urlscan.io logo urlscan.io
SecurityTrails logo

red.affairessouslesoleil.fr Open in urlscan Pro
46.105.114.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://red.affairessouslesoleil.fr/click/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVjMWE4YjQyODBiMjlfNzYiO30%253D/ZGlkaWVyLmtlb...
Effective URL: http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Submission: On January 10 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 16 HTTP transactions. The main IP is 46.105.114.188, located in France and belongs to OVH, FR. The main domain is red.affairessouslesoleil.fr.
This is the only time red.affairessouslesoleil.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 46.105.114.188 16276 (OVH)
4 62.210.250.55 12876 (AS12876)
1 2 80.70.210.161 34913 (DALENYS)
1 147.135.143.44 16276 (OVH)
1 1 54.194.46.76 16509 (AMAZON-02)
1 52.16.153.254 16509 (AMAZON-02)
1 1 54.76.65.100 16509 (AMAZON-02)
2 2 18.203.122.35 16509 (AMAZON-02)
2 2 185.33.223.215 29990 (ASN-APPNEXUS)
1 52.22.180.243 14618 (AMAZON-AES)
16 7
3    46.105.114.188 (France)

ASN16276 (OVH, FR)
PTR: e9-webmxt.emslip.com
red.affairessouslesoleil.fr
4    62.210.250.55 (France)

ASN12876 (AS12876, FR)
PTR: web.comandclick.com
linkandclick.com
2    80.70.210.161 (France)

ASN34913 (DALENYS, FR)
PTR: email-reflex.com
ep.affairessouslesoleil.fr
email-reflex.com
1    147.135.143.44 (Waltham, United States)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    54.194.46.76 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-46-76.eu-west-1.compute.amazonaws.com
crt.lesmeilleuresoffres.fr
1    52.16.153.254 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-153-254.eu-west-1.compute.amazonaws.com
notify.adleadevent.com
1    54.76.65.100 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-65-100.eu-west-1.compute.amazonaws.com
ejp.rlcdn.com
2    18.203.122.35 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-203-122-35.eu-west-1.compute.amazonaws.com
iei.rlcdn.com
2    185.33.223.215 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
1    52.22.180.243 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-180-243.compute-1.amazonaws.com
idsync.rlcdn.com
Domain Requested by
4 linkandclick.com red.affairessouslesoleil.fr
3 red.affairessouslesoleil.fr 1 redirects red.affairessouslesoleil.fr
2 ib.adnxs.com 2 redirects
2 iei.rlcdn.com 2 redirects
1 idsync.rlcdn.com red.affairessouslesoleil.fr
1 ejp.rlcdn.com 1 redirects
1 notify.adleadevent.com red.affairessouslesoleil.fr
1 crt.lesmeilleuresoffres.fr 1 redirects
1 tag.leadplace.fr red.affairessouslesoleil.fr
1 email-reflex.com red.affairessouslesoleil.fr
1 ep.affairessouslesoleil.fr 1 redirects
0 cm.affairessouslesoleil.fr Failed red.affairessouslesoleil.fr
0 crm4d.affairessouslesoleil.fr Failed red.affairessouslesoleil.fr
0 sr.affairessouslesoleil.fr Failed red.affairessouslesoleil.fr
0 sm.affairessouslesoleil.fr Failed red.affairessouslesoleil.fr
0 squad.affairessouslesoleil.fr Failed red.affairessouslesoleil.fr
0 adth.affairessouslesoleil.fr Failed red.affairessouslesoleil.fr
16 17

This site contains no links.

Subject Issuer Validity Valid
notify.adleadevent.com
Amazon		 2018-02-15 -
2019-03-15		 a year crt.sh
*.rlcdn.com
Go Daddy Secure Certificate Authority - G2		 2017-05-08 -
2019-06-21		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Frame ID: 9707FC61E97A6878AB8B4AF5BAB541FF
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://red.affairessouslesoleil.fr/click/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVjMWE4YjQyODBiMjlfNzYiO3... HTTP 302
    http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

16
Requests

13 %
HTTPS

0 %
IPv6

8
Domains

17
Subdomains

7
IPs

4
Countries

214 kB
Transfer

218 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://red.affairessouslesoleil.fr/click/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVjMWE4YjQyODBiMjlfNzYiO30%253D/ZGlkaWVyLmtlbXAlNDBzbmNmLmZy/14976204/802337 HTTP 302
    http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://ep.affairessouslesoleil.fr/tags/pixel.php?h=&source=1526 HTTP 301
  • http://email-reflex.com/tags/pixel.php?h=&source=1526
Request Chain 12
  • https://crt.lesmeilleuresoffres.fr/adtckrtg.php?ids=2005&hash=e4e5d47ac4db0dc3eb9b4da4995276b3&hash256=5fde74d2550a02bb64ffae069ed606f04f70fede396ded3d31b0023346cb50e6 HTTP 301
  • https://notify.adleadevent.com/adtckrtg.php?ids=2005&hash=e4e5d47ac4db0dc3eb9b4da4995276b3&hash256=5fde74d2550a02bb64ffae069ed606f04f70fede396ded3d31b0023346cb50e6
Request Chain 13
  • https://ejp.rlcdn.com/708719.gif?m=e4e5d47ac4db0dc3eb9b4da4995276b3&n=1 HTTP 302
  • https://iei.rlcdn.com/708719.gif?partner_uid=XY1005PfvaEAYzYphGewUNzHAL1Ytv8U--4otJhN9t2-p5NgM&ipel=Xi1005mTOW0hLORYF1GgAp4wd4e7p_ru4nWQK-ojTEEcBKqtzoGM-ma_-uCF3XTexaxJox&n=1&pdata=eu-translator-ghost HTTP 302
  • https://iei.rlcdn.com/708719.gif?n=1&partner_uid=XY1005PfvaEAYzYphGewUNzHAL1Ytv8U--4otJhN9t2-p5NgM&pdata=eu-translator-ghost&ipel=Xi1005mTOW0hLORYF1GgAp4wd4e7p_ru4nWQK-ojTEEcBKqtzoGM-ma_-uCF3XTexaxJox&redirect=1 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fpartner_uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fpartner_uid%253D%2524UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?partner_uid=1144531924121365791

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Mirror.php
red.affairessouslesoleil.fr/
Redirect Chain
  • http://red.affairessouslesoleil.fr/click/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVjMWE4YjQyODBiMjlfNzYiO30%253D/ZGlkaWVyLmtlbXAlNDBzbmNmLmZy/14976204/802337
  • http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Protocol
HTTP/1.1
Server
46.105.114.188 , France, ASN16276 (OVH, FR),
Reverse DNS
e9-webmxt.emslip.com
Software
Apache/2.2.22 (Debian) / PHP/5.4.4-14+deb7u7
Resource Hash
5f0f52effb7046711e6b809ebda3ef21284d30c69e349c4e67c6153d5d15de15

Request headers

Host
red.affairessouslesoleil.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 13:44:14 GMT
Server
Apache/2.2.22 (Debian)
X-Powered-By
PHP/5.4.4-14+deb7u7
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2615
Connection
close
Content-Type
text/html

Redirect headers

Date
Thu, 10 Jan 2019 13:44:13 GMT
Server
Apache/2.2.22 (Debian)
X-Powered-By
PHP/5.4.4-14+deb7u7
Set-Cookie
BMT__beverlymail__data_sendout_5c1a8b4280b29_76=1547127853__didier.kemp%40sncf.fr; expires=Sun, 10-Feb-2019 13:44:13 GMT
Location
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
25
Connection
close
Content-Type
text/html
imp.php
linkandclick.com/scripts/ 		42 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://linkandclick.com/scripts/imp.php?a_aid=53231841914da&a_bid=a2ftk2bs&chan=qzgtpul0
Requested by
Host: red.affairessouslesoleil.fr
URL: http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Protocol
HTTP/1.1
Server
62.210.250.55 , France, ASN12876 (AS12876, FR),
Reverse DNS
web.comandclick.com
Software
nginx / PHP/5.6.39, PleskLin
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Content-Security-Policy base-uri 'self' http://www.comandclick.com
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 13:44:13 GMT
Server
nginx
X-Powered-By
PHP/5.6.39, PleskLin
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, max-age=0, max-age=604800
Transfer-Encoding
chunked
Content-Security-Policy
base-uri 'self' http://www.comandclick.com
Connection
keep-alive
Expires
Thu, 17 Jan 2019 13:44:13 GMT
imgnewsletter.jpg
linkandclick.com/campagnes/skiexpress/decembre18/2/ 		157 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://linkandclick.com/campagnes/skiexpress/decembre18/2/imgnewsletter.jpg
Requested by
Host: red.affairessouslesoleil.fr
URL: http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Protocol
HTTP/1.1
Server
62.210.250.55 , France, ASN12876 (AS12876, FR),
Reverse DNS
web.comandclick.com
Software
nginx / PleskLin
Resource Hash
705f00dd1ea48a182d037ea6737b0095db896309f75f85000c6a15594f4f024d

Request headers

Referer
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 13:44:13 GMT
Last-Modified
Fri, 14 Dec 2018 16:53:34 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5c13e00e-274f4"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
161012
Expires
Thu, 17 Jan 2019 13:44:13 GMT
partenaires_ski_express.gif
linkandclick.com/campagnes/skiexpress/decembre18/2/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://linkandclick.com/campagnes/skiexpress/decembre18/2/partenaires_ski_express.gif
Requested by
Host: red.affairessouslesoleil.fr
URL: http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Protocol
HTTP/1.1
Server
62.210.250.55 , France, ASN12876 (AS12876, FR),
Reverse DNS
web.comandclick.com
Software
nginx / PleskLin
Resource Hash
c6b0dc4072416c0f2868de8bbc23811b97936961977191c44444096e40a4bd62

Request headers

Referer
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 13:44:13 GMT
Last-Modified
Fri, 14 Dec 2018 16:53:33 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5c13e00d-64c2"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25794
Expires
Thu, 17 Jan 2019 13:44:13 GMT
plus-ski-express.jpg
linkandclick.com/campagnes/skiexpress/decembre18/2/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://linkandclick.com/campagnes/skiexpress/decembre18/2/plus-ski-express.jpg
Requested by
Host: red.affairessouslesoleil.fr
URL: http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Protocol
HTTP/1.1
Server
62.210.250.55 , France, ASN12876 (AS12876, FR),
Reverse DNS
web.comandclick.com
Software
nginx / PleskLin
Resource Hash
ca088ad966ae65ff73f281701660925947c879b98f15b153b13b1b0093960c79

Request headers

Referer
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 13:44:13 GMT
Last-Modified
Fri, 14 Dec 2018 16:53:33 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5c13e00d-6642"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26178
Expires
Thu, 17 Jan 2019 13:44:13 GMT
p
adth.affairessouslesoleil.fr/ 		0
0
asset
squad.affairessouslesoleil.fr/1175/ 		0
0
pixel.php
email-reflex.com/tags/
Redirect Chain
  • http://ep.affairessouslesoleil.fr/tags/pixel.php?h=&source=1526
  • http://email-reflex.com/tags/pixel.php?h=&source=1526
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://email-reflex.com/tags/pixel.php?h=&source=1526
Requested by
Host: red.affairessouslesoleil.fr
URL: http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Protocol
HTTP/1.1
Server
80.70.210.161 , France, ASN34913 (DALENYS, FR),
Reverse DNS
email-reflex.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
email-reflex.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Connection
keep-alive
Cache-Control
no-cache
Referer
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 13:44:13 GMT
Via
1.1 varnish
Server
Apache
Age
0
X-Cache
MISS
P3P
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
X-Server-IP
10.67.37.23
X-Server
rp-front2-3
X-Varnish
738949040
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 10 Jan 2019 13:44:13 GMT
Content-Encoding
gzip
Server
Apache
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/html; charset=iso-8859-1
Location
http://email-reflex.com/tags/pixel.php?h=&source=1526
X-Server-IP
10.67.37.22
X-Varnish
536922497
Content-Length
222
Via
1.1 varnish
adtckrtg.php
sm.affairessouslesoleil.fr/ 		0
0
HDM.d
sr.affairessouslesoleil.fr/ 		0
0
bhills
crm4d.affairessouslesoleil.fr/emt/ 		0
0
wckr.php
tag.leadplace.fr/ 		35 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tag.leadplace.fr/wckr.php?id=BEV1&tracker=OE&id3rd=&sha=5fde74d2550a02bb64ffae069ed606f04f70fede396ded3d31b0023346cb50e6
Requested by
Host: red.affairessouslesoleil.fr
URL: http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Protocol
HTTP/1.1
Server
147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 13:44:13 GMT
Server
nginx/1.14.2
X-IPLB-Instance
13167
Transfer-Encoding
chunked
Content-Type
image/gif
7d392f62-6120-483c-aa86-b5e951c35f98
cm.affairessouslesoleil.fr/r/e4e5d47ac4db0dc3eb9b4da4995276b3/ 		0
0
adtckrtg.php
notify.adleadevent.com/
Redirect Chain
  • https://crt.lesmeilleuresoffres.fr/adtckrtg.php?ids=2005&hash=e4e5d47ac4db0dc3eb9b4da4995276b3&hash256=5fde74d2550a02bb64ffae069ed606f04f70fede396ded3d31b0023346cb50e6
  • https://notify.adleadevent.com/adtckrtg.php?ids=2005&hash=e4e5d47ac4db0dc3eb9b4da4995276b3&hash256=5fde74d2550a02bb64ffae069ed606f04f70fede396ded3d31b0023346cb50e6
43 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notify.adleadevent.com/adtckrtg.php?ids=2005&hash=e4e5d47ac4db0dc3eb9b4da4995276b3&hash256=5fde74d2550a02bb64ffae069ed606f04f70fede396ded3d31b0023346cb50e6
Requested by
Host: red.affairessouslesoleil.fr
URL: http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.153.254 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-16-153-254.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.3 / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 13:44:14 GMT
ETag
W/"2b-2eaaa083"
Server
nginx/1.10.3
X-Powered-By
Express
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://notify.adleadevent.com/adtckrtg.php?ids=2005&hash=e4e5d47ac4db0dc3eb9b4da4995276b3&hash256=5fde74d2550a02bb64ffae069ed606f04f70fede396ded3d31b0023346cb50e6
Date
Thu, 10 Jan 2019 13:42:02 GMT
Server
nginx/1.4.6 (Ubuntu)
Connection
keep-alive
Content-Length
193
Content-Type
text/html
52154.gif
idsync.rlcdn.com/
Redirect Chain
  • https://ejp.rlcdn.com/708719.gif?m=e4e5d47ac4db0dc3eb9b4da4995276b3&n=1
  • https://iei.rlcdn.com/708719.gif?partner_uid=XY1005PfvaEAYzYphGewUNzHAL1Ytv8U--4otJhN9t2-p5NgM&ipel=Xi1005mTOW0hLORYF1GgAp4wd4e7p_ru4nWQK-ojTEEcBKqtzoGM-ma_-uCF3XTexaxJox&n=1&pdata=eu-translator-ghost
  • https://iei.rlcdn.com/708719.gif?n=1&partner_uid=XY1005PfvaEAYzYphGewUNzHAL1Ytv8U--4otJhN9t2-p5NgM&pdata=eu-translator-ghost&ipel=Xi1005mTOW0hLORYF1GgAp4wd4e7p_ru4nWQK-ojTEEcBKqtzoGM-ma_-uCF3XTexax...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fpartner_uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fpartner_uid%253D%2524UID
  • https://idsync.rlcdn.com/52154.gif?partner_uid=1144531924121365791
42 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?partner_uid=1144531924121365791
Requested by
Host: red.affairessouslesoleil.fr
URL: http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.180.243 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-180-243.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 10 Jan 2019 13:44:14 GMT
cache-control
no-cache, no-store
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
timing-allow-origin
*
content-length
42
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jan 2019 13:44:16 GMT
AN-X-Request-Uuid
bcbd2c74-9d85-415c-86ab-e815887873d1
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://idsync.rlcdn.com/52154.gif?partner_uid=1144531924121365791
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.220.70.202; 185.220.70.202; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.244:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set 802337
red.affairessouslesoleil.fr/imp/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVjMWE4YjQyODBiMjlfNzYiO30%253D/didier.kemp%40sncf.fr/ 		43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://red.affairessouslesoleil.fr/imp/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVjMWE4YjQyODBiMjlfNzYiO30%253D/didier.kemp%40sncf.fr/802337
Requested by
Host: red.affairessouslesoleil.fr
URL: http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Protocol
HTTP/1.1
Server
46.105.114.188 , France, ASN16276 (OVH, FR),
Reverse DNS
e9-webmxt.emslip.com
Software
Apache/2.2.22 (Debian) / PHP/5.4.4-14+deb7u7
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
red.affairessouslesoleil.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
Connection
keep-alive
Cache-Control
no-cache
Referer
http://red.affairessouslesoleil.fr/Mirror.php?email=didier.kemp%40sncf.fr&sid=802123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jan 2019 13:44:14 GMT
Server
Apache/2.2.22 (Debian)
X-Powered-By
PHP/5.4.4-14+deb7u7
Content-Type
image/gif
Set-Cookie
BMT__beverlymail__data_sendout_5c1a8b4280b29_76=1547127854__didier.kemp%40sncf.fr; expires=Sun, 10-Feb-2019 13:44:14 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
close
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adth.affairessouslesoleil.fr
URL
http://adth.affairessouslesoleil.fr/p?f=gif&idp=9461dd427b4bfc2e&xi.e.md5=e4e5d47ac4db0dc3eb9b4da4995276b3&n.v.e=1
Domain
squad.affairessouslesoleil.fr
URL
http://squad.affairessouslesoleil.fr/1175/asset?type=IMG&optin=1&b_optin=1&email=e4e5d47ac4db0dc3eb9b4da4995276b3@MD5
Domain
sm.affairessouslesoleil.fr
URL
http://sm.affairessouslesoleil.fr/adtckrtg.php?ids=649&hash=e4e5d47ac4db0dc3eb9b4da4995276b3
Domain
sr.affairessouslesoleil.fr
URL
http://sr.affairessouslesoleil.fr/HDM.d?pa=21046&si=1&hd_m=e4e5d47ac4db0dc3eb9b4da4995276b3
Domain
crm4d.affairessouslesoleil.fr
URL
http://crm4d.affairessouslesoleil.fr/emt/bhills?eh=e4e5d47ac4db0dc3eb9b4da4995276b3
Domain
cm.affairessouslesoleil.fr
URL
http://cm.affairessouslesoleil.fr/r/e4e5d47ac4db0dc3eb9b4da4995276b3/7d392f62-6120-483c-aa86-b5e951c35f98

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies