urlscan.io logo urlscan.io
SecurityTrails logo

mirror.e.plan-du-net.com Open in urlscan Pro
89.248.209.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.e.plan-du-net.com/c/?t=6891a77-4!x-8qx-3c-c1ela
Effective URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Submission: On December 28 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 89.248.209.41, located in Lambersart, France and belongs to ODISO-AS, FR. The main domain is mirror.e.plan-du-net.com.
This is the only time mirror.e.plan-du-net.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 89.248.211.29 34993 (ODISO-AS)
1 89.248.209.41 34993 (ODISO-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 15 185.199.184.36 205801 (SYNALABS)
2 2 37.252.172.250 29990 (ASN-APPNEXUS)
1 31.24.231.198 13213 (UK2NET-AS)
1 1 95.131.136.18 47841 (OXALIDE)
1 2 95.131.136.1 47841 (OXALIDE)
1 2 52.29.209.52 16509 (AMAZON-02)
18 7
2    89.248.211.29 (Lambersart, France)

ASN34993 (ODISO-AS, FR)
PTR: mindproxy.odiso.net
t.e.plan-du-net.com
1    89.248.209.41 (Lambersart, France)

ASN34993 (ODISO-AS, FR)
mirror.e.plan-du-net.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
15    185.199.184.36 (France)

ASN205801 (SYNALABS, FR)
PTR: vip-185-199-184-36.in.waf.synalabs.net
www.whisky.fr
2    37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    31.24.231.198 (Royal Leamington Spa, United Kingdom)

ASN13213 (UK2NET-AS, GB)
PTR: insight.tradelab.fr
insight.tradelab.fr
1    95.131.136.18 (France)

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net
i.top-plans-voyages.fr
2    95.131.136.1 (France)

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net
action.metaffiliation.com
2    52.29.209.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-209-52.eu-central-1.compute.amazonaws.com
tck.elitrack.com
Domain Requested by
15 www.whisky.fr 3 redirects mirror.e.plan-du-net.com
2 tck.elitrack.com 1 redirects mirror.e.plan-du-net.com
2 action.metaffiliation.com 1 redirects mirror.e.plan-du-net.com
2 ib.adnxs.com 2 redirects
2 t.e.plan-du-net.com 1 redirects mirror.e.plan-du-net.com
1 i.top-plans-voyages.fr 1 redirects
1 insight.tradelab.fr mirror.e.plan-du-net.com
1 fonts.googleapis.com mirror.e.plan-du-net.com
1 mirror.e.plan-du-net.com
18 9

This site contains links to these domains. Also see Links.

Domain
t.e.plan-du-net.com
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.whisky.fr
GlobalSign Domain Validation CA - SHA256 - G2		 2019-05-06 -
2020-05-06		 a year crt.sh
*.elitrack.com
Gandi Standard SSL CA 2		 2019-03-20 -
2020-04-03		 a year crt.sh

This page contains 1 frames:

Primary Page: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Frame ID: EDBC4DDD3AD5D4D87B506FD29AFE8927
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.e.plan-du-net.com/c/?t=6891a77-4!x-8qx-3c-c1ela HTTP 302
    http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

18
Requests

78 %
HTTPS

11 %
IPv6

8
Domains

9
Subdomains

7
IPs

4
Countries

663 kB
Transfer

672 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.e.plan-du-net.com/c/?t=6891a77-4!x-8qx-3c-c1ela HTTP 302
    http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://www.whisky.fr/mailings/conso/2016/num135/marques.gif HTTP 302
  • https://www.whisky.fr/mailings/conso/2016/num135/marques.gif
Request Chain 10
  • http://www.whisky.fr/mailings/conso/2016/base/foot1.jpg HTTP 302
  • https://www.whisky.fr/mailings/conso/2016/base/foot1.jpg
Request Chain 13
  • http://www.whisky.fr/mailings/conso/2015/base/bg-label-mw.jpg HTTP 302
  • https://www.whisky.fr/mailings/conso/2015/base/bg-label-mw.jpg
Request Chain 14
  • https://ib.adnxs.com/getuid?http://insight.tradelab.fr/emailopen.php?uid=$UID&email=NULL&seg=12088660&advid=894413 HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Finsight.tradelab.fr%2Femailopen.php%3Fuid%3D%24UID%26email%3DNULL%26seg%3D12088660%26advid%3D894413 HTTP 302
  • http://insight.tradelab.fr/emailopen.php?uid=2241531028832568523&email=NULL&seg=12088660&advid=894413
Request Chain 15
  • http://i.top-plans-voyages.fr/c?taff=P313256C9D121163&r=7386313&r={CACHEBUSTER}&altid={EMAIL} HTTP 302
  • http://action.metaffiliation.com/trk.php?taff=P313256C9D121163&r=7386313&r={CACHEBUSTER}&altid={EMAIL}&__nadom=i.top-plans-voyages.fr
Request Chain 16
  • https://action.metaffiliation.com/trk.php?mann=P313256C9D121163 HTTP 302
  • https://tck.elitrack.com/impression?aid=e78f10150bcf2a3c81c4e4135539126b&utm_source=Affiliation&utm_medium=email&utm_campaign=444881&rand=5899153979509632475&sce=60&subid= HTTP 302
  • https://tck.elitrack.com/images/pixel.png

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
mirror.e.plan-du-net.com/
Redirect Chain
  • http://t.e.plan-du-net.com/c/?t=6891a77-4!x-8qx-3c-c1ela
  • http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
HTTP/1.1
Server
89.248.209.41 Lambersart, France, ASN34993 (ODISO-AS, FR),
Reverse DNS
Software
/
Resource Hash
8182971b1c32c62411bd54bb8d9126378bbe34b8e40afd7bbdfdd2c1a8296dc5

Request headers

Host
mirror.e.plan-du-net.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=bgoaqwfygebhaa554sj5u3mv; path=/; HttpOnly SERVERID=server2; path=/
Date
Sat, 28 Dec 2019 23:03:52 GMT
Content-Length
6511
X-Robots-Tag
noindex

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Set-Cookie
ASP.NET_SessionId=krmxpjzunb3ya2zfkopqomk4; path=/; HttpOnly
Date
Sat, 28 Dec 2019 23:03:52 GMT
Content-Length
196
css
fonts.googleapis.com/ 		461 B
401 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Shadows+Into+Light
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1183812eaab0458cf831843ea466bfaf5f60602478f17737596f00b6350daf25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 28 Dec 2019 23:03:53 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 28 Dec 2019 23:03:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sat, 28 Dec 2019 23:03:53 GMT
/
t.e.plan-du-net.com/o/ 		180 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t.e.plan-du-net.com/o/?t=4!x-3c-c1ela
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
HTTP/1.1
Server
89.248.211.29 Lambersart, France, ASN34993 (ODISO-AS, FR),
Reverse DNS
mindproxy.odiso.net
Software
/
Resource Hash
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 23:03:52 GMT
Cache-Control
private
Content-Length
180
Content-Type
image/png
logo-news.jpg
www.whisky.fr/mailings/conso/2016/base/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr/mailings/conso/2016/base/logo-news.jpg
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
061d7acab2910bbd3d893e201bd0c5c737c2d4675eb859d542e150413e90e314
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 May 2016 13:08:54 GMT
etag
"5517"
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21783
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT
KV2.jpg
www.whisky.fr/mailings/conso/2019/num207-fred/ 		346 KB
346 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr/mailings/conso/2019/num207-fred/KV2.jpg
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
620dfc9d852f95e838727da6b9eceb06b8389c42f0242f010178e26c628614f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Dec 2019 14:27:43 GMT
etag
"5663b"
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
353851
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT
ban1.jpg
www.whisky.fr/mailings/conso/2019/num207-fred/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr/mailings/conso/2019/num207-fred/ban1.jpg
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
96f8a16523ac908444263e0b28cdd7dea19ac23312849a4f2949dd55cc1e59d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 09:57:37 GMT
etag
"dd0b"
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
56587
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT
verres.jpg
www.whisky.fr/mailings/conso/2019/num202/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr/mailings/conso/2019/num202/verres.jpg
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
8c9d8782139da183a013a28d688c0ff5a63b65dc1ced419bf34ab63a3e7edd42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 06 Dec 2019 10:20:05 GMT
etag
"9859"
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
39001
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT
_60-2.jpg
www.whisky.fr//mailings/conso/2019/num183/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr//mailings/conso/2019/num183/_60-2.jpg
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
2e068becae10c3f4b158b8b1c9aeb569e63ff706a13fe72f93dbac59c26f7fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 06 Nov 2019 17:44:13 GMT
etag
"6117"
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24855
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT
coffrets-cadeaux2f.png
www.whisky.fr/mailings/conso/2019/num186-fred/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr/mailings/conso/2019/num186-fred/coffrets-cadeaux2f.png
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
70fed6aa95de3e1a223fa3ab10e755b316c4271ed5058386f7e5b96618454a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Nov 2019 13:23:02 GMT
etag
"17c55"
vary
User-Agent
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
97365
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT
ban-gift-finder2.jpg
www.whisky.fr//mailings/conso/2019/num183/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr//mailings/conso/2019/num183/ban-gift-finder2.jpg
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
0fd972a420a4abe631757136a3fb3475ea1606ce5bc1bede907f95fdf6b9d70e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 06 Nov 2019 17:20:43 GMT
etag
"547d"
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21629
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT
marques.gif
www.whisky.fr/mailings/conso/2016/num135/
Redirect Chain
  • http://www.whisky.fr/mailings/conso/2016/num135/marques.gif
  • https://www.whisky.fr/mailings/conso/2016/num135/marques.gif
35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr/mailings/conso/2016/num135/marques.gif
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
f9a97de6efb78d972ce3da54be2bfbc76891192c4949388d8e962c30b3c1b2cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Dec 2016 08:59:18 GMT
etag
"8d97"
vary
User-Agent
content-type
image/gif
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
36247
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT

Redirect headers

Location
https://www.whisky.fr/mailings/conso/2016/num135/marques.gif
Cache-Control
no-cache
Transfer-encoding
chunked
foot1.jpg
www.whisky.fr/mailings/conso/2016/base/
Redirect Chain
  • http://www.whisky.fr/mailings/conso/2016/base/foot1.jpg
  • https://www.whisky.fr/mailings/conso/2016/base/foot1.jpg
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr/mailings/conso/2016/base/foot1.jpg
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
df2f5958f383090d9bac2d7c8b2c95e70de911b4f5f942ff5fb088480f4385ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 May 2016 13:45:53 GMT
etag
"999"
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2457
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT

Redirect headers

Location
https://www.whisky.fr/mailings/conso/2016/base/foot1.jpg
Cache-Control
no-cache
Transfer-encoding
chunked
camion.jpg
www.whisky.fr/mailings/conso/2018/num075/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr/mailings/conso/2018/num075/camion.jpg
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
fc3a123570c044d6fa5f0d155c09f124f74e2a6ded115f73bed0181ca4e27a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Jun 2018 16:34:02 GMT
etag
"a7f"
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2687
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT
avisv.jpg
www.whisky.fr/mailings/conso/2018/num020/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr/mailings/conso/2018/num020/avisv.jpg
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
67f75f521eb26ff9d94f9f6580551c829397c37c8475afd34241c75c7025b3fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 02 Feb 2018 15:25:22 GMT
etag
"ef0"
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3824
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT
bg-label-mw.jpg
www.whisky.fr/mailings/conso/2015/base/
Redirect Chain
  • http://www.whisky.fr/mailings/conso/2015/base/bg-label-mw.jpg
  • https://www.whisky.fr/mailings/conso/2015/base/bg-label-mw.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whisky.fr/mailings/conso/2015/base/bg-label-mw.jpg
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.184.36 , France, ASN205801 (SYNALABS, FR),
Reverse DNS
vip-185-199-184-36.in.waf.synalabs.net
Software
/
Resource Hash
a391e18f317d0efe81441878c2dc51bf0f9bfff5c2bc0ff07f3ab6a4e22f11ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 23:03:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Feb 2015 10:46:41 GMT
etag
"1651"
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5713
x-xss-protection
1; mode=block
expires
Sun, 27 Dec 2020 23:03:53 GMT

Redirect headers

Location
https://www.whisky.fr/mailings/conso/2015/base/bg-label-mw.jpg
Cache-Control
no-cache
Transfer-encoding
chunked
emailopen.php
insight.tradelab.fr/
Redirect Chain
  • https://ib.adnxs.com/getuid?http://insight.tradelab.fr/emailopen.php?uid=$UID&email=NULL&seg=12088660&advid=894413
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Finsight.tradelab.fr%2Femailopen.php%3Fuid%3D%24UID%26email%3DNULL%26seg%3D12088660%26advid%3D894413
  • http://insight.tradelab.fr/emailopen.php?uid=2241531028832568523&email=NULL&seg=12088660&advid=894413
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://insight.tradelab.fr/emailopen.php?uid=2241531028832568523&email=NULL&seg=12088660&advid=894413
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
HTTP/1.1
Server
31.24.231.198 Royal Leamington Spa, United Kingdom, ASN13213 (UK2NET-AS, GB),
Reverse DNS
insight.tradelab.fr
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 23:03:53 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=3, max=100
Content-Length
42
Vary
User-Agent
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 28 Dec 2019 23:03:55 GMT
AN-X-Request-Uuid
44aa5dfb-fa75-4019-8da5-0933241804b9
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
http://insight.tradelab.fr/emailopen.php?uid=2241531028832568523&email=NULL&seg=12088660&advid=894413
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
109.236.81.139; 109.236.81.139; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.207:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.php
action.metaffiliation.com/
Redirect Chain
  • http://i.top-plans-voyages.fr/c?taff=P313256C9D121163&r=7386313&r={CACHEBUSTER}&altid={EMAIL}
  • http://action.metaffiliation.com/trk.php?taff=P313256C9D121163&r=7386313&r={CACHEBUSTER}&altid={EMAIL}&__nadom=i.top-plans-voyages.fr
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://action.metaffiliation.com/trk.php?taff=P313256C9D121163&r=7386313&r={CACHEBUSTER}&altid={EMAIL}&__nadom=i.top-plans-voyages.fr
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
HTTP/1.1
Server
95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
front.netaffiliation.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 23:03:53 GMT
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D
0.0023860931396484
Connection
close
Pragma
no-cache
X-TRK-PROC
306
Last-Modified
Sat, 28 Dec 2019 23:03:53 GMT
Server
nginx
X-TRK-DECISION
7
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-TRK-SRV
9
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
http://action.metaffiliation.com/trk.php?taff=P313256C9D121163&r=7386313&r={CACHEBUSTER}&altid={EMAIL}&__nadom=i.top-plans-voyages.fr
Date
Sat, 28 Dec 2019 23:03:53 GMT
X-Neta-Redirect-Srv
10.1.2.1
Server
nginx
Connection
close
Content-Length
154
Content-Type
text/html
pixel.png
tck.elitrack.com/images/
Redirect Chain
  • https://action.metaffiliation.com/trk.php?mann=P313256C9D121163
  • https://tck.elitrack.com/impression?aid=e78f10150bcf2a3c81c4e4135539126b&utm_source=Affiliation&utm_medium=email&utm_campaign=444881&rand=5899153979509632475&sce=60&subid=
  • https://tck.elitrack.com/images/pixel.png
81 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tck.elitrack.com/images/pixel.png
Requested by
Host: mirror.e.plan-du-net.com
URL: http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.209.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-209-52.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
0454388c9f516d35615e0f1fa2065494325864f83a251857ce4354790f577765

Request headers

Referer
http://mirror.e.plan-du-net.com/?e=guy.grolaux%40gmail.com&s=244&b=1606
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 23:03:54 GMT
Last-Modified
Tue, 02 May 2017 09:50:32 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"51-54e877874acca"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
81

Redirect headers

Location
https://tck.elitrack.com/images/pixel.png
Date
Sat, 28 Dec 2019 23:03:53 GMT
Cache-Control
no-cache, private
Server
Apache/2.4.18 (Ubuntu)
Connection
keep-alive
Content-Length
408
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Domain/Path Name / Value
mirror.e.plan-du-net.com/ Name: SERVERID
Value: server2
mirror.e.plan-du-net.com/ Name: ASP.NET_SessionId
Value: bgoaqwfygebhaa554sj5u3mv

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.metaffiliation.com
fonts.googleapis.com
i.top-plans-voyages.fr
ib.adnxs.com
insight.tradelab.fr
mirror.e.plan-du-net.com
t.e.plan-du-net.com
tck.elitrack.com
www.whisky.fr
185.199.184.36
2a00:1450:4001:809::200a
31.24.231.198
37.252.172.250
52.29.209.52
89.248.209.41
89.248.211.29
95.131.136.1
95.131.136.18
0454388c9f516d35615e0f1fa2065494325864f83a251857ce4354790f577765
061d7acab2910bbd3d893e201bd0c5c737c2d4675eb859d542e150413e90e314
0fd972a420a4abe631757136a3fb3475ea1606ce5bc1bede907f95fdf6b9d70e
1183812eaab0458cf831843ea466bfaf5f60602478f17737596f00b6350daf25
2e068becae10c3f4b158b8b1c9aeb569e63ff706a13fe72f93dbac59c26f7fa8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
620dfc9d852f95e838727da6b9eceb06b8389c42f0242f010178e26c628614f4
67f75f521eb26ff9d94f9f6580551c829397c37c8475afd34241c75c7025b3fd
70fed6aa95de3e1a223fa3ab10e755b316c4271ed5058386f7e5b96618454a1d
8182971b1c32c62411bd54bb8d9126378bbe34b8e40afd7bbdfdd2c1a8296dc5
8c9d8782139da183a013a28d688c0ff5a63b65dc1ced419bf34ab63a3e7edd42
96f8a16523ac908444263e0b28cdd7dea19ac23312849a4f2949dd55cc1e59d6
a391e18f317d0efe81441878c2dc51bf0f9bfff5c2bc0ff07f3ab6a4e22f11ab
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba
df2f5958f383090d9bac2d7c8b2c95e70de911b4f5f942ff5fb088480f4385ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9a97de6efb78d972ce3da54be2bfbc76891192c4949388d8e962c30b3c1b2cd
fc3a123570c044d6fa5f0d155c09f124f74e2a6ded115f73bed0181ca4e27a66