link.protectionssante.fr Open in urlscan Pro
62.210.10.76 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH...
Submission: On December 28 via api (December 28th 2019, 10:42:50 pm UTC) from BE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 18 HTTP transactions. The main IP is 62.210.10.76, located in Paris, France and belongs to Online SAS, FR. The main domain is link.protectionssante.fr.

This is the only time link.protectionssante.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	62.210.10.76 62.210.10.76	12876 (Online SAS) (Online SAS)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
12 13	35.162.71.55 35.162.71.55	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
11	34.253.64.127 34.253.64.127	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
18	5

2 62.210.10.76 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 62-210-10-76.rev.poneytelecom.eu

link.protectionssante.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.162.71.55 (Boardman, United States) 12 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: info.rurgiechie.fr

thaselthe.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.253.64.127 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com

www.ocdn.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	thaselthe.fr 12 redirects thaselthe.fr	5 KB
11	ocdn.fr www.ocdn.fr	95 KB
2	gstatic.com fonts.gstatic.com	28 KB
2	googleapis.com fonts.googleapis.com	874 B
2	protectionssante.fr link.protectionssante.fr	8 KB
18	5

	Domain	Requested by
13	thaselthe.fr	12 redirects link.protectionssante.fr
11	www.ocdn.fr	link.protectionssante.fr
2	fonts.gstatic.com	link.protectionssante.fr
2	fonts.googleapis.com	link.protectionssante.fr
2	link.protectionssante.fr	link.protectionssante.fr
18	5

This site contains no links.

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
www.ocdn.fr Let's Encrypt Authority X3	`2019-11-29` - `2020-02-27`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Frame ID: CE8D724CBD0E3864DB497001251A6F21
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

18
Requests

83 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

133 kB
Transfer

162 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGc3BhY2VyZG90eXBvaW50Z2lm.gif HTTP 302
https://www.ocdn.fr/images/email2croixrouge/spacer.gif

Request Chain 3

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGZW5mYW5jZWRvdHlwb2ludGpwZwequalitequalit.jpg HTTP 302
https://www.ocdn.fr/images/email2croixrouge/enfance.jpg

Request Chain 4

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGYXJyb3dfcmVkZG90eXBvaW50anBn.jpg HTTP 302
https://www.ocdn.fr/images/email2croixrouge/arrow_red.jpg

Request Chain 5

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGbG9nb2RvdHlwb2ludGpwZwequalitequalit.jpg HTTP 302
https://www.ocdn.fr/images/email2croixrouge/logo.jpg

Request Chain 6

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGdGl0cmVkb3R5cG9pbnRqcGcequalit.jpg HTTP 302
https://www.ocdn.fr/images/email2croixrouge/titre.jpg

Request Chain 7

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGYmFuZGVhdWRvdHlwb2ludGpwZwequalitequalit.jpg HTTP 302
https://www.ocdn.fr/images/email2croixrouge/bandeau.jpg

Request Chain 8

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGYXJyb3dkb3R5cG9pbnRqcGcequalit.jpg HTTP 302
https://www.ocdn.fr/images/email2croixrouge/arrow.jpg

Request Chain 9

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGZmFjZWJvb2tkb3R5cG9pbnRqcGcequalit.jpg HTTP 302
https://www.ocdn.fr/images/email2croixrouge/facebook.jpg

Request Chain 10

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGdHdpdHRlcmRvdHlwb2ludGpwZwequalitequalit.jpg HTTP 302
https://www.ocdn.fr/images/email2croixrouge/twitter.jpg

Request Chain 11

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGZ29vZ2xlZG90eXBvaW50anBn.jpg HTTP 302
https://www.ocdn.fr/images/email2croixrouge/google.jpg

Request Chain 12

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGeW91dHViZWRvdHlwb2ludGpwZwequalitequalit.jpg HTTP 302
https://www.ocdn.fr/images/email2croixrouge/youtube.jpg

Request Chain 13

http://thaselthe.fr/8fce4c59fe83da9e15c8d291ffeaeed7/1f6806e39868fc3d82db292048231d78/GRZNmY0XZFzXLYy0/opt/129356/2657/em_[EMAIL_A_REMPLIR]_ail/i__p.jpg HTTP 302
http://thaselthe.fr/img/pix-1x1.jpg

