links.debonnesaffaires.eu Open in urlscan Pro
80.209.249.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.debonnesaffaires.eu/c/nij/XUd/8_4TIFBrwDP59nydc6xoza/c/Fw08/F/a4cda550
Effective URL:
https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
Submission: On March 28 via api (March 28th 2020, 5:01:41 am UTC) from BE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 4 domains to perform 9 HTTP transactions. The main IP is 80.209.249.242, located in Poland and belongs to IQPL-AS, PL. The main domain is links.debonnesaffaires.eu.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 5th 2020. Valid for: 3 months.

This is the only time links.debonnesaffaires.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	80.209.249.242 80.209.249.242	47544 (IQPL-AS) (IQPL-AS)
1 2	13.69.68.37 13.69.68.37	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 9	160.153.244.152 160.153.244.152	21501 (GODADDY-AMS) (GODADDY-AMS)
1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
1	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
9	5

3 80.209.249.242 (Poland) 2 redirects

ASN47544 (IQPL-AS, PL)
PTR: 80-209-249-242.rev.iq.pl

links.debonnesaffaires.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.68.37 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.ar-mtch1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 160.153.244.152 (Scottsdale, United States) 4 redirects

ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-244-152.ip.secureserver.net

ima.debonnesaffaires.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.2.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

tracking.fanyxswz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	debonnesaffaires.eu 6 redirects links.debonnesaffaires.eu ima.debonnesaffaires.eu	359 KB
2	ar-mtch1.com 1 redirects r.ar-mtch1.com	612 B
1	fanyxswz.com tracking.fanyxswz.com	425 B
1	google-analytics.com www.google-analytics.com	99 B
9	4

	Domain	Requested by
9	ima.debonnesaffaires.eu	4 redirects links.debonnesaffaires.eu
3	links.debonnesaffaires.eu	2 redirects
2	r.ar-mtch1.com	1 redirects links.debonnesaffaires.eu
1	tracking.fanyxswz.com	links.debonnesaffaires.eu
1	www.google-analytics.com	links.debonnesaffaires.eu
9	5

This site contains no links.

Subject Issuer	Validity	Valid
links.debonnesaffaires.eu Let's Encrypt Authority X3	`2020-03-05` - `2020-06-03`	3 months	crt.sh
ima.debonnesaffaires.eu cPanel, Inc. Certification Authority	`2020-03-15` - `2020-06-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.ar-mtch1.com Let's Encrypt Authority X3	`2020-03-23` - `2020-06-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
Frame ID: F31E29586B87E295795CDB11A02F1820
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.debonnesaffaires.eu/c/nij/XUd/8_4TIFBrwDP59nydc6xoza/c/Fw08/F/a4cda550 HTTP 302
https://r.ar-mtch1.com/Redirect?pid=a&chid=Hs&md5=1fce802b2cd1c822661cca01614814d2&sha256=c1de8e4a8... HTTP 302
https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9 Page URL

Page Statistics

9
Requests

89 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

5
Countries

358 kB
Transfer

364 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.debonnesaffaires.eu/c/nij/XUd/8_4TIFBrwDP59nydc6xoza/c/Fw08/F/a4cda550 HTTP 302
https://r.ar-mtch1.com/Redirect?pid=a&chid=Hs&md5=1fce802b2cd1c822661cca01614814d2&sha256=c1de8e4a86342bb9da6aba5c27215a11006521a8ffb970f08219f6e0316977d0&url=https%3a%2f%2flinks.debonnesaffaires.eu%2fv%2fnij%2f8_4TIFBrwDP59nydc6xoza%2f08bab3a9&type=c&list=De+Bonnes+Affaires&esp=F HTTP 302
https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://ima.debonnesaffaires.eu/TVcSTBbywfg3 HTTP 301
https://ima.debonnesaffaires.eu/TVcSTBbywfg3/ HTTP 302
https://www.google-analytics.com/collect?v=1&tid=UA-106010354-1&cid=8&t=event&ec=408-email-C1&ea=open

Request Chain 6

https://ima.debonnesaffaires.eu/3BRzhjsczor2 HTTP 301
https://ima.debonnesaffaires.eu/3BRzhjsczor2/ HTTP 302
http://tracking.fanyxswz.com/aff_i?offer_id=4140&aff_id=1295&file_id=14550&aff_sub=[EMAIL]&aff_sub2=[PRENOM]&aff_sub3=debonnesaffaires&aff_sub4=[NOM]

Request Chain 7

https://links.debonnesaffaires.eu/o/nij/8_4TIFBrwDP59nydc6xoza/Fw08/F/a1659fb9 HTTP 302
https://r.ar-mtch1.com/Redirect?pid=a&chid=Hs&md5=1fce802b2cd1c822661cca01614814d2&sha256=c1de8e4a86342bb9da6aba5c27215a11006521a8ffb970f08219f6e0316977d0&type=o&list=De+Bonnes+Affaires&esp=F

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 08bab3a9 Show response
links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/
Redirect Chain

https://links.debonnesaffaires.eu/c/nij/XUd/8_4TIFBrwDP59nydc6xoza/c/Fw08/F/a4cda550
https://r.ar-mtch1.com/Redirect?pid=a&chid=Hs&md5=1fce802b2cd1c822661cca01614814d2&sha256=c1de8e4a86342bb9da6aba5c27215a11006521a8ffb970f08219f6e0316977d0&url=https%3a%2f%2flinks.debonnesaffaires.e...
https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9

12 KB
4 KB

3138ms
3138ms

Document
text/html

80.209.249.242
IQPL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.209.249.242 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 80-209-249-242.rev.iq.pl
Software: /
Resource Hash: b2d74cdbdb3252ac9818c01aaafcf2ae3073c73089edfb5d3c6ea21a0fc2092d

Request headers

:method: GET
:authority: links.debonnesaffaires.eu
:scheme: https
:path: /v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TEMP_DATA=096b51da-9d92-4be6-b481-c7f65d69db56; esg1=nij/XUd/8_4TIFBrwDP59nydc6xoza/c/Fw08/F/b825939f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 28 Mar 2020 05:01:24 GMT
content-length: 4342

Redirect headers

status: 302
location: https://links.debonnesaffaires.eu:443/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
server: Kestrel
set-cookie: adrakerv2did=SkxY9rpKQDjROKOuNEck63; expires=Sun, 28 Mar 2021 05:01:21 GMT; domain=.ar-mtch1.com; path=/; samesite=none adrakerv2vid=OrgRPZ8dhNuakvzWjOPX9Q; expires=Sun, 28 Mar 2021 05:01:21 GMT; domain=.ar-mtch1.com; path=/; samesite=none
x-powered-by: ASP.NET
date: Sat, 28 Mar 2020 05:01:21 GMT
content-length: 0

GET
H/1.1 200
OK gmLTQ8umMumS.jpg
ima.debonnesaffaires.eu/enwdOPeQTqkP/ 8 KB
8 KB 82ms
20ms Image
image/jpeg 160.153.244.152
GODADDY-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ima.debonnesaffaires.eu/enwdOPeQTqkP/gmLTQ8umMumS.jpg
Requested by: Host: links.debonnesaffaires.eu
URL: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS: ip-160-153-244-152.ip.secureserver.net
Software: Apache /
Resource Hash: 4f55338492066458bd92c9c875932c82ae1e81da60b984b2763e0e6889b438e7

Request headers

Referer: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 28 Mar 2020 05:01:24 GMT
Last-Modified: Fri, 20 Mar 2020 12:58:09 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 8411
Content-Type: image/jpeg

GET
H/1.1 200
OK xBAOTTI26JBM.jpg
ima.debonnesaffaires.eu/enwdOPeQTqkP/ 14 KB
14 KB 87ms
26ms Image
image/jpeg 160.153.244.152
GODADDY-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ima.debonnesaffaires.eu/enwdOPeQTqkP/xBAOTTI26JBM.jpg
Requested by: Host: links.debonnesaffaires.eu
URL: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS: ip-160-153-244-152.ip.secureserver.net
Software: Apache /
Resource Hash: 2672e9ae1198e447570e27606fcd9347d5599e2f9803716e42a7eb9cb65c5e1b

Request headers

Referer: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 28 Mar 2020 05:01:24 GMT
Last-Modified: Fri, 20 Mar 2020 12:58:06 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 14496
Content-Type: image/jpeg

GET
H/1.1 200
OK 4z7pFcwK9nXJ.jpg
ima.debonnesaffaires.eu/enwdOPeQTqkP/ 17 KB
17 KB 81ms
21ms Image
image/jpeg 160.153.244.152
GODADDY-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ima.debonnesaffaires.eu/enwdOPeQTqkP/4z7pFcwK9nXJ.jpg
Requested by: Host: links.debonnesaffaires.eu
URL: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS: ip-160-153-244-152.ip.secureserver.net
Software: Apache /
Resource Hash: 3671d9c28b01984f5940c676743dbb7bd7a6558bce757b2b615a72955fc4aafa

Request headers

Referer: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 28 Mar 2020 05:01:24 GMT
Last-Modified: Fri, 20 Mar 2020 12:58:07 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 17271
Content-Type: image/jpeg

GET
H/1.1 200
OK 1tRGme81yM5t.jpg
ima.debonnesaffaires.eu/enwdOPeQTqkP/ 12 KB
12 KB 82ms
21ms Image
image/jpeg 160.153.244.152
GODADDY-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ima.debonnesaffaires.eu/enwdOPeQTqkP/1tRGme81yM5t.jpg
Requested by: Host: links.debonnesaffaires.eu
URL: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS: ip-160-153-244-152.ip.secureserver.net
Software: Apache /
Resource Hash: 7eec8b6704acd1ceb17afe5059f80c964626781853bdd94d8dabec7063bafc3e

Request headers

Referer: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 28 Mar 2020 05:01:24 GMT
Last-Modified: Fri, 20 Mar 2020 12:58:08 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 12543
Content-Type: image/jpeg

GET
H/1.1 200
OK NZncGlizwDn6.png
ima.debonnesaffaires.eu/enwdOPeQTqkP/ 300 KB
301 KB 87ms
23ms Image
image/png 160.153.244.152
GODADDY-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ima.debonnesaffaires.eu/enwdOPeQTqkP/NZncGlizwDn6.png
Requested by: Host: links.debonnesaffaires.eu
URL: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS: ip-160-153-244-152.ip.secureserver.net
Software: Apache /
Resource Hash: c5d9671be46c6e2ec98a94df797f867b2eb6a3ae1841ff7c1d922cf639f099d2

Request headers

Referer: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 28 Mar 2020 05:01:24 GMT
Last-Modified: Fri, 20 Mar 2020 12:58:08 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 307664
Content-Type: image/png

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

https://ima.debonnesaffaires.eu/TVcSTBbywfg3
https://ima.debonnesaffaires.eu/TVcSTBbywfg3/
https://www.google-analytics.com/collect?v=1&tid=UA-106010354-1&cid=8&t=event&ec=408-email-C1&ea=open

35 B
99 B

5ms
5ms

Image
image/gif

2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&tid=UA-106010354-1&cid=8&t=event&ec=408-email-C1&ea=open

Requested by

Host: links.debonnesaffaires.eu
URL: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Mar 2020 20:03:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1501100
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&tid=UA-106010354-1&cid=8&t=event&ec=408-email-C1&ea=open
Date: Sat, 28 Mar 2020 05:01:25 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

aff_i
tracking.fanyxswz.com/
Redirect Chain

https://ima.debonnesaffaires.eu/3BRzhjsczor2
https://ima.debonnesaffaires.eu/3BRzhjsczor2/
http://tracking.fanyxswz.com/aff_i?offer_id=4140&aff_id=1295&file_id=14550&aff_sub=[EMAIL]&aff_sub2=[PRENOM]&aff_sub3=debonnesaffaires&aff_sub4=[NOM]

43 B
425 B

111ms
49ms

Image
image/gif

52.210.2.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tracking.fanyxswz.com/aff_i?offer_id=4140&aff_id=1295&file_id=14550&aff_sub=[EMAIL]&aff_sub2=[PRENOM]&aff_sub3=debonnesaffaires&aff_sub4=[NOM]
Requested by: Host: links.debonnesaffaires.eu
URL: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
Protocol: HTTP/1.1
Server: 52.210.2.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Mar 2020 05:01:25 GMT
Server: nginx/1.16.1
tracking_id: 10296e6abfa8be2c80bb71c74edf09
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
X-Request-Id: c4efa66822fbcd0fe47dd71994c66b9f
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: http://tracking.fanyxswz.com/aff_i?offer_id=4140&aff_id=1295&file_id=14550&aff_sub=[EMAIL]&aff_sub2=[PRENOM]&aff_sub3=debonnesaffaires&aff_sub4=[NOM]
Date: Sat, 28 Mar 2020 05:01:25 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

Redirect
r.ar-mtch1.com/
Redirect Chain

https://links.debonnesaffaires.eu/o/nij/8_4TIFBrwDP59nydc6xoza/Fw08/F/a1659fb9
https://r.ar-mtch1.com/Redirect?pid=a&chid=Hs&md5=1fce802b2cd1c822661cca01614814d2&sha256=c1de8e4a86342bb9da6aba5c27215a11006521a8ffb970f08219f6e0316977d0&type=o&list=De+Bonnes+Affaires&esp=F

43 B
304 B

24ms
24ms

Image
image/gif

13.69.68.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ar-mtch1.com/Redirect?pid=a&chid=Hs&md5=1fce802b2cd1c822661cca01614814d2&sha256=c1de8e4a86342bb9da6aba5c27215a11006521a8ffb970f08219f6e0316977d0&type=o&list=De+Bonnes+Affaires&esp=F
Requested by: Host: links.debonnesaffaires.eu
URL: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.69.68.37 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://links.debonnesaffaires.eu/v/nij/8_4TIFBrwDP59nydc6xoza/08bab3a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 28 Mar 2020 05:01:24 GMT
cache-control: no-cache, max-age=0
server: Kestrel
x-powered-by: ASP.NET
content-type: image/gif

Redirect headers

status: 302
date: Sat, 28 Mar 2020 05:01:24 GMT
cache-control: private
content-length: 332
location: https://r.ar-mtch1.com/Redirect?pid=a&chid=Hs&md5=1fce802b2cd1c822661cca01614814d2&sha256=c1de8e4a86342bb9da6aba5c27215a11006521a8ffb970f08219f6e0316977d0&type=o&list=De+Bonnes+Affaires&esp=F
content-type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			links.debonnesaffaires.eu/	1969-12-31 23:59:59	Name: esg1 Value: nij/XUd/8_4TIFBrwDP59nydc6xoza/c/Fw08/F/b825939f
			links.debonnesaffaires.eu/	1969-12-31 23:59:59	Name: TEMP_DATA Value: 096b51da-9d92-4be6-b481-c7f65d69db56

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ima.debonnesaffaires.eu
links.debonnesaffaires.eu
r.ar-mtch1.com
tracking.fanyxswz.com
www.google-analytics.com
13.69.68.37
160.153.244.152
2a00:1450:4001:81e::200e
52.210.2.133
80.209.249.242
2672e9ae1198e447570e27606fcd9347d5599e2f9803716e42a7eb9cb65c5e1b
3671d9c28b01984f5940c676743dbb7bd7a6558bce757b2b615a72955fc4aafa
4f55338492066458bd92c9c875932c82ae1e81da60b984b2763e0e6889b438e7
7eec8b6704acd1ceb17afe5059f80c964626781853bdd94d8dabec7063bafc3e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d74cdbdb3252ac9818c01aaafcf2ae3073c73089edfb5d3c6ea21a0fc2092d
c5d9671be46c6e2ec98a94df797f867b2eb6a3ae1841ff7c1d922cf639f099d2

links.debonnesaffaires.eu Open in urlscan Pro 80.209.249.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

9 Requests

89 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

5 IPs

5 Countries

358 kBTransfer

364 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

links.debonnesaffaires.eu Open in urlscan Pro
80.209.249.242 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

5
Countries

358 kB
Transfer

364 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions