urlscan.io logo urlscan.io
SecurityTrails logo

m.welcome-email.com Open in urlscan Pro
91.192.43.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://m.welcome-email.com/re?l=BD0Iasa3wlI3dfemhlIkzp2p5boI0&u=http%3A%2F%2Fm.welcome-email.com%2Fpublic%2Fread_message.js...
Effective URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Submission: On February 16 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 24 HTTP transactions. The main IP is 91.192.43.154, located in Germany and belongs to GLOBALACCESS, DE. The main domain is m.welcome-email.com.
This is the only time m.welcome-email.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 91.192.43.154 15960 (GLOBALACCESS)
21 195.154.170.50 12876 (Online SAS)
2 2 13.36.220.215 16509 (AMAZON-02)
1 45.60.64.60 19551 (INCAPSULA)
24 3
Apex Domain
Subdomains		 Transfer
21 remktg.com
img.remktg.com
144 KB
4 welcome-email.com
m.welcome-email.com
22 KB
2 commander1.com
ricaud.commander1.com — Cisco Umbrella Rank: 519812
3 KB
1 ricaud.com
www.ricaud.com
24 4
Domain Requested by
21 img.remktg.com m.welcome-email.com
4 m.welcome-email.com 2 redirects m.welcome-email.com
2 ricaud.commander1.com 2 redirects
1 www.ricaud.com m.welcome-email.com
24 4

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Frame ID: 5AB7D787292FA8ECE14626509B1C462A
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dr Pierre Ricaud

Page URL History Show full URLs

  1. http://m.welcome-email.com/re?l=BD0Iasa3wlI3dfemhlIkzp2p5boI0&u=http%3A%2F%2Fm.welcome-email.com%2Fpubl... HTTP 302
    http://m.welcome-email.com/public/read_message.jsp?tsp=1644986850770&custid=6765&uid=7342283865&sig=KIA... HTTP 302
    http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162 Page URL

Page Statistics

24
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

165 kB
Transfer

159 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://m.welcome-email.com/re?l=BD0Iasa3wlI3dfemhlIkzp2p5boI0&u=http%3A%2F%2Fm.welcome-email.com%2Fpublic%2Fread_message.jsp%3Ftsp%3D1644986850770%26custid%3D6765%26uid%3D7342283865%26sig%3DKIAFOCEJPINFBKEK%26mid%3D652162629&s=PBAKOCFBBHOIJOEL HTTP 302
    http://m.welcome-email.com/public/read_message.jsp?tsp=1644986850770&custid=6765&uid=7342283865&sig=KIAFOCEJPINFBKEK&mid=652162629 HTTP 302
    http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://ricaud.commander1.com/c3/?tcs=2333&chn=NewsProspects&src=medianoe&med=email-paid&cmp=frfr-dpr-boucle-prm-email&pub=2022-02-16-multi-multi-emailprm-offer&url=https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-16-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet HTTP 302
  • https://ricaud.commander1.com/c3/?firsttime=1&tcs=2333&chn=NewsProspects&src=medianoe&med=email-paid&cmp=frfr-dpr-boucle-prm-email&pub=2022-02-16-multi-multi-emailprm-offer&url=https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-16-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet HTTP 302
  • https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-16-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request read_message.jsp;jsessionid=0;apw71
m.welcome-email.com/public/
Redirect Chain
  • http://m.welcome-email.com/re?l=BD0Iasa3wlI3dfemhlIkzp2p5boI0&u=http%3A%2F%2Fm.welcome-email.com%2Fpublic%2Fread_message.jsp%3Ftsp%3D1644986850770%26custid%3D6765%26uid%3D7342283865%26sig%3DKIAFOCE...
  • http://m.welcome-email.com/public/read_message.jsp?tsp=1644986850770&custid=6765&uid=7342283865&sig=KIAFOCEJPINFBKEK&mid=652162629
  • http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
21 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
91.192.43.154 , Germany, ASN15960 (GLOBALACCESS, DE),
Reverse DNS
Software
WebServer /
Resource Hash
57ba09b96dfd1087c48a8e67574a786b046f4de44f37a33d6f86ad1ace146d9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Server
WebServer
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Feature-Policy
autoplay 'self'; camera 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self';
X-Content-Type-Options
nosniff
P3P
CP="CAO PSA OUR"
Expires
Tue, 15 Feb 2022 05:28:29 GMT
Pragma
no-cache
Cache-control
max-age=0, private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Type
text/html;charset=UTF-8
Keep-Alive
timeout=2, max=1
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Date
Wed, 16 Feb 2022 05:28:29 GMT
Server
WebServer
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Feature-Policy
autoplay 'self'; camera 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self';
X-Content-Type-Options
nosniff
Location
http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Content-Length
0
Connection
close
logo.gif
img.remktg.com/ricaud/fr/template/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/logo.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
dd71942414d0d786f8a3f9f047bdf4780b66bf70b984578650c6b8b29e5902ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Tue, 21 Sep 2021 12:42:33 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6149d339-b40"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2880
visage.gif
img.remktg.com/ricaud/fr/template/img/ 		562 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/visage.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
cd25b22f8f574e36fcec541a41102a7b4e53c93b2152e097c225461497985365

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
ETag
"232-5cc80bdccf4c2"
Last-Modified
Tue, 21 Sep 2021 12:43:15 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
562
maquillage.gif
img.remktg.com/ricaud/fr/template/img/ 		472 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/maquillage.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
7c348d427d10f1c1356cd69ec626d58858f9feba8ca48d0a24ba13cbe1f84c98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
ETag
"1d8-5cc80bdccf4c2"
Last-Modified
Tue, 21 Sep 2021 12:43:15 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
472
corpsetcheveux.gif
img.remktg.com/ricaud/fr/template/img/ 		580 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/corpsetcheveux.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
cb3f4c549fb2dff8d5147ca93cd03fb224108b37a838ab878c84b23f51573302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
ETag
"244-5cc80bdb749b7"
Last-Modified
Tue, 21 Sep 2021 12:43:14 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
580
lamarque.gif
img.remktg.com/ricaud/fr/template/img/ 		415 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/lamarque.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
97e3dab77d984185d8ac9938d7b2d3b95a627127894e6ecf8cb1abe38bb72086

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
ETag
"19f-5cc80bdb7b718"
Last-Modified
Tue, 21 Sep 2021 12:43:14 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
415
pxl.gif
img.remktg.com/ricaud/fr/2022-02/11/img/ 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/pxl.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
ETag
"2b-5d7ac37937fd0"
Last-Modified
Thu, 10 Feb 2022 16:12:30 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
accroche_cadeau.gif
img.remktg.com/ricaud/fr/2022-02/11/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/accroche_cadeau.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
3b11368de3c9b3d7dcde418f19153f9bfc510f607ef83967b584d85895ef9db7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Thu, 10 Feb 2022 16:12:30 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6205396e-149b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5275
visuel_cadeau.jpg
img.remktg.com/ricaud/fr/2022-02/11/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/visuel_cadeau.jpg
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
019cb70b3db1671c65a4d45987bb7012f35e154595606804f3aecc4ac4f10a09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Fri, 11 Feb 2022 10:07:30 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62063562-5ad3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23251
cadeau.gif
img.remktg.com/ricaud/fr/2022-02/11/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/cadeau.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
ba1d2602fdde1d027b66f9ac3cbb6bd13cd28b917e351ee576bd705cc2b47e28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Fri, 11 Feb 2022 16:42:21 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620691ed-1e1a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7706
produita.jpg
img.remktg.com/ricaud/fr/2022-02/11/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/produita.jpg
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
00755363bbc41b15dda61b943b610e3dae60a03cbf3675b6a6907fb9ac139aab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Fri, 11 Feb 2022 15:18:03 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"62067e2b-3549"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13641
produitb.jpg
img.remktg.com/ricaud/fr/2022-02/11/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/produitb.jpg
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
9cd621f03a4377714bf44a17fd5a4e80a1e55822d44bf185895d4a544be00390

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Thu, 10 Feb 2022 16:12:30 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6205396e-38a6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14502
produitc.jpg
img.remktg.com/ricaud/fr/2022-02/11/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/produitc.jpg
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
ff6007d97f64c323398bf1fba3a2a55e7489cfa6230fe3d024c01871910c0e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Thu, 10 Feb 2022 16:12:30 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6205396e-2d60"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11616
ctaa.gif
img.remktg.com/ricaud/fr/2022-02/11/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/ctaa.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
6dbedbc3b0bb433bd49f9f676d8ee5557170d7645061dd4259ece0caba689de9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Thu, 10 Feb 2022 16:13:27 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620539a7-13e3"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5091
ctab.gif
img.remktg.com/ricaud/fr/2022-02/11/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/ctab.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
4465fed7f1dd60a944b2b701d21baa3c28a852e1d51b084ec2865e13f466f728

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Thu, 10 Feb 2022 16:13:26 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620539a6-1466"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5222
ctac.gif
img.remktg.com/ricaud/fr/2022-02/11/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/ctac.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
a96f22082f6bf59792b693f1286a13a0d0126865451851469bc9b3b174149d71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Thu, 10 Feb 2022 16:13:26 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620539a6-1b14"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6932
visuel_conseil.gif
img.remktg.com/ricaud/fr/2022-02/11/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/visuel_conseil.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
e7d5e09b06e42748fa615231ddea71620cd798ffba50e084a99d7abbc7fc701d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Thu, 10 Feb 2022 16:12:30 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6205396e-2664"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9828
conseil.jpg
img.remktg.com/ricaud/fr/2022-02/11/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/11/img/conseil.jpg
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
8ec1978c04dc331e4b5d94e7bfc7107c5a4c8df03862d12d4347ce2c950a4198

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Thu, 10 Feb 2022 16:12:30 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6205396e-566e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22126
txt_footer.gif
img.remktg.com/ricaud/fr/template/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/txt_footer.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
0131b625d78a843a7f305a350990bc4e2a2a7716b4a46bddba8beff9392a09a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Tue, 21 Sep 2021 12:42:32 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6149d338-129e"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4766
av1.gif
img.remktg.com/ricaud/fr/template/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/av1.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
85a98787c3999d5756cf94175b06d218971bd9b2d8cd6a9f5e98fc2edf83a786

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Tue, 21 Sep 2021 12:42:33 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6149d339-853"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2131
av2.gif
img.remktg.com/ricaud/fr/template/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/av2.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
771095f000a2d6b1675d60e9914c4ebf15ce463b518b343babb1df5815376330

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Tue, 21 Sep 2021 12:42:33 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6149d339-8e1"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2273
av3.gif
img.remktg.com/ricaud/fr/template/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/av3.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
0012f6cdf0673a047e9b1a11c88560f7e8704916e8812423c5e88e922678933f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Last-Modified
Tue, 21 Sep 2021 12:42:33 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6149d339-904"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2308
/
www.ricaud.com/fr-fr/
Redirect Chain
  • https://ricaud.commander1.com/c3/?tcs=2333&chn=NewsProspects&src=medianoe&med=email-paid&cmp=frfr-dpr-boucle-prm-email&pub=2022-02-16-multi-multi-emailprm-offer&url=https://www.ricaud.com/fr-fr/?ut...
  • https://ricaud.commander1.com/c3/?firsttime=1&tcs=2333&chn=NewsProspects&src=medianoe&med=email-paid&cmp=frfr-dpr-boucle-prm-email&pub=2022-02-16-multi-multi-emailprm-offer&url=https://www.ricaud.c...
  • https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-16-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-16-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
H2
Server
45.60.64.60 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Date
Wed, 16 Feb 2022 05:28:30 GMT
Server
web
location
https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-16-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
text/html
p.gif
m.welcome-email.com/tr/ 		42 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://m.welcome-email.com/tr/p.gif?uid=7342283865&mid=652162629&msd=1644986172295&s=BKCNLNMPADAMNCNC&st=
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
Protocol
HTTP/1.1
Server
91.192.43.154 , Germany, ASN15960 (GLOBALACCESS, DE),
Reverse DNS
Software
WebServer /
Resource Hash
492b292fd4e408db92b71f2c83f609203f9f716c9d7cdb35c3e663f1f8ca72ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw71?sigreq=1618380162
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 05:28:30 GMT
Expires
Wed Feb 9 0:19:49 CET 2000
Server
WebServer
Connection
close
Content-Length
42
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

8 Cookies

Domain/Path Name / Value
m.welcome-email.com/ Name: ECM
Value: 21DB988A69CAC4B045A13B1CFFD97E5E
.ricaud.commander1.com/ Name: tc_cj_v2
Value: h%202.j-%2A.%2B%20%7D%2F.ZZZ%28%20~%24%7B%29%2A%20ZZZKPNNSRSMKJJJJZZZ%5Dfc%5De
.ricaud.commander1.com/ Name: tc_cj_v2_cmp
Value: %21-%21-G~%2B-G%7C%2A0%7D%27%20G%2B-%28G%20%28%7B%24%27
.ricaud.commander1.com/ Name: tc_cj_v2_med
Value: %20%28%7B%24%27G%2B%7B%24~
.commander1.com/ Name: TCID
Value: 202202160628306771228715
.ricaud.commander1.com/ Name: TCSESSION
Value: 202202160628308812223068
.ricaud.commander1.com/ Name: TCREDIRECT
Value: 1
.ricaud.commander1.com/ Name: TCREDIRECT_DEDUP
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.remktg.com
m.welcome-email.com
ricaud.commander1.com
www.ricaud.com
13.36.220.215
195.154.170.50
45.60.64.60
91.192.43.154
0012f6cdf0673a047e9b1a11c88560f7e8704916e8812423c5e88e922678933f
00755363bbc41b15dda61b943b610e3dae60a03cbf3675b6a6907fb9ac139aab
0131b625d78a843a7f305a350990bc4e2a2a7716b4a46bddba8beff9392a09a5
019cb70b3db1671c65a4d45987bb7012f35e154595606804f3aecc4ac4f10a09
3b11368de3c9b3d7dcde418f19153f9bfc510f607ef83967b584d85895ef9db7
4465fed7f1dd60a944b2b701d21baa3c28a852e1d51b084ec2865e13f466f728
492b292fd4e408db92b71f2c83f609203f9f716c9d7cdb35c3e663f1f8ca72ff
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57ba09b96dfd1087c48a8e67574a786b046f4de44f37a33d6f86ad1ace146d9f
6dbedbc3b0bb433bd49f9f676d8ee5557170d7645061dd4259ece0caba689de9
771095f000a2d6b1675d60e9914c4ebf15ce463b518b343babb1df5815376330
7c348d427d10f1c1356cd69ec626d58858f9feba8ca48d0a24ba13cbe1f84c98
85a98787c3999d5756cf94175b06d218971bd9b2d8cd6a9f5e98fc2edf83a786
8ec1978c04dc331e4b5d94e7bfc7107c5a4c8df03862d12d4347ce2c950a4198
97e3dab77d984185d8ac9938d7b2d3b95a627127894e6ecf8cb1abe38bb72086
9cd621f03a4377714bf44a17fd5a4e80a1e55822d44bf185895d4a544be00390
a96f22082f6bf59792b693f1286a13a0d0126865451851469bc9b3b174149d71
ba1d2602fdde1d027b66f9ac3cbb6bd13cd28b917e351ee576bd705cc2b47e28
cb3f4c549fb2dff8d5147ca93cd03fb224108b37a838ab878c84b23f51573302
cd25b22f8f574e36fcec541a41102a7b4e53c93b2152e097c225461497985365
dd71942414d0d786f8a3f9f047bdf4780b66bf70b984578650c6b8b29e5902ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d5e09b06e42748fa615231ddea71620cd798ffba50e084a99d7abbc7fc701d
ff6007d97f64c323398bf1fba3a2a55e7489cfa6230fe3d024c01871910c0e3f