newsplacements.fr Open in urlscan Pro
46.105.204.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news.bingo-facile.fr/VEVMVl8NztEKgjAUANBfSkOyR4XJ5naVee8MehlkIJlk1mpzX1_nCw4x1ds1uUjivN163MwkUjj0ejdWge1BzdIDDQko4V3k...
Effective URL:
https://newsplacements.fr/crypto-3/?subaff_id=CRP10-195&affiliateid=VARIABLEAFFILIE&transaction_id=
Submission: On February 15 via api (February 15th 2022, 8:45:30 pm UTC) from BE — Scanned from FR

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 46.105.204.23, located in France and belongs to OVH, FR. The main domain is newsplacements.fr.
TLS certificate: Issued by R3 on January 20th 2022. Valid for: 3 months.

This is the only time newsplacements.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	46.4.134.0 46.4.134.0	24940 (HETZNER-AS) (HETZNER-AS)
1 1	54.185.100.117 54.185.100.117	16509 (AMAZON-02) (AMAZON-02)
1 11	46.105.204.23 46.105.204.23	16276 (OVH) (OVH)
10	1

1 46.4.134.0 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.0.134.4.46.clients.your-server.de

news.bingo-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.185.100.117 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-100-117.us-west-2.compute.amazonaws.com

pulami.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 46.105.204.23 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: cluster023.hosting.cdn.ovh.net

newsplacements.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	newsplacements.fr 1 redirects newsplacements.fr	198 KB
1	pulami.fr 1 redirects pulami.fr	814 B
1	bingo-facile.fr 1 redirects news.bingo-facile.fr	264 B
10	3

	Domain	Requested by
11	newsplacements.fr	1 redirects newsplacements.fr
1	pulami.fr	1 redirects
1	news.bingo-facile.fr	1 redirects
10	3

This site contains no links.

Subject Issuer	Validity	Valid
leadmanager.fr R3	`2022-01-20` - `2022-04-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://newsplacements.fr/crypto-3/?subaff_id=CRP10-195&affiliateid=VARIABLEAFFILIE&transaction_id=
Frame ID: 81BC235B4BAE61BD0BB6891CEF548392
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Investir dans la Crypto monnaie

Page URL History Show full URLs

https://news.bingo-facile.fr/VEVMVl8NztEKgjAUANBfSkOyR4XJ5naVee8MehlkIJlk1mpzX1_nCw4x1ds1uUjivN163MwkUjj0... HTTP 302
http://pulami.fr/clicMFG.php?i=20689&c=4341&email=&url=https%3A%2F%2Fnewsplacementsdotypointf... HTTP 302
https://newsplacements.fr/crypto-3/?subaff_id=CRP8-195&affiliateid=VARIABLEAFFILIE HTTP 302
https://newsplacements.fr/crypto-3/?subaff_id=CRP10-195&affiliateid=VARIABLEAFFILIE&transaction_id= Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

3
Countries

198 kB
Transfer

365 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news.bingo-facile.fr/VEVMVl8NztEKgjAUANBfSkOyR4XJ5naVee8MehlkIJlk1mpzX1_nCw4x1ds1uUjivN163MwkUjj0ejdWge1BzdIDDQko4V3kaO7fhmYZgCCCQu-IpaUFjQsXUxFanX90zmBwW8kFvZMmgi9zVyuZAd6yGjkuBFbF41XKkcu5o0eoz6ZazfPUvUxh6T_6AV9URUxW HTTP 302
http://pulami.fr/clicMFG.php?i=20689&c=4341&email=&url=https%3A%2F%2Fnewsplacementsdotypointfr%2Fcrypto-3%2F%3Fsubaff_id%3DCRP8-195%26affiliateid%3DVARIABLEAFFILIE HTTP 302
https://newsplacements.fr/crypto-3/?subaff_id=CRP8-195&affiliateid=VARIABLEAFFILIE HTTP 302
https://newsplacements.fr/crypto-3/?subaff_id=CRP10-195&affiliateid=VARIABLEAFFILIE&transaction_id= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response newsplacements.fr/crypto-3/ Redirect Chain https://news.bingo-facile.fr/VEVMVl8NztEKgjAUANBfSkOyR4XJ5naVee8MehlkIJlk1mpzX1_nCw4x1ds1uUjivN163MwkUjj0ejdWge1BzdIDDQko4V3kaO7fhmYZgCCCQu-IpaUFjQsXUxFanX90zmBwW8kFvZMmgi9zVyuZAd6yGjkuBFbF41XKkcu5... http://pulami.fr/clicMFG.php?i=20689&c=4341&email=&url=https%3A%2F%2Fnewsplacementsdotypointfr%2Fcrypto-3%2F%3Fsubaff_id%3DCRP8-195%26affiliateid%3DVARIABLEAFFILIE https://newsplacements.fr/crypto-3/?subaff_id=CRP8-195&affiliateid=VARIABLEAFFILIE https://newsplacements.fr/crypto-3/?subaff_id=CRP10-195&affiliateid=VARIABLEAFFILIE&transaction_id=	8 KB 3 KB	14ms 14ms	Document text/html	46.105.204.23 OVH
General Check archive.org Show headers Download Go to Full URL https://newsplacements.fr/crypto-3/?subaff_id=CRP10-195&affiliateid=VARIABLEAFFILIE&transaction_id= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.204.23 , France, ASN16276 (OVH, FR), Reverse DNS cluster023.hosting.cdn.ovh.net Software / PHP/7.2 Resource Hash `7aba3e10b70444baa1202c3920b933a5802cc6866f4f58d561d14ffe702bad0f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers date Tue, 15 Feb 2022 20:45:22 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.2 content-encoding br age 3 x-cdn-cache HIT x-cdn-request-id 203621327 x-cdn-pop rbx accept-ranges bytes content-length 2370 Redirect headers date Tue, 15 Feb 2022 20:45:25 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.2 location https://newsplacements.fr/crypto-3/?subaff_id=CRP10-195&affiliateid=VARIABLEAFFILIE&transaction_id= content-encoding gzip age 0 x-cdn-cache MISS x-cdn-request-id 203621326 x-cdn-pop rbx
GET H2	200	style_20210922.css newsplacements.fr/crypto-3/	10 KB 2 KB	14ms 14ms	Stylesheet text/css	46.105.204.23 OVH
General Check archive.org Show headers Download Go to Full URL https://newsplacements.fr/crypto-3/style_20210922.css Requested by Host: newsplacements.fr URL: https://newsplacements.fr/crypto-3/?subaff_id=CRP10-195&affiliateid=VARIABLEAFFILIE&transaction_id= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.204.23 , France, ASN16276 (OVH, FR), Reverse DNS cluster023.hosting.cdn.ovh.net Software / Resource Hash `dc75d8c94385b30c72efb49ff969dd55565213e6c2b30ce1023694b0501fecb7` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://newsplacements.fr/crypto-3/?subaff_id=CRP10-195&affiliateid=VARIABLEAFFILIE&transaction_id= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 20:45:22 GMT content-encoding br last-modified Thu, 07 Oct 2021 17:06:54 GMT x-cdn-cache HIT age 3 content-type text/css cache-control max-age=900 x-cdn-pop rbx accept-ranges bytes x-cdn-request-id 203621328 content-length 2288 expires Tue, 15 Feb 2022 21:00:22 GMT
GET H2	200	logos.svg newsplacements.fr/crypto-3/images/	4 KB 1 KB	15ms 14ms	Image image/svg+xml	46.105.204.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://newsplacements.fr/crypto-3/images/logos.svg Requested by Host: newsplacements.fr URL: https://newsplacements.fr/crypto-3/?subaff_id=CRP10-195&affiliateid=VARIABLEAFFILIE&transaction_id= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.204.23 , France, ASN16276 (OVH, FR), Reverse DNS cluster023.hosting.cdn.ovh.net Software / Resource Hash `d265348f265c6585a8553c5419846ff3a883c56668c00ddfcd51340a583a9de4` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://newsplacements.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 20:45:22 GMT content-encoding gzip last-modified Thu, 07 Oct 2021 17:06:55 GMT x-cdn-cache HIT age 3 content-type image/svg+xml cache-control max-age=900 x-cdn-pop rbx accept-ranges bytes x-cdn-request-id 203621329 content-length 1216 expires Tue, 15 Feb 2022 21:00:22 GMT
GET H2	404	bg_header.svg newsplacements.fr/crypto-3/images/	196 B 196 B	28ms 27ms	Image text/html	46.105.204.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://newsplacements.fr/crypto-3/images/bg_header.svg Requested by Host: newsplacements.fr URL: https://newsplacements.fr/crypto-3/style_20210922.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.204.23 , France, ASN16276 (OVH, FR), Reverse DNS cluster023.hosting.cdn.ovh.net Software / Resource Hash `80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://newsplacements.fr/crypto-3/style_20210922.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 20:45:22 GMT content-encoding gzip x-cdn-cache HIT age 3 content-type text/html; charset=iso-8859-1 x-cdn-pop rbx x-cdn-request-id 203621330 content-length 173
GET H2	200	illustr_header.svg newsplacements.fr/crypto-3/images/	269 KB 131 KB	14ms 14ms	Image image/svg+xml	46.105.204.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://newsplacements.fr/crypto-3/images/illustr_header.svg Requested by Host: newsplacements.fr URL: https://newsplacements.fr/crypto-3/style_20210922.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.204.23 , France, ASN16276 (OVH, FR), Reverse DNS cluster023.hosting.cdn.ovh.net Software / Resource Hash `0955a26487d8274a88867a4d0b49fe87737c8a493cfa26c33093e0e1edb5e6be` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://newsplacements.fr/crypto-3/style_20210922.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 20:45:22 GMT content-encoding gzip last-modified Thu, 07 Oct 2021 17:06:55 GMT x-cdn-cache HIT age 3 content-type image/svg+xml cache-control max-age=900 x-cdn-pop rbx accept-ranges bytes x-cdn-request-id 203621331 content-length 133948 expires Tue, 15 Feb 2022 21:00:22 GMT
GET H2	200	montserrat_medium.woff2 newsplacements.fr/crypto-3/fonts/woff2/	14 KB 14 KB	51ms 51ms	Font application/octet-stream	46.105.204.23 OVH
General Check archive.org Show headers Download Go to Full URL https://newsplacements.fr/crypto-3/fonts/woff2/montserrat_medium.woff2 Requested by Host: newsplacements.fr URL: https://newsplacements.fr/crypto-3/style_20210922.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.204.23 , France, ASN16276 (OVH, FR), Reverse DNS cluster023.hosting.cdn.ovh.net Software / Resource Hash `dad81153cb015fb3434cd053af77f46f1a3ae83c9735930c48aa050df26e44c4` Request headers Referer https://newsplacements.fr/crypto-3/style_20210922.css Origin https://newsplacements.fr Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 20:45:22 GMT last-modified Thu, 07 Oct 2021 17:06:58 GMT x-cdn-cache HIT age 3 x-cdn-pop rbx accept-ranges bytes x-cdn-request-id 203621332 content-length 14152
GET H2	200	montserrat_bold.woff2 newsplacements.fr/crypto-3/fonts/woff2/	14 KB 14 KB	50ms 50ms	Font application/octet-stream	46.105.204.23 OVH
General Check archive.org Show headers Download Go to Full URL https://newsplacements.fr/crypto-3/fonts/woff2/montserrat_bold.woff2 Requested by Host: newsplacements.fr URL: https://newsplacements.fr/crypto-3/style_20210922.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.204.23 , France, ASN16276 (OVH, FR), Reverse DNS cluster023.hosting.cdn.ovh.net Software / Resource Hash `430f110b314a582b55dd6853c36759df601baa2c608a029fcb3f427c4719f73b` Request headers Referer https://newsplacements.fr/crypto-3/style_20210922.css Origin https://newsplacements.fr Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 20:45:25 GMT last-modified Thu, 07 Oct 2021 17:06:58 GMT x-cdn-cache MISS age 0 x-cdn-pop rbx accept-ranges bytes x-cdn-request-id 203621333 content-length 14116
GET H2	200	montserrat_regular.woff2 newsplacements.fr/crypto-3/fonts/woff2/	14 KB 14 KB	49ms 49ms	Font application/octet-stream	46.105.204.23 OVH
General Check archive.org Show headers Download Go to Full URL https://newsplacements.fr/crypto-3/fonts/woff2/montserrat_regular.woff2 Requested by Host: newsplacements.fr URL: https://newsplacements.fr/crypto-3/style_20210922.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.204.23 , France, ASN16276 (OVH, FR), Reverse DNS cluster023.hosting.cdn.ovh.net Software / Resource Hash `15349bbd9d7d527b01aedfb700750f554fe4da177e30334ffd55ef5f56a039a6` Request headers Referer https://newsplacements.fr/crypto-3/style_20210922.css Origin https://newsplacements.fr Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 20:45:22 GMT last-modified Thu, 07 Oct 2021 17:06:57 GMT x-cdn-cache HIT age 3 x-cdn-pop rbx accept-ranges bytes x-cdn-request-id 203621334 content-length 14172
GET H2	200	illustr_arguments.svg newsplacements.fr/crypto-3/images/	19 KB 4 KB	39ms 39ms	Image image/svg+xml	46.105.204.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://newsplacements.fr/crypto-3/images/illustr_arguments.svg Requested by Host: newsplacements.fr URL: https://newsplacements.fr/crypto-3/style_20210922.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.204.23 , France, ASN16276 (OVH, FR), Reverse DNS cluster023.hosting.cdn.ovh.net Software / Resource Hash `911978d302df34523e98b676f8aed3f3378cb6e2683f089afe5c12a339cff1af` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://newsplacements.fr/crypto-3/style_20210922.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 20:45:22 GMT content-encoding gzip last-modified Thu, 07 Oct 2021 17:06:55 GMT x-cdn-cache HIT age 3 content-type image/svg+xml cache-control max-age=900 x-cdn-pop rbx accept-ranges bytes x-cdn-request-id 203621335 content-length 4294 expires Tue, 15 Feb 2022 21:00:22 GMT
GET H2	200	montserrat_extrabold.woff2 newsplacements.fr/crypto-3/fonts/woff2/	14 KB 14 KB	38ms 38ms	Font application/octet-stream	46.105.204.23 OVH
General Check archive.org Show headers Download Go to Full URL https://newsplacements.fr/crypto-3/fonts/woff2/montserrat_extrabold.woff2 Requested by Host: newsplacements.fr URL: https://newsplacements.fr/crypto-3/style_20210922.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.204.23 , France, ASN16276 (OVH, FR), Reverse DNS cluster023.hosting.cdn.ovh.net Software / Resource Hash `39fa7e98ae2c9c54d6bf53973c32930a8eca120f32e0ed5536e1950971a2ebc5` Request headers Referer https://newsplacements.fr/crypto-3/style_20210922.css Origin https://newsplacements.fr Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 20:45:25 GMT last-modified Thu, 07 Oct 2021 17:06:58 GMT x-cdn-cache MISS age 0 x-cdn-pop rbx accept-ranges bytes x-cdn-request-id 203621336 content-length 14048

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| tom

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pulami.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: pnefie8nv69q7ipk82h4tejf32
			pulami.fr/	1969-12-31 23:59:59	Name: lmoxmhgpbb Value: https%3A%2F%2Fnewsplacements.fr%2Fcrypto-3%2F%3Fsubaff_id%3DCRP8-195%26affiliateid%3DVARIABLEAFFILIE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://newsplacements.fr/crypto-3/images/bg_header.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

news.bingo-facile.fr
newsplacements.fr
pulami.fr
46.105.204.23
46.4.134.0
54.185.100.117
0955a26487d8274a88867a4d0b49fe87737c8a493cfa26c33093e0e1edb5e6be
15349bbd9d7d527b01aedfb700750f554fe4da177e30334ffd55ef5f56a039a6
39fa7e98ae2c9c54d6bf53973c32930a8eca120f32e0ed5536e1950971a2ebc5
430f110b314a582b55dd6853c36759df601baa2c608a029fcb3f427c4719f73b
7aba3e10b70444baa1202c3920b933a5802cc6866f4f58d561d14ffe702bad0f
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
911978d302df34523e98b676f8aed3f3378cb6e2683f089afe5c12a339cff1af
d265348f265c6585a8553c5419846ff3a883c56668c00ddfcd51340a583a9de4
dad81153cb015fb3434cd053af77f46f1a3ae83c9735930c48aa050df26e44c4
dc75d8c94385b30c72efb49ff969dd55565213e6c2b30ce1023694b0501fecb7

newsplacements.fr Open in urlscan Pro 46.105.204.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

1 IPs

3 Countries

198 kBTransfer

365 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

newsplacements.fr Open in urlscan Pro
46.105.204.23 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

3
Countries

198 kB
Transfer

365 kB
Size

2
Cookies

10 HTTP transactions
0 data transactions