www.1planculcesoir.com Open in urlscan Pro
143.204.201.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://e.ma-maitresse.com/tk/t/2/498200587ca1/52492ee86/5217b47d/736672aae5/
Effective URL:
https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SE...
Submission: On September 05 via api (September 5th 2020, 12:55:07 am UTC) from BE

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 5 countries across 7 domains to perform 14 HTTP transactions. The main IP is 143.204.201.64, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.1planculcesoir.com.
TLS certificate: Issued by Amazon on September 3rd 2019. Valid for: a year.

This is the only time www.1planculcesoir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	185.47.116.11 185.47.116.11	6758 (AS6758) (AS6758)
1 1	2a05:d018:244... 2a05:d018:244:5200::ab	16509 (AMAZON-02) (AMAZON-02)
1 1	184.107.37.84 184.107.37.84	32613 (IWEB-AS) (IWEB-AS)
1 4	3.121.194.197 3.121.194.197	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.23.231 18.195.23.231	16509 (AMAZON-02) (AMAZON-02)
9	143.204.201.64 143.204.201.64	16509 (AMAZON-02) (AMAZON-02)
14	3

4 185.47.116.11 (Monaco) 2 redirects

ASN6758 (AS6758, MC)

e.ma-maitresse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:244:5200::ab (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

trck.daes24h.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.107.37.84 (Montreal, Canada) 1 redirects

ASN32613 (IWEB-AS, CA)

mannenverslindster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.121.194.197 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-194-197.eu-central-1.compute.amazonaws.com

rdvcoquin.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.adextrem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.23.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-23-231.eu-central-1.compute.amazonaws.com

vasy.clickmoileclito.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.201.64 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-64.fra53.r.cloudfront.net

www.1planculcesoir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	1planculcesoir.com www.1planculcesoir.com	385 KB
4	ma-maitresse.com 2 redirects e.ma-maitresse.com	4 KB
2	adextrem.com ads.adextrem.com	2 KB
2	rdvcoquin.club 1 redirects rdvcoquin.club	12 KB
1	clickmoileclito.com 1 redirects vasy.clickmoileclito.com	2 KB
1	mannenverslindster.com 1 redirects mannenverslindster.com	283 B
1	daes24h.com 1 redirects trck.daes24h.com	1 KB
14	7

	Domain	Requested by
9	www.1planculcesoir.com	rdvcoquin.club www.1planculcesoir.com
4	e.ma-maitresse.com	2 redirects e.ma-maitresse.com
2	ads.adextrem.com	www.1planculcesoir.com ads.adextrem.com
2	rdvcoquin.club	1 redirects
1	vasy.clickmoileclito.com	1 redirects
1	mannenverslindster.com	1 redirects
1	trck.daes24h.com	1 redirects
14	7

This site contains links to these domains. Also see Links.

Domain
vasy.clickmoileclito.com
incoming-message1.com

Subject Issuer	Validity	Valid
*.1planculcesoir.com Amazon	`2019-09-03` - `2020-10-03`	a year	crt.sh
*.adextrem.com Amazon	`2020-01-09` - `2021-02-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf
Frame ID: D711B4E91CE5F8D6A9DBD2E22ACCAFEE
Requests: 13 HTTP requests in this frame

Frame: https://ads.adextrem.com/push/ifp.php?slot=4
Frame ID: E70D6DECE954D7BBDC195F93F2A4DC12
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://e.ma-maitresse.com/tk/t/2/498200587ca1/52492ee86/5217b47d/736672aae5/ HTTP 301
http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 Page URL
http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 HTTP 302
http://trck.daes24h.com/c/d57a8b7d97ce86a0?aff_sub4=gillisdirk@gmail.com&aff_sub2=&aff_sub1=SEP20&af... HTTP 302
http://mannenverslindster.com/p.php?i=1&tracker1=sfagu5f52e1db35bf6101070583&aff_sub4=gillisdirk@gmail.com... HTTP 302
http://rdvcoquin.club/delivery/directlink.php?slot=2775 Page URL
http://rdvcoquin.club/delivery/directlink.php?slot=2775&fp2=AX1|tz:-120|w:1600|h:1200|ua:Mozilla/5... HTTP 302
https://vasy.clickmoileclito.com/a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee?adxzoneid=2775&adxdomain=e.ma-maitresse... HTTP 302
https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bv... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

14
Requests

79 %
HTTPS

17 %
IPv6

7
Domains

7
Subdomains

3
IPs

5
Countries

402 kB
Transfer

488 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://vasy.clickmoileclito.com/click
Title: I AGREE

Search URL Search Domain Scan URL

URL: http://incoming-message1.com/d/3/index.html?uclick=q5d5wha63y
Title: YES

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://e.ma-maitresse.com/tk/t/2/498200587ca1/52492ee86/5217b47d/736672aae5/ HTTP 301
http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 Page URL
http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 HTTP 302
http://trck.daes24h.com/c/d57a8b7d97ce86a0?aff_sub4=gillisdirk@gmail.com&aff_sub2=&aff_sub1=SEP20&aff_sub5=3950546&aff_sub8=4025934&aff_sub7=e.ma-maitresse.com&aff_sub9=1111 HTTP 302
http://mannenverslindster.com/p.php?i=1&tracker1=sfagu5f52e1db35bf6101070583&aff_sub4=gillisdirk@gmail.com&aff_sub2=&aff_sub1=SEP20&aff_sub5=3950546&aff_sub8=4025934&aff_sub7=e.ma-maitresse.com&aff_sub9=1111 HTTP 302
http://rdvcoquin.club/delivery/directlink.php?slot=2775 Page URL
http://rdvcoquin.club/delivery/directlink.php?slot=2775&fp2=AX1|tz:-120|w:1600|h:1200|ua:Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36|lng:en-US|IP:165.231.142.36&allowcookie=true&setreferrer=http%3A%2F%2Fe.ma-maitresse.com%2Ftk%2Ftracker.aspx%3Fv%3D2%26idi%3D498200587ca1%26idl%3D52492ee86%26idm%3D5217b47d%26idc%3D736672aae5 HTTP 302
https://vasy.clickmoileclito.com/a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee?adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck={adexbck}&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf HTTP 302
https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://e.ma-maitresse.com/tk/t/2/498200587ca1/52492ee86/5217b47d/736672aae5/ HTTP 301
http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5

Request Chain 2

http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 HTTP 302
http://trck.daes24h.com/c/d57a8b7d97ce86a0?aff_sub4=gillisdirk@gmail.com&aff_sub2=&aff_sub1=SEP20&aff_sub5=3950546&aff_sub8=4025934&aff_sub7=e.ma-maitresse.com&aff_sub9=1111 HTTP 302
http://mannenverslindster.com/p.php?i=1&tracker1=sfagu5f52e1db35bf6101070583&aff_sub4=gillisdirk@gmail.com&aff_sub2=&aff_sub1=SEP20&aff_sub5=3950546&aff_sub8=4025934&aff_sub7=e.ma-maitresse.com&aff_sub9=1111 HTTP 302
http://rdvcoquin.club/delivery/directlink.php?slot=2775

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set tracker.aspx Show response e.ma-maitresse.com/tk/ Redirect Chain http://e.ma-maitresse.com/tk/t/2/498200587ca1/52492ee86/5217b47d/736672aae5/ http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5	2 KB 1 KB	81ms 80ms	Document text/html	185.47.116.11 AS6758
General Check archive.org Show headers Download Go to Full URL http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 Protocol HTTP/1.1 Server 185.47.116.11 , Monaco, ASN6758 (AS6758, MC), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `ec703efff16b4e9d4bb736345bac933149d0e8eacf0098405baad87a84ed5505` Request headers Host e.ma-maitresse.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Cache-Control private Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/8.5 Set-Cookie ASP.NET_SessionId=2xy5rw5svkcrewbt2dhh0c4g; path=/; HttpOnly Refresh 0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Date Sat, 05 Sep 2020 00:54:41 GMT Content-Length 1101 Redirect headers Content-Type text/html; charset=UTF-8 Location http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Date Sat, 05 Sep 2020 00:54:41 GMT Content-Length 243
GET H/1.1	200 OK	browser.js Show response e.ma-maitresse.com/tk/	6 KB 2 KB	80ms 79ms	Script application/javascript	185.47.116.11 AS6758
General Check archive.org Show headers Download Go to Full URL http://e.ma-maitresse.com/tk/browser.js Requested by Host: e.ma-maitresse.com URL: http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 Protocol HTTP/1.1 Server 185.47.116.11 , Monaco, ASN6758 (AS6758, MC), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `88ab33aa6eed72ca5232a79f9f1c159528db6bde2a693e3cc09054e88dbb1778` Request headers Referer http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 05 Sep 2020 00:54:41 GMT Content-Encoding gzip Last-Modified Wed, 27 Jul 2011 20:14:06 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "07b50bc994ccc1:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 1565
GET H/1.1	200 OK	Cookie set directlink.php rdvcoquin.club/delivery/ Redirect Chain http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 http://trck.daes24h.com/c/d57a8b7d97ce86a0?aff_sub4=gillisdirk@gmail.com&aff_sub2=&aff_sub1=SEP20&aff_sub5=3950546&aff_sub8=4025934&aff_sub7=e.ma-maitresse.com&aff_sub9=1111 http://mannenverslindster.com/p.php?i=1&tracker1=sfagu5f52e1db35bf6101070583&aff_sub4=gillisdirk@gmail.com&aff_sub2=&aff_sub1=SEP20&aff_sub5=3950546&aff_sub8=4025934&aff_sub7=e.ma-maitresse.com&aff... http://rdvcoquin.club/delivery/directlink.php?slot=2775	32 KB 11 KB	119ms 84ms	Document text/html	3.121.194.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://rdvcoquin.club/delivery/directlink.php?slot=2775 Protocol HTTP/1.1 Server 3.121.194.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-194-197.eu-central-1.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Resource Hash Request headers Host rdvcoquin.club Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 Origin http://e.ma-maitresse.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://e.ma-maitresse.com/tk/tracker.aspx?v=2&idi=498200587ca1&idl=52492ee86&idm=5217b47d&idc=736672aae5 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 Cache-control no-cache="set-cookie" Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 05 Sep 2020 00:54:51 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache/2.4.10 (Debian) Set-Cookie PHPSESSID=87ldbsh8ej7vgh4g7h7vkcicn3; path=/ AWSELB=671BC5111EC8C439EC6ECDAADF42C2FCC39A19517218077FA7C3489EE5CC3E54EC44B822F2B37D6077B69EB708D166F78C41FFE40B1FFEA6307C3ECD34F4818D983097FDB3;PATH=/;MAX-AGE=900 Vary Accept-Encoding Content-Length 10907 Connection keep-alive Redirect headers Server nginx Date Sat, 05 Sep 2020 00:54:51 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.2.33 PleskLin Location http://rdvcoquin.club/delivery/directlink.php?slot=2775
GET H2	200	Primary Request index.html Show response www.1planculcesoir.com/2/en/lp3/ Redirect Chain http://rdvcoquin.club/delivery/directlink.php?slot=2775&fp2=AX1\|tz:-120\|w:1600\|h:1200\|ua:Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%2... https://vasy.clickmoileclito.com/a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee?adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck={adexbck}&adxcost=0.002&adxcid=R... https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_x...	3 KB 2 KB	259ms 123ms	Document text/html	143.204.201.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf Requested by Host: rdvcoquin.club URL: http://rdvcoquin.club/delivery/directlink.php?slot=2775 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.201.64 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-64.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `05d104b1a5e82415a4d0afca87ccba29e539c25d0cce5d2b41a2d8baade8fb9e` Request headers :method GET :authority www.1planculcesoir.com :scheme https :path /2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer http://rdvcoquin.club/delivery/directlink.php?slot=2775 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://rdvcoquin.club/delivery/directlink.php?slot=2775 Response headers status 200 content-type text/html date Sat, 05 Sep 2020 00:54:53 GMT last-modified Fri, 13 Mar 2020 10:30:34 GMT etag W/"66907b62b0e7819ba68cc1d3fadbce92" server AmazonS3 content-encoding gzip vary Accept-Encoding x-cache Miss from cloudfront via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id t2U3shKmKcqr7vvzBZCdyiWuRY1ZhFEx2iUM9n1M-W68hk7LI0zIcQ== Redirect headers Server nginx Date Sat, 05 Sep 2020 00:54:52 GMT