mailings.torfs.be Open in urlscan Pro
194.213.115.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxN...
Submission: On February 23 via api (February 23rd 2020, 7:36:27 pm UTC) from BE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 194.213.115.57, located in Belgium and belongs to COMBELL-AS, BE. The main domain is mailings.torfs.be.

This is the only time mailings.torfs.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	194.213.115.57 194.213.115.57	34762 (COMBELL-AS) (COMBELL-AS)
8	13.35.253.101 13.35.253.101	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.8.246 35.190.8.246	15169 (GOOGLE) (GOOGLE)
1	35.201.103.23 35.201.103.23	15169 (GOOGLE) (GOOGLE)
18	3

9 194.213.115.57 (Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: webbpp57.emsecure.net

mailings.torfs.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
torfs.emsecure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.35.253.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-101.fra6.r.cloudfront.net

transform.dis.commercecloud.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.8.246 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 246.8.190.35.bc.googleusercontent.com

tarafasa.zandbak.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.103.23 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 23.103.201.35.bc.googleusercontent.com

cdn.froomle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	salesforce.com transform.dis.commercecloud.salesforce.com	97 KB
8	emsecure.net torfs.emsecure.net	607 KB
1	froomle.com cdn.froomle.com	528 B
1	zandbak.pro 1 redirects tarafasa.zandbak.pro	848 B
1	torfs.be mailings.torfs.be	120 KB
18	5

	Domain	Requested by
8	transform.dis.commercecloud.salesforce.com	mailings.torfs.be
8	torfs.emsecure.net	mailings.torfs.be
1	cdn.froomle.com	mailings.torfs.be
1	tarafasa.zandbak.pro	1 redirects
1	mailings.torfs.be
18	5

This site contains no links.

Subject Issuer	Validity	Valid
*.emsecure.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-05-12`	2 years	crt.sh
transform.dis.commercecloud.salesforce.com DigiCert SHA2 Secure Server CA	`2020-01-09` - `2021-01-09`	a year	crt.sh
cdn.froomle.com GTS CA 1D2	`2020-02-10` - `2020-05-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU
Frame ID: 580FADF82BA62F22674462DCDC3E4E2B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

18
Requests

56 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

825 kB
Transfer

820 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://tarafasa.zandbak.pro/api/events?event_type=email_open&login_id=30835244479&email_id=4165&request_id=444766542 HTTP 302
https://cdn.froomle.com/pixel/tp.png

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request optiextension.dll Show response mailings.torfs.be/optiext/	120 KB 120 KB	154ms 136ms	Document text/html	194.213.115.57 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol HTTP/1.1 Server 194.213.115.57 , Belgium, ASN34762 (COMBELL-AS, BE), Reverse DNS webbpp57.emsecure.net Software / Resource Hash `080ab613baab6c75349cd145506d93750a968d78a1dafebb967f1b94b1f3875c` Request headers Host mailings.torfs.be Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type text/html Date Sun, 23 Feb 2020 19:36:08 GMT Content-Length 123185
GET H/1.1	200 OK	logoTorfs-NL.png torfs.emsecure.net/images/Header-Footer/	37 KB 38 KB	49ms 26ms	Image image/png	194.213.115.57 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL http://torfs.emsecure.net/images/Header-Footer/logoTorfs-NL.png Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol HTTP/1.1 Server 194.213.115.57 , Belgium, ASN34762 (COMBELL-AS, BE), Reverse DNS webbpp57.emsecure.net Software / Resource Hash `9eeedb152d8ff0f6c4f4bb6294ad3b46f12fa9d86685263cee6c5becba4ea633` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 19:36:08 GMT Last-Modified Fri, 22 Feb 2019 09:02:23 GMT Accept-Ranges bytes ETag "93c62d538dcad41:0" Content-Length 38386 Content-Type image/png
GET H/1.1	200 OK	hero_links.jpg torfs.emsecure.net/images/2020/202002/20200216-winterdealstimberland/	173 KB 173 KB	164ms 146ms	Image image/jpeg	194.213.115.57 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL http://torfs.emsecure.net/images/2020/202002/20200216-winterdealstimberland/hero_links.jpg Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol HTTP/1.1 Server 194.213.115.57 , Belgium, ASN34762 (COMBELL-AS, BE), Reverse DNS webbpp57.emsecure.net Software / Resource Hash `143c296e2be4e84e15536a4cec28ae55c093d9a7a22e6eda0bfed42f86429932` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 19:36:08 GMT Last-Modified Thu, 13 Feb 2020 08:30:06 GMT Accept-Ranges bytes ETag "a3329ecb47e2d51:0" Content-Length 176703 Content-Type image/jpeg
GET H/1.1	200 OK	hero_rechts.jpg torfs.emsecure.net/images/2020/202002/20200216-winterdealstimberland/	260 KB 260 KB	166ms 147ms	Image image/jpeg	194.213.115.57 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL http://torfs.emsecure.net/images/2020/202002/20200216-winterdealstimberland/hero_rechts.jpg Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol HTTP/1.1 Server 194.213.115.57 , Belgium, ASN34762 (COMBELL-AS, BE), Reverse DNS webbpp57.emsecure.net Software / Resource Hash `ab1100c7900460d4fa10d153e3a941e7bbb405ee32eaa14c3f5dcb3835cbf95b` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 19:36:08 GMT Last-Modified Thu, 13 Feb 2020 08:30:08 GMT Accept-Ranges bytes ETag "144ef4cc47e2d51:0" Content-Length 265733 Content-Type image/jpeg
GET H/1.1	200 OK	lijn_1.png torfs.emsecure.net/images//Header%20en%20footer/	14 KB 14 KB	403ms 149ms	Image image/png	194.213.115.57 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://torfs.emsecure.net/images//Header%20en%20footer/lijn_1.png Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 194.213.115.57 , Belgium, ASN34762 (COMBELL-AS, BE), Reverse DNS webbpp57.emsecure.net Software / Resource Hash `54faf1919307733d60dabcd7cc718c78f19e7a7213dde8e69ad116b7253e7178` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 23 Feb 2020 19:36:09 GMT Last-Modified Thu, 23 Aug 2018 15:21:41 GMT Accept-Ranges bytes ETag "c77596fef43ad41:0" Content-Length 14603 Content-Type image/png
GET H2	200	260233-1.jpg transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/260/260233/	9 KB 10 KB	699ms 611ms	Image image/jpeg	13.35.253.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/260/260233/260233-1.jpg?sw=300 Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-253-101.fra6.r.cloudfront.net Software / Resource Hash `5377361afdf9a89559dc5d1943cd383200b60fb79d60e75afe498cd077b7e468` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sun, 23 Feb 2020 19:36:10 GMT via 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amzn-requestid 55db8294-c917-42b7-9d2b-933080c7770d x-cache Miss from cloudfront content-type image/jpeg status 200 cache-control public, max-age=301 x-amzn-trace-id Root=1-5e52d429-f4e2d2171bb28ad67c87dd2a;Sampled=0 x-amz-apigw-id IXYWkEZ6oAMFymA= content-length 9663 x-amz-cf-id TQAMNTV4gQdO_AQOv6FuhovEYrNSGS2oL_Cmoaj84-GfnlQwOKZzBg==
GET H2	200	259106-1.jpg transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/259/259106/	10 KB 10 KB	888ms 801ms	Image image/jpeg	13.35.253.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/259/259106/259106-1.jpg?sw=300 Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-253-101.fra6.r.cloudfront.net Software / Resource Hash `60f4716600ac0f13e56cae7f534504f021da7f45daa82adec7ec888ec153b678` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sun, 23 Feb 2020 19:36:10 GMT via 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amzn-requestid 5732ae61-9ba0-4cb9-b5d8-b1bcefd027ac x-cache Miss from cloudfront content-type image/jpeg status 200 cache-control public, max-age=301 x-amzn-trace-id Root=1-5e52d42a-79960e6665543de4240f82e0;Sampled=0 x-amz-apigw-id IXYWlFt4oAMFXzw= content-length 9753 x-amz-cf-id TZqhoFasuWuUUQgPU0pq7iJonxDdGspU5-2w0UeDUyEg2jmEXPp1hQ==
GET H2	200	259955-1.jpg transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/259/259955/	9 KB 9 KB	638ms 607ms	Image image/jpeg	13.35.253.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/259/259955/259955-1.jpg?sw=300 Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-253-101.fra6.r.cloudfront.net Software / Resource Hash `14099e497b7514123495dc3e3512602583143ce8583d9ea0297ab470704c4d27` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sun, 23 Feb 2020 19:36:10 GMT via 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amzn-requestid ef39def8-0a2c-4da1-ba86-0f7e37fc8923 x-cache Miss from cloudfront content-type image/jpeg status 200 cache-control public, max-age=301 x-amzn-trace-id Root=1-5e52d429-8f8498809413991cbbc86d48;Sampled=0 x-amz-apigw-id IXYWkGw2oAMFn_g= content-length 8899 x-amz-cf-id jM1Hl5JU-eGxzONLLArUoyMLtw8IsoFpAHwnVWLiMR-ErvjV-8bryQ==
GET H2	200	260223-1.jpg transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/260/260223/	14 KB 15 KB	742ms 712ms	Image image/jpeg	13.35.253.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/260/260223/260223-1.jpg?sw=300 Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-253-101.fra6.r.cloudfront.net Software / Resource Hash `91e9d6cbf04bb4b47d79de6a49e4f943a68d5fa52cbade250696e055d6a5154f` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sun, 23 Feb 2020 19:36:10 GMT via 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amzn-requestid 0fb87f45-5037-48d4-9734-0f6687e5f6d9 x-cache Miss from cloudfront content-type image/jpeg status 200 cache-control public, max-age=301 x-amzn-trace-id Root=1-5e52d429-7c8e78ec3f93f4b2eeb2f7ae;Sampled=0 x-amz-apigw-id IXYWkFPDoAMFy8A= content-length 14846 x-amz-cf-id biv6XqYZyKFnlY16jAr2XMEnizzTerxBXkwpaOjBcFIVwO8oEtm_1A==
GET H2	200	255335-1.jpg transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/255/255335/	14 KB 15 KB	689ms 671ms	Image image/jpeg	13.35.253.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/255/255335/255335-1.jpg?sw=300 Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-253-101.fra6.r.cloudfront.net Software / Resource Hash `dc65c3f82c9eb580927c142dc2a56d1eee2a5c7b6fcf5476d1760d665d890c03` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sun, 23 Feb 2020 19:36:10 GMT via 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amzn-requestid 14bcc5a8-cfd3-4198-b8c3-32b6422f655d x-cache Miss from cloudfront content-type image/jpeg status 200 cache-control public, max-age=301 x-amzn-trace-id Root=1-5e52d429-ab6e9b0823b905b0cc145f98;Sampled=0 x-amz-apigw-id IXYWkFkfoAMFS1A= content-length 14584 x-amz-cf-id uzVQqnRY3wjrb4povbK6jkk9kQ9A3saPq0CeG_stovOgnSqG9wmfRg==
GET H2	200	253694-1.jpg transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/253/253694/	11 KB 12 KB	723ms 704ms	Image image/jpeg	13.35.253.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/253/253694/253694-1.jpg?sw=300 Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-253-101.fra6.r.cloudfront.net Software / Resource Hash `1143340c08ad162de4315b0639db372228c2494f858469d8b2f38f9249272997` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sun, 23 Feb 2020 19:36:10 GMT via 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amzn-requestid 7bee363f-aacd-43af-bddc-f6a43a6b1450 x-cache Miss from cloudfront content-type image/jpeg status 200 cache-control public, max-age=301 x-amzn-trace-id Root=1-5e52d42a-e230ed6e41c798f7b8a13b37;Sampled=0 x-amz-apigw-id IXYWlFm-oAMFlxQ= content-length 11406 x-amz-cf-id M-oDoRcSlhnVEV8d3WVEs02F0tMVTIyt1FOFuFCl9FMtJjPuTsSa5Q==
GET H2	200	254738-1.jpg transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/254/254738/	12 KB 13 KB	533ms 528ms	Image image/jpeg	13.35.253.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/254/254738/254738-1.jpg?sw=300 Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-253-101.fra6.r.cloudfront.net Software / Resource Hash `b819d8eca4879252b1acbb4a106820a76cda3532090208b470b28d4527bd564b` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sun, 23 Feb 2020 19:36:10 GMT via 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amzn-requestid 2972028d-ece5-4cbd-b4b3-5fb627058204 x-cache Miss from cloudfront content-type image/jpeg status 200 cache-control public, max-age=301 x-amzn-trace-id Root=1-5e52d429-96034fc340f327105194c40f;Sampled=0 x-amz-apigw-id IXYWiGEXoAMFWLg= content-length 12752 x-amz-cf-id lsB9fNEVAg61mA3gJBKGMLKVcwdfecfsFheEGxrFaKJ-xPrIq7Dl3Q==
GET H2	200	254752-1.jpg transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/254/254752/	14 KB 14 KB	829ms 824ms	Image image/jpeg	13.35.253.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://transform.dis.commercecloud.salesforce.com/transform/BCQR_PRD/on/demandware.static/-/Sites-torfs-catalog-master/default/hi-res/pdp/254/254752/254752-1.jpg?sw=300 Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-253-101.fra6.r.cloudfront.net Software / Resource Hash `413a89472c17c0039d7c8a9d8de5db2802894128111e83b387b3ebdd1400ebed` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sun, 23 Feb 2020 19:36:10 GMT via 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amzn-requestid 07242704-870a-4122-ae46-03106ebd946b x-cache Miss from cloudfront content-type image/jpeg status 200 cache-control public, max-age=301 x-amzn-trace-id Root=1-5e52d429-ccf76012a58656dcf29ef730;Sampled=0 x-amz-apigw-id IXYWkHPDIAMF9WA= content-length 14334 x-amz-cf-id Len6x-q3HUWgkJqWwH9SIPx79dZFcLe0Jzp8FWAdwDHKUyT18yzVlw==
GET H/1.1	200 OK	uspVerzending.png torfs.emsecure.net/images/Header-Footer/	27 KB 27 KB	22ms 21ms	Image image/png	194.213.115.57 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL http://torfs.emsecure.net/images/Header-Footer/uspVerzending.png Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol HTTP/1.1 Server 194.213.115.57 , Belgium, ASN34762 (COMBELL-AS, BE), Reverse DNS webbpp57.emsecure.net Software / Resource Hash `911472e5086e4b29e17b8d67bec2178a94bf0fc405103040558bd89d7bd62ae1` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 19:36:08 GMT Last-Modified Mon, 20 Aug 2018 14:30:44 GMT Accept-Ranges bytes ETag "f9288619238d41:0" Content-Length 27786 Content-Type image/png
GET H/1.1	200 OK	uspTerugzenden.png torfs.emsecure.net/images/Header-Footer/	31 KB 31 KB	163ms 147ms	Image image/png	194.213.115.57 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL http://torfs.emsecure.net/images/Header-Footer/uspTerugzenden.png Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol HTTP/1.1 Server 194.213.115.57 , Belgium, ASN34762 (COMBELL-AS, BE), Reverse DNS webbpp57.emsecure.net Software / Resource Hash `e58bd1a0f0f065b8f87f2a494f17ec46a8a1b978b4fbea5511ed249b8c28f8c5` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 19:36:09 GMT Last-Modified Mon, 20 Aug 2018 14:30:43 GMT Accept-Ranges bytes ETag "a64c73609238d41:0" Content-Length 31821 Content-Type image/png
GET H/1.1	200 OK	uspGeldTerug.png torfs.emsecure.net/images/Header-Footer/	37 KB 37 KB	43ms 27ms	Image image/png	194.213.115.57 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL http://torfs.emsecure.net/images/Header-Footer/uspGeldTerug.png Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol HTTP/1.1 Server 194.213.115.57 , Belgium, ASN34762 (COMBELL-AS, BE), Reverse DNS webbpp57.emsecure.net Software / Resource Hash `a6bae2e770bb5706c973b41d5744a7aa4fb46f7591d7d368f325e5b2665f8fa2` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 19:36:08 GMT Last-Modified Mon, 20 Aug 2018 14:30:41 GMT Accept-Ranges bytes ETag "18773c5f9238d41:0" Content-Length 37744 Content-Type image/png
GET H/1.1	200 OK	uspKlantendienst.png torfs.emsecure.net/images/Header-Footer/	27 KB 27 KB	161ms 146ms	Image image/png	194.213.115.57 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL http://torfs.emsecure.net/images/Header-Footer/uspKlantendienst.png Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol HTTP/1.1 Server 194.213.115.57 , Belgium, ASN34762 (COMBELL-AS, BE), Reverse DNS webbpp57.emsecure.net Software / Resource Hash `36be772457289c37354444e8c1c7133a040737357795fb22409785681e81c424` Request headers Referer http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 19:36:09 GMT Last-Modified Mon, 20 Aug 2018 14:30:42 GMT Accept-Ranges bytes ETag "3744da5f9238d41:0" Content-Length 27676 Content-Type image/png
GET H2	200	tp.png cdn.froomle.com/pixel/ Redirect Chain https://tarafasa.zandbak.pro/api/events?event_type=email_open&login_id=30835244479&email_id=4165&request_id=444766542 https://cdn.froomle.com/pixel/tp.png	69 B 528 B	110ms 39ms	Image image/png	35.201.103.23 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.froomle.com/pixel/tp.png Requested by Host: mailings.torfs.be URL: http://mailings.torfs.be/optiext/optiextension.dll?ID=5BA5DdSbvCto2DamhxoR4Yy1kPPqefpXI09Ai6hufU_jxshjWSARe6d5GOtLY7nhAxNxERG_XYGciu5R15MEs6LDdG5HU Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.201.103.23 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 23.103.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash `674c907396606e5bb24dc63c7f363506d029f9940db767c0d658bf44b8ea19e7` Request headers Referer http://mailings.torfs.be/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 23 Feb 2020 19:21:48 GMT age 862 status 200 x-guploader-uploadid AEnB2UpUqaQLhMHQdu8XEyomL0e5Pd3uJvwLGUz6U7naeqZUuD1Q2W3ENY5waVj5plC6lxH9pio6SMNruMZm6gxtkApke2_BUw x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc clear content-length 69 last-modified Tue, 12 Jun 2018 14:55:35 GMT server UploadServer etag "2ea1f94f9be9ce1221384d949404871a" x-goog-hash crc32c=nHy+ww==, md5=LqH5T5vpzhIhOE2UlASHGg== x-goog-generation 1528815335385133 cache-control public, max-age=3600 x-goog-stored-content-length 69 accept-ranges bytes content-type image/png expires Sun, 23 Feb 2020 20:21:48 GMT Redirect headers content-security-policy font-src 'self' themes.googleusercontent.com .gstatic.com; frame-src 'self' www.google.com www.youtube.com; script-src 'self' ajax.googleapis.com .googleanalytics.com .google-analytics.com 'unsafe-inline'; style-src 'self' ajax.googleapis.com fonts.googleapis.com .gstatic.com 'unsafe-inline'; default-src 'self' .gstatic.com; img-src 'self' 'unsafe-inline' data: via* 1.1 google referrer-policy strict-origin-when-cross-origin location https://cdn.froomle.com/pixel/tp.png date Sun, 23 Feb 2020 19:36:09 GMT x-frame-options SAMEORIGIN content-type text/html; charset=utf-8 status 302 x-content-type-options nosniff strict-transport-security max-age=31556926; includeSubDomains alt-svc clear content-length 279 x-xss-protection 1; mode=block x-content-security-policy font-src 'self' themes.googleusercontent.com .gstatic.com; frame-src 'self' www.google.com www.youtube.com; script-src 'self' ajax.googleapis.com .googleanalytics.com .google-analytics.com 'unsafe-inline'; style-src 'self' ajax.googleapis.com fonts.googleapis.com .gstatic.com 'unsafe-inline'; default-src 'self' *.gstatic.com; img-src 'self' 'unsafe-inline' data:

