urlscan.io logo urlscan.io
SecurityTrails logo

m.welcome-email.com Open in urlscan Pro
91.192.43.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://m.welcome-email.com/re?l=BD0Iasa6qzI3dfemhlIkzus9zygI0&u=http%3A%2F%2Fm.welcome-email.com%2Fpublic%2Fread_message.js...
Effective URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Submission: On February 20 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 25 HTTP transactions. The main IP is 91.192.43.152, located in Germany and belongs to GLOBALACCESS, DE. The main domain is m.welcome-email.com.
This is the only time m.welcome-email.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 91.192.43.152 15960 (GLOBALACCESS)
22 195.154.170.50 12876 (Online SAS)
2 2 13.36.220.215 16509 (AMAZON-02)
1 45.60.64.60 19551 (INCAPSULA)
25 3
Apex Domain
Subdomains		 Transfer
22 remktg.com
img.remktg.com
280 KB
4 welcome-email.com
m.welcome-email.com
21 KB
2 commander1.com
ricaud.commander1.com — Cisco Umbrella Rank: 519812
3 KB
1 ricaud.com
www.ricaud.com
25 4
Domain Requested by
22 img.remktg.com m.welcome-email.com
4 m.welcome-email.com 2 redirects m.welcome-email.com
2 ricaud.commander1.com 2 redirects
1 www.ricaud.com m.welcome-email.com
25 4

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Frame ID: D8EACA3FDEC5CF26D104019AD55B7C0C
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dr Pierre Ricaud

Page URL History Show full URLs

  1. http://m.welcome-email.com/re?l=BD0Iasa6qzI3dfemhlIkzus9zygI0&u=http%3A%2F%2Fm.welcome-email.com%2Fpubl... HTTP 302
    http://m.welcome-email.com/public/read_message.jsp?tsp=1645332144730&custid=6765&uid=7342283865&sig=ENM... HTTP 302
    http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494 Page URL

Page Statistics

25
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

300 kB
Transfer

294 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://m.welcome-email.com/re?l=BD0Iasa6qzI3dfemhlIkzus9zygI0&u=http%3A%2F%2Fm.welcome-email.com%2Fpublic%2Fread_message.jsp%3Ftsp%3D1645332144730%26custid%3D6765%26uid%3D7342283865%26sig%3DENMLBMBBCKPPIDIE%26mid%3D652166315&s=AHODDENFMCCEPKII HTTP 302
    http://m.welcome-email.com/public/read_message.jsp?tsp=1645332144730&custid=6765&uid=7342283865&sig=ENMLBMBBCKPPIDIE&mid=652166315 HTTP 302
    http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://ricaud.commander1.com/c3/?tcs=2333&chn=NewsProspects&src=medianoe&med=email-paid&cmp=frfr-dpr-boucle-prm-email&pub=2022-02-20-multi-multi-emailprm-offer&url=https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-20-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet HTTP 302
  • https://ricaud.commander1.com/c3/?firsttime=1&tcs=2333&chn=NewsProspects&src=medianoe&med=email-paid&cmp=frfr-dpr-boucle-prm-email&pub=2022-02-20-multi-multi-emailprm-offer&url=https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-20-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet HTTP 302
  • https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-20-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request read_message.jsp;jsessionid=0;apw67
m.welcome-email.com/public/
Redirect Chain
  • http://m.welcome-email.com/re?l=BD0Iasa6qzI3dfemhlIkzus9zygI0&u=http%3A%2F%2Fm.welcome-email.com%2Fpublic%2Fread_message.jsp%3Ftsp%3D1645332144730%26custid%3D6765%26uid%3D7342283865%26sig%3DENMLBMB...
  • http://m.welcome-email.com/public/read_message.jsp?tsp=1645332144730&custid=6765&uid=7342283865&sig=ENMLBMBBCKPPIDIE&mid=652166315
  • http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
91.192.43.152 , Germany, ASN15960 (GLOBALACCESS, DE),
Reverse DNS
Software
WebServer /
Resource Hash
de75d2b623a3c49a355bc566b612e44c753b835778582af71e2c1135054d20d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 20 Feb 2022 05:29:42 GMT
Server
WebServer
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Feature-Policy
autoplay 'self'; camera 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self';
X-Content-Type-Options
nosniff
P3P
CP="CAO PSA OUR"
Expires
Sat, 19 Feb 2022 05:29:42 GMT
Pragma
no-cache
Cache-control
max-age=0, private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Type
text/html;charset=UTF-8
Keep-Alive
timeout=2, max=1
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Date
Sun, 20 Feb 2022 05:29:42 GMT
Server
WebServer
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Feature-Policy
autoplay 'self'; camera 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self';
X-Content-Type-Options
nosniff
Location
http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Content-Length
0
Connection
close
logo.gif
img.remktg.com/ricaud/fr/template/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/logo.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
dd71942414d0d786f8a3f9f047bdf4780b66bf70b984578650c6b8b29e5902ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Tue, 21 Sep 2021 12:42:33 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6149d339-b40"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2880
visage.gif
img.remktg.com/ricaud/fr/template/img/ 		562 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/visage.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
cd25b22f8f574e36fcec541a41102a7b4e53c93b2152e097c225461497985365

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
ETag
"232-5cc80bdccf4c2"
Last-Modified
Tue, 21 Sep 2021 12:43:15 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
562
maquillage.gif
img.remktg.com/ricaud/fr/template/img/ 		472 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/maquillage.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
7c348d427d10f1c1356cd69ec626d58858f9feba8ca48d0a24ba13cbe1f84c98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
ETag
"1d8-5cc80bdccf4c2"
Last-Modified
Tue, 21 Sep 2021 12:43:15 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
472
corpsetcheveux.gif
img.remktg.com/ricaud/fr/template/img/ 		580 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/corpsetcheveux.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
cb3f4c549fb2dff8d5147ca93cd03fb224108b37a838ab878c84b23f51573302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
ETag
"244-5cc80bdb749b7"
Last-Modified
Tue, 21 Sep 2021 12:43:14 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
580
lamarque.gif
img.remktg.com/ricaud/fr/template/img/ 		415 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/lamarque.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
97e3dab77d984185d8ac9938d7b2d3b95a627127894e6ecf8cb1abe38bb72086

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
ETag
"19f-5cc80bdb7b718"
Last-Modified
Tue, 21 Sep 2021 12:43:14 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
415
pxl.gif
img.remktg.com/ricaud/fr/2022-02/14/img/ 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/pxl.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
ETag
"2b-5d7f7ba6f161f"
Last-Modified
Mon, 14 Feb 2022 10:17:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
gif.php
img.remktg.com/ricaud/fr/2022-02/12/EmailCountdown/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/12/EmailCountdown/gif.php?time=2022-02-20+23:59:59
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PHP/5.5.9-1ubuntu4.29, PleskLin
Resource Hash
734d82235af359bb01760fad9aa1a184811ef39640534bac0a22ac54bac1e9c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Sun, 20 Feb 2022 05:29:43 GMT
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.29, PleskLin
Transfer-Encoding
chunked
Content-Type
image/jpg
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
visua.jpg
img.remktg.com/ricaud/fr/2022-02/14/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/visua.jpg
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
ce492c871336b16613634927249377046a0766afc5c9bcea7b73bb8898a725f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Mon, 14 Feb 2022 10:17:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620a2c4c-4c41"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19521
soldes.jpg
img.remktg.com/ricaud/fr/2022-02/14/img/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/soldes.jpg
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
bf5eb6920504d916f9b1f46ae2f6edb6e0beb568f604e472674c2d30bd843a4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Mon, 14 Feb 2022 10:17:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620a2c4c-a45d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42077
visub.jpg
img.remktg.com/ricaud/fr/2022-02/14/img/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/visub.jpg
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
24ed48759cbdf6c5b5559fcb924cdac30f04bb26fec17dcd5cc4e5e36780d19b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Mon, 14 Feb 2022 10:17:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620a2c4c-5ede"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24286
cta.gif
img.remktg.com/ricaud/fr/2022-02/14/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/cta.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
7bbf8fc669a200f8cdd5112544d516f0f75d638df99c9d4f3ffbce5d848cba20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Mon, 14 Feb 2022 10:17:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620a2c4c-7de"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2014
produita.jpg
img.remktg.com/ricaud/fr/2022-02/14/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/produita.jpg
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
c3247aca18f5e8354700e502edeffd637e28027aeac2a7a5c640f4afe4bfae93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Mon, 14 Feb 2022 10:17:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620a2c4c-328e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12942
produitb.jpg
img.remktg.com/ricaud/fr/2022-02/14/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/produitb.jpg
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
f6d3553bf4e4e10a3a0b6896e34664be5bb169cc7dae4378dc0f54afffbd4ca8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Tue, 15 Feb 2022 10:58:00 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620b8738-341c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13340
produitc.jpg
img.remktg.com/ricaud/fr/2022-02/14/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/produitc.jpg
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
8d0b2843d8e70e9eff76508cb371f82c46d766060a530a6cc886656cf9e0eec4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Mon, 14 Feb 2022 10:17:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620a2c4c-2659"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9817
ctaa.gif
img.remktg.com/ricaud/fr/2022-02/14/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/ctaa.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
82f075e41252cad96abd1f6f2d0054098a6b939f6374b9758e3894aca17b3fc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Mon, 14 Feb 2022 10:17:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620a2c4c-141a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5146
ctab.gif
img.remktg.com/ricaud/fr/2022-02/14/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/ctab.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
377fd177e5c299f5974a40f7212df7267bef882dd8b5c29a8dc3eabd58a96ed7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Mon, 14 Feb 2022 10:17:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620a2c4c-140a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5130
ctac.gif
img.remktg.com/ricaud/fr/2022-02/14/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/ctac.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
fbfcfa33abcd40f32090d8a69445669139e29667d5129b074f69e0bbefe3029a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Mon, 14 Feb 2022 10:17:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620a2c4c-13f8"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5112
bandeau_cadeau.gif
img.remktg.com/ricaud/fr/2022-02/14/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/2022-02/14/img/bandeau_cadeau.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
c776b5bd9770e3c987e0b1a3ef675ebf09e0ef6812d16e0a598eee6fc660460d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Tue, 15 Feb 2022 14:52:44 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"620bbe3c-10eb"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4331
txt_footer.gif
img.remktg.com/ricaud/fr/template/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/txt_footer.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
0131b625d78a843a7f305a350990bc4e2a2a7716b4a46bddba8beff9392a09a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Tue, 21 Sep 2021 12:42:32 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6149d338-129e"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4766
av1.gif
img.remktg.com/ricaud/fr/template/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/av1.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
85a98787c3999d5756cf94175b06d218971bd9b2d8cd6a9f5e98fc2edf83a786

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Tue, 21 Sep 2021 12:42:33 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6149d339-853"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2131
av2.gif
img.remktg.com/ricaud/fr/template/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/av2.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
771095f000a2d6b1675d60e9914c4ebf15ce463b518b343babb1df5815376330

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Tue, 21 Sep 2021 12:42:33 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6149d339-8e1"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2273
av3.gif
img.remktg.com/ricaud/fr/template/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.remktg.com/ricaud/fr/template/img/av3.gif
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
195.154.170.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-170-50.rev.poneytelecom.eu
Software
nginx / PleskLin
Resource Hash
0012f6cdf0673a047e9b1a11c88560f7e8704916e8812423c5e88e922678933f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Last-Modified
Tue, 21 Sep 2021 12:42:33 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6149d339-904"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2308
/
www.ricaud.com/fr-fr/
Redirect Chain
  • https://ricaud.commander1.com/c3/?tcs=2333&chn=NewsProspects&src=medianoe&med=email-paid&cmp=frfr-dpr-boucle-prm-email&pub=2022-02-20-multi-multi-emailprm-offer&url=https://www.ricaud.com/fr-fr/?ut...
  • https://ricaud.commander1.com/c3/?firsttime=1&tcs=2333&chn=NewsProspects&src=medianoe&med=email-paid&cmp=frfr-dpr-boucle-prm-email&pub=2022-02-20-multi-multi-emailprm-offer&url=https://www.ricaud.c...
  • https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-20-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-20-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
H2
Server
45.60.64.60 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Date
Sun, 20 Feb 2022 05:29:43 GMT
Server
web
location
https://www.ricaud.com/fr-fr/?utm_source=medianoe&utm_medium=email-paid&utm_campaign=frfr-dpr-boucle-prm-email&utm_content=2022-02-20-multi-multi-emailprm-offer&shop=prm&utm_term=priceplanet
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
text/html
p.gif
m.welcome-email.com/tr/ 		42 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://m.welcome-email.com/tr/p.gif?uid=7342283865&mid=652166315&msd=1645331585782&s=NLIPGJJLKKJKBDIF&st=
Requested by
Host: m.welcome-email.com
URL: http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
Protocol
HTTP/1.1
Server
91.192.43.152 , Germany, ASN15960 (GLOBALACCESS, DE),
Reverse DNS
Software
WebServer /
Resource Hash
492b292fd4e408db92b71f2c83f609203f9f716c9d7cdb35c3e663f1f8ca72ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://m.welcome-email.com/public/read_message.jsp;jsessionid=0;apw67?sigreq=1510711494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 05:29:42 GMT
Expires
Wed Feb 9 0:19:49 CET 2000
Server
WebServer
Connection
close
Content-Length
42
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

8 Cookies

Domain/Path Name / Value
m.welcome-email.com/ Name: ECM
Value: 46C4FFE3551FE428EA8276C3F3277D07
.ricaud.commander1.com/ Name: tc_cj_v2
Value: h%202.j-%2A.%2B%20%7D%2F.ZZZ%28%20~%24%7B%29%2A%20ZZZKPNOMMNSRMJJJZZZ%5Dfc%5De
.ricaud.commander1.com/ Name: tc_cj_v2_cmp
Value: %21-%21-G~%2B-G%7C%2A0%7D%27%20G%2B-%28G%20%28%7B%24%27
.ricaud.commander1.com/ Name: tc_cj_v2_med
Value: %20%28%7B%24%27G%2B%7B%24~
.commander1.com/ Name: TCID
Value: 20220220062943462422277
.ricaud.commander1.com/ Name: TCSESSION
Value: 202202200629439803653835
.ricaud.commander1.com/ Name: TCREDIRECT
Value: 1
.ricaud.commander1.com/ Name: TCREDIRECT_DEDUP
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.remktg.com
m.welcome-email.com
ricaud.commander1.com
www.ricaud.com
13.36.220.215
195.154.170.50
45.60.64.60
91.192.43.152
0012f6cdf0673a047e9b1a11c88560f7e8704916e8812423c5e88e922678933f
0131b625d78a843a7f305a350990bc4e2a2a7716b4a46bddba8beff9392a09a5
24ed48759cbdf6c5b5559fcb924cdac30f04bb26fec17dcd5cc4e5e36780d19b
377fd177e5c299f5974a40f7212df7267bef882dd8b5c29a8dc3eabd58a96ed7
492b292fd4e408db92b71f2c83f609203f9f716c9d7cdb35c3e663f1f8ca72ff
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
734d82235af359bb01760fad9aa1a184811ef39640534bac0a22ac54bac1e9c2
771095f000a2d6b1675d60e9914c4ebf15ce463b518b343babb1df5815376330
7bbf8fc669a200f8cdd5112544d516f0f75d638df99c9d4f3ffbce5d848cba20
7c348d427d10f1c1356cd69ec626d58858f9feba8ca48d0a24ba13cbe1f84c98
82f075e41252cad96abd1f6f2d0054098a6b939f6374b9758e3894aca17b3fc0
85a98787c3999d5756cf94175b06d218971bd9b2d8cd6a9f5e98fc2edf83a786
8d0b2843d8e70e9eff76508cb371f82c46d766060a530a6cc886656cf9e0eec4
97e3dab77d984185d8ac9938d7b2d3b95a627127894e6ecf8cb1abe38bb72086
bf5eb6920504d916f9b1f46ae2f6edb6e0beb568f604e472674c2d30bd843a4e
c3247aca18f5e8354700e502edeffd637e28027aeac2a7a5c640f4afe4bfae93
c776b5bd9770e3c987e0b1a3ef675ebf09e0ef6812d16e0a598eee6fc660460d
cb3f4c549fb2dff8d5147ca93cd03fb224108b37a838ab878c84b23f51573302
cd25b22f8f574e36fcec541a41102a7b4e53c93b2152e097c225461497985365
ce492c871336b16613634927249377046a0766afc5c9bcea7b73bb8898a725f3
dd71942414d0d786f8a3f9f047bdf4780b66bf70b984578650c6b8b29e5902ea
de75d2b623a3c49a355bc566b612e44c753b835778582af71e2c1135054d20d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d3553bf4e4e10a3a0b6896e34664be5bb169cc7dae4378dc0f54afffbd4ca8
fbfcfa33abcd40f32090d8a69445669139e29667d5129b074f69e0bbefe3029a