link.offresdujour.vip Open in urlscan Pro
51.178.47.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://track.offresdujour06.com/campaigns/ot313m02gk028/track-url/pa059xvqrx586/ca4264781df45ad445139ba0002cd608f2e8a87e
Effective URL:
https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586
Submission: On October 27 via api (October 27th 2022, 10:52:07 am UTC) from PL — Scanned from NL

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 51.178.47.221, located in France and belongs to OVH, FR. The main domain is link.offresdujour.vip.
TLS certificate: Issued by R3 on September 28th 2022. Valid for: 3 months.

This is the only time link.offresdujour.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	51.178.47.221 51.178.47.221	16276 (OVH) (OVH)
17	108.157.4.50 108.157.4.50	16509 (AMAZON-02) (AMAZON-02)
20	3

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track.offresdujour06.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.178.47.221 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: vps-8915c730.vps.ovh.net

link.offresdujour.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 108.157.4.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-50.dus51.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	tradedoubler.com vht.tradedoubler.com — Cisco Umbrella Rank: 105892 impfr.tradedoubler.com Failed	112 KB
4	offresdujour.vip 2 redirects link.offresdujour.vip	61 KB
1	offresdujour06.com 1 redirects track.offresdujour06.com	779 B
20	3

	Domain	Requested by
17	vht.tradedoubler.com	link.offresdujour.vip
4	link.offresdujour.vip	2 redirects link.offresdujour.vip
1	track.offresdujour06.com	1 redirects
0	impfr.tradedoubler.com Failed	link.offresdujour.vip
20	4

This site contains no links.

Subject Issuer	Validity	Valid
link.offresdujour.vip R3	`2022-09-28` - `2022-12-27`	3 months	crt.sh
*.tradedoubler.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586
Frame ID: E90742441A46E110713D3D69FE7C1C77
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

*|MC:SUBJECT|*

Page URL History Show full URLs

http://track.offresdujour06.com/campaigns/ot313m02gk028/track-url/pa059xvqrx586/ca4264781df45ad445139ba0002c... HTTP 301
https://link.offresdujour.vip/campaigns/ot313m02gk028/track-url/pa059xvqrx586/ca4264781df45ad445139ba0002c... HTTP 301
http://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586 HTTP 301
https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586 Page URL

Page Statistics

20
Requests

95 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

172 kB
Transfer

160 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://track.offresdujour06.com/campaigns/ot313m02gk028/track-url/pa059xvqrx586/ca4264781df45ad445139ba0002cd608f2e8a87e HTTP 301
https://link.offresdujour.vip/campaigns/ot313m02gk028/track-url/pa059xvqrx586/ca4264781df45ad445139ba0002cd608f2e8a87e HTTP 301
http://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586 HTTP 301
https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request pa059xvqrx586 Show response
link.offresdujour.vip/campaigns/ot313m02gk028/web-version/
Redirect Chain

http://track.offresdujour06.com/campaigns/ot313m02gk028/track-url/pa059xvqrx586/ca4264781df45ad445139ba0002cd608f2e8a87e
https://link.offresdujour.vip/campaigns/ot313m02gk028/track-url/pa059xvqrx586/ca4264781df45ad445139ba0002cd608f2e8a87e
http://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586
https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

59 KB
60 KB

139ms
139ms

Document
text/html

51.178.47.221
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.178.47.221 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-8915c730.vps.ovh.net

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.16 / PHP/7.4.16

Resource Hash

f625a47e1128af91da43b6b2a24f84de8292f1c11ee9ac62b1f1600e1b28232f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Oct 2022 10:52:02 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.16
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.16
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 287
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 27 Oct 2022 10:52:02 GMT
Keep-Alive: timeout=5, max=100
Location: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.16

GET
H/1.1 200
OK logo.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 10 KB
11 KB 111ms
39ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/logo.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

90abccc581cce318f1a7a3e3a687d94799f356a06a5c791b2ca14c81cf93f24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:56:02 GMT
Via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6960
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10234
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: aU_dS45VU8Lz8LER5tzcHgm4-W1bMdtBR27d3Lk_lq9JjdnrgNdPnA==

GET
H/1.1 200
OK visuel.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 38 KB
39 KB 115ms
44ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/visuel.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

ff472cb119fc626b69a56b0539f7a76fd6916bcab7866f93ea122d0aeae1c352

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:56:02 GMT
Via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6960
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 39313
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: xyqjU1O-hfQI2tiOZQ78aX-idrSjYrjsUAJozP7FeKF9ochifmjM4A==

GET
H/1.1 200
OK produit_1.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 3 KB
3 KB 112ms
41ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/produit_1.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

ab69ee2cd1770ab790164064d0f0e6ad33de5e40722652e346c797bd672fc1f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 06:21:23 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 16239
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2560
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: e88qzf-yqA_pmyJGoQSyvxnlHYpAwm4gENX6xQir2ggaThZj_EPviw==

GET
H/1.1 200
OK produit_2.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 3 KB
4 KB 112ms
40ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/produit_2.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

b75c64819057fd67f9c11e4daed258342842c3d9e42b09b57b85a93a172d2be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:54:36 GMT
Via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 7046
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3157
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: yN5pwYMBTzQwNg3hAOy7C_nSvDZdSKt3OZqnygIa8D6LUl7X8cAc8w==

GET
H/1.1 200
OK produit_3.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 3 KB
4 KB 116ms
45ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/produit_3.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

67cf87c441130e9854998436e53894bd20063672494a51dc897dca6cd4bc4233

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:54:37 GMT
Via: 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 7045
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3215
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: TeitJfAjiJpQoZNCA-Y1LXt8srWjneDJpbyVG4_EMemF0hRLSbxUbg==

GET
H/1.1 200
OK produit_4.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 3 KB
3 KB 112ms
41ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/produit_4.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

e295357e070a2e2d1ddf5d506668ccea3677da03575ff07636c4674ff6e23f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:56:02 GMT
Via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6960
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2657
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: 0NJN8m-sM1Qo-FZon9v3SkDiAf8aEgonrpspthCIoOuUw93Kquig9A==

GET
H/1.1 200
OK produit_5.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 2 KB
3 KB 39ms
38ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/produit_5.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

e7332e6d14c7e5f5f83fd2c20c910e34b9061958effc83879e26ff0c22eb4608

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 07:07:52 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 13450
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2544
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: hALQ2_RRWg_YzPch_8fxHkVrzeArA8blqqgP-w3CABH2pdXzv5mYiA==

GET
H/1.1 200
OK produit_6.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 3 KB
3 KB 40ms
40ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/produit_6.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

98ea48fc54bb9acdaf4461e32bfca3e7af0d205869a969c01e04918feb46dda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:54:36 GMT
Via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 7046
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2617
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: o6vU4AzsRWSuyogu1-AYGTn2RLlDfg5lIphIcRw_DdvokxHrSVx7mA==

GET
H/1.1 200
OK produit_7.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 2 KB
3 KB 44ms
44ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/produit_7.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

c1821701e681c1c53d00ca230abc63b8f9c559009eef6f3a3eb005c25fd89c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:57:45 GMT
Via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6857
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2267
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: nU5sbqqJSJ4BF6TKmq4G70Q7Nrp1HOnrfliXWp9sAAOafBBwMmINHA==

GET
H/1.1 200
OK produit_8.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 3 KB
3 KB 60ms
60ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/produit_8.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

b26dd58fab8d837238d3b44ebb6d48ffad88fc0e47712bdc1937e8cab8376975

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:57:57 GMT
Via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6845
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2822
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: uBXruygVH8Qg_XY8O76V7g99VFPhs9rR_pnqieul1v6UI_lM_4xdsA==

GET
H/1.1 200
OK footer.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 13 KB
14 KB 43ms
43ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/footer.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

1446c9a76d213d9b8cace3f09cf1351cbc13392f62a478a712aaf5d53e891f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:57:57 GMT
Via: 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6845
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 13418
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: 9oPQtmMGw4TuzRFx0qd6xQC4QNxdP5AjJVDKQj-LroD8RkC3ICJOkw==

GET
H/1.1 200
OK facebook.gif
vht.tradedoubler.com/file/313558/2022/1022/ 2 KB
2 KB 40ms
39ms Image
image/gif 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/facebook.gif

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

4f5b971fe47d4bdf3ebdd1d4f7f415a946d70cfbe6c01a3a57fadece3801f1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:57:32 GMT
Via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6870
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1805
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: zViogrDHXpUz7L1P1l-xO9gnRcMfXtwHTS0_9gnaIbHKNujTYlPRoQ==

GET
H/1.1 200
OK twitter.gif
vht.tradedoubler.com/file/313558/2022/1022/ 2 KB
2 KB 52ms
52ms Image
image/gif 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/twitter.gif

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

bc74bafedadb53b1ef8edb2c2b03e57c72950e4154da65a1ba4cee571d118280

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:59:50 GMT
Via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6732
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1856
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: qF5YEKH4nJKYqdQFIn_C0SHPMRJPRDIi0EI4zMRNUpdteSrUvUoCLA==

GET
H/1.1 200
OK youtube.gif
vht.tradedoubler.com/file/313558/2022/1022/ 2 KB
2 KB 43ms
43ms Image
image/gif 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/youtube.gif

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

c5c3340dcc4245b282082ba316767ab678c0e94d7f29bcf5bd1396f20ce96139

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:57:32 GMT
Via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6870
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1843
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: EhTKh7LNLm_JdIENZfRsoI9m1hwkWeIQGXmFLamnwpB2YnPvidvCZg==

GET
H/1.1 200
OK pinterest.gif
vht.tradedoubler.com/file/313558/2022/1022/ 2 KB
3 KB 39ms
39ms Image
image/gif 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/pinterest.gif

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

bb685a7a7c1ba216be0914f989f28f1192cf5763c70555cc7abf1ae0ee7353bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:57:32 GMT
Via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6870
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2325
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: gLPm4OLALPCODJ1LRlFgqP6l3qrHMyoBWv0nBwVJfaXzymp-VMAouA==

GET
H/1.1 200
OK instagram.gif
vht.tradedoubler.com/file/313558/2022/1022/ 2 KB
3 KB 45ms
45ms Image
image/gif 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/instagram.gif

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

944be056d3b9b1724478214f704590f53fe0871f4df6c04dcf532406fdc02996

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:59:50 GMT
Via: 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6732
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1921
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: PaMfkV6aSueFC2l9z7ySl2P59zw47Qh4eKA2e76a6AAEy11ktvBHGQ==

GET
H/1.1 200
OK maisonsdumonde_09.jpg
vht.tradedoubler.com/file/313558/2022/1022/ 9 KB
9 KB 42ms
41ms Image
image/jpeg 108.157.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/313558/2022/1022/maisonsdumonde_09.jpg

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-50.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

bc80dc8b38ffbd9339119a269564f39680f883a603b018057d12c306aac7b1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 27 Oct 2022 08:59:50 GMT
Via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-P2
Age: 6732
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8928
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 19 Oct 2022 15:51:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: eC4hWd4KtZK6UCC4cSbHYgM3Y_lgyvB1YQmvobjdiEby3BHhRfZbIw==

GET imp
impfr.tradedoubler.com/ 0
0

GET
H/1.1 200
OK pa059xvqrx586
link.offresdujour.vip/campaigns/ot313m02gk028/track-opening/ 0
542 B 93ms
92ms Image
application/json 51.178.47.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link.offresdujour.vip/campaigns/ot313m02gk028/track-opening/pa059xvqrx586

Requested by

Host: link.offresdujour.vip
URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.178.47.221 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-8915c730.vps.ovh.net

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.16 / PHP/7.4.16

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 10:52:02 GMT
Last-Modified: Thu, 27 Oct 2022 10:52:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.16
X-Powered-By: PHP/7.4.16
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Content-Type: application/json
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: impfr.tradedoubler.com
URL: https://impfr.tradedoubler.com/imp?type(img)g(25307750)a(3284282)

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
link.offresdujour.vip/	1969-12-31 23:59:59	Name: mwsid Value: mbmn8g35p36nfukkq6kf123bp4
.tradedoubler.com/	1970-01-20 15:46:43	Name: BT Value: 1z11zzwmz27QLXzzzz9ydUVIDRF
.tradedoubler.com/	1970-01-20 15:46:43	Name: PI Value: 1z11z1zwmzYThkFzFwSly1y25DEsyCaaCyyyA8cey1V4Wy2JX3Peyyy
.tradedoubler.com/	1970-01-20 15:46:43	Name: UI Value: 1z11zzwmz24Zi6Zz1R5wyNVBq

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586(Line 1201) Message: Mixed Content: The page at 'https://link.offresdujour.vip/campaigns/ot313m02gk028/web-version/pa059xvqrx586' was loaded over HTTPS, but requested an insecure element 'http://link.offresdujour.vip/campaigns/ot313m02gk028/track-opening/pa059xvqrx586'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://impfr.tradedoubler.com/imp?type(img)g(25307750)a(3284282) Message: Failed to load resource: net::ERR_INVALID_REDIRECT

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

impfr.tradedoubler.com
link.offresdujour.vip
track.offresdujour06.com
vht.tradedoubler.com
impfr.tradedoubler.com
108.157.4.50
2a06:98c1:3121::3
51.178.47.221
1446c9a76d213d9b8cace3f09cf1351cbc13392f62a478a712aaf5d53e891f47
4f5b971fe47d4bdf3ebdd1d4f7f415a946d70cfbe6c01a3a57fadece3801f1fa
67cf87c441130e9854998436e53894bd20063672494a51dc897dca6cd4bc4233
90abccc581cce318f1a7a3e3a687d94799f356a06a5c791b2ca14c81cf93f24d
944be056d3b9b1724478214f704590f53fe0871f4df6c04dcf532406fdc02996
98ea48fc54bb9acdaf4461e32bfca3e7af0d205869a969c01e04918feb46dda0
ab69ee2cd1770ab790164064d0f0e6ad33de5e40722652e346c797bd672fc1f7
b26dd58fab8d837238d3b44ebb6d48ffad88fc0e47712bdc1937e8cab8376975
b75c64819057fd67f9c11e4daed258342842c3d9e42b09b57b85a93a172d2be5
bb685a7a7c1ba216be0914f989f28f1192cf5763c70555cc7abf1ae0ee7353bc
bc74bafedadb53b1ef8edb2c2b03e57c72950e4154da65a1ba4cee571d118280
bc80dc8b38ffbd9339119a269564f39680f883a603b018057d12c306aac7b1f4
c1821701e681c1c53d00ca230abc63b8f9c559009eef6f3a3eb005c25fd89c3c
c5c3340dcc4245b282082ba316767ab678c0e94d7f29bcf5bd1396f20ce96139
e295357e070a2e2d1ddf5d506668ccea3677da03575ff07636c4674ff6e23f09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7332e6d14c7e5f5f83fd2c20c910e34b9061958effc83879e26ff0c22eb4608
f625a47e1128af91da43b6b2a24f84de8292f1c11ee9ac62b1f1600e1b28232f
ff472cb119fc626b69a56b0539f7a76fd6916bcab7866f93ea122d0aeae1c352

link.offresdujour.vip Open in urlscan Pro 51.178.47.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

20 Requests

95 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

172 kBTransfer

160 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

4 Cookies

2 Console Messages

Security Headers

Indicators

link.offresdujour.vip Open in urlscan Pro
51.178.47.221 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

172 kB
Transfer

160 kB
Size

4
Cookies

20 HTTP transactions
0 data transactions