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3 Show response
link.protectionssante.fr/p/d/ 39 KB
8 KB 661ms
394ms Document
text/html 62.210.10.76
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: HTTP/1.1
Server: 62.210.10.76 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-10-76.rev.poneytelecom.eu
Software: nginx/1.12.0 / PHP/5.6.30-0+deb8u1
Resource Hash: 8c0942485f04711896db07902bec40fff3588ce65f0b75fae04190007d793eaf

Request headers

Host: link.protectionssante.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx/1.12.0
Date: Sat, 28 Dec 2019 22:42:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 1 KB
434 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

8235befaa90794559978bcf134955b78f0d560f7448cb0119a7079e74de9b322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 28 Dec 2019 22:42:32 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 28 Dec 2019 22:42:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 28 Dec 2019 22:42:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 788 B
440 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter:400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

5faff5cedeb357d5cd1d25641b762f8c2da6e1fa8ce07d9115ed9b6624c3097c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 28 Dec 2019 22:42:32 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 28 Dec 2019 22:42:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 28 Dec 2019 22:42:32 GMT

GET
H2

200

spacer.gif
www.ocdn.fr/images/email2croixrouge/
Redirect Chain

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGc3BhY2VyZG90eXBvaW50Z2lm.gif
https://www.ocdn.fr/images/email2croixrouge/spacer.gif

1 KB
1 KB

122ms
36ms

Image
image/gif

34.253.64.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocdn.fr/images/email2croixrouge/spacer.gif
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.64.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3bc989be62975691fbdfa394f7965d9c8b765d5c13f6ee730152e58bc695661e

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Dec 2019 22:42:33 GMT
last-modified: Tue, 10 Dec 2019 16:29:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 1101
expires: Fri, 27 Mar 2020 22:42:33 GMT

Redirect headers

Pragma: public
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Type: image/gif
Location: https://www.ocdn.fr/images/email2croixrouge/spacer.gif
Cache-Control: public
Connection: close
Content-Length: 0
Expires: 0

GET
H2

200

enfance.jpg
www.ocdn.fr/images/email2croixrouge/
Redirect Chain

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGZW5mYW5jZWRvdHlwb2ludGpwZwequalitequalit.jpg
https://www.ocdn.fr/images/email2croixrouge/enfance.jpg

7 KB
7 KB

135ms
51ms

Image
image/jpeg

34.253.64.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocdn.fr/images/email2croixrouge/enfance.jpg
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.64.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f9efd7493f75815e3e1cd9f1e3b7c5f399d6f1d2fedb91b9279f7c99e2e0e4ed

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Dec 2019 22:42:33 GMT
last-modified: Tue, 10 Dec 2019 16:29:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6775
expires: Fri, 27 Mar 2020 22:42:33 GMT

Redirect headers

Pragma: public
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Type: image/jpg
Location: https://www.ocdn.fr/images/email2croixrouge/enfance.jpg
Cache-Control: public
Connection: close
Content-Length: 0
Expires: 0

GET
H2

200

arrow_red.jpg
www.ocdn.fr/images/email2croixrouge/
Redirect Chain

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGYXJyb3dfcmVkZG90eXBvaW50anBn.jpg
https://www.ocdn.fr/images/email2croixrouge/arrow_red.jpg

2 KB
2 KB

120ms
36ms

Image
image/jpeg

34.253.64.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocdn.fr/images/email2croixrouge/arrow_red.jpg
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.64.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 46e665dc210dfe66cb2a5580009d02d85a6e1946e72b002fb197d23225c79cf7

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Dec 2019 22:42:33 GMT
last-modified: Tue, 10 Dec 2019 16:29:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 1714
expires: Fri, 27 Mar 2020 22:42:33 GMT

Redirect headers

Pragma: public
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Type: image/jpg
Location: https://www.ocdn.fr/images/email2croixrouge/arrow_red.jpg
Cache-Control: public
Connection: close
Content-Length: 0
Expires: 0

GET
H2

200

logo.jpg
www.ocdn.fr/images/email2croixrouge/
Redirect Chain

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGbG9nb2RvdHlwb2ludGpwZwequalitequalit.jpg
https://www.ocdn.fr/images/email2croixrouge/logo.jpg

8 KB
9 KB

139ms
56ms

Image
image/jpeg

34.253.64.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocdn.fr/images/email2croixrouge/logo.jpg
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.64.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9aca51acf65695eca233dbedf3dbbcd8d61b78e807a23e0e6086601294ae8a1c

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Dec 2019 22:42:33 GMT
last-modified: Tue, 10 Dec 2019 16:29:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 8621
expires: Fri, 27 Mar 2020 22:42:33 GMT

Redirect headers

Pragma: public
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Type: image/jpg
Location: https://www.ocdn.fr/images/email2croixrouge/logo.jpg
Cache-Control: public
Connection: close
Content-Length: 0
Expires: 0

GET
H2

200

titre.jpg
www.ocdn.fr/images/email2croixrouge/
Redirect Chain

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGdGl0cmVkb3R5cG9pbnRqcGcequalit.jpg
https://www.ocdn.fr/images/email2croixrouge/titre.jpg

21 KB
21 KB

134ms
68ms

Image
image/jpeg

34.253.64.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocdn.fr/images/email2croixrouge/titre.jpg
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.64.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: be083e009ac49ffc4d071759485eea8981b576698fac5d59e28d1be1cda5a6ae

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Dec 2019 22:42:33 GMT
last-modified: Tue, 10 Dec 2019 16:29:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 21766
expires: Fri, 27 Mar 2020 22:42:33 GMT

Redirect headers

Pragma: public
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Type: image/jpg
Location: https://www.ocdn.fr/images/email2croixrouge/titre.jpg
Cache-Control: public
Connection: close
Content-Length: 0
Expires: 0

GET
H2

200

bandeau.jpg
www.ocdn.fr/images/email2croixrouge/
Redirect Chain

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGYmFuZGVhdWRvdHlwb2ludGpwZwequalitequalit.jpg
https://www.ocdn.fr/images/email2croixrouge/bandeau.jpg

49 KB
49 KB

141ms
75ms

Image
image/jpeg

34.253.64.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocdn.fr/images/email2croixrouge/bandeau.jpg
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.64.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b342149ed69bab354aa978685c5779b0346b877a2809515d0984405d285297e4

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Dec 2019 22:42:33 GMT
last-modified: Tue, 10 Dec 2019 16:29:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 49772
expires: Fri, 27 Mar 2020 22:42:33 GMT

Redirect headers

Pragma: public
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Type: image/jpg
Location: https://www.ocdn.fr/images/email2croixrouge/bandeau.jpg
Cache-Control: public
Connection: close
Content-Length: 0
Expires: 0

GET
H2

200

arrow.jpg
www.ocdn.fr/images/email2croixrouge/
Redirect Chain

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGYXJyb3dkb3R5cG9pbnRqcGcequalit.jpg
https://www.ocdn.fr/images/email2croixrouge/arrow.jpg

1 KB
1 KB

37ms
37ms

Image
image/jpeg

34.253.64.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocdn.fr/images/email2croixrouge/arrow.jpg
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.64.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f63de045418734c717fc5692445cc5a995e57824b87750a547dfd74d3e00a8fb

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Dec 2019 22:42:34 GMT
last-modified: Tue, 10 Dec 2019 16:29:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 1154
expires: Fri, 27 Mar 2020 22:42:34 GMT

Redirect headers

Pragma: public
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Type: image/jpg
Location: https://www.ocdn.fr/images/email2croixrouge/arrow.jpg
Cache-Control: public
Connection: close
Content-Length: 0
Expires: 0

GET
H2

200

facebook.jpg
www.ocdn.fr/images/email2croixrouge/
Redirect Chain

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGZmFjZWJvb2tkb3R5cG9pbnRqcGcequalit.jpg
https://www.ocdn.fr/images/email2croixrouge/facebook.jpg

886 B
1 KB

36ms
36ms

Image
image/jpeg

34.253.64.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocdn.fr/images/email2croixrouge/facebook.jpg
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.64.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 48fd5775b5d63fa37e61eaf6a9510cbabf6f57686e050474ece1477468640e4f

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Dec 2019 22:42:34 GMT
last-modified: Tue, 10 Dec 2019 16:29:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 886
expires: Fri, 27 Mar 2020 22:42:34 GMT

Redirect headers

Pragma: public
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Type: image/jpg
Location: https://www.ocdn.fr/images/email2croixrouge/facebook.jpg
Cache-Control: public
Connection: close
Content-Length: 0
Expires: 0

GET
H2

200

twitter.jpg
www.ocdn.fr/images/email2croixrouge/
Redirect Chain

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGdHdpdHRlcmRvdHlwb2ludGpwZwequalitequalit.jpg
https://www.ocdn.fr/images/email2croixrouge/twitter.jpg

895 B
1 KB

36ms
36ms

Image
image/jpeg

34.253.64.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocdn.fr/images/email2croixrouge/twitter.jpg
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.64.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5c0df01127da67f028c0e51ac64553cd1b6e6fc39657c68f184d1b3dd1fa8129

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Dec 2019 22:42:34 GMT
last-modified: Tue, 10 Dec 2019 16:29:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 895
expires: Fri, 27 Mar 2020 22:42:34 GMT

Redirect headers

Pragma: public
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Type: image/jpg
Location: https://www.ocdn.fr/images/email2croixrouge/twitter.jpg
Cache-Control: public
Connection: close
Content-Length: 0
Expires: 0

GET
H2

200

google.jpg
www.ocdn.fr/images/email2croixrouge/
Redirect Chain

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGZ29vZ2xlZG90eXBvaW50anBn.jpg
https://www.ocdn.fr/images/email2croixrouge/google.jpg

924 B
1 KB

36ms
36ms

Image
image/jpeg

34.253.64.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocdn.fr/images/email2croixrouge/google.jpg
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.64.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6757e0a16e7400b09d94b610d490d61be622c5517783c9ee74a12598723a1f9

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Dec 2019 22:42:34 GMT
last-modified: Tue, 10 Dec 2019 16:29:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 924
expires: Fri, 27 Mar 2020 22:42:34 GMT

Redirect headers

Pragma: public
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Type: image/jpg
Location: https://www.ocdn.fr/images/email2croixrouge/google.jpg
Cache-Control: public
Connection: close
Content-Length: 0
Expires: 0

GET
H2

200

youtube.jpg
www.ocdn.fr/images/email2croixrouge/
Redirect Chain

http://thaselthe.fr/contents_m/aHR0cHMlM0ElMkYlMkZ3d3dkb3R5cG9pbnRvY2RuZG90eXBvaW50ZnIlMkZpbWFnZXMlMkZlbWFpbDJjcm9peHJvdWdlJTJGeW91dHViZWRvdHlwb2ludGpwZwequalitequalit.jpg
https://www.ocdn.fr/images/email2croixrouge/youtube.jpg

936 B
1 KB

36ms
36ms

Image
image/jpeg

34.253.64.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocdn.fr/images/email2croixrouge/youtube.jpg
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.64.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-64-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1a07dedbf784365f30663f7af417a51eaef5f83fe96bb2d434df491b0ee72eda

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Dec 2019 22:42:34 GMT
last-modified: Tue, 10 Dec 2019 16:29:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 936
expires: Fri, 27 Mar 2020 22:42:34 GMT

Redirect headers

Pragma: public
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Type: image/jpg
Location: https://www.ocdn.fr/images/email2croixrouge/youtube.jpg
Cache-Control: public
Connection: close
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

pix-1x1.jpg
thaselthe.fr/img/
Redirect Chain

http://thaselthe.fr/8fce4c59fe83da9e15c8d291ffeaeed7/1f6806e39868fc3d82db292048231d78/GRZNmY0XZFzXLYy0/opt/129356/2657/em_[EMAIL_A_REMPLIR]_ail/i__p.jpg
http://thaselthe.fr/img/pix-1x1.jpg

1 KB
1 KB

364ms
347ms

Image
image/jpeg

35.162.71.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thaselthe.fr/img/pix-1x1.jpg
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: HTTP/1.1
Server: 35.162.71.55 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: info.rurgiechie.fr
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 754f53e102cc31c842b94662ae21030180523f4bcff166cda0002ecb42d4f5f1

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 28 Dec 2019 22:41:47 GMT
Last-Modified: Fri, 08 Jun 2018 09:57:44 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "40815b-465-56e1e6e721208"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 1125

Redirect headers

Pragma: no-cache
Date: Sat, 28 Dec 2019 22:41:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1
Location: http://thaselthe.fr/img/pix-1x1.jpg
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK HYiOloiajOJ_TcMyXSwBxha7PrqghNpnT7_axrhAempOZ-DAWR6pfLRrAHKdGuhQaHaaYI2KkEG4FUeFh2jPU7qqCd5Iwag5oKC3p9LzCU_yK6PBbAgTeRvmZbQDZZDR.gif
link.protectionssante.fr/p/o/ 35 B
231 B 61ms
44ms Image
image/gif 62.210.10.76
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://link.protectionssante.fr/p/o/HYiOloiajOJ_TcMyXSwBxha7PrqghNpnT7_axrhAempOZ-DAWR6pfLRrAHKdGuhQaHaaYI2KkEG4FUeFh2jPU7qqCd5Iwag5oKC3p9LzCU_yK6PBbAgTeRvmZbQDZZDR.gif
Requested by: Host: link.protectionssante.fr
URL: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
Protocol: HTTP/1.1
Server: 62.210.10.76 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-10-76.rev.poneytelecom.eu
Software: nginx/1.12.0 / PHP/5.6.30-0+deb8u1
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: http://link.protectionssante.fr/p/d/XuXr9eA8tAmUqz1jVhnyMkxWooVuXLX8oZ6jP12ENjAnztLMV2Mle30FvliF9Xp5q23dq6u05Ocht8YwXqu-GLgvq5FH1ef5k601vAzXg0LoxYlPVwojqWyRZ4-x7wd3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 28 Dec 2019 22:42:32 GMT
Server: nginx/1.12.0
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700
Origin: http://link.protectionssante.fr

Response headers

date: Thu, 19 Dec 2019 18:23:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 793168
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14176
x-xss-protection: 0
expires: Fri, 18 Dec 2020 18:23:04 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700
Origin: http://link.protectionssante.fr

Response headers

date: Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 3223461
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Fri, 20 Nov 2020 15:18:11 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
link.protectionssante.fr
thaselthe.fr
www.ocdn.fr
2a00:1450:4001:800::2003
2a00:1450:4001:809::200a
34.253.64.127
35.162.71.55
62.210.10.76
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
1a07dedbf784365f30663f7af417a51eaef5f83fe96bb2d434df491b0ee72eda
3bc989be62975691fbdfa394f7965d9c8b765d5c13f6ee730152e58bc695661e
46e665dc210dfe66cb2a5580009d02d85a6e1946e72b002fb197d23225c79cf7
48fd5775b5d63fa37e61eaf6a9510cbabf6f57686e050474ece1477468640e4f
5c0df01127da67f028c0e51ac64553cd1b6e6fc39657c68f184d1b3dd1fa8129
5faff5cedeb357d5cd1d25641b762f8c2da6e1fa8ce07d9115ed9b6624c3097c
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
754f53e102cc31c842b94662ae21030180523f4bcff166cda0002ecb42d4f5f1
8235befaa90794559978bcf134955b78f0d560f7448cb0119a7079e74de9b322
8c0942485f04711896db07902bec40fff3588ce65f0b75fae04190007d793eaf
9aca51acf65695eca233dbedf3dbbcd8d61b78e807a23e0e6086601294ae8a1c
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
b342149ed69bab354aa978685c5779b0346b877a2809515d0984405d285297e4
b6757e0a16e7400b09d94b610d490d61be622c5517783c9ee74a12598723a1f9
be083e009ac49ffc4d071759485eea8981b576698fac5d59e28d1be1cda5a6ae
f63de045418734c717fc5692445cc5a995e57824b87750a547dfd74d3e00a8fb
f9efd7493f75815e3e1cd9f1e3b7c5f399d6f1d2fedb91b9279f7c99e2e0e4ed

link.protectionssante.fr Open in urlscan Pro 62.210.10.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

83 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

4 Countries

133 kBTransfer

162 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

link.protectionssante.fr Open in urlscan Pro
62.210.10.76 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

83 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

133 kB
Transfer

162 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions