URL: https://t.info.sodexobenefits.be/l2/794Un8CrD0/319633/2783196378.html
Submission: On June 13 via api from BE

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 21 HTTP transactions.
The main IP is 91.190.170.12, located in France and belongs to SPLIO-AS, FR. The main domain is t.info.sodexobenefits.be.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 20th 2019. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
3 91.190.170.12 31688 (SPLIO-AS)
3 91.190.170.47 31688 (SPLIO-AS)
11 46.19.183.69 25593 (LINKBYNET-AS)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f12... 32934 (FACEBOOK)
21 6
Domain
Subdomains
Transfer
14 sodexobenefits.be
307 KB
3 facebook.net
58 KB
3 splio4.com
324 KB
2 facebook.com
0 B
21 4
Domain Requested by
11 mkt.sodexobenefits.be t.info.sodexobenefits.be
3 connect.facebook.net 1 redirects t.info.sodexobenefits.be
connect.facebook.net
3 www.splio4.com t.info.sodexobenefits.be
3 t.info.sodexobenefits.be t.info.sodexobenefits.be
1 www.facebook.com connect.facebook.net
1 staticxx.facebook.com connect.facebook.net
21 6

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
t.info.sodexobenefits.be
Let's Encrypt Authority X3
2019-05-20 -
2019-08-18
3 months

1970-01-01 -
1970-01-01
a few seconds
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-04-22 -
2019-07-21
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery-ui.*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery-ui.*\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
2783196378.html
/l2/794Un8CrD0/319633
153 B
503 B
Document
General
Full URL
https://t.info.sodexobenefits.be/l2/794Un8CrD0/319633/2783196378.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash

Request headers

Host
t.info.sodexobenefits.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag
noindex,nofollow
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Content-Length
153
Connection
close
Content-Type
text/html
2783196378.html
/mrx/794Un8CrD/319633
30 KB
30 KB
Document
General
Full URL
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Server
91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash
0a315ae2f4a09a2b88049035e664e7ea889def52aa1cb4991060e685785decef

Request headers

Host
t.info.sodexobenefits.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag
noindex,nofollow
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Headers
origin, content-type, accept
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html
jquery-1.8.0.min.js
www.splio4.com/jquery/js
90 KB
91 KB
Script
General
Full URL
http://www.splio4.com/jquery/js/jquery-1.8.0.min.js
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
91.190.170.47 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
www.splio4.com
Software
Apache /
Resource Hash
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:23 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 15 Aug 2012 08:41:26 GMT
Server
Apache
ETag
"81221c-1698b-4c749e4711980"
Content-Type
application/x-javascript
Connection
close
Accept-Ranges
bytes
Content-Length
92555
jquery-ui-1.8.23.custom.min.js
www.splio4.com/jquery/js
200 KB
201 KB
Script
General
Full URL
http://www.splio4.com/jquery/js/jquery-ui-1.8.23.custom.min.js
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
91.190.170.47 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
www.splio4.com
Software
Apache /
Resource Hash
c36028122e14e2fdecbec5dcbc95a1c69806bd84f452851c51f4167d4054cfe1

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:23 GMT
X-Pad
avoid browser bug
Last-Modified
Thu, 06 Sep 2012 02:17:32 GMT
Server
Apache
ETag
"81221d-3210b-4c8ff18046700"
Content-Type
application/x-javascript
Connection
close
Accept-Ranges
bytes
Content-Length
205067
jquery-ui-1.8.23.custom.css
www.splio4.com/jquery/css/smoothness
32 KB
33 KB
Stylesheet
General
Full URL
http://www.splio4.com/jquery/css/smoothness/jquery-ui-1.8.23.custom.css
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
91.190.170.47 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
www.splio4.com
Software
Apache /
Resource Hash
a839662f79bbdf13251efaed32da8e1d894b5433d74990ac5c3ca333844c791a

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:22 GMT
Last-Modified
Thu, 06 Sep 2012 11:47:48 GMT
Server
Apache
ETag
"81206a-81a6-4c9070f732100"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
33190
2783196378.gif
/ouv2/794Un8CrD/319633
43 B
392 B
Image
General
Full URL
https://t.info.sodexobenefits.be/ouv2/794Un8CrD/319633/2783196378.gif
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash
a1d88b2c952b790f5f23473c63ef99473327d02e11ebe174799ad912db08f629

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jun 2019 15:43:22 GMT
Server
Apache
X-Robots-Tag
noindex,nofollow
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Cache-Control
no-cache
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT
navigation-logo.jpg
mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files
19 KB
19 KB
Image
General
Full URL
http://mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files/navigation-logo.jpg
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
46.19.183.69 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
87047d392ef5b4e0f4b0802c91093a8d4c1c01d9c6bc6fd4c11c1662f0ebdd94

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
ETag
"94965129be6d41:518"
Last-Modified
Fri, 29 Mar 2019 08:41:11 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
19635
header-desktop.jpg
mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files
166 KB
166 KB
Image
General
Full URL
http://mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files/header-desktop.jpg
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
46.19.183.69 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
c8db1ff68e5c572238d2fd0a0f7b811ddba5a68bb4420a07cd0c68f53dae50ca

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
ETag
"f982f0f864e5d41:518"
Last-Modified
Thu, 28 Mar 2019 12:51:33 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
170076
border.jpg
mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files
278 B
528 B
Image
General
Full URL
http://mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files/border.jpg
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
46.19.183.69 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
26609c4159511447de0554932f9c181395bad0f61d0d5b844e83563564e20f1e

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
ETag
"3fe6d3f864e5d41:518"
Last-Modified
Thu, 28 Mar 2019 12:51:33 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
278
intro-img-zelfstandigen.jpg
mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files
63 KB
63 KB
Image
General
Full URL
http://mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files/intro-img-zelfstandigen.jpg
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
46.19.183.69 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
9f7bf061b4e75a35a500bc2824f08a108e2fbecdb15310f557f82d697cd2697a

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
ETag
"5871bef864e5d41:518"
Last-Modified
Thu, 28 Mar 2019 12:51:33 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
64475
icon-tips.png
mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files
993 B
1 KB
Image
General
Full URL
http://mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files/icon-tips.png
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
46.19.183.69 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
9502cd8701ea77bebd8eeb35d28d7c54bc9a349a3af023a70484ecb8f19750b2

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
ETag
"7986b2f864e5d41:518"
Last-Modified
Thu, 28 Mar 2019 12:51:33 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
993
outro-img-zelfstandigen-nl.png
mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files
13 KB
14 KB
Image
General
Full URL
http://mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files/outro-img-zelfstandigen-nl.png
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
46.19.183.69 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
5d7c6a146fbb0f2fbe0efa1a1f70254d8295aaed4d329520cedb24fe2a651017

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
ETag
"c8f75f964e5d41:518"
Last-Modified
Thu, 28 Mar 2019 12:51:33 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
13808
divider01.jpg
mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files
1 KB
2 KB
Image
General
Full URL
http://mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files/divider01.jpg
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
46.19.183.69 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
6cb229340749798463c8154407308701326bdcfab089c69190a42a17e29a4ac1

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
ETag
"47d2dff864e5d41:518"
Last-Modified
Thu, 28 Mar 2019 12:51:33 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1430
icon-tell.jpg
mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files
1 KB
1 KB
Image
General
Full URL
http://mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files/icon-tell.jpg
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
46.19.183.69 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
80d499178c26ea42ff22d6e2865a7b5e09bbd2acfca741b670b8605f2858c9dc

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
ETag
"4df4f7f564e5d41:518"
Last-Modified
Thu, 28 Mar 2019 12:51:28 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1096
icon-mail.jpg
mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files
854 B
1 KB
Image
General
Full URL
http://mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files/icon-mail.jpg
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
46.19.183.69 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
681f7539b2783425d161f903a9f422734face8ea6a3c0668066d3f8ae1ffc957

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
ETag
"225a8f964e5d41:518"
Last-Modified
Thu, 28 Mar 2019 12:51:33 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
854
Adblocked icon-fb.jpg
mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files
2 KB
2 KB
Image
General
Full URL
http://mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files/icon-fb.jpg
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
46.19.183.69 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
433c126b3c13a2e61388d59e240040b8d72560f775e2b6ee19c11a43e81c124f
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
ETag
"f4a9f7f864e5d41:518"
Last-Modified
Thu, 28 Mar 2019 12:51:33 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1875
icon-li.jpg
mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files
5 KB
5 KB
Image
General
Full URL
http://mkt.sodexobenefits.be/newsletter/2019/B2B/EcoLaunchMarch2019/index-fr-sme-prospect-cross-sell._files/icon-li.jpg
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
HTTP/1.1
Security
, ,
Server
46.19.183.69 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
5f6b8a6d1c25376480829e0d7b9150be3db9c74f9e7059f5a010ca51551584cb

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 15:43:21 GMT
ETag
"7e341f964e5d41:518"
Last-Modified
Thu, 28 Mar 2019 12:51:33 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
4818
all.js
connect.facebook.net/nl_BE
Redirect Chain
  • http://connect.facebook.net/nl_BE/all.js
  • https://connect.facebook.net/nl_BE/all.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/nl_BE/all.js
Requested by
Host: t.info.sodexobenefits.be
URL: http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
09b03e6331c5cded98bbf83f40c7e947578f707f37e2d95e09e7c36cd258a344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
7IqML6q4XWtHDv8LKjMR3A==
status
200
date
Thu, 13 Jun 2019 15:43:23 GMT
vary
Accept-Encoding
content-length
1781
x-fb-debug
jsu6Qzf2uHYwMGrWWjiMos3zdDAFTfIKeLNqHRPfJ0LHlLyjJ1Rcsw+6tGn6PU6oh4Pa0kQDiK5K+X3m09ERdg==
x-fb-content-md5
413d1397ba64bc1e75f1e574a13fd0c5
etag
"0d410c0e77a131712346ff611592a843"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 13 Jun 2019 15:52:38 GMT

Redirect headers

Location
https://connect.facebook.net/nl_BE/all.js
Non-Authoritative-Reason
HSTS
all.js?hash=6f15a19d12a41b3cd48a7899c1954c40&ua=modern_es6
connect.facebook.net/nl_BE
189 KB
56 KB
Script
General
Full URL
https://connect.facebook.net/nl_BE/all.js?hash=6f15a19d12a41b3cd48a7899c1954c40&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/nl_BE/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e03d42f25685a98df15ba0df66da08555edd712a4fb200c4a045a4ecc93e5717
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
Origin
http://t.info.sodexobenefits.be

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xDlYqrIUYx5H4aGvGWJkgA==
status
200
date
Thu, 13 Jun 2019 15:43:23 GMT
vary
Accept-Encoding
content-length
57120
x-fb-debug
e0y/4hdG1QNfFat+z2FYDPdseuJxCETIQY/p6p8UTLAYlOwXq2AKjUe/ROb0Hu6Y4wXwZu48277vcRq6p+JdDA==
x-fb-content-md5
278085cf88a57cc8c9bb777289e8e349
etag
"612591fbec7a6c9609f303bc61d422c0"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Fri, 12 Jun 2020 14:11:52 GMT
xd_arbiter.php?version=44
staticxx.facebook.com/connect
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/nl_BE/all.js?hash=6f15a19d12a41b3cd48a7899c1954c40&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Thu, 11 Jun 2020 07:01:44 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
OhjaEzsmsOUi8tKxwxFYTqDCbXjKGPhNJOnh5ZN2CWMO8+0O3HmHvAqvZuZRWSPy04jFlk4T9RCpbffhShnKHw==
content-length
11188
date
Thu, 13 Jun 2019 15:43:23 GMT
ping?client_id=151416288330052&domain=t.info.sodexobenefits.be&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df20b5e355b8b5e4%26domain%3D...
www.facebook.com/connect
0
0
Document
General
Full URL
https://www.facebook.com/connect/ping?client_id=151416288330052&domain=t.info.sodexobenefits.be&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df20b5e355b8b5e4%26domain%3Dt.info.sodexobenefits.be%26origin%3Dhttp%253A%252F%252Ft.info.sodexobenefits.be%252Ff3c3d0b5765dadc%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/nl_BE/all.js?hash=6f15a19d12a41b3cd48a7899c1954c40&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/connect/ping?client_id=151416288330052&domain=t.info.sodexobenefits.be&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df20b5e355b8b5e4%26domain%3Dt.info.sodexobenefits.be%26origin%3Dhttp%253A%252F%252Ft.info.sodexobenefits.be%252Ff3c3d0b5765dadc%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://t.info.sodexobenefits.be/mrx/794Un8CrD/319633/2783196378.html

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
NL6GMRt4jK/XVLpKd0iel7MWbMfFFnJRhXSFe+bI5BCd1EMH0XC59Qx+/kntrUsgiTF0PPyeNhyKpRSOjrjicQ==
date
Thu, 13 Jun 2019 15:43:23 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 17
  • http://connect.facebook.net/nl_BE/all.js
  • https://connect.facebook.net/nl_BE/all.js

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| DP_jQuery_1560440603268 function| fbAsyncInit function| fblike function| fblikebox function| fbcomment object| FB

0 Cookies

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

connect.facebook.net
mkt.sodexobenefits.be
staticxx.facebook.com
t.info.sodexobenefits.be
www.facebook.com
www.splio4.com


2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
46.19.183.69
91.190.170.12
91.190.170.47

09b03e6331c5cded98bbf83f40c7e947578f707f37e2d95e09e7c36cd258a344
0a315ae2f4a09a2b88049035e664e7ea889def52aa1cb4991060e685785decef
26609c4159511447de0554932f9c181395bad0f61d0d5b844e83563564e20f1e
433c126b3c13a2e61388d59e240040b8d72560f775e2b6ee19c11a43e81c124f
5d7c6a146fbb0f2fbe0efa1a1f70254d8295aaed4d329520cedb24fe2a651017
5f6b8a6d1c25376480829e0d7b9150be3db9c74f9e7059f5a010ca51551584cb
681f7539b2783425d161f903a9f422734face8ea6a3c0668066d3f8ae1ffc957
6cb229340749798463c8154407308701326bdcfab089c69190a42a17e29a4ac1
80d499178c26ea42ff22d6e2865a7b5e09bbd2acfca741b670b8605f2858c9dc
87047d392ef5b4e0f4b0802c91093a8d4c1c01d9c6bc6fd4c11c1662f0ebdd94
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
9502cd8701ea77bebd8eeb35d28d7c54bc9a349a3af023a70484ecb8f19750b2
9f7bf061b4e75a35a500bc2824f08a108e2fbecdb15310f557f82d697cd2697a
a1d88b2c952b790f5f23473c63ef99473327d02e11ebe174799ad912db08f629
a839662f79bbdf13251efaed32da8e1d894b5433d74990ac5c3ca333844c791a
c36028122e14e2fdecbec5dcbc95a1c69806bd84f452851c51f4167d4054cfe1
c8db1ff68e5c572238d2fd0a0f7b811ddba5a68bb4420a07cd0c68f53dae50ca
e03d42f25685a98df15ba0df66da08555edd712a4fb200c4a045a4ecc93e5717