Content-Length 0 Connection keep-alive Cache-Control no-store, no-cache, pre-check=0, post-check=0 Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf Pragma no-cache Set-Cookie a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee-v4=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee; Max-Age=86400; Expires=Sun, 06-Sep-2020 00:54:52 GMT; Domain=vasy.clickmoileclito.com; Path=/; Secure; HttpOnly;SameSite=None cep-v4=BEYP60Cp6J_SnsFmhnB2Jr_5jOuP02phYHzUPKtjeCukkezXCWVizHskJKDqpsmmBulqrJEfhNvw5OBGMEgAeW7H8Sz8mFyVG9iQvtGKv0pmCY2Ptt21WJKc9NkQctLL4ojAGVbxhiMGqoSDI7fFYUabk9oFuc0gIOvskqqf6gny5vi7WEozek0-_ZgtjjnyP6k8wkzDk7gM8iV6tcpYVtH-lAm4pFBF6d2MqJwZIUc0GYUVHQtrPrWnfCrJ9a1UEVfJ-uMUAYrU58kFeI6j6DuXjXZnYhgu5PMjJqw__iSVSNFBQzyBDjmUNVfQtOsFsHP6gPbt8pPBKNUMEJkKJchf-0qHe3lrnGWAcKJuARwgOCB6rc2hK3gxZBcBqSYsUfCXrIT5Fyopbt6iY5I8dlxzcn2bMhcrffZ7QhOe2laGlvJ1gfILfaHv84L9Tmv5s-UatsZsV1Xj19bYEK_NT5UapB_Ac1ZAQtvRyGVv4ueIkGrRtLMYlEwWE-g5A_tFsYiglJZvXxeClkUv-bVFraiOWNt2FjJjPY643Pi7X3yagnKG906yfFxw_WxKIeQA; Max-Age=86400; Expires=Sun, 06-Sep-2020 00:54:52 GMT; Domain=vasy.clickmoileclito.com; Path=/; Secure; HttpOnly;SameSite=None
GET H2	200	style.css www.1planculcesoir.com/2/en/lp3/	6 KB 2 KB	105ms 104ms	Stylesheet text/css	143.204.201.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.1planculcesoir.com/2/en/lp3/style.css Requested by Host: www.1planculcesoir.com URL: https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.201.64 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-64.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `9cf65c416b4ef400b039f5a10dfb6c2289be8638a0bb81bfa5ae268f9f0bea36` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 05 Sep 2020 00:54:53 GMT content-encoding gzip last-modified Fri, 03 Aug 2018 10:06:31 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag W/"55ab5067e387966dba5407cc64b8b57d" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css status 200 x-amz-cf-id uMi0hBkvk9pEhCt9-o4H_arlm5MmAed_V2TSPat_Bzc5K1-p-v90AQ== via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
GET H2	200	jquery.min.js Show response www.1planculcesoir.com/2/en/lp3/	85 KB 30 KB	132ms 132ms	Script application/javascript	143.204.201.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.1planculcesoir.com/2/en/lp3/jquery.min.js Requested by Host: www.1planculcesoir.com URL: https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.201.64 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-64.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 05 Sep 2020 00:54:53 GMT content-encoding gzip last-modified Fri, 03 Aug 2018 10:06:30 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag W/"c9f5aeeca3ad37bf2aa006139b935f0a" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript status 200 x-amz-cf-id R6L-4yJbq3KtimgqrOFMtcMbZe56dAgLNnH_qoaZFwAX12iYiH2PTA== via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
GET H2	200	pshbckAvril.js Show response www.1planculcesoir.com/	969 B 1 KB	65ms 65ms	Script application/x-javascript	143.204.201.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.1planculcesoir.com/pshbckAvril.js Requested by Host: www.1planculcesoir.com URL: https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.201.64 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-64.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `1b658e5a5d019772c18fa84a2ac7b8dc91297287ac7ceacdf86e5028e204a30d` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 04 Sep 2020 03:07:35 GMT via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) last-modified Fri, 17 Apr 2020 16:47:12 GMT server AmazonS3 age 78438 etag "5644ea9901dce8ba25df6e349da39a77" x-cache Hit from cloudfront content-type application/x-javascript status 200 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-length 969 x-amz-cf-id 2bA0z5ZKocusqO7s0P_o4vEWo_H2hJlMAjPcZwpCCFKT4wqtIIcypA==
GET H2	200	14.jpg www.1planculcesoir.com/2/en/lp3/	84 KB 85 KB	135ms 135ms	Image image/jpeg	143.204.201.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.1planculcesoir.com/2/en/lp3/14.jpg Requested by Host: www.1planculcesoir.com URL: https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.201.64 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-64.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `9b36954f0334f4f5ef19e3183dfc824c9d809ea6fe31aa961e1ba0ebc33f7537` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 05 Sep 2020 00:54:53 GMT via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) last-modified Fri, 03 Aug 2018 10:06:28 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "e95aaab2901083f2b0b0e2b2ae241a12" x-cache Miss from cloudfront content-type image/jpeg status 200 accept-ranges bytes content-length 86371 x-amz-cf-id 4oVJTRWGi-Mj2eDMY1zOU6a2j2G-MQr-_kVDSLC4UjMieJvyJ7L17w==
GET H2	200	13.jpg www.1planculcesoir.com/2/en/lp3/	95 KB 95 KB	170ms 170ms	Image image/jpeg	143.204.201.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.1planculcesoir.com/2/en/lp3/13.jpg Requested by Host: www.1planculcesoir.com URL: https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.201.64 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-64.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `0b237b092fab60176398494f0bb6584a4c63d96763cea9e465a7b04cd32073f9` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 05 Sep 2020 00:54:54 GMT via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) last-modified Fri, 03 Aug 2018 10:06:28 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "30b130fbd00084b0fa1067466c30834a" x-cache Miss from cloudfront content-type image/jpeg status 200 accept-ranges bytes content-length 97311 x-amz-cf-id 86ShUPzXqxmjaAZZyR1JXQD2HkJ3ew9ybzIut0iDsK8LlyMjSK249Q==
GET H2	200	18.jpg www.1planculcesoir.com/2/en/lp3/	86 KB 86 KB	214ms 213ms	Image image/jpeg	143.204.201.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.1planculcesoir.com/2/en/lp3/18.jpg Requested by Host: www.1planculcesoir.com URL: https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.201.64 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-64.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `3e754141801ad16e4f0dccc1941483a35f21089bea7aff604601f9c54e92227c` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 05 Sep 2020 00:54:54 GMT via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) last-modified Fri, 03 Aug 2018 10:06:29 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "1703c8ad6627c44dea0e685d7b5f3b77" x-cache Miss from cloudfront content-type image/jpeg status 200 accept-ranges bytes content-length 87817 x-amz-cf-id 7mFCDC1QMjHB23Y-AhmYQXp8SJ-eqXr5a9oPym5rH7pTKj4QaxTesA==
GET H2	200	15.jpg www.1planculcesoir.com/2/en/lp3/	82 KB 82 KB	133ms 132ms	Image image/jpeg	143.204.201.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.1planculcesoir.com/2/en/lp3/15.jpg Requested by Host: www.1planculcesoir.com URL: https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.201.64 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-64.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `76d2c564e7d831a33501907b8d4701ff1fedd1c39ccbb4704f055b23d7204290` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 05 Sep 2020 00:54:54 GMT via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) last-modified Fri, 03 Aug 2018 10:06:29 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "98f31131c4cc7780e1b943e7f2d5a26c" x-cache Miss from cloudfront content-type image/jpeg status 200 accept-ranges bytes content-length 83889 x-amz-cf-id qtJKfKWFsUpL6MIxPEeVYYM6KrscJb7Y-A_FpUZQ0EzB4g82ot0IYA==
GET H2	200	loading.gif www.1planculcesoir.com/2/en/lp3/	2 KB 2 KB	106ms 106ms	Image image/gif	143.204.201.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.1planculcesoir.com/2/en/lp3/loading.gif Requested by Host: www.1planculcesoir.com URL: https://www.1planculcesoir.com/2/en/lp3/index.html?cpid=a9a7dcf7-0eb2-4aed-9f6d-58992a7913ee&&cep=ACcOjM1Bvl6AMERsRwEfozEQzh-SEcLNblH31qt3kYRH0P5VaErtol4VUovDgU0B4BNo2TtYqv4zqSi_SSw-lq7sEBXQxr_MM_xEvd2jxUPhdWT5WU7gZaCAKK9dJwb3XdnLNcPKrsI9m87t3o2ec_iK-z8LqzoN-SJGasvYSayMdOkunraYJSzb1N3NtZA1rDYGbSTAT_WGfxhQJU1ym75MKE9kCRngz1rbs0NC_HLq9ICe5vxX4igq7a-Trk4uV-QDub_bAWtFyRuy9RDxWFfuCdKBysm9IiFZN_bn_rHjgM52esXBEnG2ijRA5XV0RTJokvv5PUZZLEIddfywAUjH_1RnuVa-1i9YzE3n2TfDa7FmdPUU_sFwC5YhRKhuWEpw_aZBlB3DZTlnJ3liMQDZnW6kdqq0T2aEV29H8AbpSetnE7fVERuo3J7OY-3RYa7lQs77jPBbkhV2oxpiAH6Fp6Iyj6_Wc6OJhqYnn2zZpxgmKFrnVZZ6mw7q-xt2pQQEGLRJ0uDlzSnRnqaze1mCUXnbS7tUoYQOea8Z9Ompf6elkwLFzf8FUmM81GNX&lptoken=15c999f326e790bc92a8&adxzoneid=2775&adxdomain=e.ma-maitresse.com&adxcampaignid=8063&adxmaterialname=&email=&adexbck=%7Badexbck%7D&adxcost=0.002&adxcid=RLmEPK9IkI0BkxLU1i2qv3kAQ4HTo5lfpwJegrMqZvRjHCehK5xfW8FMZwGnPRsf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.201.64 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-64.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `5c8324099007ebc5480e470d63f7965a286f9826f9b22ef5f4e33da3d124ebbc` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 05 Sep 2020 00:54:54 GMT via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) last-modified Fri, 03 Aug 2018 10:06:30 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "267c4ead226f9642502157058b211e2e" x-cache Miss from cloudfront content-type image/gif status 200 accept-ranges bytes content-length 1727 x-amz-cf-id pJhW4VYbKyTR9XWYh3iYfJENnhoNi4wfPucYHoZa9npj0bYRdGeeIg==
GET H/1.1	200 OK	loader.php Show response ads.adextrem.com/push/	4 KB 2 KB	239ms 60ms	Script text/html	3.121.194.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.adextrem.com/push/loader.php Requested by Host: www.1planculcesoir.com URL: https://www.1planculcesoir.com/pshbckAvril.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.121.194.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-194-197.eu-central-1.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Resource Hash `8b9ea8752caa6b5eb8b322494a98677a062c9e3175c254280b72a0133a567943` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Sat, 05 Sep 2020 00:54:53 GMT Content-Encoding gzip Server Apache/2.4.10 (Debian) Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie" Connection keep-alive Content-Length 1561
GET H/1.1	200 OK	Cookie set ifp.php ads.adextrem.com/push/ Frame E70D	0 0	60ms 60ms	Document text/html	3.121.194.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.adextrem.com/push/ifp.php?slot=4 Requested by Host: ads.adextrem.com URL: https://ads.adextrem.com/push/loader.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.121.194.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-194-197.eu-central-1.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Resource Hash Request headers Host ads.adextrem.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie AWSELBCORS=671BC5111EC8C439EC6ECDAADF42C2FCC39A19517227BECBED123D3D2F3DC41482870D4994B37D6077B69EB708D166F78C41FFE40B6FAEF414725286057DC8CDDC9B833461 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 05 Sep 2020 00:54:53 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache/2.4.10 (Debian) Set-Cookie PHPSESSID=vbpl64gtthfpb6fd57vemjgol4; path=/ Vary Accept-Encoding Content-Length 1062 Connection keep-alive

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ads.adextrem.com/push/loader.php(Line 17) Message: Push notifications are not supported by this browser

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adextrem.com
e.ma-maitresse.com
mannenverslindster.com
rdvcoquin.club
trck.daes24h.com
vasy.clickmoileclito.com
www.1planculcesoir.com
143.204.201.64
18.195.23.231
184.107.37.84
185.47.116.11
2a05:d018:244:5200::ab
3.121.194.197
05d104b1a5e82415a4d0afca87ccba29e539c25d0cce5d2b41a2d8baade8fb9e
0b237b092fab60176398494f0bb6584a4c63d96763cea9e465a7b04cd32073f9
1b658e5a5d019772c18fa84a2ac7b8dc91297287ac7ceacdf86e5028e204a30d
3e754141801ad16e4f0dccc1941483a35f21089bea7aff604601f9c54e92227c
5c8324099007ebc5480e470d63f7965a286f9826f9b22ef5f4e33da3d124ebbc
76d2c564e7d831a33501907b8d4701ff1fedd1c39ccbb4704f055b23d7204290
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88ab33aa6eed72ca5232a79f9f1c159528db6bde2a693e3cc09054e88dbb1778
8b9ea8752caa6b5eb8b322494a98677a062c9e3175c254280b72a0133a567943
9b36954f0334f4f5ef19e3183dfc824c9d809ea6fe31aa961e1ba0ebc33f7537
9cf65c416b4ef400b039f5a10dfb6c2289be8638a0bb81bfa5ae268f9f0bea36
ec703efff16b4e9d4bb736345bac933149d0e8eacf0098405baad87a84ed5505

www.1planculcesoir.com Open in urlscan Pro 143.204.201.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

79 %HTTPS

17 %IPv6

7 Domains

7 Subdomains

3 IPs

5 Countries

402 kBTransfer

488 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

www.1planculcesoir.com Open in urlscan Pro
143.204.201.64 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

79 %
HTTPS

17 %
IPv6

7
Domains

7
Subdomains

3
IPs

5
Countries

402 kB
Transfer

488 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions