Submitted URL: http://red.slp.conseildesoffres.be/click/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVlZTNhNTYxMTZiYjhfMTEiO30%3D/ampjZCU0MHNreW5...
Effective URL: http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
Submission: On June 18 via api from BE

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 5.135.137.23, located in France and belongs to OVH, FR. The main domain is red.slp.conseildesoffres.be.
This is the only time red.slp.conseildesoffres.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 5.135.137.23 16276 (OVH)
2 13.226.145.139 16509 (AMAZON-02)
1 13.226.152.108 16509 (AMAZON-02)
1 18.202.12.61 16509 (AMAZON-02)
1 5.196.43.158 16276 (OVH)
7 5
Domain Requested by
3 red.slp.conseildesoffres.be 1 redirects red.slp.conseildesoffres.be
2 gallery.mailchimp.com red.slp.conseildesoffres.be
1 red.instant-mail.com red.slp.conseildesoffres.be
1 tracking.lismah.com red.slp.conseildesoffres.be
1 cdn-images.mailchimp.com red.slp.conseildesoffres.be
7 5

This site contains no links.

Subject Issuer Validity Valid
gallery.mailchimp.com
Amazon
2019-07-24 -
2020-08-24
a year crt.sh
cdn-images.mailchimp.com
Amazon
2019-07-26 -
2020-08-26
a year crt.sh
e1.instant-mail.com
Let's Encrypt Authority X3
2020-06-02 -
2020-08-31
3 months crt.sh

This page contains 1 frames:

Primary Page: http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
Frame ID: 6B08D0C2D9145C613EE3FB678A758C3A
Requests: 7 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://red.slp.conseildesoffres.be/click/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVlZTNhNTYxMTZiYjhfMTEiO3... HTTP 302
    http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

7
Requests

57 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

157 kB
Transfer

180 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://red.slp.conseildesoffres.be/click/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVlZTNhNTYxMTZiYjhfMTEiO30%3D/ampjZCU0MHNreW5ldC5iZQ==/20978124/1275323 HTTP 302
    http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Mirror.php
red.slp.conseildesoffres.be/
Redirect Chain
  • http://red.slp.conseildesoffres.be/click/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVlZTNhNTYxMTZiYjhfMTEiO30%3D/ampjZCU0MHNreW5ldC5iZQ==/20978124/1275323
  • http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
29 KB
4 KB
Document
General
Full URL
http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
Protocol
HTTP/1.1
Server
5.135.137.23 , France, ASN16276 (OVH, FR),
Reverse DNS
e10-webmxt.emslip.com
Software
Apache/2.2.22 (Debian) / PHP/5.4.45-0+deb7u13
Resource Hash
2ae6c22e069da077904f400c9f424f23d0c27ac7319a69f8ab489a1aac58964c

Request headers

Host
red.slp.conseildesoffres.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 05:53:48 GMT
Server
Apache/2.2.22 (Debian)
X-Powered-By
PHP/5.4.45-0+deb7u13
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3662
Connection
close
Content-Type
text/html

Redirect headers

Date
Thu, 18 Jun 2020 05:53:48 GMT
Server
Apache/2.2.22 (Debian)
X-Powered-By
PHP/5.4.45-0+deb7u13
Set-Cookie
BMT__beverlymail__data_sendout_5ee3a56116bb8_11=1592459628__jjcd%40skynet.be; expires=Sun, 19-Jul-2020 05:53:48 GMT
Location
http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
25
Connection
close
Content-Type
text/html
1f1a34aa-f0a9-4fbe-9492-c8db918627aa.jpg
gallery.mailchimp.com/a3c13ceeca9e046b14484c46a/images/
65 KB
66 KB
Image
General
Full URL
https://gallery.mailchimp.com/a3c13ceeca9e046b14484c46a/images/1f1a34aa-f0a9-4fbe-9492-c8db918627aa.jpg
Requested by
Host: red.slp.conseildesoffres.be
URL: http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.145.139 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-139.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f32b9a4825a3bb5918f657e0d89ac223980070908a460b8a9d8b8bc1e5bf009d

Request headers

Referer
http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 02:32:07 GMT
Via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
Last-Modified
Wed, 15 Jan 2020 11:24:53 GMT
Server
AmazonS3
Age
12104
ETag
"6bf9e787888185d2ea82b76405ce1234"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
66612
X-Amz-Cf-Id
AqDN-e9p_BvAwfqcJGf0bji1DfsIe2pn6_XdlrtRE4ns-JIXjY2c3w==
fc24944a-f8ba-4c3c-bbc6-aa95b4d960a5.png
gallery.mailchimp.com/a3c13ceeca9e046b14484c46a/images/
82 KB
83 KB
Image
General
Full URL
https://gallery.mailchimp.com/a3c13ceeca9e046b14484c46a/images/fc24944a-f8ba-4c3c-bbc6-aa95b4d960a5.png
Requested by
Host: red.slp.conseildesoffres.be
URL: http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.145.139 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-139.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c811d2fc2d7736d62054bf4e4c987faa4773a72a0eb43ac997569b0c826be1a

Request headers

Referer
http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 02:32:07 GMT
Via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
Last-Modified
Fri, 17 Jan 2020 14:44:47 GMT
Server
AmazonS3
Age
12103
ETag
"ccc76d73dd6c8851233920b5ffec3ede"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
84335
X-Amz-Cf-Id
YmgiBEHpYxZnOvKF05WFZE05VY_f24B0OY9nF-sOfG3n5itUG4TNGg==
couponshadow.png
cdn-images.mailchimp.com/template_images/gallery/
3 KB
4 KB
Image
General
Full URL
https://cdn-images.mailchimp.com/template_images/gallery/couponshadow.png
Requested by
Host: red.slp.conseildesoffres.be
URL: http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.152.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-152-108.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b006e4d75121003465bc8f0cc12938b77e2e59bf45ca9a3099057645273bb10a

Request headers

Referer
http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 04:16:47 GMT
Via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
Last-Modified
Thu, 13 Dec 2018 16:19:09 GMT
Server
AmazonS3
Age
5823
ETag
"df6498b80f840d1c6a3066a7f1127cad"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
3342
X-Amz-Cf-Id
lhOrZ4JGO1wEjXVvD-gdENmY3b7UwXXE9KvF8NPzTS3OHvl2NUHSwQ==
aff_i
tracking.lismah.com/
43 B
466 B
Image
General
Full URL
http://tracking.lismah.com/aff_i?offer_id=4134&file_id=6273&aff_id=1031
Requested by
Host: red.slp.conseildesoffres.be
URL: http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
Protocol
HTTP/1.1
Server
18.202.12.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

Referer
http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Jun 2020 05:53:48 GMT
Server
nginx
tracking_id
10251baf3f39fa3fbbb9dd4c3cd418
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Tune-SDK-Version
Content-Length
43
X-Request-Id
0a18f7627b299af250170317cafcb8ec
Expires
Sat, 26 Jul 1997 05:00:00 GMT
slip
red.instant-mail.com/8801d22f858548040fb0ba7efec981a4/
68 B
231 B
Image
General
Full URL
https://red.instant-mail.com/8801d22f858548040fb0ba7efec981a4/slip
Requested by
Host: red.slp.conseildesoffres.be
URL: http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.196.43.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ip158.ip-5-196-43.eu
Software
nginx/1.14.2 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 05:53:49 GMT
x-content-type-options
nosniff
server
nginx/1.14.2
x-frame-options
DENY
content-type
image/png
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
68
1275323
red.slp.conseildesoffres.be/imp/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVlZTNhNTYxMTZiYjhfMTEiO30%253D/jjcd%40skynet.be/
43 B
451 B
Image
General
Full URL
http://red.slp.conseildesoffres.be/imp/YToxOntzOjM6InRhZyI7czoyOToiZGF0YV9zZW5kb3V0XzVlZTNhNTYxMTZiYjhfMTEiO30%253D/jjcd%40skynet.be/1275323
Requested by
Host: red.slp.conseildesoffres.be
URL: http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
Protocol
HTTP/1.1
Server
5.135.137.23 , France, ASN16276 (OVH, FR),
Reverse DNS
e10-webmxt.emslip.com
Software
Apache/2.2.22 (Debian) / PHP/5.4.45-0+deb7u13
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://red.slp.conseildesoffres.be/Mirror.php?email=jjcd%40skynet.be&sid=1273669
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Jun 2020 05:53:48 GMT
Server
Apache/2.2.22 (Debian)
X-Powered-By
PHP/5.4.45-0+deb7u13
Content-Type
image/gif
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
close
Content-Length
43

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies