urlscan.io logo urlscan.io
SecurityTrails logo

mirror.e.newsfid.com Open in urlscan Pro
185.151.189.219  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.e.newsfid.com/c/?t=4c2d075-8ce-8ff-el-4s52a
Effective URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Submission Tags: falconsandbox
Submission: On July 04 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 185.151.189.219, located in France and belongs to ODISO-AS, FR. The main domain is mirror.e.newsfid.com.
TLS certificate: Issued by R3 on June 28th 2022. Valid for: 3 months.
This is the only time mirror.e.newsfid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 185.151.189.219 34993 (ODISO-AS)
18 192.229.220.129 15133 (EDGECAST)
1 2 95.131.136.1 47841 (OXALIDE)
21 3
Apex Domain
Subdomains		 Transfer
19 metaffiliation.com
img.metaffiliation.com — Cisco Umbrella Rank: 39801
action.metaffiliation.com — Cisco Umbrella Rank: 59106
1 MB
3 newsfid.com
t.e.newsfid.com
mirror.e.newsfid.com
21 KB
1 celio.com
cqp.celio.com
2 KB
21 3
Domain Requested by
18 img.metaffiliation.com mirror.e.newsfid.com
2 t.e.newsfid.com 1 redirects mirror.e.newsfid.com
1 cqp.celio.com mirror.e.newsfid.com
1 action.metaffiliation.com 1 redirects
1 mirror.e.newsfid.com
21 5

This site contains links to these domains. Also see Links.

Domain
t.e.newsfid.com
Subject Issuer Validity Valid
mirror.e.newsfid.com
R3		 2022-06-28 -
2022-09-26		 3 months crt.sh
t.e.newsfid.com
R3		 2022-06-28 -
2022-09-26		 3 months crt.sh
img.metaffiliation.com
Gandi Standard SSL CA 2		 2021-12-13 -
2023-01-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Frame ID: E7DBC2FF49C8B819662B908674F4B5A7
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.e.newsfid.com/c/?t=4c2d075-8ce-8ff-el-4s52a HTTP 302
    https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478 Page URL

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

1316 kB
Transfer

1411 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.e.newsfid.com/c/?t=4c2d075-8ce-8ff-el-4s52a HTTP 302
    https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://action.metaffiliation.com/trk.php?taff=P4DE89579C4121B375&r=2133910&r={CACHEBUSTER}&altid={EMAIL} HTTP 302
  • https://cqp.celio.com/trkr.php?taff=P4DE89579C4121B375&r=2133910&r={CACHEBUSTER}&altid={EMAIL}

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mirror.e.newsfid.com/
Redirect Chain
  • https://t.e.newsfid.com/c/?t=4c2d075-8ce-8ff-el-4s52a
  • https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
118 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.151.189.219 , France, ASN34993 (ODISO-AS, FR),
Reverse DNS
mindproxyvip.odiso.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
20b71c6d730fda147bd556acc0634469721730c7b5444184191a5f94c77f4e03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
19877
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:16:08 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000;
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

cache-control
private
content-length
217
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:16:07 GMT
location
https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000;
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
/
t.e.newsfid.com/o/ 		180 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.e.newsfid.com/o/?t=8ce-el-4s52a
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.151.189.219 , France, ASN34993 (ODISO-AS, FR),
Reverse DNS
mindproxyvip.odiso.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:07 GMT
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private
strict-transport-security
max-age=31536000;
content-length
180
mail_27_375_1_0
img.metaffiliation.com/3/56969/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_0
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F05) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F05)
age
2742
etag
"62bc176f-1ceb8"
vary
Accept-Encoding
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
26705
mail_27_375_1_1.jpg
img.metaffiliation.com/3/56969/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_1.jpg
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F23) /
Resource Hash
920d385c7ae78a4481bb500bfba32d472f55e202b0eca530e872b851dac74fc5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F23)
age
2443
etag
"62bc176f-342e"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
13358
mail_27_375_1_2.png
img.metaffiliation.com/3/56969/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_2.png
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F04) /
Resource Hash
cdf7f2c8caba81402c05bb1972f3d0cd63ab1a427d29505cbbc24a8bc69dd525

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F04)
age
2443
etag
"62bc176f-78e"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
1934
mail_27_375_1_3.png
img.metaffiliation.com/3/56969/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_3.png
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F4E) /
Resource Hash
748dfda5aece8ded13f9d01e652245e93b8a168bf79d23cf7ae7ef9ea42b22ba

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F4E)
age
2443
etag
"62bc176f-45b"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
1115
mail_27_375_1_4.png
img.metaffiliation.com/3/56969/ 		928 B
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_4.png
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F06) /
Resource Hash
9ee4bf2071ba6a0ca05a9046bdc5835bf6f651c76f69db2c2869c8bf4bd1d9d4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F06)
age
2443
etag
"62bc176f-3a0"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
928
mail_27_375_1_5.jpg
img.metaffiliation.com/3/56969/ 		228 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_5.jpg
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F05) /
Resource Hash
86c5dc19ff9352262f0c89489e1c6d4aa468c0908628087ccb4d9575dd059918

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F05)
age
2443
etag
"62bc176f-38e8a"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
233098
mail_27_375_1_6.jpg
img.metaffiliation.com/3/56969/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_6.jpg
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F15) /
Resource Hash
6bb202e1a30eaffb898aa5e92a07cc10f0e0dd27799921ed2feff7c88599042b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F15)
age
2443
etag
"62bc176f-afd8"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
45016
mail_27_375_1_7.jpg
img.metaffiliation.com/3/56969/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_7.jpg
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F30) /
Resource Hash
8c808c290f8169e036a888523c8af6569a8c00fb9bae15eed4e653b9deb4b416

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F30)
age
2443
etag
"62bc176f-7e7b"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
32379
mail_27_375_1_8.jpg
img.metaffiliation.com/3/56969/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_8.jpg
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F8B) /
Resource Hash
ecdb35f89aa325679b3e3061bff39d308138aa0061debc1d3ddb3f94b4cfcb45

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F8B)
age
2443
etag
"62bc176f-960b"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
38411
mail_27_375_1_9.jpg
img.metaffiliation.com/3/56969/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_9.jpg
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F4C) /
Resource Hash
42dd8f930bd8327f971f4d4a85596d30914206deb4d741db02430ab11318c2ef

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F4C)
age
369
etag
"62bc176f-26882"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
157826
mail_27_375_1_10.jpg
img.metaffiliation.com/3/56969/ 		330 KB
330 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_10.jpg
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F77) /
Resource Hash
d09b0e78208c4e753564e0affd7310f4e0dbc135c33b6a76fe9785d9422e7bae

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F77)
age
2443
etag
"62bc176f-528a6"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
338086
mail_27_375_1_11.jpg
img.metaffiliation.com/3/56969/ 		209 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_11.jpg
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F54) /
Resource Hash
a9089907fd22cfac659ebc2544e2a2418a9c8d620523bab824b029052b15f1de

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F54)
age
2443
etag
"62bc176f-342fa"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
213754
mail_27_375_1_12.jpg
img.metaffiliation.com/3/56969/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_12.jpg
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F08) /
Resource Hash
01b3163cc6620138c9697ed1e1a50d910b5af88750cab5ff9e3393916d05f3ee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F08)
age
2443
etag
"62bc176f-1bda8"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
114088
mail_27_375_1_13.png
img.metaffiliation.com/3/56969/ 		699 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_13.png
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F08) /
Resource Hash
a4935b23a7808ba806eda301b9f23492ce87f6b79abc8dc1dbb494a89e9e778c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F08)
age
369
etag
"62bc176f-2bb"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
699
mail_27_375_1_14.png
img.metaffiliation.com/3/56969/ 		436 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_14.png
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F65) /
Resource Hash
b83444e6d77af9bf4bc52028fde0235bc5e84fb662e16c6ae9152db3a8135804

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F65)
age
2443
etag
"62bc176f-1b4"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
436
mail_27_375_1_15.png
img.metaffiliation.com/3/56969/ 		270 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_15.png
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F48) /
Resource Hash
48a46edfa86c08e99b988ce565b0621a871e21cae4774ee960cb740454e83494

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F48)
age
2443
etag
"62bc176f-10e"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
270
mail_27_375_1_16.png
img.metaffiliation.com/3/56969/ 		606 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_16.png
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F8B) /
Resource Hash
c725c0d329fa67088362ddc1f439d9ab916c1b2992e1af6ab7d7dde332e37f34

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F8B)
age
2443
etag
"62bc176f-25e"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
606
mail_27_375_1_17.png
img.metaffiliation.com/3/56969/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/3/56969/mail_27_375_1_17.png
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F76) /
Resource Hash
0a690132d871440edc9254ab7908c81ab984397e6de35ded0337168e96904e2e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:16:08 GMT
last-modified
Wed, 29 Jun 2022 09:12:15 GMT
server
ECAcc (paa/6F76)
age
2443
etag
"62bc176f-3261"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
12897
trkr.php
cqp.celio.com/
Redirect Chain
  • https://action.metaffiliation.com/trk.php?taff=P4DE89579C4121B375&r=2133910&r={CACHEBUSTER}&altid={EMAIL}
  • https://cqp.celio.com/trkr.php?taff=P4DE89579C4121B375&r=2133910&r={CACHEBUSTER}&altid={EMAIL}
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cqp.celio.com/trkr.php?taff=P4DE89579C4121B375&r=2133910&r={CACHEBUSTER}&altid={EMAIL}
Requested by
Host: mirror.e.newsfid.com
URL: https://mirror.e.newsfid.com/?eis=BF5QXiUNFFIBfNu8LPE0Qpg74w%7eP9BViOv3xyJrX0BQ&s=328&b=2478
Protocol
HTTP/1.1
Server
95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
front.netaffiliation.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mirror.e.newsfid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 08:16:09 GMT
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D
0.0046048164367676
Connection
close
Pragma
no-cache
X-TRK-PROC
56969
Last-Modified
Mon, 04 Jul 2022 08:16:09 GMT
Server
nginx
X-TRK-DECISION
7
Content-Type
image/gif
Access-Control-Allow-Origin
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV
9

Redirect headers

Date
Mon, 04 Jul 2022 08:16:08 GMT
X-TRK-SRV
9
Server
nginx
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://cqp.celio.com/trkr.php?taff=P4DE89579C4121B375&r=2133910&r={CACHEBUSTER}&altid={EMAIL}
X-TRK-KWK-FP-ERR
action.metaffiliation.com - cqp.celio.com
Connection
close
Access-Control-Allow-Credentials
true
X-TRK-PROC
56969
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

8 Cookies

Domain/Path Name / Value
t.e.newsfid.com/ Name: ASP.NET_SessionId
Value: dn0zp3ao4am3psnlxgm2lefo
t.e.newsfid.com/ Name: SERVERID
Value: mindtrack4.odiso.net
mirror.e.newsfid.com/ Name: ASP.NET_SessionId
Value: 4itv0n32tlad4hehbxqno1n4
mirror.e.newsfid.com/ Name: SERVERID
Value: mindweb3.odiso.net
.celio.com/ Name: neta_ssc
Value: 36d3f3ts98zreo1w28k1qr820j84
.celio.com/ Name: netases_ssc
Value: 36d3f3ts98zreo1w28k1qr820j84
.celio.com/ Name: kwknc_ssc
Value: dp4de89579c4121b375
.celio.com/ Name: kwkncses_ssc
Value: dp4de89579c4121b375

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.metaffiliation.com
cqp.celio.com
img.metaffiliation.com
mirror.e.newsfid.com
t.e.newsfid.com
185.151.189.219
192.229.220.129
95.131.136.1
01b3163cc6620138c9697ed1e1a50d910b5af88750cab5ff9e3393916d05f3ee
0a690132d871440edc9254ab7908c81ab984397e6de35ded0337168e96904e2e
20b71c6d730fda147bd556acc0634469721730c7b5444184191a5f94c77f4e03
42dd8f930bd8327f971f4d4a85596d30914206deb4d741db02430ab11318c2ef
48a46edfa86c08e99b988ce565b0621a871e21cae4774ee960cb740454e83494
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6bb202e1a30eaffb898aa5e92a07cc10f0e0dd27799921ed2feff7c88599042b
748dfda5aece8ded13f9d01e652245e93b8a168bf79d23cf7ae7ef9ea42b22ba
86c5dc19ff9352262f0c89489e1c6d4aa468c0908628087ccb4d9575dd059918
8c808c290f8169e036a888523c8af6569a8c00fb9bae15eed4e653b9deb4b416
920d385c7ae78a4481bb500bfba32d472f55e202b0eca530e872b851dac74fc5
9ee4bf2071ba6a0ca05a9046bdc5835bf6f651c76f69db2c2869c8bf4bd1d9d4
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba
a4935b23a7808ba806eda301b9f23492ce87f6b79abc8dc1dbb494a89e9e778c
a9089907fd22cfac659ebc2544e2a2418a9c8d620523bab824b029052b15f1de
b83444e6d77af9bf4bc52028fde0235bc5e84fb662e16c6ae9152db3a8135804
c725c0d329fa67088362ddc1f439d9ab916c1b2992e1af6ab7d7dde332e37f34
cdf7f2c8caba81402c05bb1972f3d0cd63ab1a427d29505cbbc24a8bc69dd525
d09b0e78208c4e753564e0affd7310f4e0dbc135c33b6a76fe9785d9422e7bae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecdb35f89aa325679b3e3061bff39d308138aa0061debc1d3ddb3f94b4cfcb45