urlscan.io logo urlscan.io
SecurityTrails logo

tracker.awr.im Open in urlscan Pro
2606:4700:30::681b:9c78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.internaute-ces-jours-links.fr/c/n7h/odV/C15lZSDHYIAaPT243G_rja/i/b_1c/F/20a3c447
Effective URL: http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=...
Submission: On September 29 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 7 domains to perform 5 HTTP transactions. The main IP is 2606:4700:30::681b:9c78, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is tracker.awr.im.
This is the only time tracker.awr.im was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 80.209.249.242 47544 (IQPL-AS)
1 1 52.178.92.96 8075 (MICROSOFT...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 5
1    80.209.249.242 (Poland)

ASN47544 (IQPL-AS, PL)
PTR: 80-209-249-242.rev.iq.pl
links.internaute-ces-jours-links.fr
1    52.178.92.96 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
r.ar-mtch1.com
1    2606:4700:30::681b:9c78 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tracker.awr.im
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
1    2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
1 fonts.gstatic.com tracker.awr.im
1 fonts.googleapis.com tracker.awr.im
1 cdnjs.cloudflare.com tracker.awr.im
1 maxcdn.bootstrapcdn.com tracker.awr.im
1 tracker.awr.im
1 r.ar-mtch1.com 1 redirects
1 links.internaute-ces-jours-links.fr 1 redirects
5 7

This site contains no links.

Subject Issuer Validity Valid
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadventure%26eml-name%3DNL_ADV_Collectemai40Go10e%26eseg-name%3Didrouteur%26eseg-item%3D4239%26eurl%3Dhttps%3A%2F%2Fwww.red-by-sfr.fr%2Fforfaits-mobiles%2F%23redcpid%3Dt5_prm_NL_ADV_mai40Go10e
Frame ID: D49105C8E3189A25D120944806264270
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.internaute-ces-jours-links.fr/c/n7h/odV/C15lZSDHYIAaPT243G_rja/i/b_1c/F/20a3c447 HTTP 302
    https://r.ar-mtch1.com/Redirect?pid=cH&chid=Ec&md5=c6d5752db0427dd5fc7a019db7984715&sha256=c39997ce... HTTP 302
    http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=Re... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

5
Requests

80 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

5
IPs

4
Countries

53 kB
Transfer

203 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.internaute-ces-jours-links.fr/c/n7h/odV/C15lZSDHYIAaPT243G_rja/i/b_1c/F/20a3c447 HTTP 302
    https://r.ar-mtch1.com/Redirect?pid=cH&chid=Ec&md5=c6d5752db0427dd5fc7a019db7984715&sha256=c39997cee6acc5fa857f0fd6a2b35217e770dd3938575e84c8c4ef250342f63d&url=http%3a%2f%2ftracker.awr.im%2fredirect%2f%3fu%3dbic0eda0ecdj0idca0bgehbh0cg%26ctlemail%3dandreas%2540lemarcq.be%26ctl%3dRedBySfr2019%26redirect%3dhttp%253A%252F%252Fnrg.red-by-sfr.fr%252Fdynclick%252Fredbysfr%252F%253Feml-publisher%253Dadventure%2526eml-name%253DNL_ADV_Collectemai40Go10e%2526eseg-name%253Didrouteur%2526eseg-item%253D4239%2526eurl%253Dhttps%253A%252F%252Fwww.red-by-sfr.fr%252Fforfaits-mobiles%252F%2523redcpid%253Dt5_prm_NL_ADV_mai40Go10e&type=c&list=FR_LM_behrimoez75&esp=F HTTP 302
    http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadventure%26eml-name%3DNL_ADV_Collectemai40Go10e%26eseg-name%3Didrouteur%26eseg-item%3D4239%26eurl%3Dhttps%3A%2F%2Fwww.red-by-sfr.fr%2Fforfaits-mobiles%2F%23redcpid%3Dt5_prm_NL_ADV_mai40Go10e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
tracker.awr.im/redirect/
Redirect Chain
  • http://links.internaute-ces-jours-links.fr/c/n7h/odV/C15lZSDHYIAaPT243G_rja/i/b_1c/F/20a3c447
  • https://r.ar-mtch1.com/Redirect?pid=cH&chid=Ec&md5=c6d5752db0427dd5fc7a019db7984715&sha256=c39997cee6acc5fa857f0fd6a2b35217e770dd3938575e84c8c4ef250342f63d&url=http%3a%2f%2ftracker.awr.im%2fredirec...
  • http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadven...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadventure%26eml-name%3DNL_ADV_Collectemai40Go10e%26eseg-name%3Didrouteur%26eseg-item%3D4239%26eurl%3Dhttps%3A%2F%2Fwww.red-by-sfr.fr%2Fforfaits-mobiles%2F%23redcpid%3Dt5_prm_NL_ADV_mai40Go10e
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9c78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
66973c683dfb2a8b0d497d07b7a8bb3941248717fd248fd32a784b91e136f2ca

Request headers

Host
tracker.awr.im
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Sep 2019 19:55:18 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d4b040b73bc10b2ff6b7a9b2dd7093a261569786918; expires=Mon, 28-Sep-20 19:55:18 GMT; path=/; domain=.awr.im; HttpOnly trackingAdvc=k3132d46gbqv52jq3r2kif7f5d; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Server
cloudflare
CF-RAY
51e0838feacccba0-VIE

Redirect headers

Location
http://tracker.awr.im:80/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadventure%26eml-name%3DNL_ADV_Collectemai40Go10e%26eseg-name%3Didrouteur%26eseg-item%3D4239%26eurl%3Dhttps%3A%2F%2Fwww.red-by-sfr.fr%2Fforfaits-mobiles%2F%23redcpid%3Dt5_prm_NL_ADV_mai40Go10e
Server
Kestrel
Set-Cookie
adrakerv2did=CnlfB0VdDIcel72EtYopdQ; expires=Tue, 29 Sep 2020 19:55:18 GMT; domain=.ar-mtch1.com; path=/ adrakerv2vid=YGwvGwlxDogOXSYQolL2q3; expires=Tue, 29 Sep 2020 19:55:18 GMT; domain=.ar-mtch1.com; path=/
Date
Sun, 29 Sep 2019 19:55:18 GMT
Content-Length
0
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/ 		122 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/bootstrap.min.css
Requested by
Host: tracker.awr.im
URL: http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadventure%26eml-name%3DNL_ADV_Collectemai40Go10e%26eseg-name%3Didrouteur%26eseg-item%3D4239%26eurl%3Dhttps%3A%2F%2Fwww.red-by-sfr.fr%2Fforfaits-mobiles%2F%23redcpid%3Dt5_prm_NL_ADV_mai40Go10e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d

Request headers

Sec-Fetch-Mode
cors
Referer
http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadventure%26eml-name%3DNL_ADV_Collectemai40Go10e%26eseg-name%3Didrouteur%26eseg-item%3D4239%26eurl%3Dhttps%3A%2F%2Fwww.red-by-sfr.fr%2Fforfaits-mobiles%2F%23redcpid%3Dt5_prm_NL_ADV_mai40Go10e
Origin
http://tracker.awr.im
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Sep 2019 19:55:18 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:10 GMT
status
200
etag
"1544639650"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
18604
jquery.slim.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.slim.min.js
Requested by
Host: tracker.awr.im
URL: http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadventure%26eml-name%3DNL_ADV_Collectemai40Go10e%26eseg-name%3Didrouteur%26eseg-item%3D4239%26eurl%3Dhttps%3A%2F%2Fwww.red-by-sfr.fr%2Fforfaits-mobiles%2F%23redcpid%3Dt5_prm_NL_ADV_mai40Go10e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadventure%26eml-name%3DNL_ADV_Collectemai40Go10e%26eseg-name%3Didrouteur%26eseg-item%3D4239%26eurl%3Dhttps%3A%2F%2Fwww.red-by-sfr.fr%2Fforfaits-mobiles%2F%23redcpid%3Dt5_prm_NL_ADV_mai40Go10e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Sep 2019 19:55:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
14420840
status
200
served-in-seconds
0.052
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:15 GMT
server
cloudflare
etag
W/"5afd494f-10fdd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
51e0839078ebcba4-VIE
expires
Fri, 18 Sep 2020 19:55:18 GMT
css
fonts.googleapis.com/ 		2 KB
610 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: tracker.awr.im
URL: http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadventure%26eml-name%3DNL_ADV_Collectemai40Go10e%26eseg-name%3Didrouteur%26eseg-item%3D4239%26eurl%3Dhttps%3A%2F%2Fwww.red-by-sfr.fr%2Fforfaits-mobiles%2F%23redcpid%3Dt5_prm_NL_ADV_mai40Go10e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadventure%26eml-name%3DNL_ADV_Collectemai40Go10e%26eseg-name%3Didrouteur%26eseg-item%3D4239%26eurl%3Dhttps%3A%2F%2Fwww.red-by-sfr.fr%2Fforfaits-mobiles%2F%23redcpid%3Dt5_prm_NL_ADV_mai40Go10e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 29 Sep 2019 19:55:18 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sun, 29 Sep 2019 19:55:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 29 Sep 2019 19:55:18 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: tracker.awr.im
URL: http://tracker.awr.im/redirect/?u=bic0eda0ecdj0idca0bgehbh0cg&ctlemail=andreas%40lemarcq.be&ctl=RedBySfr2019&redirect=http%3A%2F%2Fnrg.red-by-sfr.fr%2Fdynclick%2Fredbysfr%2F%3Feml-publisher%3Dadventure%26eml-name%3DNL_ADV_Collectemai40Go10e%26eseg-name%3Didrouteur%26eseg-item%3D4239%26eurl%3Dhttps%3A%2F%2Fwww.red-by-sfr.fr%2Fforfaits-mobiles%2F%23redcpid%3Dt5_prm_NL_ADV_mai40Go10e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans
Origin
http://tracker.awr.im
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 21:41:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
2240034
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9132
x-xss-protection
0
expires
Wed, 02 Sep 2020 21:41:24 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
tracker.awr.im/ Name: trackingAdvc
Value: k3132d46gbqv52jq3r2kif7f5d
.awr.im/ Name: __cfduid
Value: d4b040b73bc10b2ff6b7a9b2dd7093a261569786918