibk95SnZObS1IdC1rNWpXS0Q4RGFGeDN3ZjlKT0h2Tl9hUl9uTUk4N2V6YXFhNUhrNVp0ZWRTeVhGYUNydj13MjU5LWg0OC1ubz9hdXRodXNlcj0wLnBuZw HTTP 302
https://lh3.googleusercontent.com/pw/AL9nZEWB9PjJPSvT8hzldycTWJXAdtnFhS3S_7GMiY46SKqWdiaYsWV58SZhMmlAHzIs2IaQ_FfeGkeUiIIR3VrAbqlQc-bnOyJvNm-Ht-k5jWKD8DaFx3wf9JOHvN_aR_nMI87ezaqa5Hk5ZtedSyXFaCrv=w259-h48-no?authuser=0.png

Request Chain 1

https://mld.pleinderreduc.com/r/1169e4cb1202dc003f594b33c453166b/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3B3L0FMOW5aRVZZNHNGcUpiSlA2SWlGejREWk8yWFZEbU5HZldiU1l6VWhlWTZjbEJiTW5LbHJFSFpWZ0cteFF5dU9wbnlVLUxGRnVfb004dUFHV3RQV01nRGFTOFM3SVIwZ3ZqWWNTTGhGNTVveWRvaGZvb3JyVmZQRzVoMDZJM21RX0hWOWR0M3RtLTN0VFphQjFGNE9mQUpqQkNTTD13NjAwLWgzNDctbm8_YXV0aHVzZXI9MC5qcGc HTTP 302
https://lh3.googleusercontent.com/pw/AL9nZEVY4sFqJbJP6IiFz4DZO2XVDmNGfWbSYzUheY6clBbMnKlrEHZVgG-xQyuOpnyU-LFFu_oM8uAGWtPWMgDaS8S7IR0gvjYcSLhF55oydohfoorrVfPG5h06I3mQ_HV9dt3tm-3tTZaB1F4OfAJjBCSL=w600-h347-no?authuser=0.jpg

Request Chain 2

https://mld.pleinderreduc.com/r/fc88381b930784a1816d3c99bea7a745/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3B3L0FMOW5aRVVqQkhqTnlmQW9NOEZMRDFUMHdEdGhBTkpsU1E1VVE1elBXS2JTUEJsRW16aGpvMDZkaUw0Y293OElybEppbWZ1VTJtdnhXRXlJdEtCc0RIRFdPMXBLZ1RyaHVpWHJqVFBJY0N0a3c4bFdjZ2ZyVmdSdnRBV2VrYjlfVkltR3AwVEdDWXFxSElLd2RaNU9qVG9HenlEcT13NDkwLWgyNzEtbm8_YXV0aHVzZXI9MC5naWY HTTP 302
https://lh3.googleusercontent.com/pw/AL9nZEUjBHjNyfAoM8FLD1T0wDthANJlSQ5UQ5zPWKbSPBlEmzhjo06diL4cow8IrlJimfuU2mvxWEyItKBsDHDWO1pKgTrhuiXrjTPIcCtkw8lWcgfrVgRvtAWekb9_VImGp0TGCYqqHIKwdZ5OjToGzyDq=w490-h271-no?authuser=0.gif

Request Chain 3

https://mld.pleinderreduc.com/r/411dc31426173749b399df5994dc3c2f/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3B3L0FMOW5aRVdFVzcySS1ZTzZBOHVKcEgzenA1dDE5ZmZubHZWV1VuSFR0cV9hdUFNY2pYTGpDUWNZMmdYeVFqQmxWNXV6ZzBlaktUVVB5Q3RyN1dGclh5TG5ZNWR6VWNONVhMVWJHY3hpN2Q4Q0dyM1dmUkhlblBIT1dNdEtiMjZIaGhpZ2pyVE5Pekt3NTU0YXdoMkZpeWFqcUltUj13MjI0LWg2Mi1ubz9hdXRodXNlcj0wLnBuZw HTTP 302
https://lh3.googleusercontent.com/pw/AL9nZEWEW72I-YO6A8uJpH3zp5t19ffnlvVWUnHTtq_auAMcjXLjCQcY2gXyQjBlV5uzg0ejKTUPyCtr7WFrXyLnY5dzUcN5XLUbGcxi7d8CGr3WfRHenPHOWMtKb26HhhigjrTNOzKw554awh2FiyajqImR=w224-h62-no?authuser=0.png

Request Chain 4

https://mld.pleinderreduc.com/r/34e0bdf0f4fb25372487c189b49a2de8/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3B3L0FMOW5aRVVsY3hldmlKVnZIajBDYlI5X0RUV1U0UWt4OUkzMkJ3U0FtNWt1NVdHNEVfZmNuY0hHblhpNlNxTGVadWlvZG1FSm1tSDR6RE9rUDJvSHQtQW1zOGJucWNjd3VQMXJyUDlSUFp2TVl5ekJ4Z1lOajd0c2NyM3JOdEk3RWVFamItNU5VTkxKY2p1OU5yU2JoSTVGRXlKcT13MzQ3LWgzMS1ubz9hdXRodXNlcj0wLnBuZw HTTP 302
https://lh3.googleusercontent.com/pw/AL9nZEUlcxeviJVvHj0CbR9_DTWU4Qkx9I32BwSAm5ku5WG4E_fcncHGnXi6SqLeZuiodmEJmmH4zDOkP2oHt-Ams8bnqccwuP1rrP9RPZvMYyzBxgYNj7tscr3rNtI7EeEjb-5NUNLJcju9NrSbhI5FEyJq=w347-h31-no?authuser=0.png

Request Chain 5

https://mld.pleinderreduc.com/r/3d54cdd510fb845528831cf188cf0e39/aHR0cHM6Ly9jb2xsZWN0ZS5hZGMuaW0vdHJhY2tpbmcvP3R5cGU9ZGlzcGxheWVtYWlsJmk9YmJpMGhjMGNkZjBiZ2VnZzBkY2pqaWYmYXZ1aWQ9W1VJRF0 HTTP 302
https://collecte.adc.im/tracking/?type=displayemail&i=bbi0hc0cdf0bgegg0dcjjif&avuid=[UID] HTTP 301
https://collecte.gamzadv.im/tracking/?type=displayemail&iid=bbi0hc0cdf0bgegg0dcjjif&avuid=[UID]

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 8d1e66ccc2897990beba6416caf61da4 Show response
mld.pleinderreduc.com/s/38721510-5661597/
Redirect Chain

http://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4

23 KB
7 KB

1789ms
1615ms

Document
text/html

54.220.219.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.219.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-219-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b77d22b45a4cf3c3b7fde027007470437c4f60a893bee1dacd181d0e6f00fb8c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 22:04:57 GMT
server: nginx
vary: Accept-Encoding
x-riverline-app: Mailody

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Sun, 10 Mar 2024 22:04:55 GMT
Location: https://mld.pleinderreduc.com:443/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
Server: awselb/2.0

GET
H2

200

AL9nZEWB9PjJPSvT8hzldycTWJXAdtnFhS3S_7GMiY46SKqWdiaYsWV58SZhMmlAHzIs2IaQ_FfeGkeUiIIR3VrAbqlQc-bnOyJvNm-Ht-k5jWKD8DaFx3wf9JOHvN_aR_nMI87ezaqa5Hk5ZtedSyXFaCrv=w259-h48-no
lh3.googleusercontent.com/pw/
Redirect Chain

https://mld.pleinderreduc.com/r/ef65ec72988f23c5e1c240ef7b4bbaa0/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3B3L0FMOW5aRVdCOVBqSlBTdlQ4aHpsZHljVFdKWEFkdG5GaFMzU183R01pWTQ2U0txV2RpYVlzV1Y1OFNaaE1t...
https://lh3.googleusercontent.com/pw/AL9nZEWB9PjJPSvT8hzldycTWJXAdtnFhS3S_7GMiY46SKqWdiaYsWV58SZhMmlAHzIs2IaQ_FfeGkeUiIIR3VrAbqlQc-bnOyJvNm-Ht-k5jWKD8DaFx3wf9JOHvN_aR_nMI87ezaqa5Hk5ZtedSyXFaCrv=w25...

6 KB
6 KB

468ms
453ms

Image
image/png

2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AL9nZEWB9PjJPSvT8hzldycTWJXAdtnFhS3S_7GMiY46SKqWdiaYsWV58SZhMmlAHzIs2IaQ_FfeGkeUiIIR3VrAbqlQc-bnOyJvNm-Ht-k5jWKD8DaFx3wf9JOHvN_aR_nMI87ezaqa5Hk5ZtedSyXFaCrv=w259-h48-no?authuser=0.png

Requested by

Host: mld.pleinderreduc.com
URL: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4

Protocol

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

aaa9d6646ed73af3770db8951dab066694aef25d49d478d0e77cef1fe0fb6d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mld.pleinderreduc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:04:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v2542"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="logoOTD2023.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6399
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://lh3.googleusercontent.com/pw/AL9nZEWB9PjJPSvT8hzldycTWJXAdtnFhS3S_7GMiY46SKqWdiaYsWV58SZhMmlAHzIs2IaQ_FfeGkeUiIIR3VrAbqlQc-bnOyJvNm-Ht-k5jWKD8DaFx3wf9JOHvN_aR_nMI87ezaqa5Hk5ZtedSyXFaCrv=w259-h48-no?authuser=0.png
date: Sun, 10 Mar 2024 22:04:57 GMT
cache-control: no-cache
x-riverline-app: Mailody
server: nginx
content-type: text/html; charset=UTF-8

GET
H2

200

AL9nZEVY4sFqJbJP6IiFz4DZO2XVDmNGfWbSYzUheY6clBbMnKlrEHZVgG-xQyuOpnyU-LFFu_oM8uAGWtPWMgDaS8S7IR0gvjYcSLhF55oydohfoorrVfPG5h06I3mQ_HV9dt3tm-3tTZaB1F4OfAJjBCSL=w600-h347-no
lh3.googleusercontent.com/pw/
Redirect Chain

https://mld.pleinderreduc.com/r/1169e4cb1202dc003f594b33c453166b/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3B3L0FMOW5aRVZZNHNGcUpiSlA2SWlGejREWk8yWFZEbU5HZldiU1l6VWhlWTZjbEJiTW5LbHJFSFpWZ0cteFF5...
https://lh3.googleusercontent.com/pw/AL9nZEVY4sFqJbJP6IiFz4DZO2XVDmNGfWbSYzUheY6clBbMnKlrEHZVgG-xQyuOpnyU-LFFu_oM8uAGWtPWMgDaS8S7IR0gvjYcSLhF55oydohfoorrVfPG5h06I3mQ_HV9dt3tm-3tTZaB1F4OfAJjBCSL=w60...

47 KB
47 KB

389ms
376ms

Image
image/jpeg

2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AL9nZEVY4sFqJbJP6IiFz4DZO2XVDmNGfWbSYzUheY6clBbMnKlrEHZVgG-xQyuOpnyU-LFFu_oM8uAGWtPWMgDaS8S7IR0gvjYcSLhF55oydohfoorrVfPG5h06I3mQ_HV9dt3tm-3tTZaB1F4OfAJjBCSL=w600-h347-no?authuser=0.jpg

Requested by

Host: mld.pleinderreduc.com
URL: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4

Protocol

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dfa0dc4899d805489254bd5a1b44de3d5dcd4f94f729767b20b4529081a75a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mld.pleinderreduc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:04:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v2548"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="image-femme-ordi.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47683
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://lh3.googleusercontent.com/pw/AL9nZEVY4sFqJbJP6IiFz4DZO2XVDmNGfWbSYzUheY6clBbMnKlrEHZVgG-xQyuOpnyU-LFFu_oM8uAGWtPWMgDaS8S7IR0gvjYcSLhF55oydohfoorrVfPG5h06I3mQ_HV9dt3tm-3tTZaB1F4OfAJjBCSL=w600-h347-no?authuser=0.jpg
date: Sun, 10 Mar 2024 22:04:57 GMT
cache-control: no-cache
x-riverline-app: Mailody
server: nginx
content-type: text/html; charset=UTF-8

GET
H2

200

AL9nZEUjBHjNyfAoM8FLD1T0wDthANJlSQ5UQ5zPWKbSPBlEmzhjo06diL4cow8IrlJimfuU2mvxWEyItKBsDHDWO1pKgTrhuiXrjTPIcCtkw8lWcgfrVgRvtAWekb9_VImGp0TGCYqqHIKwdZ5OjToGzyDq=w490-h271-no
lh3.googleusercontent.com/pw/
Redirect Chain

https://mld.pleinderreduc.com/r/fc88381b930784a1816d3c99bea7a745/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3B3L0FMOW5aRVVqQkhqTnlmQW9NOEZMRDFUMHdEdGhBTkpsU1E1VVE1elBXS2JTUEJsRW16aGpvMDZkaUw0Y293...
https://lh3.googleusercontent.com/pw/AL9nZEUjBHjNyfAoM8FLD1T0wDthANJlSQ5UQ5zPWKbSPBlEmzhjo06diL4cow8IrlJimfuU2mvxWEyItKBsDHDWO1pKgTrhuiXrjTPIcCtkw8lWcgfrVgRvtAWekb9_VImGp0TGCYqqHIKwdZ5OjToGzyDq=w49...

117 KB
117 KB

384ms
371ms

Image
image/gif

2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AL9nZEUjBHjNyfAoM8FLD1T0wDthANJlSQ5UQ5zPWKbSPBlEmzhjo06diL4cow8IrlJimfuU2mvxWEyItKBsDHDWO1pKgTrhuiXrjTPIcCtkw8lWcgfrVgRvtAWekb9_VImGp0TGCYqqHIKwdZ5OjToGzyDq=w490-h271-no?authuser=0.gif

Requested by

Host: mld.pleinderreduc.com
URL: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4

Protocol

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

90de371f743facf10ec67b4b25ca038951e02a55e5760d7dce99f82058f26880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mld.pleinderreduc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:04:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v242c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="videoOTD.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119521
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://lh3.googleusercontent.com/pw/AL9nZEUjBHjNyfAoM8FLD1T0wDthANJlSQ5UQ5zPWKbSPBlEmzhjo06diL4cow8IrlJimfuU2mvxWEyItKBsDHDWO1pKgTrhuiXrjTPIcCtkw8lWcgfrVgRvtAWekb9_VImGp0TGCYqqHIKwdZ5OjToGzyDq=w490-h271-no?authuser=0.gif
date: Sun, 10 Mar 2024 22:04:57 GMT
cache-control: no-cache
x-riverline-app: Mailody
server: nginx
content-type: text/html; charset=UTF-8

GET
H2

200

AL9nZEWEW72I-YO6A8uJpH3zp5t19ffnlvVWUnHTtq_auAMcjXLjCQcY2gXyQjBlV5uzg0ejKTUPyCtr7WFrXyLnY5dzUcN5XLUbGcxi7d8CGr3WfRHenPHOWMtKb26HhhigjrTNOzKw554awh2FiyajqImR=w224-h62-no
lh3.googleusercontent.com/pw/
Redirect Chain

https://mld.pleinderreduc.com/r/411dc31426173749b399df5994dc3c2f/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3B3L0FMOW5aRVdFVzcySS1ZTzZBOHVKcEgzenA1dDE5ZmZubHZWV1VuSFR0cV9hdUFNY2pYTGpDUWNZMmdYeVFq...
https://lh3.googleusercontent.com/pw/AL9nZEWEW72I-YO6A8uJpH3zp5t19ffnlvVWUnHTtq_auAMcjXLjCQcY2gXyQjBlV5uzg0ejKTUPyCtr7WFrXyLnY5dzUcN5XLUbGcxi7d8CGr3WfRHenPHOWMtKb26HhhigjrTNOzKw554awh2FiyajqImR=w22...

872 B
977 B

371ms
371ms

Image
image/png

2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AL9nZEWEW72I-YO6A8uJpH3zp5t19ffnlvVWUnHTtq_auAMcjXLjCQcY2gXyQjBlV5uzg0ejKTUPyCtr7WFrXyLnY5dzUcN5XLUbGcxi7d8CGr3WfRHenPHOWMtKb26HhhigjrTNOzKw554awh2FiyajqImR=w224-h62-no?authuser=0.png

Requested by

Host: mld.pleinderreduc.com
URL: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4

Protocol

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

afad174c3802c2422fe119b7a051076b21b417f16f5deef88a94afcb454768b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mld.pleinderreduc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:04:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v2452"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="voiroffreOTD.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 872
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://lh3.googleusercontent.com/pw/AL9nZEWEW72I-YO6A8uJpH3zp5t19ffnlvVWUnHTtq_auAMcjXLjCQcY2gXyQjBlV5uzg0ejKTUPyCtr7WFrXyLnY5dzUcN5XLUbGcxi7d8CGr3WfRHenPHOWMtKb26HhhigjrTNOzKw554awh2FiyajqImR=w224-h62-no?authuser=0.png
date: Sun, 10 Mar 2024 22:04:57 GMT
cache-control: no-cache
x-riverline-app: Mailody
server: nginx
content-type: text/html; charset=UTF-8

GET
H2

200

AL9nZEUlcxeviJVvHj0CbR9_DTWU4Qkx9I32BwSAm5ku5WG4E_fcncHGnXi6SqLeZuiodmEJmmH4zDOkP2oHt-Ams8bnqccwuP1rrP9RPZvMYyzBxgYNj7tscr3rNtI7EeEjb-5NUNLJcju9NrSbhI5FEyJq=w347-h31-no
lh3.googleusercontent.com/pw/
Redirect Chain

https://mld.pleinderreduc.com/r/34e0bdf0f4fb25372487c189b49a2de8/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3B3L0FMOW5aRVVsY3hldmlKVnZIajBDYlI5X0RUV1U0UWt4OUkzMkJ3U0FtNWt1NVdHNEVfZmNuY0hHblhpNlNx...
https://lh3.googleusercontent.com/pw/AL9nZEUlcxeviJVvHj0CbR9_DTWU4Qkx9I32BwSAm5ku5WG4E_fcncHGnXi6SqLeZuiodmEJmmH4zDOkP2oHt-Ams8bnqccwuP1rrP9RPZvMYyzBxgYNj7tscr3rNtI7EeEjb-5NUNLJcju9NrSbhI5FEyJq=w34...

9 KB
9 KB

292ms
292ms

Image
image/png

2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AL9nZEUlcxeviJVvHj0CbR9_DTWU4Qkx9I32BwSAm5ku5WG4E_fcncHGnXi6SqLeZuiodmEJmmH4zDOkP2oHt-Ams8bnqccwuP1rrP9RPZvMYyzBxgYNj7tscr3rNtI7EeEjb-5NUNLJcju9NrSbhI5FEyJq=w347-h31-no?authuser=0.png

Requested by

Host: mld.pleinderreduc.com
URL: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4

Protocol

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3a20e3aeb4b84c19512b2ae0865c9baff615800fc96e303c9950914454960fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mld.pleinderreduc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:04:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v2437"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="signatureOTD.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8951
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://lh3.googleusercontent.com/pw/AL9nZEUlcxeviJVvHj0CbR9_DTWU4Qkx9I32BwSAm5ku5WG4E_fcncHGnXi6SqLeZuiodmEJmmH4zDOkP2oHt-Ams8bnqccwuP1rrP9RPZvMYyzBxgYNj7tscr3rNtI7EeEjb-5NUNLJcju9NrSbhI5FEyJq=w347-h31-no?authuser=0.png
date: Sun, 10 Mar 2024 22:04:57 GMT
cache-control: no-cache
x-riverline-app: Mailody
server: nginx
content-type: text/html; charset=UTF-8

GET
H2

200

/
collecte.gamzadv.im/tracking/
Redirect Chain

https://mld.pleinderreduc.com/r/3d54cdd510fb845528831cf188cf0e39/aHR0cHM6Ly9jb2xsZWN0ZS5hZGMuaW0vdHJhY2tpbmcvP3R5cGU9ZGlzcGxheWVtYWlsJmk9YmJpMGhjMGNkZjBiZ2VnZzBkY2pqaWYmYXZ1aWQ9W1VJRF0
https://collecte.adc.im/tracking/?type=displayemail&i=bbi0hc0cdf0bgegg0dcjjif&avuid=[UID]
https://collecte.gamzadv.im/tracking/?type=displayemail&iid=bbi0hc0cdf0bgegg0dcjjif&avuid=[UID]

42 B
523 B

309ms
176ms

Image
image/gif

2606:4700:3031::6815:3973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collecte.gamzadv.im/tracking/?type=displayemail&iid=bbi0hc0cdf0bgegg0dcjjif&avuid=[UID]
Requested by: Host: mld.pleinderreduc.com
URL: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
Protocol: H2
Server: 2606:4700:3031::6815:3973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mld.pleinderreduc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:04:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZSH4QmSmIbp%2FESrAik7Kyl4JpFRLevyzDYY%2BtViboBNG%2BXuBEwkSaKqldf8FNhzDkYolbq767yi9MzJOqCQLOgPpv7c27LSAg2qQvYOgbkDxBw2TDOEfkUA3UrUEJj0hIeCLiqtV9z%2Bm%2BGclRR%2Ba3nf"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, must-revalidate
cf-ray: 86269a80f89c41bb-EWR
alt-svc: h3=":443"; ma=86400
content-length: 42
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 10 Mar 2024 22:04:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0BSlu%2FfooiaOi5hX096iT2zWJqT1trpqYCN1U1GLr%2BpX5gkewikae3wLljXu4doerkLKrzuB8YY%2BwOS9JI21DNe8bTZZOWhjDhm81YXfFtqlH%2FEim5AExSoTJLLQrCr8HL%2F07FxUmQzEK4E%2FsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: http://collecte.gamzadv.im/tracking/?type=displayemail&iid=bbi0hc0cdf0bgegg0dcjjif&avuid=[UID]
cf-ray: 86269a7f09490f81-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 8d1e66ccc2897990beba6416caf61da4
mld.pleinderreduc.com/o/38721510-5661597/ 43 B
174 B 560ms
560ms Image
image/gif 54.220.219.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mld.pleinderreduc.com/o/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
Requested by: Host: mld.pleinderreduc.com
URL: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.219.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-219-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:04:58 GMT
cache-control: max-age=0, must-revalidate, private
x-riverline-app: Mailody
server: nginx
content-type: image/gif

GET
H2 200 8d1e66ccc2897990beba6416caf61da4
mld.pleinderreduc.com/s/38721510-5661597/ 23 KB
23 KB 175ms
174ms Image
text/html 54.220.219.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
Requested by: Host: mld.pleinderreduc.com
URL: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.219.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-219-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mld.pleinderreduc.com/s/38721510-5661597/8d1e66ccc2897990beba6416caf61da4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:04:57 GMT
cache-control: no-cache
content-encoding: gzip
x-riverline-app: Mailody
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mld.pleinderreduc.com/	1970-01-20 19:45:00	Name: device_view Value: full

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collecte.adc.im
collecte.gamzadv.im
lh3.googleusercontent.com
mld.pleinderreduc.com
2606:4700:3031::6815:3973
2606:4700:3033::ac43:ab8e
2607:f8b0:4006:80f::2001
52.30.13.244
54.220.219.147
3a20e3aeb4b84c19512b2ae0865c9baff615800fc96e303c9950914454960fd1
90de371f743facf10ec67b4b25ca038951e02a55e5760d7dce99f82058f26880
aaa9d6646ed73af3770db8951dab066694aef25d49d478d0e77cef1fe0fb6d94
afad174c3802c2422fe119b7a051076b21b417f16f5deef88a94afcb454768b4
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b77d22b45a4cf3c3b7fde027007470437c4f60a893bee1dacd181d0e6f00fb8c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfa0dc4899d805489254bd5a1b44de3d5dcd4f94f729767b20b4529081a75a71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

mld.pleinderreduc.com Open in urlscan Pro 54.220.219.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

33 %HTTPS

60 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

211 kBTransfer

226 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

mld.pleinderreduc.com Open in urlscan Pro
54.220.219.147 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

33 %
HTTPS

60 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

211 kB
Transfer

226 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions