mirror.newsletter.club-prive-select.fr Open in urlscan Pro
89.248.209.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9ez-13q-0iw90
Effective URL:
http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Submission: On December 31 via api (December 31st 2019, 3:58:03 am UTC) from BE

Summary HTTP 17 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 89.248.209.41, located in Lambersart, France and belongs to ODISO-AS, FR. The main domain is mirror.newsletter.club-prive-select.fr.

This is the only time mirror.newsletter.club-prive-select.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	89.248.211.29 89.248.211.29	34993 (ODISO-AS) (ODISO-AS)
1	89.248.209.41 89.248.209.41	34993 (ODISO-AS) (ODISO-AS)
1 2	109.232.196.59 109.232.196.59	50234 (EULERIAN-AS) (EULERIAN-AS)
10	2606:4700:30:... 2606:4700:30::681b:8bdd	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	34.249.58.157 34.249.58.157	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2001:41d0:301... 2001:41d0:301:100:145:239:193:53	16276 (OVH) (OVH)
1	34.240.80.220 34.240.80.220	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:8400:21:... 2a02:8400:21:1::3	15557 (LDCOMNET) (LDCOMNET)
17	8

2 89.248.211.29 (Lambersart, France) 1 redirects

ASN34993 (ODISO-AS, FR)
PTR: mindproxy.odiso.net

t.newsletter.club-prive-select.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.248.209.41 (Lambersart, France)

ASN34993 (ODISO-AS, FR)

mirror.newsletter.club-prive-select.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.232.196.59 (France) 1 redirects

ASN50234 (EULERIAN-AS, FR)
PTR: sfr.eulerian.net

netc.sfr.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:30::681b:8bdd (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i.ulijentr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
o.ulijentr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.58.157 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-58-157.eu-west-1.compute.amazonaws.com

not.club-prive-select.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:301:100:145:239:193:53 (France)

ASN16276 (OVH, FR)

pmd.car817.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.80.220 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-240-80-220.eu-west-1.compute.amazonaws.com

trcd.club-prive-select.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:8400:21:1::3 (France)

ASN15557 (LDCOMNET, FR)

static.s-sfr.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ulijentr.com i.ulijentr.com o.ulijentr.com	184 KB
5	club-prive-select.fr 1 redirects t.newsletter.club-prive-select.fr mirror.newsletter.club-prive-select.fr not.club-prive-select.fr trcd.club-prive-select.fr	9 KB
2	sfr.fr 1 redirects netc.sfr.fr	1 KB
1	s-sfr.fr static.s-sfr.fr	35 KB
1	car817.fr pmd.car817.fr	802 B
17	5

	Domain	Requested by
9	i.ulijentr.com	mirror.newsletter.club-prive-select.fr
2	netc.sfr.fr	1 redirects mirror.newsletter.club-prive-select.fr
2	t.newsletter.club-prive-select.fr	1 redirects mirror.newsletter.club-prive-select.fr
1	static.s-sfr.fr	mirror.newsletter.club-prive-select.fr
1	trcd.club-prive-select.fr	mirror.newsletter.club-prive-select.fr
1	pmd.car817.fr	mirror.newsletter.club-prive-select.fr
1	not.club-prive-select.fr	mirror.newsletter.club-prive-select.fr
1	o.ulijentr.com	mirror.newsletter.club-prive-select.fr
1	mirror.newsletter.club-prive-select.fr
17	9

This site contains links to these domains. Also see Links.

Domain
t.newsletter.club-prive-select.fr

Subject Issuer	Validity	Valid
netc.sfr.fr Let's Encrypt Authority X3	`2019-12-28` - `2020-03-27`	3 months	crt.sh
sq.oooferton.com Let's Encrypt Authority X3	`2019-12-02` - `2020-03-01`	3 months	crt.sh
*.s-sfr.fr Certigna Wild CA	`2017-06-23` - `2020-06-22`	3 years	crt.sh

This page contains 1 frames:

Primary Page: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Frame ID: 7B7275B191DF016808622A1E126B7B7A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9ez-13q-0iw90 HTTP 302
http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608 Page URL

Page Statistics

17
Requests

18 %
HTTPS

38 %
IPv6

5
Domains

9
Subdomains

8
IPs

3
Countries

229 kB
Transfer

239 kB
Size

2
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9ez-13q-0iw90
Title: ce lien

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9e!-13q-0iw90

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9e9-13q-0iw90
Title: Offres Box

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9ea-13q-0iw90
Title: Forfait mobile

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9ew-13q-0iw90
Title: Téléphones

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9e3-13q-0iw90
Title: Box + Mobiles

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9es-13q-0iw90
Title: un cadeau, plein de bons moments

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9ef-13q-0iw90

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9ee-13q-0iw90
Title: Vous n'avez pas encore accès à la fibre ? Le père noël a l'offre qu'il vous faut dans sa hotte !

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9eq-13q-0iw90

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9e0-13q-0iw90

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9ei-13q-0iw90
Title: sfr.fr

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9ek-13q-0iw90

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9e5-13q-0iw90

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9el-13q-0iw90

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9em-13q-0iw90

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9qx-13q-0iw90
Title: ce lien

Search URL Search Domain Scan URL

URL: http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9e8-13q-0iw90
Title: le lien suivant.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9ez-13q-0iw90 HTTP 302
http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://netc.sfr.fr/dynview/sfr-fr/pix.gif?eml-publisher=Adventure-Conseil&eml-name=Email-Acquisition-Payant-prospect-tr-fibre-Fixe-No%C3%ABl-26112019-ac&eseg-item=26&ea-rnd=[RANDOM] HTTP 302
https://netc.sfr.fr/dynview/sfr-fr/pix.gif?eml-publisher=Adventure-Conseil&eml-name=Email-Acquisition-Payant-prospect-tr-fibre-Fixe-No%C3%ABl-26112019-ac&eseg-item=26&ea-rnd=[RANDOM]

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
mirror.newsletter.club-prive-select.fr/
Redirect Chain

http://t.newsletter.club-prive-select.fr/c/?t=c4a122b-4!c-9ez-13q-0iw90
http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608

25 KB
7 KB

199ms
143ms

Document
text/html

89.248.209.41
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 89.248.209.41 Lambersart, France, ASN34993 (ODISO-AS, FR),
Reverse DNS
Software: /
Resource Hash: ee4ebf792663b66c2744791155dca2c9d445f23aeb9de9bdf4a69deaa0f2c7bc

Request headers

Host: mirror.newsletter.club-prive-select.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: ASP.NET_SessionId=kynhfmu42yikc1r12ssesdne; path=/; HttpOnly SERVERID=server2; path=/
Date: Tue, 31 Dec 2019 03:57:46 GMT
Content-Length: 7297
X-Robots-Tag: noindex

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Set-Cookie: ASP.NET_SessionId=phsde13wz5gmgrzcomzowenw; path=/; HttpOnly
Date: Tue, 31 Dec 2019 03:57:47 GMT
Content-Length: 209

GET
H/1.1 200
OK /
t.newsletter.club-prive-select.fr/o/ 180 B
306 B 37ms
37ms Image
image/png 89.248.211.29
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://t.newsletter.club-prive-select.fr/o/?t=4!c-13q-0iw90
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 89.248.211.29 Lambersart, France, ASN34993 (ODISO-AS, FR),
Reverse DNS: mindproxy.odiso.net
Software: /
Resource Hash: a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
Cache-Control: private
Content-Length: 180
Content-Type: image/png

GET
H/1.1

200
OK

pix.gif
netc.sfr.fr/dynview/sfr-fr/
Redirect Chain

http://netc.sfr.fr/dynview/sfr-fr/pix.gif?eml-publisher=Adventure-Conseil&eml-name=Email-Acquisition-Payant-prospect-tr-fibre-Fixe-No%C3%ABl-26112019-ac&eseg-item=26&ea-rnd=[RANDOM]
https://netc.sfr.fr/dynview/sfr-fr/pix.gif?eml-publisher=Adventure-Conseil&eml-name=Email-Acquisition-Payant-prospect-tr-fibre-Fixe-No%C3%ABl-26112019-ac&eseg-item=26&ea-rnd=[RANDOM]

163 B
1 KB

127ms
35ms

Image
image/png

109.232.196.59
EULERIAN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netc.sfr.fr/dynview/sfr-fr/pix.gif?eml-publisher=Adventure-Conseil&eml-name=Email-Acquisition-Payant-prospect-tr-fibre-Fixe-No%C3%ABl-26112019-ac&eseg-item=26&ea-rnd=[RANDOM]

Requested by

Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.196.59 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

sfr.eulerian.net

Software

EWS /

Resource Hash

6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Tue, 31 Dec 2019 03:57:47 GMT
X-Content-Type-Options: nosniff
Server: EWS
Strict-Transport-Security: max-age=604800
P3P: policyref="http://netc.sfr.fr/w3c/p3p.xml",CP="NOI DSP COR NID ADMa DEVa OUR IND UNI"
Cache-Control: max-age=0, private
Connection: Close
Accept-Ranges: none
Content-Type: image/png
Content-Length: 163
X-XSS-Protection: 0

Redirect headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Tue, 31 Dec 2019 03:57:47 GMT
X-Content-Type-Options: nosniff
Server: EWS
Location: https://netc.sfr.fr/dynview/sfr-fr/pix.gif?eml-publisher=Adventure-Conseil&eml-name=Email-Acquisition-Payant-prospect-tr-fibre-Fixe-No%C3%ABl-26112019-ac&eseg-item=26&ea-rnd=[RANDOM]
Cache-Control: max-age=0, private
Connection: Close
Accept-Ranges: none
Content-Length: 0
X-XSS-Protection: 0

GET
H/1.1 200
OK logo.png
i.ulijentr.com/content/20190528161231_1543_19/ 7 KB
7 KB 41ms
15ms Image
image/png 2606:4700:30::681b:8bdd
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.ulijentr.com/content/20190528161231_1543_19/logo.png
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8bdd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b3b13b0d79e9b80b06c415144d972e47ce1dc22d0742439d2e39f1bc6513d73

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 28 May 2019 14:12:31 GMT
Server: cloudflare
Age: 3519
ETag: "1aa3-589f3416e0032"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54d954d578a3dfad-FRA
Content-Length: 6819

GET
H/1.1 200
OK prix.png
i.ulijentr.com/content/20191203132927_1726_6/ 11 KB
12 KB 40ms
14ms Image
image/png 2606:4700:30::681b:8bdd
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.ulijentr.com/content/20191203132927_1726_6/prix.png
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8bdd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02433c49fed879c9b9fd963436b57c713a424ad3c9e791a094fc99371f2ca5e7

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 03 Dec 2019 12:29:27 GMT
Server: cloudflare
Age: 3519
ETag: "2c24-598cbd8dfad5d"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54d954d57e3adfd7-FRA
Content-Length: 11300

GET
H/1.1 200
OK prix2.png
i.ulijentr.com/content/20191203132927_1726_6/ 10 KB
10 KB 41ms
15ms Image
image/png 2606:4700:30::681b:8bdd
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.ulijentr.com/content/20191203132927_1726_6/prix2.png
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8bdd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07cc4a4f3702be4d04143895288a571c9ced91a94eeb6b466b1c82c8fce43ba6

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 03 Dec 2019 12:29:27 GMT
Server: cloudflare
Age: 3519
ETag: "27f7-598cbd8dfad5d"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54d954d57b4bd729-FRA
Content-Length: 10231

GET
H/1.1 200
OK cta_noel.png
i.ulijentr.com/content/20191203132927_1726_6/ 1 KB
2 KB 46ms
9ms Image
image/png 2606:4700:30::681b:8bdd
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.ulijentr.com/content/20191203132927_1726_6/cta_noel.png
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8bdd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c905507ffe85993c6e8331d9b56e0a19f80cd694b02ceddb8e8334f9425381

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 03 Dec 2019 12:29:27 GMT
Server: cloudflare
Age: 3519
ETag: "458-598cbd8dfad5d"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54d954d58e83d6c1-FRA
Content-Length: 1112

GET
H/1.1 200
OK facebook.png
i.ulijentr.com/content/20191014112712_1788/ 2 KB
2 KB 54ms
13ms Image
image/png 2606:4700:30::681b:8bdd
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.ulijentr.com/content/20191014112712_1788/facebook.png
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8bdd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea4c4a4151b699b4f987fed77b6e94cdd81130e1b27f56fdf4840403db4ba5d1

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 14 Oct 2019 09:27:12 GMT
Server: cloudflare
Age: 3519
ETag: "694-594db78fe6727"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54d954d58e6ddfd7-FRA
Content-Length: 1684

GET
H/1.1 200
OK twitter.png
i.ulijentr.com/content/20191014112712_1087/ 2 KB
2 KB 50ms
9ms Image
image/png 2606:4700:30::681b:8bdd
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.ulijentr.com/content/20191014112712_1087/twitter.png
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8bdd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2cf6463e25d74d71f463cc5b3e438096caa372279f58450e3a50b2f1103a5b5

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 14 Oct 2019 09:27:12 GMT
Server: cloudflare
Age: 3519
ETag: "7a3-594db78fe3846"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54d954d588c3dfad-FRA
Content-Length: 1955

GET
H/1.1 200
OK youtube.png
i.ulijentr.com/content/20191014112712_1377/ 2 KB
2 KB 18ms
12ms Image
image/png 2606:4700:30::681b:8bdd
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.ulijentr.com/content/20191014112712_1377/youtube.png
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8bdd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dccd7899fe86bb238b41a1599f3ef8bcc0ad132615f75b9b98a924f24afea1ac

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 14 Oct 2019 09:27:12 GMT
Server: cloudflare
Age: 3519
ETag: "7f8-594db78fe5787"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54d954d57e6fd6c1-FRA
Content-Length: 2040

GET
H/1.1 200
OK uniqueId
o.ulijentr.com/56-19-26-9578-187121/ 42 B
482 B 77ms
49ms Image
image/gif 2606:4700:30::681b:8bdd
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://o.ulijentr.com/56-19-26-9578-187121/uniqueId
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8bdd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 54d954d57a67c2a9-FRA
Content-Length: 42
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK adtckrtg.php
not.club-prive-select.fr/ 43 B
672 B 108ms
48ms Image
image/gif 34.249.58.157
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://not.club-prive-select.fr/adtckrtg.php?ids=1240&hash=d89a49469cc482a0e1ea42bdabfae7dd&hash256=d6f96d5a49e5b615cad4c073489574276dbdc1dd3a8475d7b53f1ccead3d6dd3
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 34.249.58.157 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-58-157.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.3 / Express
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
ETag: W/"2b-2eaaa083"
Server: nginx/1.10.3
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK collect_v2.img.php
pmd.car817.fr/ 43 B
802 B 110ms
15ms Image
image/gif 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmd.car817.fr/collect_v2.img.php?dmp=emdmpeasy&p=1449&s=1449&m=d89a49469cc482a0e1ea42bdabfae7dd&email_sha256=d6f96d5a49e5b615cad4c073489574276dbdc1dd3a8475d7b53f1ccead3d6dd3

Requested by

Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
Cache-Control: no-store, no-cache
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
X-IPLB-Instance: 25144
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK trcdo.php
trcd.club-prive-select.fr/trcd/ 42 B
477 B 95ms
43ms Image
image/gif 34.240.80.220
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://trcd.club-prive-select.fr/trcd/trcdo.php?cid=248448&em=suspect@safeonweb.be&emcdrmd5=d89a49469cc482a0e1ea42bdabfae7dd&emcdrsha256=d6f96d5a49e5b615cad4c073489574276dbdc1dd3a8475d7b53f1ccead3d6dd3&do=club-prive-select.fr&rout=mbz&ts=1576841798
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 34.240.80.220 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-240-80-220.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.16
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Dec 2019 03:57:47 GMT
Last-Modified: Tue, 31 Dec 2019 03:57:47 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.16
P3P: CP="NOI NID ADMa OUR IND UNI COM NAV"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sat, 22 Apr 1978 02:19:00 GMT

GET
H/1.1 200
OK bg_principal.png
i.ulijentr.com/content/20191203132927_1726_6/ 104 KB
104 KB 19ms
13ms Image
image/png 2606:4700:30::681b:8bdd
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.ulijentr.com/content/20191203132927_1726_6/bg_principal.png
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8bdd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40b5e63ca5251925f1d8ee7d829ed93ee4ee52f5ea057a29ad68fc21e4d5ca0c

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 03 Dec 2019 12:29:27 GMT
Server: cloudflare
Age: 3519
ETag: "19f39-598cbd8dfad5d"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54d954d57f12e007-FRA
Content-Length: 106297

GET
H/1.1 200
OK bg_second.gif
i.ulijentr.com/content/20191204071958_1988_6/ 41 KB
41 KB 20ms
13ms Image
image/gif 2606:4700:30::681b:8bdd
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.ulijentr.com/content/20191204071958_1988_6/bg_second.gif
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8bdd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ac72daf7a60eeb8e6a7eadded0d83296f4847b1a86b23f6d215181c6ef45748

Request headers

Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 03:57:47 GMT
CF-Cache-Status: HIT
Last-Modified: Wed, 04 Dec 2019 06:19:58 GMT
Server: cloudflare
Age: 3519
ETag: "a357-598dacd4f5dc7"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54d954d57c3dd6bd-FRA
Content-Length: 41815

GET
H2 200 sfr-1.0-regular-webfont.woff
static.s-sfr.fr/resources/font/ 34 KB
35 KB 81ms
26ms Font
font/woff 2a02:8400:21:1::3
LDCOMNET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.s-sfr.fr/resources/font/sfr-1.0-regular-webfont.woff
Requested by: Host: mirror.newsletter.club-prive-select.fr
URL: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:8400:21:1::3 , France, ASN15557 (LDCOMNET, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 5f618841c21775f839c5d4fdf8263c31100724110a105a9ab356b5e00f084ddd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mirror.newsletter.club-prive-select.fr/?e=suspect%40safeonweb.be&s=741&b=1608
Origin: http://mirror.newsletter.club-prive-select.fr

Response headers

date: Tue, 31 Dec 2019 03:57:47 GMT
via: 1.1 static.s-sfr.fr, 1.1 bdx1-ncdn-middle-http00, 1.1 tls1-ncdn-edge-http01
last-modified: Thu, 05 Jul 2012 08:40:20 GMT
server: nginx/1.10.3
age: 23112
etag: W/"34968-1341477620000"
content-type: font/woff
status: 200
cache-control: max-age=28800, public
x-varnish: 560601112 550658383, 145043940 117602065
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34968
expires: Tue, 31 Dec 2019 05:32:34 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mirror.newsletter.club-prive-select.fr/	1969-12-31 23:59:59	Name: SERVERID Value: server2
			mirror.newsletter.club-prive-select.fr/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: kynhfmu42yikc1r12ssesdne

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.ulijentr.com
mirror.newsletter.club-prive-select.fr
netc.sfr.fr
not.club-prive-select.fr
o.ulijentr.com
pmd.car817.fr
static.s-sfr.fr
t.newsletter.club-prive-select.fr
trcd.club-prive-select.fr
109.232.196.59
2001:41d0:301:100:145:239:193:53
2606:4700:30::681b:8bdd
2a02:8400:21:1::3
34.240.80.220
34.249.58.157
89.248.209.41
89.248.211.29
02433c49fed879c9b9fd963436b57c713a424ad3c9e791a094fc99371f2ca5e7
07cc4a4f3702be4d04143895288a571c9ced91a94eeb6b466b1c82c8fce43ba6
0ac72daf7a60eeb8e6a7eadded0d83296f4847b1a86b23f6d215181c6ef45748
40b5e63ca5251925f1d8ee7d829ed93ee4ee52f5ea057a29ad68fc21e4d5ca0c
5f618841c21775f839c5d4fdf8263c31100724110a105a9ab356b5e00f084ddd
6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1
7b3b13b0d79e9b80b06c415144d972e47ce1dc22d0742439d2e39f1bc6513d73
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
c2cf6463e25d74d71f463cc5b3e438096caa372279f58450e3a50b2f1103a5b5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dccd7899fe86bb238b41a1599f3ef8bcc0ad132615f75b9b98a924f24afea1ac
e3c905507ffe85993c6e8331d9b56e0a19f80cd694b02ceddb8e8334f9425381
ea4c4a4151b699b4f987fed77b6e94cdd81130e1b27f56fdf4840403db4ba5d1
ee4ebf792663b66c2744791155dca2c9d445f23aeb9de9bdf4a69deaa0f2c7bc

mirror.newsletter.club-prive-select.fr Open in urlscan Pro 89.248.209.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

17 Requests

18 %HTTPS

38 %IPv6

5 Domains

9 Subdomains

8 IPs

3 Countries

229 kBTransfer

239 kBSize

2 Cookies

18 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

mirror.newsletter.club-prive-select.fr Open in urlscan Pro
89.248.209.41 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

18 %
HTTPS

38 %
IPv6

5
Domains

9
Subdomains

8
IPs

3
Countries

229 kB
Transfer

239 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions