links.mdz01.fr Open in urlscan Pro
176.126.250.255 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.mdz01.fr/c/ixe/oCM/aI6gcoJ1HDGuDJlQRPcUJa/Fq/WbA4/F/d7f24081
Effective URL:
https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c
Submission: On March 09 via manual (March 9th 2022, 1:45:30 pm UTC) from FR — Scanned from FR

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 5 domains to perform 9 HTTP transactions. The main IP is 176.126.250.255, located in Poland and belongs to IQPL-AS, PL. The main domain is links.mdz01.fr.
TLS certificate: Issued by R3 on July 6th 2021. Valid for: 3 months.

This is the only time links.mdz01.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	176.126.250.255 176.126.250.255	47544 (IQPL-AS) (IQPL-AS)
1 2	13.69.68.37 13.69.68.37	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	172.67.148.225 172.67.148.225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.232.196.59 109.232.196.59	50234 (EULERIAN-AS) (EULERIAN-AS)
1 2	188.114.97.7 188.114.97.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	5

3 176.126.250.255 (Poland) 2 redirects

ASN47544 (IQPL-AS, PL)
PTR: 176-126-250-255.rev.iq.pl

links.mdz01.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.68.37 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.ar-mtch1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.148.225 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gamguiwill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.232.196.59 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: sfr.eulerian.net

ert5.rmcsport.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.7 (Medellín, Colombia) 1 redirects

ASN13335 (CLOUDFLARENET, US)

collecte.aventurecollecte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	gamguiwill.com www.gamguiwill.com	430 KB
3	mdz01.fr 2 redirects links.mdz01.fr	4 KB
2	aventurecollecte.com 1 redirects collecte.aventurecollecte.com	1001 B
2	ar-mtch1.com 1 redirects r.ar-mtch1.com — Cisco Umbrella Rank: 632848	502 B
1	rmcsport.tv ert5.rmcsport.tv	1 KB
9	5

	Domain	Requested by
5	www.gamguiwill.com	links.mdz01.fr
3	links.mdz01.fr	2 redirects
2	collecte.aventurecollecte.com	1 redirects links.mdz01.fr
2	r.ar-mtch1.com	1 redirects links.mdz01.fr
1	ert5.rmcsport.tv	links.mdz01.fr
9	5

This site contains no links.

Subject Issuer	Validity	Valid
links.mdz01.fr R3	`2021-07-06` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-10` - `2022-07-09`	a year	crt.sh
ert5.rmcsport.tv R3	`2022-02-03` - `2022-05-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c
Frame ID: 8F5FF6023435F971C815DE3E536FE0FA
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.mdz01.fr/c/ixe/oCM/aI6gcoJ1HDGuDJlQRPcUJa/Fq/WbA4/F/d7f24081 HTTP 302
https://r.ar-mtch1.com/Redirect?pid=FB&chid=XM&md5=39b9ac3c048d91f326f33ace4b6b1941&sha256=96f8a830... HTTP 302
https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c Page URL

Page Statistics

9
Requests

67 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

5
Countries

435 kB
Transfer

440 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.mdz01.fr/c/ixe/oCM/aI6gcoJ1HDGuDJlQRPcUJa/Fq/WbA4/F/d7f24081 HTTP 302
https://r.ar-mtch1.com/Redirect?pid=FB&chid=XM&md5=39b9ac3c048d91f326f33ace4b6b1941&sha256=96f8a830b9b53b108765f94b28d551d664df03763d2967cfb039fb746afdec04&url=https%3a%2f%2flinks.mdz01.fr%2fv%2fixe%2faI6gcoJ1HDGuDJlQRPcUJa%2fb065ec4c&type=c&list=TUP+OK+FULL&esp=F HTTP 302
https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://collecte.aventurecollecte.com/tracking/?type=displayemail&i=fbe0dhf0dfjc0bfbec0cjdgfb&avuid=[subscriber_custom_id] HTTP 301
https://collecte.aventurecollecte.com/tracking/?type=displayemail&iid=fbe0dhf0dfjc0bfbec0cjdgfb&avuid=[subscriber_custom_id]

Request Chain 7

https://links.mdz01.fr/o/ixe/aI6gcoJ1HDGuDJlQRPcUJa/WbA4/F/dfdb191f HTTP 302
https://r.ar-mtch1.com/Redirect?pid=FB&chid=XM&md5=39b9ac3c048d91f326f33ace4b6b1941&sha256=96f8a830b9b53b108765f94b28d551d664df03763d2967cfb039fb746afdec04&type=o&list=TUP+OK+FULL&esp=F

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request b065ec4c Show response
links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/
Redirect Chain

https://links.mdz01.fr/c/ixe/oCM/aI6gcoJ1HDGuDJlQRPcUJa/Fq/WbA4/F/d7f24081
https://r.ar-mtch1.com/Redirect?pid=FB&chid=XM&md5=39b9ac3c048d91f326f33ace4b6b1941&sha256=96f8a830b9b53b108765f94b28d551d664df03763d2967cfb039fb746afdec04&url=https%3a%2f%2flinks.mdz01.fr%2fv%2fix...
https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c

12 KB
4 KB

95ms
95ms

Document
text/html

176.126.250.255
IQPL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.126.250.255 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 176-126-250-255.rev.iq.pl
Software: /
Resource Hash: bc7a655babf2071d7cc8275619786b69cb818b25e9ae4ac465f36b50a350f46d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 09 Mar 2022 13:45:24 GMT
content-length: 3545

Redirect headers

location: https://links.mdz01.fr:443/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Wed, 09 Mar 2022 13:45:25 GMT
content-length: 0

GET
H2 200 header.png
www.gamguiwill.com/content/20220304113217_1251/ 260 KB
261 KB 83ms
29ms Image
image/png 172.67.148.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gamguiwill.com/content/20220304113217_1251/header.png
Requested by: Host: links.mdz01.fr
URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.148.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7975db82c98d10779e4226ee4fef0682c923fd767dcd13e35c18563571bf85

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://links.mdz01.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 13:45:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 266412
last-modified: Fri, 04 Mar 2022 10:32:17 GMT
server: cloudflare
etag: "410ac-5d9620762cc55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ba9Ay1Puj2zz%2FAjOxgHLreyX7C1yGVX%2BS%2BEEzouvk7V2T5YG%2B9spSmpNbhqUjac%2F5NV7VR6qgk50RJakjcSX%2FWRtrt2r2%2BsxSQ3o4Q1zka7F%2FrmLZulLy9JOOJgb8YGVb395XCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6e9440404f79ede7-CDG

GET
H2 200 real.png
www.gamguiwill.com/content/20220304113216_1237/ 32 KB
32 KB 102ms
48ms Image
image/png 172.67.148.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gamguiwill.com/content/20220304113216_1237/real.png
Requested by: Host: links.mdz01.fr
URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.148.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b5f327912a02f40e110a886e4f5dbd41cb447769ee11197a9fb27c0b57fcce

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://links.mdz01.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 13:45:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2741
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32823
last-modified: Fri, 04 Mar 2022 10:32:16 GMT
server: cloudflare
etag: "8037-5d962075a024d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=et4y%2BFaiI6sckdyriS3yl%2FY6p9Rg0aVH%2B6MTiejsR%2FcMutu0ZjKMiXSzUFNJY5dqWU%2FJ1ESGu15CEfoBOE%2FQIvTZMgufc5ejF0fINSpkhowIMkyaeYvcgwZfyGOuB2y1fOMfv9M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6e9440404f7cede7-CDG

GET
H2 200 cta.png
www.gamguiwill.com/content/20220304113216_1723/ 3 KB
3 KB 101ms
48ms Image
image/png 172.67.148.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gamguiwill.com/content/20220304113216_1723/cta.png
Requested by: Host: links.mdz01.fr
URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.148.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367196b8d81f148a771c7d341af3bab50503e412e9a69ce28579f2c5f7bfc928

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://links.mdz01.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 13:45:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6720
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2844
last-modified: Fri, 04 Mar 2022 10:32:16 GMT
server: cloudflare
etag: "b1c-5d96207581dec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3yOHqAy0Kd8Xf62ybJ9O3pnBlUd2cs8tmbWs4wbjcSiWrtzapLnx9SSn1vge6M2d1G9HN8FwHVHA72MX%2FGVaMCyYlM3XNHX8nVMI06MLcJ6Ry4hhOg8QH%2FWFUYJtiPvb1e83Qo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6e9440404f7dede7-CDG

GET
H2 200 tetes.png
www.gamguiwill.com/content/20220304113216_1846/ 26 KB
26 KB 101ms
47ms Image
image/png 172.67.148.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gamguiwill.com/content/20220304113216_1846/tetes.png
Requested by: Host: links.mdz01.fr
URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.148.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90b0f457365e568f82877ecd3e70334b500bda0915b8e72060e8064cfcf04a2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://links.mdz01.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 13:45:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6783
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26608
last-modified: Fri, 04 Mar 2022 10:32:16 GMT
server: cloudflare
etag: "67f0-5d962075a11ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDqMs06mCxGSPMjUNCbIvw4bicdcMxRhyumPp42g%2FTzo22MuKAL674LjVyaK4euumwI%2BKffdBJp3VTJqTi0ayhmy%2BVwYcJuQ1A7hKrZO6yU2L20qEp%2BrLEGDwqbEHlZ%2FzdQTaVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6e9440404f7eede7-CDG

GET
H2 200 right.png
www.gamguiwill.com/content/20220304113217_1419/ 107 KB
107 KB 101ms
48ms Image
image/png 172.67.148.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gamguiwill.com/content/20220304113217_1419/right.png
Requested by: Host: links.mdz01.fr
URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.148.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc5fd3c959dbb676e38ee9759c28db44d11fd98e1f27e423200eeb48990916ad

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://links.mdz01.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 13:45:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 109280
last-modified: Fri, 04 Mar 2022 10:32:17 GMT
server: cloudflare
etag: "1aae0-5d962075c82ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keYG2TYwrN9M1%2Fw4yGNaBdgj6Xyyy5W9xX%2B4Ru4DlvFlC3ECS7rVPdyVGgKy0Nr4fgzDYODuRCfpPdz4PLn5Us%2Bi4URwx7IdBGYds1RH3gfq9XlJNq1ogkeXgIo52Pfj1NCDK3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6e9440404f7fede7-CDG

GET
H/1.1 200
OK pix.gif
ert5.rmcsport.tv/dynview/rmcsport/ 163 B
1 KB 128ms
24ms Image
image/png 109.232.196.59
EULERIAN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ert5.rmcsport.tv/dynview/rmcsport/pix.gif?eml-publisher=Adventure-Conseil&eml-name=Email-Acquisition-Payant-prospect-tr-ott_8e_PSG_6mars2022-ac&eseg-name=idrouteur&eseg-item=3592&ea-rnd=[RANDOM]

Requested by

Host: links.mdz01.fr
URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.196.59 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

sfr.eulerian.net

Software

EWS /

Resource Hash

6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://links.mdz01.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Wed, 09 Mar 2022 13:45:25 GMT
X-Content-Type-Options: nosniff
Server: EWS
Strict-Transport-Security: max-age=604800
Content-Type: image/png
Cache-Control: max-age=0, private
Connection: Close
Accept-Ranges: none
X-Robots-Tag: noindex
Content-Length: 163
X-XSS-Protection: 0

GET
H2

200

/
collecte.aventurecollecte.com/tracking/
Redirect Chain

https://collecte.aventurecollecte.com/tracking/?type=displayemail&i=fbe0dhf0dfjc0bfbec0cjdgfb&avuid=[subscriber_custom_id]
https://collecte.aventurecollecte.com/tracking/?type=displayemail&iid=fbe0dhf0dfjc0bfbec0cjdgfb&avuid=[subscriber_custom_id]

42 B
387 B

45ms
45ms

Image
image/gif

188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collecte.aventurecollecte.com/tracking/?type=displayemail&iid=fbe0dhf0dfjc0bfbec0cjdgfb&avuid=[subscriber_custom_id]
Requested by: Host: links.mdz01.fr
URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c
Protocol: H2
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://links.mdz01.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 13:45:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lR%2B7g%2FxeN%2BIISsQHDNCQSr2U5LSs8aWwDbYiEhuWB3AEYDsqxO6W%2BkyTd5tdODjKkfh%2FGtZgD9m9JvSLhqXVLVfZTl9mb3%2BxQ3%2FLz8Sefid8vVJPjrUWsEwni6mqTc5iCZsA1ehEzabOXHLxLXxbsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, must-revalidate
cf-ray: 6e9440409a06edfb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 09 Mar 2022 13:45:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnYJE2urXMYnrutbgLKYJwezqxPvCbQ7%2Frr7O4z3UkA%2FYArBTJaj4rmv78U1cdKj1vJhwqZ5Mv7DqUGK00ZB2XbfbBpjIl%2BnqZjNRJLqV8Zxr6fWVkg1xEP14vp5W0xFTi%2F9xVroDqo%2BPdVacCutRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: http://collecte.aventurecollecte.com/tracking/?type=displayemail&iid=fbe0dhf0dfjc0bfbec0cjdgfb&avuid=[subscriber_custom_id]
cf-ray: 6e94404049acedfb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

Redirect
r.ar-mtch1.com/
Redirect Chain

https://links.mdz01.fr/o/ixe/aI6gcoJ1HDGuDJlQRPcUJa/WbA4/F/dfdb191f
https://r.ar-mtch1.com/Redirect?pid=FB&chid=XM&md5=39b9ac3c048d91f326f33ace4b6b1941&sha256=96f8a830b9b53b108765f94b28d551d664df03763d2967cfb039fb746afdec04&type=o&list=TUP+OK+FULL&esp=F

43 B
195 B

31ms
31ms

Image
image/gif

13.69.68.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ar-mtch1.com/Redirect?pid=FB&chid=XM&md5=39b9ac3c048d91f326f33ace4b6b1941&sha256=96f8a830b9b53b108765f94b28d551d664df03763d2967cfb039fb746afdec04&type=o&list=TUP+OK+FULL&esp=F
Requested by: Host: links.mdz01.fr
URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c
Protocol: H2
Server: 13.69.68.37 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://links.mdz01.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 13:45:25 GMT
cache-control: no-cache, max-age=0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 43
content-type: image/gif

Redirect headers

location: https://r.ar-mtch1.com/Redirect?pid=FB&chid=XM&md5=39b9ac3c048d91f326f33ace4b6b1941&sha256=96f8a830b9b53b108765f94b28d551d664df03763d2967cfb039fb746afdec04&type=o&list=TUP+OK+FULL&esp=F
date: Wed, 09 Mar 2022 13:45:24 GMT
cache-control: private
content-length: 326
content-type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
links.mdz01.fr/	1969-12-31 23:59:59	Name: TEMP_DATA Value: 05fd0d42-adfe-456b-aaf8-61cf301e9dcf
links.mdz01.fr/	1969-12-31 23:59:59	Name: esg1 Value: ixe/oCM/aI6gcoJ1HDGuDJlQRPcUJa/Fq/WbA4/F/e80f0356
.rmcsport.tv/	1970-01-20 10:53:08	Name: etuix Value: mnimlWpArvRWyuajNRO0QcFXtJdyo9GuOZBtGDGEWX5L6027AmFsbg--
.rmcsport.tv/	1970-01-20 10:53:08	Name: et0 Value: 5ttvL4jOGPlmOocib7k9Bmn9T0qxQMhB93.z2NPfhsU.MJYVgBt4ut5PVUGVZMY61a3Gm.rarP5ujWGZIUJVqY0fYtbvhtQuT.5i7egQ6HJ4pH.G_kPMkZFr_.J1VaNc8zXsYA--
.rmcsport.tv/	1970-01-20 10:53:08	Name: et Value: 1

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://www.gamguiwill.com/content/20220304113217_1251/header.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://www.gamguiwill.com/content/20220304113216_1237/real.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://www.gamguiwill.com/content/20220304113216_1723/cta.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://www.gamguiwill.com/content/20220304113216_1846/tetes.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://www.gamguiwill.com/content/20220304113217_1419/right.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://ert5.rmcsport.tv/dynview/rmcsport/pix.gif?eml-publisher=Adventure-Conseil&eml-name=Email-Acquisition-Payant-prospect-tr-ott_8e_PSG_6mars2022-ac&eseg-name=idrouteur&eseg-item=3592&ea-rnd=[RANDOM]'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://collecte.aventurecollecte.com/tracking/?type=displayemail&i=fbe0dhf0dfjc0bfbec0cjdgfb&avuid=[subscriber_custom_id]'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c(Line 142) Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://www.gamguiwill.com/content/20220304113217_1251/header.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c(Line 142) Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://www.gamguiwill.com/content/20220304113216_1237/real.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c(Line 142) Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://www.gamguiwill.com/content/20220304113216_1723/cta.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c(Line 142) Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://www.gamguiwill.com/content/20220304113216_1846/tetes.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c(Line 142) Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://www.gamguiwill.com/content/20220304113217_1419/right.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://ert5.rmcsport.tv/dynview/rmcsport/pix.gif?eml-publisher=Adventure-Conseil&eml-name=Email-Acquisition-Payant-prospect-tr-ott_8e_PSG_6mars2022-ac&eseg-name=idrouteur&eseg-item=3592&ea-rnd=[RANDOM]'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c Message: Mixed Content: The page at 'https://links.mdz01.fr/v/ixe/aI6gcoJ1HDGuDJlQRPcUJa/b065ec4c' was loaded over HTTPS, but requested an insecure element 'http://collecte.aventurecollecte.com/tracking/?type=displayemail&i=fbe0dhf0dfjc0bfbec0cjdgfb&avuid=[subscriber_custom_id]'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collecte.aventurecollecte.com
ert5.rmcsport.tv
links.mdz01.fr
r.ar-mtch1.com
www.gamguiwill.com
109.232.196.59
13.69.68.37
172.67.148.225
176.126.250.255
188.114.97.7
367196b8d81f148a771c7d341af3bab50503e412e9a69ce28579f2c5f7bfc928
6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1
6e7975db82c98d10779e4226ee4fef0682c923fd767dcd13e35c18563571bf85
a90b0f457365e568f82877ecd3e70334b500bda0915b8e72060e8064cfcf04a2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3b5f327912a02f40e110a886e4f5dbd41cb447769ee11197a9fb27c0b57fcce
bc7a655babf2071d7cc8275619786b69cb818b25e9ae4ac465f36b50a350f46d
cc5fd3c959dbb676e38ee9759c28db44d11fd98e1f27e423200eeb48990916ad

links.mdz01.fr Open in urlscan Pro 176.126.250.255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

9 Requests

67 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

5 Countries

435 kBTransfer

440 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

5 Cookies

14 Console Messages

Indicators

links.mdz01.fr Open in urlscan Pro
176.126.250.255 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

67 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

5
Countries

435 kB
Transfer

440 kB
Size

5
Cookies

9 HTTP transactions
0 data transactions