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.froomle.com
mailings.torfs.be
tarafasa.zandbak.pro
torfs.emsecure.net
transform.dis.commercecloud.salesforce.com
13.35.253.101
194.213.115.57
35.190.8.246
35.201.103.23
080ab613baab6c75349cd145506d93750a968d78a1dafebb967f1b94b1f3875c
1143340c08ad162de4315b0639db372228c2494f858469d8b2f38f9249272997
14099e497b7514123495dc3e3512602583143ce8583d9ea0297ab470704c4d27
143c296e2be4e84e15536a4cec28ae55c093d9a7a22e6eda0bfed42f86429932
36be772457289c37354444e8c1c7133a040737357795fb22409785681e81c424
413a89472c17c0039d7c8a9d8de5db2802894128111e83b387b3ebdd1400ebed
5377361afdf9a89559dc5d1943cd383200b60fb79d60e75afe498cd077b7e468
54faf1919307733d60dabcd7cc718c78f19e7a7213dde8e69ad116b7253e7178
60f4716600ac0f13e56cae7f534504f021da7f45daa82adec7ec888ec153b678
674c907396606e5bb24dc63c7f363506d029f9940db767c0d658bf44b8ea19e7
911472e5086e4b29e17b8d67bec2178a94bf0fc405103040558bd89d7bd62ae1
91e9d6cbf04bb4b47d79de6a49e4f943a68d5fa52cbade250696e055d6a5154f
9eeedb152d8ff0f6c4f4bb6294ad3b46f12fa9d86685263cee6c5becba4ea633
a6bae2e770bb5706c973b41d5744a7aa4fb46f7591d7d368f325e5b2665f8fa2
ab1100c7900460d4fa10d153e3a941e7bbb405ee32eaa14c3f5dcb3835cbf95b
b819d8eca4879252b1acbb4a106820a76cda3532090208b470b28d4527bd564b
dc65c3f82c9eb580927c142dc2a56d1eee2a5c7b6fcf5476d1760d665d890c03
e58bd1a0f0f065b8f87f2a494f17ec46a8a1b978b4fbea5511ed249b8c28f8c5

mailings.torfs.be Open in urlscan Pro 194.213.115.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

18 Requests

56 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

3 IPs

3 Countries

825 kBTransfer

820 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

mailings.torfs.be Open in urlscan Pro
194.213.115.57 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

56 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

825 kB
Transfer

820 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions