urlscan.io logo urlscan.io
SecurityTrails logo

delta-receipt.gq Open in urlscan Pro
51.38.176.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/track-url/fh255m55fqaa8/5875b19f864af2c21eb0453e5630b006e778f397
Effective URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Submission Tags: falconsandbox
Submission: On October 05 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 51.38.176.9, located in France and belongs to OVH, FR. The main domain is delta-receipt.gq.
TLS certificate: Issued by R3 on July 22nd 2022. Valid for: 3 months.
This is the only time delta-receipt.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 51.38.176.9 16276 (OVH)
1 95.216.114.195 24940 (HETZNER-AS)
1 35.186.231.97 15169 (GOOGLE)
9 18.66.112.110 16509 (AMAZON-02)
13 5
Apex Domain
Subdomains		 Transfer
10 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 70067
vht.tradedoubler.com — Cisco Umbrella Rank: 97076
714 KB
2 delta-receipt.gq
delta-receipt.gq
27 KB
1 ideepourpro.com
hp1gbd78e5p.ideepourpro.com
482 B
0 gstatic.com Failed
fonts.gstatic.com Failed
13 4
Domain Requested by
9 vht.tradedoubler.com delta-receipt.gq
2 delta-receipt.gq 1 redirects
1 clk.tradedoubler.com delta-receipt.gq
1 hp1gbd78e5p.ideepourpro.com delta-receipt.gq
0 fonts.gstatic.com Failed delta-receipt.gq
13 5

This site contains links to these domains. Also see Links.

Domain
hp1gbd78e5p.ideepourpro.com
Subject Issuer Validity Valid
delta-receipt.gq
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh
hp1gbd78e5p.ideepourpro.com
R3		 2022-09-27 -
2022-12-26		 3 months crt.sh
*.tradedoubler.com
R3		 2022-09-28 -
2022-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Frame ID: A87F5F750FC11B6114DBB2D11CC5D647
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

 

Page URL History Show full URLs

  1. https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/track-url/fh255m55fqaa8/5875b19f864af2c21e... HTTP 301
    https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

741 kB
Transfer

735 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/track-url/fh255m55fqaa8/5875b19f864af2c21eb0453e5630b006e778f397 HTTP 301
    https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fh255m55fqaa8
delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/
Redirect Chain
  • https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/track-url/fh255m55fqaa8/5875b19f864af2c21eb0453e5630b006e778f397
  • https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
26 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.38.176.9 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-1ae063ef.vps.ovh.net
Software
nginx/1.20.1 / PHP/7.2.24
Resource Hash
12076ba1b1a837eb8da7af0544c424536eea364783660b8e7e9922857733aecd
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Oct 2022 09:50:43 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.20.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.24
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Oct 2022 09:50:43 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Wed, 05 Oct 2022 09:50:43 GMT
Location
https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Pragma
no-cache
Server
nginx/1.20.1
X-Powered-By
PHP/7.2.24
X-XSS-Protection
1; mode=block
fh255m55fqaa8
hp1gbd78e5p.ideepourpro.com/index.php/campaigns/gb296a1llb738/track-opening/ 		0
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hp1gbd78e5p.ideepourpro.com/index.php/campaigns/gb296a1llb738/track-opening/fh255m55fqaa8
Requested by
Host: delta-receipt.gq
URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.114.195 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.195.114.216.95.clients.your-server.de
Software
Apache / PHP/7.2.24
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delta-receipt.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 09:50:44 GMT
Last-Modified
Wed, 05 Oct 2022 09:50:44 GMT
Server
Apache
X-Powered-By
PHP/7.2.24
P3P
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Content-Type
application/json
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 26 Jul 1997 05:00:00 GMT
click
clk.tradedoubler.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=297293&a=2932917&g=25173748&url=https://fonts.googleapis.com/css2?family=Poppins:wght@500&display=swap
Requested by
Host: delta-receipt.gq
URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.231.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delta-receipt.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
Bouygues_entreprises.png
vht.tradedoubler.com/file/297293/0222/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vht.tradedoubler.com/file/297293/0222/img/Bouygues_entreprises.png
Requested by
Host: delta-receipt.gq
URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
d0cfad52ccbf1a7e5df074898608b4bf5d24caac433fdd967db3965bcc700672
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delta-receipt.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Wed, 05 Oct 2022 07:08:20 GMT
Via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Age
19879
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
11145
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 15 Feb 2022 08:36:29 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
zNay_NLn30ccPktBnFBKVy3pXS7FGYFWliWE1eVe690RTRiIM3HDXQ==
iphone.png
vht.tradedoubler.com/file/297293/0222/img/ 		185 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vht.tradedoubler.com/file/297293/0222/img/iphone.png
Requested by
Host: delta-receipt.gq
URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
c49218d5ec67c369930e9ffda23631affa1dd0e08d656aac406c587d43624f0f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delta-receipt.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Sat, 01 Oct 2022 02:19:56 GMT
Via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Age
372647
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
189594
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 15 Feb 2022 08:36:30 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
Oy4ZA5pdlH_FeT93tnW9dfB3SVZN46W9ZCPCw2k01fQmg1sHcX1AZw==
cta_profite.png
vht.tradedoubler.com/file/297293/0222/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vht.tradedoubler.com/file/297293/0222/img/cta_profite.png
Requested by
Host: delta-receipt.gq
URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b9fd61615469216a6f1973f62e1c10ff81afebcc89484bb554930f459c2dc39a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delta-receipt.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Wed, 28 Sep 2022 17:38:18 GMT
Via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Age
576745
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2327
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 15 Feb 2022 08:36:29 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
sygSODJVO3tYMyzjYmLSzlT_kBs-HnHGYc8akKlEWujU0hVAP3YIhw==
picto_1.png
vht.tradedoubler.com/file/297293/0222/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vht.tradedoubler.com/file/297293/0222/img/picto_1.png
Requested by
Host: delta-receipt.gq
URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
5db76dbb1d15a78d1bd18e7d5a7bff21c2b8049327e53a6fe4622051d2944948
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delta-receipt.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Wed, 05 Oct 2022 07:08:20 GMT
Via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Age
110342
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3227
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 15 Feb 2022 08:36:30 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
BAM4bfksPG3sXkaXuu64BqT0TB4QkzObLx7xzEg0d_XoYYzxJ0eEmg==
picto_2.png
vht.tradedoubler.com/file/297293/0222/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vht.tradedoubler.com/file/297293/0222/img/picto_2.png
Requested by
Host: delta-receipt.gq
URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
5d0b97e8335ef1aae6daa908cb1baf3e3c38d61d70ce1b66e98c92eb4cfb8c85
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delta-receipt.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Wed, 28 Sep 2022 18:28:24 GMT
Via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Age
573739
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3025
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 15 Feb 2022 08:36:30 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
AiYPoY_DViqpZYDB335TOIv-dD06W_tdp3vawPcy7NR2AfYqCYSXKg==
picto_3.png
vht.tradedoubler.com/file/297293/0222/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vht.tradedoubler.com/file/297293/0222/img/picto_3.png
Requested by
Host: delta-receipt.gq
URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
c9b29b829f02ae09128ce8cfc25d347ef0a693368fec4a62dcd3f37203620453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delta-receipt.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Wed, 05 Oct 2022 07:08:20 GMT
Via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Age
103015
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3346
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 15 Feb 2022 08:36:30 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
4juzmSCzZ1k04g9befLKDsFGkuSZldeA-w0EoIhueTndAe_nP2dLkw==
rep_mobile.png
vht.tradedoubler.com/file/297293/0222/img/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vht.tradedoubler.com/file/297293/0222/img/rep_mobile.png
Requested by
Host: delta-receipt.gq
URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
afcc6252201c37c4925f094197dd8e8c99942d7ccb7a287362e35322eaa2acba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delta-receipt.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Wed, 28 Sep 2022 18:28:23 GMT
Via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Age
573740
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
15257
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 15 Feb 2022 08:36:30 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
oO0Mns4n1l3CxmHSxhTt3lMU6HNgXJ04gX4-ftdMhF1tmBuiBqZrGQ==
cta_legeste.png
vht.tradedoubler.com/file/297293/0222/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vht.tradedoubler.com/file/297293/0222/img/cta_legeste.png
Requested by
Host: delta-receipt.gq
URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
9160ebad59bcb88db191892ba2cf80b80be8a54fae501a6dbb8a06cb9fb07362
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delta-receipt.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 04 Oct 2022 07:55:25 GMT
Via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Age
93318
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3217
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 15 Feb 2022 08:36:29 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
DpVPBKPZoXhOQ5xfcx70fbfjrcnGXZUtzS7g4_sPKicMB5E001sAvw==
cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff
fonts.gstatic.com/s/opensans/v10/ 		0
0
bouygues_fond.jpg
vht.tradedoubler.com/file/297293/0222/img/ 		483 KB
483 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vht.tradedoubler.com/file/297293/0222/img/bouygues_fond.jpg
Requested by
Host: delta-receipt.gq
URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
5c1eebf127f686aa5c07240cdbe2162002bb5498600c939972aba08ca248a85e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delta-receipt.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Wed, 05 Oct 2022 07:08:20 GMT
Via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Age
103015
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
494219
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 15 Feb 2022 08:36:29 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
X-Amz-Cf-Id
3X9WDPpQnxd5vTYy-9WEFtrI9BflvglLLLyrN4FwM-1_-4chf6D7Gw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.gstatic.com
URL
http://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

1 Cookies

Domain/Path Name / Value
delta-receipt.gq/ Name: mwsid
Value: vhsa9nfb0it7jlh769rbrpuis9

1 Console Messages

Source Level URL
Text
security error URL: https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8(Line 227)
Message:
Mixed Content: The page at 'https://delta-receipt.gq/index.php/campaigns/gb296a1llb738/web-version/fh255m55fqaa8' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block