ressources.newslead.eu Open in urlscan Pro
164.132.55.141 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news.itfacto.com/029r8w32w9ivbjn31uuh.htm
Effective URL:
http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_t...
Submission: On March 28 via manual (March 28th 2018, 11:36:24 am UTC) from FR

Summary HTTP 20 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 164.132.55.141, located in France and belongs to OVH, FR. The main domain is ressources.newslead.eu.

This is the only time ressources.newslead.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	164.132.28.212 164.132.28.212	16276 (OVH) (OVH)
1 9	164.132.55.141 164.132.55.141	16276 (OVH) (OVH)
1	192.229.133.221 192.229.133.221	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE - Google LLC)
1	94.31.29.54 94.31.29.54	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
5	37.187.159.234 37.187.159.234	16276 (OVH) (OVH)
1	198.145.13.14 198.145.13.14	2044 (IINET-2044) (IINET-2044 - Infinity Internet)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE - Google LLC)
1	198.145.13.13 198.145.13.13	2044 (IINET-2044) (IINET-2044 - Infinity Internet)
20	8

1 164.132.28.212 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: news.itfacto.com

news.itfacto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 164.132.55.141 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: 141.ip-164-132-55.eu

ressources.newslead.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.133.221 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

www.w3schools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.54 (United Kingdom)

ASN54104 (AS-STACKPATH - netDNA, US)
PTR: 94.31.29.54.IPYX-077437-ZYO.above.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.187.159.234 (France)

ASN16276 (OVH, FR)
PTR: ns333891.ip-37-187-159.eu

ead01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.14 (Wilsonville, United States)

ASN2044 (IINET-2044 - Infinity Internet, Inc., US)
PTR: getclicky.com

lead-analytics.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.13 (Wilsonville, United States)

ASN2044 (IINET-2044 - Infinity Internet, Inc., US)
PTR: getclicky.com

lead-analytics.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	newslead.eu 1 redirects ressources.newslead.eu	738 KB
5	ead01.com ead01.com	21 KB
2	gstatic.com fonts.gstatic.com	21 KB
2	lead-analytics.biz lead-analytics.biz	7 KB
1	jquery.com code.jquery.com	34 KB
1	googleapis.com fonts.googleapis.com	716 B
1	w3schools.com www.w3schools.com	5 KB
1	itfacto.com 1 redirects news.itfacto.com	493 B
20	8

	Domain	Requested by
9	ressources.newslead.eu	1 redirects ressources.newslead.eu
5	ead01.com	ressources.newslead.eu
2	fonts.gstatic.com	ressources.newslead.eu
2	lead-analytics.biz	ressources.newslead.eu lead-analytics.biz
1	code.jquery.com	ressources.newslead.eu
1	fonts.googleapis.com	ressources.newslead.eu
1	www.w3schools.com	ressources.newslead.eu
1	news.itfacto.com	1 redirects
20	8

This site contains links to these domains. Also see Links.

Domain
www.kaspersky.fr
www.enjeuxmarketing.com
www.enjeuxdaf.com
www.enjeuxrh.com
ressources.itfacto.com
www.guidescomparatifs.com
corp.itfacto.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Frame ID: 8C47DC91079076571ACE693545D3ED67
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://news.itfacto.com/029r8w32w9ivbjn31uuh.htm HTTP 302
http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1v... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

20
Requests

0 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

827 kB
Transfer

903 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kaspersky.fr/privacy
Title: déclaration de confidentialité.

Search URL Search Domain Scan URL

URL: http://www.enjeuxmarketing.com/
Title: Enjeux Marketing

Search URL Search Domain Scan URL

URL: http://www.enjeuxdaf.com/
Title: Enjeux

Search URL Search Domain Scan URL

URL: http://www.enjeuxrh.com/
Title: Enjeux

Search URL Search Domain Scan URL

URL: http://ressources.itfacto.com/
Title: Ressources

Search URL Search Domain Scan URL

URL: http://www.guidescomparatifs.com/
Title: Cahiers des charges

Search URL Search Domain Scan URL

URL: http://corp.itfacto.com/mentions-legales/
Title: Politique de confidentialité du groupe ITfacto

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news.itfacto.com/029r8w32w9ivbjn31uuh.htm HTTP 302
http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://ressources.newslead.eu/tracking.asp?id_campagne=345&email= HTTP 302
http://ressources.newslead.eu/upload/odeo.png

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set landing-345.asp Show response
ressources.newslead.eu/Landings/
Redirect Chain

http://news.itfacto.com/029r8w32w9ivbjn31uuh.htm
http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%...

17 KB
17 KB

124ms
73ms

Document
text/html

164.132.55.141
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 164.132.55.141 , France, ASN16276 (OVH, FR),
Reverse DNS: 141.ip-164-132-55.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: 8c165d6e0fa210bfb694936d04f89e1d10889fe0330c715b9ea8ae3ea28d73ff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ressources.newslead.eu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:11 GMT
Cache-Control: private
Server: Microsoft-IIS/8.5
Set-Cookie: ASPSESSIONIDSAAQADDR=NEHPBFJBAGCNGAPMICMBENDK; path=/
Content-Length: 17486
Content-Type: text/html

Redirect headers

Date: Wed, 28 Mar 2018 11:36:12 GMT
Server: nginx
X-AspNet-Version: 4.0.30319
Connection: keep-alive
Content-Type: text/html
Location: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT SÃ©curitÃ© - Antivirus - Authentification - MobilitÃ©&utm_campaign=KAY-Q47-1-12-03-2018
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=16058692347026405092293D; path=/
Content-Length: 335

GET
S 200 w3.css
www.w3schools.com/w3css/4/ 23 KB
5 KB 27ms
6ms Stylesheet
text/css 192.229.133.221
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.w3schools.com/w3css/4/w3.css

Requested by

Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018

Protocol

SPDY

Server

192.229.133.221 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418F) / ASP.NET

Resource Hash

1bc3924dd6a34d1337a6b695a5f07a0314d8263ceadb1ba26d1e36575f58434a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 28 Mar 2018 11:36:12 GMT
content-encoding: gzip
etag: "0925540a2a1d31:0"
last-modified: Fri, 09 Feb 2018 12:33:56 GMT
server: ECS (fcn/418F)
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
status: 200
cache-control: public,max-age=14400,public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5215

GET
S 200 css
fonts.googleapis.com/ 5 KB
716 B 18ms
17ms Stylesheet
text/css 172.217.18.10
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,700

Requested by

Protocol

SPDY

Server

172.217.18.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

ESF /

Resource Hash

bbe9d77c987e5f616088d2260b6162020a311560d437e736e0a4b5994448acc5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 28 Mar 2018 11:36:12 GMT
content-encoding: gzip
last-modified: Wed, 28 Mar 2018 11:36:12 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
x-xss-protection: 1; mode=block
expires: Wed, 28 Mar 2018 11:36:12 GMT

GET
H/1.1 200
OK jquery-2.1.3.min.js Show response
code.jquery.com/ 82 KB
34 KB 19ms
14ms Script
application/javascript 94.31.29.54
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-2.1.3.min.js
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 94.31.29.54 , United Kingdom, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS: 94.31.29.54.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Dec 2014 15:17:03 GMT
Server: NetDNA-cache/2.2
ETag: W/"5492efef-14960"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK attrvalidate.jquery.min.js Show response
ressources.newslead.eu/Landings/ 10 KB
11 KB 10ms
9ms Script
application/javascript 164.132.55.141
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 164.132.55.141 , France, ASN16276 (OVH, FR),
Reverse DNS: 141.ip-164-132-55.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: 47da1d5df0f118565355b8e192e750d7147aeffda27e17f28af071b5b44ff5e4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ressources.newslead.eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Cookie: ASPSESSIONIDSAAQADDR=NEHPBFJBAGCNGAPMICMBENDK
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:11 GMT
Last-Modified: Wed, 08 Nov 2017 15:25:41 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "429c85d6a558d31:0"
Content-Length: 10621
Content-Type: application/javascript

GET
H/1.1 200
OK CAMPAGNES-345-Vignette_MA_industrie.jpg
ressources.newslead.eu/upload/ 319 KB
319 KB 11ms
10ms Image
image/jpeg 164.132.55.141
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ressources.newslead.eu/upload/CAMPAGNES-345-Vignette_MA_industrie.jpg
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 164.132.55.141 , France, ASN16276 (OVH, FR),
Reverse DNS: 141.ip-164-132-55.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: dc85c10b857ed6648aa92e9b4f8de3db4d7d56a963c2019ee573b806d36b3fcf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ressources.newslead.eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Cookie: ASPSESSIONIDSAAQADDR=NEHPBFJBAGCNGAPMICMBENDK
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:11 GMT
Last-Modified: Fri, 17 Nov 2017 14:56:24 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "832bca3cb45fd31:0"
Content-Length: 326804
Content-Type: image/jpeg

GET
H/1.1 200
OK CAMPAGNES-345-Logo-Kaspersky-01.jpg
ressources.newslead.eu/upload/ 18 KB
18 KB 18ms
9ms Image
image/jpeg 164.132.55.141
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ressources.newslead.eu/upload/CAMPAGNES-345-Logo-Kaspersky-01.jpg
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 164.132.55.141 , France, ASN16276 (OVH, FR),
Reverse DNS: 141.ip-164-132-55.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: 8b1c77de15bd161972712add8d601c779cc6db44ba8c0a8009e68157874da1c0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ressources.newslead.eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Cookie: ASPSESSIONIDSAAQADDR=NEHPBFJBAGCNGAPMICMBENDK
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:11 GMT
Last-Modified: Thu, 16 Nov 2017 15:23:39 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "c23ce7e0ee5ed31:0"
Content-Length: 18306
Content-Type: image/jpeg

GET
H/1.1 200
OK logo_enjeux-marketing.png
ead01.com/itfacto/ 3 KB
3 KB 161ms
37ms Image
image/png 37.187.159.234
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ead01.com/itfacto/logo_enjeux-marketing.png
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 37.187.159.234 , France, ASN16276 (OVH, FR),
Reverse DNS: ns333891.ip-37-187-159.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: 6b773e53504977fdc5c57296e170e774c36d1e62f2c67f3efe91852842cc748f

Request headers

Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:18 GMT
Last-Modified: Thu, 11 May 2017 16:25:56 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "f5188e4473cad21:0"
Content-Length: 3175
Content-Type: image/png

GET
H/1.1 200
OK logo_enjeux-daf.png
ead01.com/itfacto/ 3 KB
3 KB 166ms
42ms Image
image/png 37.187.159.234
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ead01.com/itfacto/logo_enjeux-daf.png
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 37.187.159.234 , France, ASN16276 (OVH, FR),
Reverse DNS: ns333891.ip-37-187-159.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: c35a43f14d375048466f6d4db9304ceeb6015bc1fb6893bfea2f167053ff02e3

Request headers

Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:18 GMT
Last-Modified: Thu, 11 May 2017 16:25:56 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "5cb76c4473cad21:0"
Content-Length: 2995
Content-Type: image/png

GET
H/1.1 200
OK logo_enjeux_rh.png
ead01.com/itfacto/ 2 KB
2 KB 168ms
43ms Image
image/png 37.187.159.234
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ead01.com/itfacto/logo_enjeux_rh.png
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 37.187.159.234 , France, ASN16276 (OVH, FR),
Reverse DNS: ns333891.ip-37-187-159.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: e1e021227388dbff93f637bd3805511ec9b8d3fe979ab8415bdf310bf02e5f7d

Request headers

Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:18 GMT
Last-Modified: Thu, 11 May 2017 16:25:56 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "c22d634473cad21:0"
Content-Length: 2314
Content-Type: image/png

GET
H/1.1 200
OK logo_itf.png
ead01.com/itfacto/ 3 KB
3 KB 183ms
59ms Image
image/png 37.187.159.234
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ead01.com/itfacto/logo_itf.png
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 37.187.159.234 , France, ASN16276 (OVH, FR),
Reverse DNS: ns333891.ip-37-187-159.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: 2863c724513681ac545dbb377eea70519a9be84f088ff8da777f7b6a9481ea84

Request headers

Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:18 GMT
Last-Modified: Tue, 07 Mar 2017 15:37:45 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "db4996c45897d21:0"
Content-Length: 2953
Content-Type: image/png

GET
H/1.1 200
OK logo_guides.png
ead01.com/itfacto/ 8 KB
9 KB 173ms
49ms Image
image/png 37.187.159.234
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ead01.com/itfacto/logo_guides.png
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 37.187.159.234 , France, ASN16276 (OVH, FR),
Reverse DNS: ns333891.ip-37-187-159.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: a9523b9fb972803c49a99859ac053d679bf753a1d2d2d0da561dee8b619c8cf1

Request headers

Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:18 GMT
Last-Modified: Thu, 11 May 2017 16:25:56 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "8fca7f4473cad21:0"
Content-Length: 8576
Content-Type: image/png

GET
H/1.1 200
OK js Show response
lead-analytics.biz/ 17 KB
6 KB 317ms
153ms Script
text/javascript 198.145.13.14
Infinity Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://lead-analytics.biz/js
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 198.145.13.14 Wilsonville, United States, ASN2044 (IINET-2044 - Infinity Internet, Inc., US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 261064fd3bdab1f4124e0baa5b221be87d9e54c6b1a97c50a6b033fb67e2e598

Request headers

Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:13 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
P3P: CP='NOI DSP COR CUR OUR NID NOR'
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=utf-8
X-Proxy-Cache: HIT

GET
H/1.1

200
OK

odeo.png
ressources.newslead.eu/upload/
Redirect Chain

http://ressources.newslead.eu/tracking.asp?id_campagne=345&email=
http://ressources.newslead.eu/upload/odeo.png

352 KB
352 KB

9ms
9ms

Image
image/png

164.132.55.141
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ressources.newslead.eu/upload/odeo.png
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 164.132.55.141 , France, ASN16276 (OVH, FR),
Reverse DNS: 141.ip-164-132-55.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: 381b0f26bfe26ca04a8fb8215dde7b278c82dafc42e56c2ad9c5f3b4b687ea46

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ressources.newslead.eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Cookie: ASPSESSIONIDSAAQADDR=NEHPBFJBAGCNGAPMICMBENDK
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:11 GMT
Last-Modified: Wed, 10 May 2017 15:55:19 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "a32942d3a5c9d21:0"
Content-Length: 360654
Content-Type: image/png

Redirect headers

Location: upload/odeo.png
Date: Wed, 28 Mar 2018 11:36:11 GMT
Cache-Control: private
Server: Microsoft-IIS/8.5
Content-Length: 136
Content-Type: text/html

GET
H/1.1 200
OK ico_pdf.png
ressources.newslead.eu/Landings/images/ 7 KB
7 KB 19ms
10ms Image
image/png 164.132.55.141
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ressources.newslead.eu/Landings/images/ico_pdf.png
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 164.132.55.141 , France, ASN16276 (OVH, FR),
Reverse DNS: 141.ip-164-132-55.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: 2f3bc50b2de124fdca0ee994c14a662487fdae45f0c22ad1c465953958264866

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ressources.newslead.eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Cookie: ASPSESSIONIDSAAQADDR=NEHPBFJBAGCNGAPMICMBENDK
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:11 GMT
Last-Modified: Sun, 14 May 2017 20:03:23 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "9d45024edccd21:0"
Content-Length: 7387
Content-Type: image/png

GET
H/1.1 200
OK cover_pdf.png
ressources.newslead.eu/Landings/images/ 8 KB
8 KB 23ms
14ms Image
image/png 164.132.55.141
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ressources.newslead.eu/Landings/images/cover_pdf.png
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 164.132.55.141 , France, ASN16276 (OVH, FR),
Reverse DNS: 141.ip-164-132-55.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: 1d92521c9fac83dffa386aa582549403b8748b41e8f974ff12c3342bbc186849

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ressources.newslead.eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Cookie: ASPSESSIONIDSAAQADDR=NEHPBFJBAGCNGAPMICMBENDK
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:11 GMT
Last-Modified: Fri, 07 Oct 2016 05:37:16 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "0cec2dc5c20d21:0"
Content-Length: 8208
Content-Type: image/png

GET
S 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 172.217.18.3
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

SPDY

Server

172.217.18.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,700
Origin: http://ressources.newslead.eu

Response headers

date: Thu, 08 Feb 2018 17:50:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:03 GMT
server: sffe
age: 4124756
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 10764
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:50:16 GMT

GET
S 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 172.217.18.3
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

SPDY

Server

172.217.18.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,700
Origin: http://ressources.newslead.eu

Response headers

date: Mon, 19 Mar 2018 02:54:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:47 GMT
server: sffe
age: 808873
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 10876
x-xss-protection: 1; mode=block
expires: Tue, 19 Mar 2019 02:54:59 GMT

GET
H/1.1 200
OK ico_crayon.png
ressources.newslead.eu/Landings/images/ 4 KB
4 KB 19ms
9ms Image
image/png 164.132.55.141
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ressources.newslead.eu/Landings/images/ico_crayon.png
Requested by: Host: ressources.newslead.eu
URL: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Protocol: HTTP/1.1
Server: 164.132.55.141 , France, ASN16276 (OVH, FR),
Reverse DNS: 141.ip-164-132-55.eu
Software: Microsoft-IIS/8.5 /
Resource Hash: bcd1593ade39210d620f1831673f51fed69bdb52311e00cca8c18798c5bc054c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ressources.newslead.eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
Cookie: ASPSESSIONIDSAAQADDR=NEHPBFJBAGCNGAPMICMBENDK
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:11 GMT
Last-Modified: Fri, 07 Oct 2016 05:37:16 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "0cec2dc5c20d21:0"
Content-Length: 4014
Content-Type: image/png

GET
H/1.1 200
OK in.php Show response
lead-analytics.biz/ 251 B
688 B 308ms
156ms Script
text/javascript 198.145.13.13
Infinity Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://lead-analytics.biz/in.php?site_id=101046111&res=1600x1200&lang=en&type=pageview&href=%2FLandings%2Flanding-345.asp%3Futm_campaign_name%3DKAY-Q47-1-12-03-2018%26uid%3Did_0ia1vawmec%26utm_campaign_type%3DIT%2520S%25C3%25A9curit%25C3%25A9%2520-%2520Antivirus%2520-%2520Authentification%2520-%2520Mobilit%25C3%25A9%26utm_campaign%3DKAY-Q47-1-12-03-2018&title=L%27%C3%A9tat%20de%20la%20cybers%C3%A9curit%C3%A9%20industrielle%20en%202017%20-%20La%20News%20du%20D%C3%A9cideur&jsuid=3149952385&mime=js&x=0.18748839658665872
Requested by: Host: lead-analytics.biz
URL: http://lead-analytics.biz/js
Protocol: HTTP/1.1
Server: 198.145.13.13 Wilsonville, United States, ASN2044 (IINET-2044 - Infinity Internet, Inc., US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 658ca87fbf51f8d3882fa06b155ffdf209d76a51950e9f8ab0022b3d915f35ad

Request headers

Referer: http://ressources.newslead.eu/Landings/landing-345.asp?utm_campaign_name=KAY-Q47-1-12-03-2018&uid=id_0ia1vawmec&utm_campaign_type=IT%20S%C3%A9curit%C3%A9%20-%20Antivirus%20-%20Authentification%20-%20Mobilit%C3%A9&utm_campaign=KAY-Q47-1-12-03-2018
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Mar 2018 11:36:13 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
P3P: CP='NOI DSP COR CUR OUR NID NOR'
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript;charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ressources.newslead.eu/	1969-12-31 23:59:59	Name: ASPSESSIONIDSAAQADDR Value: NEHPBFJBAGCNGAPMICMBENDK

52 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: false
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: false
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: false
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: false
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: false
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: false
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: false
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: false
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: false
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: false
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: true
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: true
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 65) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 296) Message: isRadioGroup ?
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 297) Message: [object Object]
console-api	log	URL: http://ressources.newslead.eu/Landings/attrvalidate.jquery.min.js(Line 299) Message: false

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
ead01.com
fonts.googleapis.com
fonts.gstatic.com
lead-analytics.biz
news.itfacto.com
ressources.newslead.eu
www.w3schools.com
164.132.28.212
164.132.55.141
172.217.18.10
172.217.18.3
192.229.133.221
198.145.13.13
198.145.13.14
37.187.159.234
94.31.29.54
1bc3924dd6a34d1337a6b695a5f07a0314d8263ceadb1ba26d1e36575f58434a
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
1d92521c9fac83dffa386aa582549403b8748b41e8f974ff12c3342bbc186849
261064fd3bdab1f4124e0baa5b221be87d9e54c6b1a97c50a6b033fb67e2e598
2863c724513681ac545dbb377eea70519a9be84f088ff8da777f7b6a9481ea84
2f3bc50b2de124fdca0ee994c14a662487fdae45f0c22ad1c465953958264866
381b0f26bfe26ca04a8fb8215dde7b278c82dafc42e56c2ad9c5f3b4b687ea46
47da1d5df0f118565355b8e192e750d7147aeffda27e17f28af071b5b44ff5e4
658ca87fbf51f8d3882fa06b155ffdf209d76a51950e9f8ab0022b3d915f35ad
6b773e53504977fdc5c57296e170e774c36d1e62f2c67f3efe91852842cc748f
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8b1c77de15bd161972712add8d601c779cc6db44ba8c0a8009e68157874da1c0
8c165d6e0fa210bfb694936d04f89e1d10889fe0330c715b9ea8ae3ea28d73ff
a9523b9fb972803c49a99859ac053d679bf753a1d2d2d0da561dee8b619c8cf1
bbe9d77c987e5f616088d2260b6162020a311560d437e736e0a4b5994448acc5
bcd1593ade39210d620f1831673f51fed69bdb52311e00cca8c18798c5bc054c
c35a43f14d375048466f6d4db9304ceeb6015bc1fb6893bfea2f167053ff02e3
dc85c10b857ed6648aa92e9b4f8de3db4d7d56a963c2019ee573b806d36b3fcf
e1e021227388dbff93f637bd3805511ec9b8d3fe979ab8415bdf310bf02e5f7d
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559

ressources.newslead.eu Open in urlscan Pro 164.132.55.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

0 %HTTPS

0 %IPv6

8 Domains

8 Subdomains

8 IPs

3 Countries

827 kBTransfer

903 kBSize

1 Cookies

7 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

52 Console Messages

Indicators

ressources.newslead.eu Open in urlscan Pro
164.132.55.141 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

0 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

827 kB
Transfer

903 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions