urlscan.io logo urlscan.io
SecurityTrails logo

offresdebienvenue.com Open in urlscan Pro
37.187.142.148  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3ASykob
Effective URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=108...
Submission: On September 12 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 28 HTTP transactions. The main IP is 37.187.142.148, located in France and belongs to OVH, FR. The main domain is offresdebienvenue.com.
TLS certificate: Issued by Gandi Standard SSL CA 2 on January 4th 2022. Valid for: a year.
This is the only time offresdebienvenue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
1 1 13.37.184.104 16509 (AMAZON-02)
1 1 91.198.105.211 35393 (EURO-WEB-AS)
1 23 37.187.142.148 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
28 4
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    13.37.184.104 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-184-104.eu-west-3.compute.amazonaws.com
ea5vxpywfromosg-c.kmotrack.xyz
1    91.198.105.211 (France)

ASN35393 (EURO-WEB-AS, FR)
www.cdflow4.com
23    37.187.142.148 (France)

ASN16276 (OVH, FR)
PTR: sv1.medianoe.net
offresdebienvenue.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2606:4700::6812:15ac (United States)

ASN13335 (CLOUDFLARENET, US)
www.emma.fr
Apex Domain
Subdomains		 Transfer
23 offresdebienvenue.com
offresdebienvenue.com
626 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1565
88 KB
1 emma.fr
www.emma.fr
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 480
30 KB
1 cdflow4.com
www.cdflow4.com
848 B
1 kmotrack.xyz
ea5vxpywfromosg-c.kmotrack.xyz
267 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4581
275 B
28 7
Domain Requested by
23 offresdebienvenue.com 1 redirects offresdebienvenue.com
4 use.fontawesome.com offresdebienvenue.com
use.fontawesome.com
1 www.emma.fr offresdebienvenue.com
1 ajax.googleapis.com offresdebienvenue.com
1 www.cdflow4.com 1 redirects
1 ea5vxpywfromosg-c.kmotrack.xyz 1 redirects
1 bit.ly 1 redirects
28 7

This site contains links to these domains. Also see Links.

Domain
www.emma.fr
www.offresdebienvenue.com
Subject Issuer Validity Valid
www.offresdebienvenue.com
Gandi Standard SSL CA 2		 2022-01-04 -
2023-01-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Frame ID: 21D51B0D839FEA65B7174FE54383FA79
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Emma - Une offre de bienvenue rien que pour vous !

Page URL History Show full URLs

  1. https://bit.ly/3ASykob HTTP 301
    https://ea5vxpywfromosg-c.kmotrack.xyz/?o=917&a=1082&k=3193&s=61510&d=1787&affclickid= HTTP 301
    https://www.cdflow4.com/tracking/cpc.php?ids=1655&idv=9110&sid1=adk09a46d4887d0f61f84603691c087520ed... HTTP 302
    https://offresdebienvenue.com/emma/fr/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=1... HTTP 302
    https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=7... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

4
IPs

3
Countries

744 kB
Transfer

826 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3ASykob HTTP 301
    https://ea5vxpywfromosg-c.kmotrack.xyz/?o=917&a=1082&k=3193&s=61510&d=1787&affclickid= HTTP 301
    https://www.cdflow4.com/tracking/cpc.php?ids=1655&idv=9110&sid1=adk09a46d4887d0f61f84603691c087520ed7&sid2=1082-1787 HTTP 302
    https://offresdebienvenue.com/emma/fr/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0 HTTP 302
    https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offresdebienvenue.com/emma/fr/2022-08/
Redirect Chain
  • https://bit.ly/3ASykob
  • https://ea5vxpywfromosg-c.kmotrack.xyz/?o=917&a=1082&k=3193&s=61510&d=1787&affclickid=
  • https://www.cdflow4.com/tracking/cpc.php?ids=1655&idv=9110&sid1=adk09a46d4887d0f61f84603691c087520ed7&sid2=1082-1787
  • https://offresdebienvenue.com/emma/fr/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
  • https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PHP/7.0.33 PleskLin
Resource Hash
6377267a7139668c3a86c38433edab35c934ba6234d046a1425fbcf7b8dffe8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2471
Content-Type
text/html; charset=UTF-8
Content-type
text/html ; charset=utf-8
Date
Mon, 12 Sep 2022 06:11:59 GMT
Server
nginx
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.33 PleskLin

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 06:11:59 GMT
Location
2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/7.0.33 PleskLin
www.css
offresdebienvenue.com/emma/fr/2022-08/html/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/css/www.css
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
67b9d86bffe01630ab3ab4fcf014b1f4068d5a3717bc843d5948eef3c108da15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Mon, 29 Aug 2022 08:37:21 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"630c7ac1-1b2d"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6957
box.css
offresdebienvenue.com/emma/fr/2022-08/html/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/css/box.css
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
405570b456b8d7a4104edd265093db539bd2864d1d6ee5ab77587f3406d206b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 10 Aug 2022 13:19:59 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62f3b07f-58d"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1421
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 19:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 19:22:05 GMT
c6a37f463c.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/c6a37f463c.js
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a23758b9c777d7eca4bbec5f35121e97e1b772094c9d187ceab03f5c11608137

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 06:11:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4021
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
KDFKNT5SG9G81Z2Y
x-amz-id-2
p/YVyYWgKy3tKl/t+ThZxy4PQMSw4NV40N4v694xqh27f4y2xNlmTntGc5fFDSpupoC+yJC1a+g=
last-modified
Thu, 01 Jul 2021 19:38:35 GMT
server
cloudflare
etag
W/"b5ce97d016476eee52bc2996f50fe8a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGPJ2giGo65OmRCpRm5DVQtX49lQOY5ij7fg4bEAmED7CBkyA%2BxswuZNGn9UWAVDiyhscCiIlwd3uyMz50mP2es%2Be%2Bdsz04HtTothKilR5t1NRSX1PP27BCAZRCUo%2Bv6Vk496yfA7YwAYy40ONd2MaZ6"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
74967d282f2391d7-FRA
general.js
offresdebienvenue.com/emma/fr/2022-08/html/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/js/general.js
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
ETag
"407-5d29f7fb509f2"
Last-Modified
Wed, 08 Dec 2021 09:56:07 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/html
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1031
verif_fr.js
offresdebienvenue.com/emma/fr/2022-08/html/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/js/verif_fr.js
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
d986373bcc3b994b481cec424e91e52f3e69a400570c08c62badb43aecfb0d95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 10 Aug 2022 13:20:00 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62f3b080-8aa"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2218
checkform.js
offresdebienvenue.com/emma/fr/2022-08/html/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/js/checkform.js
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
5684f9ca2aeee2535af431a1b59400456e483b2feb65ed3244d533e378719024

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 10 Aug 2022 13:20:00 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62f3b080-e34"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3636
box.js
offresdebienvenue.com/emma/fr/2022-08/html/js/box/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/js/box/box.js
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
7f4eec21020eac7b2845759eaeda3c1d38c02a107431aad70b27d4321eee7864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 10 Aug 2022 13:20:00 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62f3b080-2447"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9287
ini_slideshow.js
offresdebienvenue.com/emma/fr/2022-08/html/js/ 		832 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/js/ini_slideshow.js
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
6a58764fa83e6e8afb95e656d01f2bc0f779d50286c68ad0af6bb9259c3c7ff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Content-Encoding
gzip
ETag
"340-5e5e2e7f73e93-gzip"
Last-Modified
Wed, 10 Aug 2022 13:20:00 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
281
config.inc.php
offresdebienvenue.com/emma/fr/2022-08/html/js/ 		496 B
395 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/js/config.inc.php
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PHP/7.0.33, PleskLin
Resource Hash
1be368f78933cea6c2bebcd157d5ca452ae1b7b01ecd1d115db3fac941317f48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.0.33, PleskLin
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
Content-Length
142
logo.png
offresdebienvenue.com/emma/fr/2022-08/html/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/img/logo.png
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
1a8427e1645a62439d0d6f1bbe42eb86b6769090cdc14c8d7bacb4a5515e19d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 10 Aug 2022 13:20:00 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62f3b080-86a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2154
av1.png
offresdebienvenue.com/emma/fr/2022-08/html/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/img/av1.png
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
a84d84ba503423568c33ab9bb7b9a26c56a5c322f1d3ca43aa78658abd77b227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 10 Aug 2022 13:20:00 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62f3b080-16bf"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5823
av2.png
offresdebienvenue.com/emma/fr/2022-08/html/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/img/av2.png
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
ad51b42b20b6ba631bee219f41070352326e18f2f1e17d39e0e100711c98fcd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 10 Aug 2022 13:20:00 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62f3b080-1d3e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7486
av3.png
offresdebienvenue.com/emma/fr/2022-08/html/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/img/av3.png
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
d32b110dd44d5cbf751ae1fcf648462533b2d909ef3697dbf6dba38510247c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 10 Aug 2022 13:20:00 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62f3b080-14df"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5343
body_offre.jpg
offresdebienvenue.com/emma/fr/2022-08/html/img/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/img/body_offre.jpg
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
b6a23a995b1a24383fadbf3b58165a3037015a91b9893ad87bf004c407ce44fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 17 Aug 2022 14:57:28 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62fd01d8-1ec70"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
126064
body_offre_mobile.jpg
offresdebienvenue.com/emma/fr/2022-08/html/img/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/img/body_offre_mobile.jpg
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
8ffb20d2745389f3129bcb0700db4f00aaa68c1352f36345c9789bbdf1643fb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 17 Aug 2022 14:57:28 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62fd01d8-f11e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61726
body_offre_tablet.jpg
offresdebienvenue.com/emma/fr/2022-08/html/img/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/img/body_offre_tablet.jpg
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
d936b82616356c6ac27dc0a5203b0164dfcd0a4ddb377d6ecb8913a69bf28c2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 17 Aug 2022 14:57:28 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62fd01d8-1497e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84350
/
www.emma.fr/produits/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.emma.fr/produits/?utm_source=email_acquisition&utm_medium=medianoe&utm_campaign=acqui&utm_content=acqui_2022-08&utm_term=optinplus
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
c6a37f463c.css
use.fontawesome.com/ 		1 KB
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/c6a37f463c.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/c6a37f463c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb987f48a4dd9125670cdccb02faf0706139925a6236634f5651bae5288eedc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 06:11:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4020
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
GRRFHZSRT4Z0GMM6
x-amz-id-2
p3P91zDP9ahVs/b8a4EN7Ryl59ZqgpQ3Fwr+F32Fsd57UoJNcW3MWuaSAYxVaYwc1VU8zk9GizM=
last-modified
Thu, 01 Jul 2021 19:38:35 GMT
server
cloudflare
etag
W/"0dac4d23c2f5a88b158c8406589aed06"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlAUZrrKw53KaeWjIcmhtZSvvFqgl2Nsk09s3yGGoOXdnGjTXsWoXSSEbJfhRbEuLl5%2BlOaNC5weZg34pBoHfT1nQ7pplipN0O2eXruW7msBLdtSJ5n7SbK7SbREC3T5s%2BM4jYKero5Iq0Wo%2B7zL3OEk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
74967d287f8191d7-FRA
body_offre01.jpg
offresdebienvenue.com/emma/fr/2022-08/html/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/img/body_offre01.jpg
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
d4a2751fe588819a32a77db0c93be9649fa715447eb5ccc8a084d9809baa72ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
ETag
"407-5d29f7fb509f2"
Last-Modified
Wed, 08 Dec 2021 09:56:07 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/html
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1031
body_offre02.jpg
offresdebienvenue.com/emma/fr/2022-08/html/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/img/body_offre02.jpg
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
d4a2751fe588819a32a77db0c93be9649fa715447eb5ccc8a084d9809baa72ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
ETag
"407-5d29f7fb509f2"
Last-Modified
Wed, 08 Dec 2021 09:56:07 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/html
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1031
CeraProEmma-Regular.otf
offresdebienvenue.com/emma/fr/2022-08/html/fonts/ 		137 KB
137 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/fonts/CeraProEmma-Regular.otf
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/html/css/www.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
2d82645bea6b61f7a2e2643aaf728c1563bfa01afa79ce1933b6b8d1c22188be

Request headers

Referer
https://offresdebienvenue.com/emma/fr/2022-08/html/css/www.css
Origin
https://offresdebienvenue.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 10 Aug 2022 13:19:59 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62f3b07f-22404"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
140292
CeraRoundProEmma-Bold.otf
offresdebienvenue.com/emma/fr/2022-08/html/fonts/ 		167 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/fonts/CeraRoundProEmma-Bold.otf
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/html/css/www.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
61360cb141da690e179ebe9e8b03174454102a494f8a1672aca39d55d96349e0

Request headers

Referer
https://offresdebienvenue.com/emma/fr/2022-08/html/css/www.css
Origin
https://offresdebienvenue.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:11:59 GMT
Last-Modified
Wed, 10 Aug 2022 13:19:59 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62f3b07f-29a24"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
170532
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/c6a37f463c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/c6a37f463c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 06:11:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17211711
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
YNYFYTJYPA8MFS91
x-amz-id-2
sk0zsUQrJCjoG8lf+ElTVxsm/JiXn1nFoZ4H8xBPrj/IT2ltsrQxcAFt6jCc8r1g35mkObEuS+Y=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFebqPMndvLJF1YWfswndavxvtDoP2DS2yEdkEG%2BizlU50IAbG42Ltd6MVca71Obv7g1A4ip8%2FScRwNu2pB9dYowOgmvmQ%2FIxBk6PNQJt9MjTsRMo3ibf7Kuy9k34W1F9mE7QMLKwMeGXBVA5d6s0I47"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
74967d289f496957-FRA
closelabel.gif
offresdebienvenue.com/emma/fr/2022-08/html/img/ 		1004 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/img/closelabel.gif
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
519fcb62f921e946aab4d7fa4ba5ef3e52b99d90cb0b0b97c673510ede5656f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:12:00 GMT
ETag
"3ec-5e5e2e7f21e13"
Last-Modified
Wed, 10 Aug 2022 13:20:00 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1004
loading.gif
offresdebienvenue.com/emma/fr/2022-08/html/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offresdebienvenue.com/emma/fr/2022-08/html/img/loading.gif
Requested by
Host: offresdebienvenue.com
URL: https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.142.148 , France, ASN16276 (OVH, FR),
Reverse DNS
sv1.medianoe.net
Software
nginx / PleskLin
Resource Hash
81ea81be1d862d36c34b6dc4f12aefb87b656e319003263d8274974b48ccf869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offresdebienvenue.com/emma/fr/2022-08/?page=send&email=&civ=&prenom=&nom=&op=&prov=optinplus&cid=748&aid=10277&vid=10816&trid=@MTY1NS05MTEwLTE3OC4xNjIuMjA5LjEzOC0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:12:00 GMT
Last-Modified
Wed, 10 Aug 2022 13:20:00 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62f3b080-acf"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2767
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/c6a37f463c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/c6a37f463c.css
Origin
https://offresdebienvenue.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 06:11:59 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
175569
cf-ray
74967d28ec88bbeb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-amz-id-2
3sAqHVM2nnzqJzWcMTBKXHTlp4Yod8z8wHianWMSwAjD0OXpTkGN32hiZ+OKcGPh/VMcuyQJLGca0hfd3dZQfA==
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdjWhCqH78POtn6IzzZ2%2B5iv%2FjPI3I87MYS7tHHRbWph8f0RkAmTNDjssdtj2erGP8bs1Gu7UI1qDpo5yPthZKB99u%2BsBCqrbO8i4T5vgsrKkr0%2F%2FeEzFnlbZCDmGtiMlFCxuMhIxiFXr3PbBgjEg6TF"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
3GJC0PC8GZ3GFVBV
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
application/font-woff2

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| FontAwesomeCdnConfig string| cssUrl function| verifMail function| verif function| verifQualif number| slide_actu number| slide_actu2 function| slide_pic function| slide_pic2 string| lien_root object| tab_photos object| imgtmp

3 Cookies

Domain/Path Name / Value
www.cdflow4.com/tracking Name: confluent_trackingc2360
Value: 1
www.cdflow4.com/tracking Name: confluent_trackings2360
Value: 1655-9110-
.bit.ly/ Name: _bit
Value: m8c6bW-ac55ac6d6403b05fb8-00G

3 Console Messages

Source Level URL
Text
network error URL: https://offresdebienvenue.com/emma/fr/2022-08/html/js/general.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://offresdebienvenue.com/emma/fr/2022-08/html/img/body_offre01.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://offresdebienvenue.com/emma/fr/2022-08/html/img/body_offre02.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bit.ly
ea5vxpywfromosg-c.kmotrack.xyz
offresdebienvenue.com
use.fontawesome.com
www.cdflow4.com
www.emma.fr
13.37.184.104
2606:4700:3032::ac43:a9f7
2606:4700::6812:15ac
2a00:1450:4001:831::200a
37.187.142.148
67.199.248.10
91.198.105.211
1a8427e1645a62439d0d6f1bbe42eb86b6769090cdc14c8d7bacb4a5515e19d5
1be368f78933cea6c2bebcd157d5ca452ae1b7b01ecd1d115db3fac941317f48
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d82645bea6b61f7a2e2643aaf728c1563bfa01afa79ce1933b6b8d1c22188be
405570b456b8d7a4104edd265093db539bd2864d1d6ee5ab77587f3406d206b7
519fcb62f921e946aab4d7fa4ba5ef3e52b99d90cb0b0b97c673510ede5656f7
5684f9ca2aeee2535af431a1b59400456e483b2feb65ed3244d533e378719024
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
61360cb141da690e179ebe9e8b03174454102a494f8a1672aca39d55d96349e0
6377267a7139668c3a86c38433edab35c934ba6234d046a1425fbcf7b8dffe8d
67b9d86bffe01630ab3ab4fcf014b1f4068d5a3717bc843d5948eef3c108da15
6a58764fa83e6e8afb95e656d01f2bc0f779d50286c68ad0af6bb9259c3c7ff4
7f4eec21020eac7b2845759eaeda3c1d38c02a107431aad70b27d4321eee7864
81ea81be1d862d36c34b6dc4f12aefb87b656e319003263d8274974b48ccf869
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8ffb20d2745389f3129bcb0700db4f00aaa68c1352f36345c9789bbdf1643fb2
a23758b9c777d7eca4bbec5f35121e97e1b772094c9d187ceab03f5c11608137
a84d84ba503423568c33ab9bb7b9a26c56a5c322f1d3ca43aa78658abd77b227
ad51b42b20b6ba631bee219f41070352326e18f2f1e17d39e0e100711c98fcd4
b6a23a995b1a24383fadbf3b58165a3037015a91b9893ad87bf004c407ce44fd
cb987f48a4dd9125670cdccb02faf0706139925a6236634f5651bae5288eedc9
d32b110dd44d5cbf751ae1fcf648462533b2d909ef3697dbf6dba38510247c86
d4a2751fe588819a32a77db0c93be9649fa715447eb5ccc8a084d9809baa72ad
d936b82616356c6ac27dc0a5203b0164dfcd0a4ddb377d6ecb8913a69bf28c2e
d986373bcc3b994b481cec424e91e52f3e69a400570c08c62badb43aecfb0d95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855