journeesprivileges-zadigetvoltaire.fr Open in urlscan Pro
137.74.137.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.newsletter.info-unique.fr/c/?t=7df4fad-4!4-!m1-1zw-0i4mf
Effective URL:
https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Submission: On November 17 via api (November 17th 2019, 4:41:41 am UTC) from BE

Summary HTTP 33 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 33 HTTP transactions. The main IP is 137.74.137.68, located in France and belongs to OVH, FR. The main domain is journeesprivileges-zadigetvoltaire.fr.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 25th 2019. Valid for: 3 months.

This is the only time journeesprivileges-zadigetvoltaire.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	89.248.211.29 89.248.211.29	34993 (ODISO-AS) (ODISO-AS)
1 1	52.18.182.19 52.18.182.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	91.198.105.38 91.198.105.38	35393 (EURO-WEB-AS) (EURO-WEB-AS)
1 2	34.95.109.120 34.95.109.120	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.224.196.27 13.224.196.27	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
19	137.74.137.68 137.74.137.68	16276 (OVH) (OVH)
1	188.165.150.178 188.165.150.178	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	46.105.105.108 46.105.105.108	16276 (OVH) (OVH)
5	13.224.197.183 13.224.197.183	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	5.196.53.19 5.196.53.19	16276 (OVH) (OVH)
33	11

1 89.248.211.29 (Lambersart, France) 1 redirects

ASN34993 (ODISO-AS, FR)
PTR: mindproxy.odiso.net

t.newsletter.info-unique.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.182.19 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-182-19.eu-west-1.compute.amazonaws.com

trcd.info-unique.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.198.105.38 (France) 2 redirects

ASN35393 (EURO-WEB-AS, FR)
PTR: srv20.bewest.com

www.acharus.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gains-du-mois.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.109.120 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 120.109.95.34.bc.googleusercontent.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.27 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-27.fra2.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 137.74.137.68 (France)

ASN16276 (OVH, FR)
PTR: ip68.ip-137-74-137.eu

journeesprivileges-zadigetvoltaire.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.150.178 (France)

ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com

analytics.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.105.108 (France)

ASN16276 (OVH, FR)
PTR: ns3436175.ip-46-105-105.eu

events.sk.ht	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.197.183 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-183.fra2.r.cloudfront.net

d1h8fl8on3a554.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.196.53.19 (France)

ASN16276 (OVH, FR)
PTR: skaze.oxom.com

sk.ht	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	journeesprivileges-zadigetvoltaire.fr journeesprivileges-zadigetvoltaire.fr	134 KB
5	cloudfront.net d1h8fl8on3a554.cloudfront.net	10 MB
4	tradedoubler.com 1 redirects clk.tradedoubler.com vht.tradedoubler.com analytics.tradedoubler.com	12 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	sk.ht events.sk.ht sk.ht	20 KB
2	gains-du-mois.fr 1 redirects www.gains-du-mois.fr	2 KB
2	info-unique.fr 2 redirects t.newsletter.info-unique.fr trcd.info-unique.fr	1 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	acharus.fr 1 redirects www.acharus.fr	666 B
33	9

	Domain	Requested by
19	journeesprivileges-zadigetvoltaire.fr	clk.tradedoubler.com journeesprivileges-zadigetvoltaire.fr
5	d1h8fl8on3a554.cloudfront.net	journeesprivileges-zadigetvoltaire.fr
2	www.google-analytics.com	www.googletagmanager.com journeesprivileges-zadigetvoltaire.fr
2	clk.tradedoubler.com	1 redirects
2	www.gains-du-mois.fr	1 redirects journeesprivileges-zadigetvoltaire.fr
1	sk.ht	events.sk.ht
1	events.sk.ht	journeesprivileges-zadigetvoltaire.fr
1	www.googletagmanager.com	journeesprivileges-zadigetvoltaire.fr
1	analytics.tradedoubler.com	vht.tradedoubler.com
1	vht.tradedoubler.com	clk.tradedoubler.com
1	www.acharus.fr	1 redirects
1	trcd.info-unique.fr	1 redirects
1	t.newsletter.info-unique.fr	1 redirects
33	13

This site contains links to these domains. Also see Links.

Domain
www.zadig-et-voltaire.com
www.avent-media.fr
avent-media.fr

Subject Issuer	Validity	Valid
*.tradedoubler.com GlobalSign Domain Validation CA - SHA256 - G2	`2018-12-10` - `2021-01-27`	2 years	crt.sh
journeesprivileges-zadigetvoltaire.fr Let's Encrypt Authority X3	`2019-09-25` - `2019-12-24`	3 months	crt.sh
analytics.tradedoubler.com COMODO RSA Domain Validation Secure Server CA	`2018-02-02` - `2021-02-01`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
events.sk.ht Let's Encrypt Authority X3	`2019-10-02` - `2019-12-31`	3 months	crt.sh
www.gains-du-mois.fr Let's Encrypt Authority X3	`2019-10-14` - `2020-01-12`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
sk.ht Let's Encrypt Authority X3	`2019-10-20` - `2020-01-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Frame ID: D37A6B184564849358FF8002C880565B
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://t.newsletter.info-unique.fr/c/?t=7df4fad-4!4-!m1-1zw-0i4mf HTTP 302
http://trcd.info-unique.fr/trcd/trcdo.php?ts=1573828189&cidcdr=242404&emcdr=suspect%40safeonweb.be&emcd... HTTP 302
http://www.acharus.fr/tracking/cpc.php?ids=1&idv=2089&sid=&email=suspect%40safeonweb.be&nom=&preno... HTTP 302
http://www.gains-du-mois.fr/tracking/cpc.php?ids=1&idv=2089&sid=&email=suspect%40safeonweb.be&nom=&preno... HTTP 302
https://clk.tradedoubler.com/click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=ht... Page URL
https://clk.tradedoubler.com/click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=ht... HTTP 302
https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

33
Requests

100 %
HTTPS

17 %
IPv6

9
Domains

13
Subdomains

11
IPs

4
Countries

10503 kB
Transfer

11040 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.zadig-et-voltaire.com/eu/fr/privacy-policy
Title: la politique de confidentialité

Search URL Search Domain Scan URL

URL: http://www.avent-media.fr/

Search URL Search Domain Scan URL

URL: https://avent-media.fr/confidentialite/index.html
Title: politique de confidentialité.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.newsletter.info-unique.fr/c/?t=7df4fad-4!4-!m1-1zw-0i4mf HTTP 302
http://trcd.info-unique.fr/trcd/trcdo.php?ts=1573828189&cidcdr=242404&emcdr=suspect%40safeonweb.be&emcdrmd5=d89a49469cc482a0e1ea42bdabfae7dd&emcdrsha256=d6f96d5a49e5b615cad4c073489574276dbdc1dd3a8475d7b53f1ccead3d6dd3&urlcdr=http://www.acharus.fr/tracking/cpc.php?ids=1&idv=2089&sid=&email=suspect%40safeonweb.be&nom=&prenom=&civ=&cp=&redirect=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D302190%26a%3D2778171%26g%3D24668398%26epi%3DCAP%26epi2%3Dsuspect@safeonweb.be%26url%3Dhttps%3A%2F%2Fjourneesprivileges-zadigetvoltaire.fr%2F%3Femail%3Dsuspect@safeonweb.be%26gender%3D%26source%3DCAP HTTP 302
http://www.acharus.fr/tracking/cpc.php?ids=1&idv=2089&sid=&email=suspect%40safeonweb.be&nom=&prenom=&civ=&cp=&redirect=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D302190%26a%3D2778171%26g%3D24668398%26epi%3DCAP%26epi2%3Dsuspect@safeonweb.be%26url%3Dhttps%3A%2F%2Fjourneesprivileges-zadigetvoltaire.fr%2F%3Femail%3Dsuspect@safeonweb.be%26gender%3D%26source%3DCAP HTTP 302
http://www.gains-du-mois.fr/tracking/cpc.php?ids=1&idv=2089&sid=&email=suspect%40safeonweb.be&nom=&prenom=&civ=&cp=&redirect=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D302190%26a%3D2778171%26g%3D24668398%26epi%3DCAP%26epi2%3Dsuspect@safeonweb.be%26url%3Dhttps%3A%2F%2Fjourneesprivileges-zadigetvoltaire.fr%2F%3Femail%3Dsuspect@safeonweb.be%26gender%3D%26source%3DCAP HTTP 302
https://clk.tradedoubler.com/click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP Page URL
https://clk.tradedoubler.com/click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP HTTP 302
https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://t.newsletter.info-unique.fr/c/?t=7df4fad-4!4-!m1-1zw-0i4mf HTTP 302
http://trcd.info-unique.fr/trcd/trcdo.php?ts=1573828189&cidcdr=242404&emcdr=suspect%40safeonweb.be&emcdrmd5=d89a49469cc482a0e1ea42bdabfae7dd&emcdrsha256=d6f96d5a49e5b615cad4c073489574276dbdc1dd3a8475d7b53f1ccead3d6dd3&urlcdr=http://www.acharus.fr/tracking/cpc.php?ids=1&idv=2089&sid=&email=suspect%40safeonweb.be&nom=&prenom=&civ=&cp=&redirect=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D302190%26a%3D2778171%26g%3D24668398%26epi%3DCAP%26epi2%3Dsuspect@safeonweb.be%26url%3Dhttps%3A%2F%2Fjourneesprivileges-zadigetvoltaire.fr%2F%3Femail%3Dsuspect@safeonweb.be%26gender%3D%26source%3DCAP HTTP 302
http://www.acharus.fr/tracking/cpc.php?ids=1&idv=2089&sid=&email=suspect%40safeonweb.be&nom=&prenom=&civ=&cp=&redirect=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D302190%26a%3D2778171%26g%3D24668398%26epi%3DCAP%26epi2%3Dsuspect@safeonweb.be%26url%3Dhttps%3A%2F%2Fjourneesprivileges-zadigetvoltaire.fr%2F%3Femail%3Dsuspect@safeonweb.be%26gender%3D%26source%3DCAP HTTP 302
http://www.gains-du-mois.fr/tracking/cpc.php?ids=1&idv=2089&sid=&email=suspect%40safeonweb.be&nom=&prenom=&civ=&cp=&redirect=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D302190%26a%3D2778171%26g%3D24668398%26epi%3DCAP%26epi2%3Dsuspect@safeonweb.be%26url%3Dhttps%3A%2F%2Fjourneesprivileges-zadigetvoltaire.fr%2F%3Femail%3Dsuspect@safeonweb.be%26gender%3D%26source%3DCAP HTTP 302
https://clk.tradedoubler.com/click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP

33 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click Show response
clk.tradedoubler.com/
Redirect Chain

http://t.newsletter.info-unique.fr/c/?t=7df4fad-4!4-!m1-1zw-0i4mf
http://trcd.info-unique.fr/trcd/trcdo.php?ts=1573828189&cidcdr=242404&emcdr=suspect%40safeonweb.be&emcdrmd5=d89a49469cc482a0e1ea42bdabfae7dd&emcdrsha256=d6f96d5a49e5b615cad4c073489574276dbdc1dd3a84...
http://www.acharus.fr/tracking/cpc.php?ids=1&idv=2089&sid=&email=suspect%40safeonweb.be&nom=&prenom=&civ=&cp=&redirect=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D302190%26a%3D2778171%26g%3D24...
http://www.gains-du-mois.fr/tracking/cpc.php?ids=1&idv=2089&sid=&email=suspect%40safeonweb.be&nom=&prenom=&civ=&cp=&redirect=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D302190%26a%3D2778171%26...
https://clk.tradedoubler.com/click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP

1 KB
1 KB

35ms
15ms

Document
text/html

34.95.109.120
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.109.120 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 120.109.95.34.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: f7e56a0da4da40f3d204772245b33e896169e55656c11deb86345f5d930db208

Request headers

:method: GET
:authority: clk.tradedoubler.com
:scheme: https
:path: /click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=ISO-8859-1
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Sun, 17 Nov 2019 04:41:19 GMT
content-length: 1209
via: 1.1 google
alt-svc: clear

Redirect headers

Date: Sun, 17 Nov 2019 04:41:20 GMT
Server: Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips PHP/5.6.32
X-Powered-By: PHP/5.6.32
P3P: policyref="http://www.gains-du-mois.fr/w3c/p3p.xml",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Set-Cookie: trackingc503=1; expires=Mon, 18-Nov-2019 04:41:20 GMT; Max-Age=86400; path=/; domain=.gains-du-mois.fr trackings503=1-2089-; expires=Tue, 17-Dec-2019 04:41:20 GMT; Max-Age=2592000; path=/; domain=.gains-du-mois.fr
location: https://clk.tradedoubler.com/click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
mediapoc: cGxhdGZvcm06Y2FwYWZmaWxpYXRpb247aWRjOjUwMztpZHM6MTtpZHY6MjA4OTtzaWQ6O2xhbmc6REU7cmVtdTowLjAwO3JlbXVwOjtzdGF0dXQ6MTtzdGF0dXRfdmlzdToxOw==
Content-Length: 0
Keep-Alive: timeout=6, max=2048
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK prefs.js Show response
vht.tradedoubler.com/fp/ 9 KB
10 KB 32ms
6ms Script
application/javascript 13.224.196.27
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vht.tradedoubler.com/fp/prefs.js
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-27.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 00:31:33 GMT
Via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Server: Apache
Age: 198179
ETag: "2509-57841106334e6"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 9481
X-Amz-Cf-Id: DIY0PdenPynHOYAm7qBl1Zq6uBuwhm3gacWt9yP-BM-d1vWQqn4edw==
Expires: Thu, 31 Oct 2019 00:31:33 GMT

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
journeesprivileges-zadigetvoltaire.fr/
Redirect Chain

https://clk.tradedoubler.com/click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP

12 KB
4 KB

650ms
572ms

Document
text/html

137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=302190&a=2778171&g=24668398&epi=CAP&epi2=suspect@safeonweb.be&url=https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: d6f4f294aa823442d56e0ec45fe86fd1f350c61db97d76dc66e7a06e16d5364d

Request headers

Host: journeesprivileges-zadigetvoltaire.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://clk.tradedoubler.com/
Accept-Encoding: gzip, deflate, br
Origin: https://clk.tradedoubler.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://clk.tradedoubler.com/

Response headers

Date: Sun, 17 Nov 2019 04:41:20 GMT
Server: Apache/2.4.37 (Unix)
Set-Cookie: ci_session=70suo02c1sp0defrie340m5ej6mo9h15; expires=Sun, 17-Nov-2019 06:41:20 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3409
Content-Type: text/html; charset=UTF-8

Redirect headers

status: 302
location: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
set-cookie: EH_0=1z11z1zfAznj4wez1NuUyXs7w8xdyC7sAu6VgYcDDK%793XX9CDrCgWRQRo5pa6Um51FuC4Cc_XbG31f2IhUON6FoBFDjlLuktGq3BHo_K3NEeOKIK2HREnhQ0OFQ8Pfp;expires=Mon, 16-Nov-2020 04:41:20 GMT;path=/;domain=.tradedoubler.com GUID=1z11zzfAzRoxZ1zd20b728a2d64d5acbb63e677a7215b32;expires=Mon, 16-Nov-2020 04:41:20 GMT;path=/;domain=.tradedoubler.com TradeDoublerGUID=d20b728a2d64d5acbb63e677a7215b32;expires=Mon, 16-Nov-2020 04:41:20 GMT;path=/;domain=.tradedoubler.com
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Sun, 17 Nov 2019 04:41:19 GMT
content-length: 297
content-type: text/html; charset=ISO-8859-1
via: 1.1 google
alt-svc: clear

POST
H/1.1 200
OK /
analytics.tradedoubler.com/ 0
241 B 85ms
19ms Other
text/html 188.165.150.178
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tradedoubler.com/
Requested by: Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS: lb02.net.royalcactus.com
Software: nginx /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 17 Nov 2019 04:41:20 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK screen.css
journeesprivileges-zadigetvoltaire.fr/assets/css/prod/ 66 KB
10 KB 15ms
15ms Stylesheet
text/css 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/css/prod/screen.css
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: 0aa12599daa598cef0de41a7ac072a4f0ee719b7f0ae0610d449a17f9697eb00

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "109ff-5974b2a649f26-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 10210

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 73 KB
27 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:81b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130593747-33

Requested by

Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aec008a59f6561feb7b7d99bb63412ae914a28e5ba9b14e5c236cf145884e0ca

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 Nov 2019 04:41:21 GMT
content-encoding: br
last-modified: Sun, 17 Nov 2019 03:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27631
x-xss-protection: 0
expires: Sun, 17 Nov 2019 04:41:21 GMT

GET
H/1.1 200
OK volume-on.png
journeesprivileges-zadigetvoltaire.fr/assets/img/common/ 2 KB
3 KB 25ms
9ms Image
image/png 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/img/common/volume-on.png
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: a9d285047152772e7bf2eed2bd75bfb4d3a78f736f17345ea8a7b032f0a668af

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "9e4-5974b2a649f26"
Content-Type: image/png
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 2532

GET
H/1.1 200
OK volume-off.png
journeesprivileges-zadigetvoltaire.fr/assets/img/common/ 2 KB
2 KB 15ms
9ms Image
image/png 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/img/common/volume-off.png
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: 2237935a08dae5d3670447660b5700d550be61714752bc3de1d1396ce41f7ebc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "79b-5974b2a649f26"
Content-Type: image/png
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 1947

GET
H/1.1 200
OK logo-avent.png
journeesprivileges-zadigetvoltaire.fr/assets/img/landing/ 33 KB
33 KB 18ms
17ms Image
image/png 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/img/landing/logo-avent.png
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: e662739bd5b4336985b7d1ae923af4907b69f57d3ca9912f4aa330419b2b33a8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "83de-5974b2a64b930"
Content-Type: image/png
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 33758

GET
H/1.1 200
OK jquery-1.7.1.min.js Show response
journeesprivileges-zadigetvoltaire.fr/assets/js/libs/ 92 KB
33 KB 23ms
22ms Script
application/javascript 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/js/libs/jquery-1.7.1.min.js
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "16eac-5974b2a65caa0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 33140

GET
H/1.1 200
OK jquery.maskedinput-1.2.2.min.js Show response
journeesprivileges-zadigetvoltaire.fr/assets/js/libs/ 3 KB
2 KB 16ms
10ms Script
application/javascript 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/js/libs/jquery.maskedinput-1.2.2.min.js
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: c8e649cc18cdc2a9e84955339b411b1b152f17023a04d3d985e0b878422a907a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "dd3-5974b2a65caa0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 1650

GET
H/1.1 200
OK jquery.validate.min.js Show response
journeesprivileges-zadigetvoltaire.fr/assets/js/libs/ 21 KB
7 KB 28ms
11ms Script
application/javascript 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/js/libs/jquery.validate.min.js
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: 38d44a986cf44c041c3b451fad85b10e217793e28556e1f2577fa997750ff38b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "543a-5974b2a65caa0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 6812

GET
H/1.1 200
OK additional-methods.js Show response
journeesprivileges-zadigetvoltaire.fr/assets/js/libs/ 35 KB
10 KB 30ms
13ms Script
application/javascript 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/js/libs/additional-methods.js
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: c9f436ae79092323b81bfb1cd4c4646e24ad8e6254634c68a3b8c447c6dc1383

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "8a3b-5974b2a65caa0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 9839

GET
H/1.1 200
OK messages_fr.js Show response
journeesprivileges-zadigetvoltaire.fr/assets/js/libs/ 1 KB
805 B 27ms
10ms Script
application/javascript 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/js/libs/messages_fr.js
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: fa726df43fbe659c2b2cf430c1250071fb2da04de62cc06b13b0773aaea92d08

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "55d-5974b2a65caa0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 475

GET
H/1.1 200
OK remodal.min.js Show response
journeesprivileges-zadigetvoltaire.fr/assets/js/libs/ 7 KB
3 KB 24ms
11ms Script
application/javascript 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/js/libs/remodal.min.js
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: 4a07722a6f12b33c61fecdb7c412c258d8ca99cef79045b4b07932d3c8dde4c3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "1de5-5974b2a65d7a6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 2616

GET
H/1.1 200
OK response.min.js Show response
journeesprivileges-zadigetvoltaire.fr/assets/js/libs/ 9 KB
4 KB 13ms
12ms Script
application/javascript 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/js/libs/response.min.js
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: 9ce429741964cbd15a2adabc55b221240d2131aae1fa4b8ea4d6356107359b96

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "2211-5974b2a65d7a6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 3774

GET
H/1.1 200
OK main.js Show response
journeesprivileges-zadigetvoltaire.fr/assets/js/ 1 KB
763 B 10ms
10ms Script
application/javascript 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/js/main.js
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: 8448559225fbaf422042acd407541805f17203760b7547446506143e73c3d386

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "5da-5974b2a65d7a6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 433

GET
H/1.1 200
OK index.js Show response
journeesprivileges-zadigetvoltaire.fr/assets/js/ 8 KB
2 KB 12ms
11ms Script
application/javascript 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/js/index.js
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: f0c62d0d3c85db2bd598a28aa9df6a4975025ea6ad02f5faf5478fa646c86f12

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "21c6-5974b2a65caa0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 2129

GET
H/1.1 200
OK lib.js Show response
events.sk.ht/avent/ 19 KB
20 KB 79ms
32ms Script
application/javascript 46.105.105.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.sk.ht/avent/lib.js
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.105.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3436175.ip-46-105-105.eu
Software: nginx/1.10.3 /
Resource Hash: 8dd1c1ec6f6373960ed7a22823e2319d9686da3350bcca891107b75f5eab198c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Last-Modified: Mon, 04 Feb 2019 10:46:47 GMT
Server: nginx/1.10.3
ETag: "5c581817-4d51"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19793

GET
H/1.1 200
OK cpx.php
www.gains-du-mois.fr/tracking/ 0
706 B 80ms
21ms Image
text/html 91.198.105.38
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gains-du-mois.fr/tracking/cpx.php?idc=503&type=cpl&tracking=d89a49469cc482a0e1ea42bdabfae7dd

Requested by

Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.198.105.38 , France, ASN35393 (EURO-WEB-AS, FR),

Reverse DNS

srv20.bewest.com

Software

Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips PHP/5.6.32 / PHP/5.6.32

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Server: Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips PHP/5.6.32
mediapoc: cGxhdGZvcm06Y2FwYWZmaWxpYXRpb247aWRjOjUwMztpZHM6MTtpZHY6MjA4OTtzaWQ6O2xhbmc6REU7cmVtdTo7cmVtdXA6O3N0YXR1dDoxO3N0YXR1dF92aXN1Ojs=
X-Powered-By: PHP/5.6.32
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: policyref="http://www.gains-du-mois.fr/w3c/p3p.xml",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=6, max=2048
Content-Length: 0

GET
H/1.1 200
OK print.css
journeesprivileges-zadigetvoltaire.fr/assets/css/ 705 B
684 B 10ms
9ms Stylesheet
text/css 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/css/print.css
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: 45f9c80971b645aec4fb4e017fc690cba87ccc5f508fe626bd57b9905b715cf3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "2c1-5974b2a649220-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 368

GET
H/1.1 206
Partial Content video.mp4
d1h8fl8on3a554.cloudfront.net/www-zadigvoltaire/videos/nov2019/ 289 KB
0 41ms
9ms Media
video/mp4 13.224.197.183
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1h8fl8on3a554.cloudfront.net/www-zadigvoltaire/videos/nov2019/video.mp4
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.183 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-183.fra2.r.cloudfront.net
Software: Apache /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 07 Nov 2019 07:22:26 GMT
Via: 1.1 3df1d6f6e1999cb29078ddff1a62bd1d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
Content-Range: bytes 0-10714127/10714128
Connection: keep-alive
Content-Length: 10714128
With-Dyn: (null)
Last-Modified: Thu, 24 Oct 2019 10:51:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: M91gm8OPO7U1Mc1xisQMUj1evBIHEp78UppqjRL1Pzgdr25dazaZVg==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK arrow-bottom.png
journeesprivileges-zadigetvoltaire.fr/assets/img/landing/ 1 KB
2 KB 14ms
10ms Image
image/png 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/img/landing/arrow-bottom.png
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: 3834bbc65a507928a4630d9c20e627966963ed241ab1dfddab0e597a29867658

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/assets/css/prod/screen.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "557-5974b2a649f26"
Content-Type: image/png
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 1367

GET
H/1.1 200
OK TradeGothicLTStd-BdCn20.woff2
d1h8fl8on3a554.cloudfront.net/fonts/TradeGothicLTStd/ 10 KB
11 KB 32ms
9ms Font
font/woff2 13.224.197.183
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1h8fl8on3a554.cloudfront.net/fonts/TradeGothicLTStd/TradeGothicLTStd-BdCn20.woff2
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.183 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-183.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 2d0ac77acfe74a8c6602b28ecbe92bb53f7698410189e8a5e8788215a0f9495e

Request headers

Sec-Fetch-Mode: cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/assets/css/prod/screen.css
Origin: https://journeesprivileges-zadigetvoltaire.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

With-Dyn: (null)
Date: Sun, 17 Nov 2019 04:28:26 GMT
Via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
Last-Modified: Wed, 07 Nov 2018 15:08:05 GMT
Server: Apache
X-Amz-Cf-Pop: FRA2-C1
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10480
X-Amz-Cf-Id: eznOrQ5VkIQwPfbWON1ZNZnUUsGfVZHqk1kp1SZ_aVhwUW5FPUQlPw==

GET
H/1.1 200
OK TradeGothicLTStd-Bold.woff2
d1h8fl8on3a554.cloudfront.net/fonts/TradeGothicLTStd/ 10 KB
11 KB 32ms
10ms Font
font/woff2 13.224.197.183
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1h8fl8on3a554.cloudfront.net/fonts/TradeGothicLTStd/TradeGothicLTStd-Bold.woff2
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.183 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-183.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: ec8ec6bb3232c1a8b315cec8dbf10149d345cd6d866327091b7784d6b07a8f12

Request headers

Sec-Fetch-Mode: cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/assets/css/prod/screen.css
Origin: https://journeesprivileges-zadigetvoltaire.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

With-Dyn: (null)
Date: Sun, 17 Nov 2019 03:29:04 GMT
Via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
Last-Modified: Mon, 10 Jun 2019 14:09:57 GMT
Server: Apache
X-Amz-Cf-Pop: FRA2-C1
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10696
X-Amz-Cf-Id: rCmwKdJaSEDDolDUhp7tS5KKzpUo0FXUMZGu7lesc3QOxjPp7vMcZg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130593747-33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 464
date: Sun, 17 Nov 2019 04:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sun, 17 Nov 2019 06:33:37 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
103 B 13ms
13ms Image
image/gif 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1515361698&t=pageview&_s=1&dl=https%3A%2F%2Fjourneesprivileges-zadigetvoltaire.fr%2F%3Femail%3Dsuspect%40safeonweb.be%26gender%3D%26source%3DCAP&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&ul=en-us&de=UTF-8&dt=Zadig%20%26%20Voltaire%20Journ%C3%A9es%20Privil%C3%A8ges&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1243229860&gjid=739723128&cid=1300244487.1573965681&tid=UA-130593747-3&_gid=1190306783.1573965681&_r=1&gtm=2ouav3&z=1411812088

Requested by

Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Nov 2019 04:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK logo-hi.png
journeesprivileges-zadigetvoltaire.fr/assets/img/landing/ 4 KB
4 KB 11ms
10ms Image
image/png 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/img/landing/logo-hi.png
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: b6fc6b03f69835280497fa08de18d32f69e2b7fc9229db0560794af81067537c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "e49-5974b2a64b930"
Content-Type: image/png
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 3657

GET
H/1.1 200
OK offre.png
journeesprivileges-zadigetvoltaire.fr/assets/img/landing/ 8 KB
8 KB 11ms
10ms Image
image/png 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/img/landing/offre.png
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: eff82bd3fd48639af4b971838a815f7d0cf1809b679b3ded47754ac475a2de52

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "2002-5974b2a64b930"
Content-Type: image/png
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 8194

GET
H/1.1 200
OK journees_fr.png
journeesprivileges-zadigetvoltaire.fr/assets/img/landing/ 5 KB
5 KB 11ms
11ms Image
image/png 137.74.137.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journeesprivileges-zadigetvoltaire.fr/assets/img/landing/journees_fr.png
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.74.137.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ip68.ip-137-74-137.eu
Software: Apache/2.4.37 (Unix) /
Resource Hash: 6797ed51888f0f33110f18ef7820a2bf7185c4dc0fb80055cc62a355f7bb2dd4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 Nov 2019 04:41:21 GMT
Last-Modified: Thu, 14 Nov 2019 09:32:53 GMT
Server: Apache/2.4.37 (Unix)
ETag: "1262-5974b2a64b930"
Content-Type: image/png
Cache-control: max-age=28800, public
Accept-Ranges: bytes
Content-Length: 4706

GET
H/1.1 206
Partial Content video.mp4
d1h8fl8on3a554.cloudfront.net/www-zadigvoltaire/videos/nov2019/ 31 KB
32 KB 20ms
8ms Media
video/mp4 13.224.197.183
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1h8fl8on3a554.cloudfront.net/www-zadigvoltaire/videos/nov2019/video.mp4
Requested by: Host: journeesprivileges-zadigetvoltaire.fr
URL: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.183 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-183.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 7cfccb377ccdafbfbb85dd56ea348e312304ae6671142fb5f5b477ef936cb19e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=10682368-

Response headers

Date: Thu, 07 Nov 2019 07:22:26 GMT
Via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
Content-Range: bytes 10682368-10714127/10714128
Connection: keep-alive
Content-Length: 31760
With-Dyn: (null)
Last-Modified: Thu, 24 Oct 2019 10:51:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: AWJPePAGC1YQHufrgm8lwFFvR4VDFmhwMgac5FKUA60Tox-6EnBALg==

POST
H2 200 / Show response
sk.ht/aventmedia/ 37 B
468 B 79ms
15ms XHR
image/gif 5.196.53.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://sk.ht/aventmedia/
Requested by: Host: events.sk.ht
URL: https://events.sk.ht/avent/lib.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.196.53.19 , France, ASN16276 (OVH, FR),
Reverse DNS: skaze.oxom.com
Software: nginx/1.15.0 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Sec-Fetch-Mode: cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 17 Nov 2019 04:41:21 GMT
last-modified: Sun, 17 Nov 2019 04:41:21 GMT
server: nginx/1.15.0
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://journeesprivileges-zadigetvoltaire.fr
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 206
Partial Content video.mp4
d1h8fl8on3a554.cloudfront.net/www-zadigvoltaire/videos/nov2019/ 10 MB
10 MB 10ms
9ms Media
video/mp4 13.224.197.183
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1h8fl8on3a554.cloudfront.net/www-zadigvoltaire/videos/nov2019/video.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.183 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-183.fra2.r.cloudfront.net
Software: Apache /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://journeesprivileges-zadigetvoltaire.fr/?email=suspect@safeonweb.be&gender=&source=CAP
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=229376-

Response headers

Date: Thu, 07 Nov 2019 07:22:26 GMT
Via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
Content-Range: bytes 229376-10714127/10714128
Connection: keep-alive
Content-Length: 10484752
With-Dyn: (null)
Last-Modified: Thu, 24 Oct 2019 10:51:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: drzpzFF7bxbFI1C0DATGMuK1j4oUtUPOoNGsbrApCzTE9L5FUMHriA==

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.journeesprivileges-zadigetvoltaire.fr/	1970-01-19 05:12:45	Name: _gat_gtag_UA_130593747_3 Value: 1
.journeesprivileges-zadigetvoltaire.fr/	1970-01-19 05:14:12	Name: _gid Value: GA1.2.1190306783.1573965681
.journeesprivileges-zadigetvoltaire.fr/	1970-01-19 22:43:57	Name: _ga Value: GA1.2.1300244487.1573965681
journeesprivileges-zadigetvoltaire.fr/	1970-01-19 05:12:52	Name: ci_session Value: 70suo02c1sp0defrie340m5ej6mo9h15

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tradedoubler.com
clk.tradedoubler.com
d1h8fl8on3a554.cloudfront.net
events.sk.ht
journeesprivileges-zadigetvoltaire.fr
sk.ht
t.newsletter.info-unique.fr
trcd.info-unique.fr
vht.tradedoubler.com
www.acharus.fr
www.gains-du-mois.fr
www.google-analytics.com
www.googletagmanager.com
13.224.196.27
13.224.197.183
137.74.137.68
188.165.150.178
2a00:1450:4001:81b::2008
2a00:1450:4001:81b::200e
34.95.109.120
46.105.105.108
5.196.53.19
52.18.182.19
89.248.211.29
91.198.105.38
0aa12599daa598cef0de41a7ac072a4f0ee719b7f0ae0610d449a17f9697eb00
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
2237935a08dae5d3670447660b5700d550be61714752bc3de1d1396ce41f7ebc
2d0ac77acfe74a8c6602b28ecbe92bb53f7698410189e8a5e8788215a0f9495e
3834bbc65a507928a4630d9c20e627966963ed241ab1dfddab0e597a29867658
38d44a986cf44c041c3b451fad85b10e217793e28556e1f2577fa997750ff38b
45f9c80971b645aec4fb4e017fc690cba87ccc5f508fe626bd57b9905b715cf3
4a07722a6f12b33c61fecdb7c412c258d8ca99cef79045b4b07932d3c8dde4c3
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
6797ed51888f0f33110f18ef7820a2bf7185c4dc0fb80055cc62a355f7bb2dd4
7cfccb377ccdafbfbb85dd56ea348e312304ae6671142fb5f5b477ef936cb19e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8448559225fbaf422042acd407541805f17203760b7547446506143e73c3d386
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8dd1c1ec6f6373960ed7a22823e2319d9686da3350bcca891107b75f5eab198c
9ce429741964cbd15a2adabc55b221240d2131aae1fa4b8ea4d6356107359b96
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a9d285047152772e7bf2eed2bd75bfb4d3a78f736f17345ea8a7b032f0a668af
aec008a59f6561feb7b7d99bb63412ae914a28e5ba9b14e5c236cf145884e0ca
b6fc6b03f69835280497fa08de18d32f69e2b7fc9229db0560794af81067537c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c8e649cc18cdc2a9e84955339b411b1b152f17023a04d3d985e0b878422a907a
c9f436ae79092323b81bfb1cd4c4646e24ad8e6254634c68a3b8c447c6dc1383
d6f4f294aa823442d56e0ec45fe86fd1f350c61db97d76dc66e7a06e16d5364d
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e662739bd5b4336985b7d1ae923af4907b69f57d3ca9912f4aa330419b2b33a8
ec8ec6bb3232c1a8b315cec8dbf10149d345cd6d866327091b7784d6b07a8f12
eff82bd3fd48639af4b971838a815f7d0cf1809b679b3ded47754ac475a2de52
f0c62d0d3c85db2bd598a28aa9df6a4975025ea6ad02f5faf5478fa646c86f12
f7e56a0da4da40f3d204772245b33e896169e55656c11deb86345f5d930db208
fa726df43fbe659c2b2cf430c1250071fb2da04de62cc06b13b0773aaea92d08

journeesprivileges-zadigetvoltaire.fr Open in urlscan Pro 137.74.137.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

17 %IPv6

9 Domains

13 Subdomains

11 IPs

4 Countries

10503 kBTransfer

11040 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

journeesprivileges-zadigetvoltaire.fr Open in urlscan Pro
137.74.137.68 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

17 %
IPv6

9
Domains

13
Subdomains

11
IPs

4
Countries

10503 kB
Transfer

11040 kB
Size

4
Cookies

33 HTTP transactions
2 data transactions