Submitted URL: http://www.vml895.com/syn/rsvDDYGHttW4fEv/Qhday
Effective URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Submission: On November 16 via manual from FR — Scanned from FR

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 15 HTTP transactions. The main IP is 13.93.3.215, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is manletters.fr.
TLS certificate: Issued by R3 on November 11th 2022. Valid for: 3 months.
This is the only time manletters.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 213.186.33.17 16276 (OVH)
13 13.93.3.215 8075 (MICROSOFT...)
2 4 185.89.210.153 29990 (ASN-APPNEX)
15 2
Apex Domain
Subdomains
Transfer
13 manletters.fr
manletters.fr
320 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 426
4 KB
1 vml895.com
www.vml895.com
368 B
15 3
Domain Requested by
13 manletters.fr manletters.fr
4 secure.adnxs.com 2 redirects manletters.fr
1 www.vml895.com 1 redirects
15 3

This site contains links to these domains. Also see Links.

Domain
www.manageo.com
Subject Issuer Validity Valid
manletters.fr
R3
2022-11-11 -
2023-02-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Frame ID: E52A08A53325A8D63008B1628C7905E0
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Votre demande

Page URL History Show full URLs

  1. http://www.vml895.com/syn/rsvDDYGHttW4fEv/Qhday HTTP 302
    https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

87 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

322 kB
Transfer

319 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.vml895.com/syn/rsvDDYGHttW4fEv/Qhday HTTP 302
    https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://secure.adnxs.com/seg?add=6595252&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D6595252%26t%3D2
Request Chain 13
  • https://secure.adnxs.com/px?id=999050&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D999050%26t%3D1

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request formulaire32_2tps.jsp
manletters.fr/clt-mo/mList/gdt/
Redirect Chain
  • http://www.vml895.com/syn/rsvDDYGHttW4fEv/Qhday
  • https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
5 KB
2 KB
Document
General
Full URL
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
56052b4366c3923469906de14805b3c60f03f543f1380291805a05ffdfcd121f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 16 Nov 2022 15:14:22 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
ASP.NET

Redirect headers

content-type
text/html; charset=ISO-8859-1
date
Wed, 16 Nov 2022 15:14:22 GMT
location
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
server
Apache
transfer-encoding
chunked
x-iplb-instance
31560
x-iplb-request-id
B22190B1:E9B0_D5BA2111:0050_6374FE4E_D9C1:1FF06
x-powered-by
PHP/5.6
bootstrap.min.css
manletters.fr/resources/css/
118 KB
119 KB
Stylesheet
General
Full URL
https://manletters.fr/resources/css/bootstrap.min.css
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:22 GMT
Last-Modified
Wed, 10 Aug 2016 14:49:19 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"121200-1470840559198"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
121200
stylesheet.css
manletters.fr/resources/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://manletters.fr/resources/css/stylesheet.css
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
e6ccb78090c735ffe7b44d26aef00888e2a8072cf3b3490be9320799a224daf7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:22 GMT
Last-Modified
Mon, 22 Mar 2021 08:53:25 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"2202-1616403205994"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2202
style6.css
manletters.fr/clt-mo/mList/gdt/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://manletters.fr/clt-mo/mList/gdt/css/style6.css
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
955b4a7f13ef3827d1cbe6c5a5ccf5a6d306463355410380f5054661f5aadf49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:22 GMT
Last-Modified
Tue, 28 Jun 2022 07:25:15 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"2005-1656401115565"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2005
bg-form32.jpg
manletters.fr/clt-mo/mList/gdt/images/
12 KB
12 KB
Image
General
Full URL
https://manletters.fr/clt-mo/mList/gdt/images/bg-form32.jpg
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
74e6b2fe038eb60c93dd86244301edb9e415f273eded555fc6c046f9a4b0f664

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:23 GMT
Last-Modified
Tue, 23 Aug 2022 09:42:01 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"12141-1661247721090"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12141
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=6595252&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D6595252%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D6595252%26t%3D2
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:14:22 GMT
AN-X-Request-Uuid
f729aa4d-bcc3-43ff-b9d8-d083cad719d7
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.33.144.177; 178.33.144.177; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:14:22 GMT
AN-X-Request-Uuid
e54def28-6c9f-4e3f-a6f1-f3d6b77538a2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D6595252%26t%3D2
Connection
keep-alive
X-Proxy-Origin
178.33.144.177; 178.33.144.177; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jquery.1.12.4.min.js
manletters.fr/resources/js/
95 KB
95 KB
Script
General
Full URL
https://manletters.fr/resources/js/jquery.1.12.4.min.js
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:23 GMT
Last-Modified
Thu, 11 Aug 2016 12:20:18 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"97163-1470918018223"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97163
jquery.validate.min.js
manletters.fr/resources/js/validate/
22 KB
22 KB
Script
General
Full URL
https://manletters.fr/resources/js/validate/jquery.validate.min.js
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
f30c8cb3ab2e2723a9499ea38d8fac4e111163d2a7efa7e3f7110b7e5ab6c8cd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:23 GMT
Last-Modified
Wed, 24 Feb 2016 17:17:28 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"22691-1456334248000"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22691
additional-methods.min.js
manletters.fr/resources/js/validate/
17 KB
18 KB
Script
General
Full URL
https://manletters.fr/resources/js/validate/additional-methods.min.js
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
99bee0cc70753ea4fe224285132e7b27fb6771aac4e08f5b79cfde30a38daf23

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:23 GMT
Last-Modified
Wed, 24 Feb 2016 17:17:28 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"17738-1456334248000"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17738
messages_fr.min.js
manletters.fr/resources/js/validate/localization/
3 KB
3 KB
Script
General
Full URL
https://manletters.fr/resources/js/validate/localization/messages_fr.min.js
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
f4597c19f633ee2282afaae8ace31deca2abe4a98d96f372c0f63c6a857628c5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:23 GMT
Last-Modified
Wed, 24 Feb 2016 17:17:28 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"3075-1456334248000"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3075
triage.js
manletters.fr/resources/js/
2 KB
2 KB
Script
General
Full URL
https://manletters.fr/resources/js/triage.js
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
1fb8bad00662c0dd2efc86b6f99bbb43f8b0d3368aa885628452c0a401726d7d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:23 GMT
Last-Modified
Mon, 22 Mar 2021 09:09:37 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"1696-1616404177657"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1696
bootstrap.min.js
manletters.fr/resources/js/
36 KB
36 KB
Script
General
Full URL
https://manletters.fr/resources/js/bootstrap.min.js
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:23 GMT
Last-Modified
Wed, 10 Aug 2016 14:49:20 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"37045-1470840560671"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37045
form_popUp.js
manletters.fr/resources/js/
2 KB
3 KB
Script
General
Full URL
https://manletters.fr/resources/js/form_popUp.js
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
3d3f26f4ff78283e29f5c9c9031b28572f84545befcb9c39aa983b68650f7f54

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:23 GMT
Last-Modified
Tue, 22 May 2018 15:46:53 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"2522-1527004013142"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2522
form.js
manletters.fr/clt-mo/mList/gdt/js/
2 KB
2 KB
Script
General
Full URL
https://manletters.fr/clt-mo/mList/gdt/js/form.js
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.93.3.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
reverse.westeurope.cloudapp.azure.com
Software
nginx/1.14.0 (Ubuntu) / ASP.NET
Resource Hash
aac38cfcf5febe0c9327e9336dbbb088158853063281306c476c5da1e1151010

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:14:23 GMT
Last-Modified
Fri, 26 Nov 2021 08:59:38 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
ASP.NET
ETag
W/"1656-1637917178213"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1656
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=999050&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D999050%26t%3D1
0
1019 B
Script
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D999050%26t%3D1
Requested by
Host: manletters.fr
URL: https://manletters.fr/clt-mo/mList/gdt/formulaire32_2tps.jsp?campagne=emb_2022-10
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://manletters.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:14:23 GMT
AN-X-Request-Uuid
7ef34263-14cd-418e-b33c-3305f8ac3e57
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.33.144.177; 178.33.144.177; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:14:22 GMT
AN-X-Request-Uuid
4e02a54a-a2b6-44ae-ae77-088a627f8ce4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D999050%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.33.144.177; 178.33.144.177; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery112405689561911853815 function| updateQueryStringParameter function| removeParam function| getUrlParameter

3 Cookies

Domain/Path Name / Value
manletters.fr/ Name: JSESSIONID
Value: 9B1D444932F604582823688277C8D50A
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2C')pSW#(!]tbP6j2F-XstGt!@D[a$iSJ4
.adnxs.com/ Name: uuid2
Value: 2771859618238720015