urlscan.io logo urlscan.io
SecurityTrails logo

clk.tradedoubler.com Open in urlscan Pro
35.186.231.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.club.coffretcafe.fr/c/nEY/2i/pG-hJOrzfbwlQlK9qohx-y/F/H7U/F/e2c51c53
Effective URL: https://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/index.html?id=54&ref=NLK...
Submission: On February 27 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 5 domains to perform 12 HTTP transactions. The main IP is 35.186.231.97, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is clk.tradedoubler.com. The Cisco Umbrella rank of the primary domain is 65162.
TLS certificate: Issued by R3 on February 15th 2022. Valid for: 3 months.
This is the only time clk.tradedoubler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    80.209.249.242 (Poland)

ASN47544 (IQPL-AS, PL)
PTR: 80-209-249-242.rev.iq.pl
links.club.coffretcafe.fr
3    160.153.244.152 (Amsterdam, Netherlands)

ASN20773 (GODADDY, DE)
PTR: ip-160-153-244-152.ip.secureserver.net
kr.club.coffretcafe.fr
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
clk.tradedoubler.com
1    143.204.98.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-3.fra50.r.cloudfront.net
vht.tradedoubler.com
1    188.165.150.178 (France)

ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com
analytics.tradedoubler.com
1    51.159.89.114 (None, )

ASN- ()
tech-vip.com
Apex Domain
Subdomains		 Transfer
5 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 65162
vht.tradedoubler.com — Cisco Umbrella Rank: 103891
analytics.tradedoubler.com — Cisco Umbrella Rank: 135717
6 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
4 coffretcafe.fr
links.club.coffretcafe.fr
kr.club.coffretcafe.fr
5 KB
1 tech-vip.com
tech-vip.com
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
42 KB
12 5
Domain Requested by
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 clk.tradedoubler.com 2 redirects kr.club.coffretcafe.fr
3 kr.club.coffretcafe.fr 1 redirects kr.club.coffretcafe.fr
1 tech-vip.com
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 www.googletagmanager.com kr.club.coffretcafe.fr
1 links.club.coffretcafe.fr 1 redirects
12 8

This site contains no links.

Subject Issuer Validity Valid
kr.club.coffretcafe.fr
cPanel, Inc. Certification Authority		 2022-02-22 -
2022-05-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.tradedoubler.com
R3		 2022-02-15 -
2022-05-16		 3 months crt.sh
tech-vip.com
R3		 2022-02-13 -
2022-05-14		 3 months crt.sh

This page contains 1 frames:

Frame: https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be
Frame ID: 7DE033B312A195A19B687584FC579A75
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://links.club.coffretcafe.fr/c/nEY/2i/pG-hJOrzfbwlQlK9qohx-y/F/H7U/F/e2c51c53 HTTP 302
    https://kr.club.coffretcafe.fr/jp?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=... HTTP 301
    https://kr.club.coffretcafe.fr/jp/?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5... Page URL
  2. http://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/inde... HTTP 302
    https://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/inde... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

12
Requests

92 %
HTTPS

25 %
IPv6

5
Domains

8
Subdomains

8
IPs

5
Countries

72 kB
Transfer

173 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.club.coffretcafe.fr/c/nEY/2i/pG-hJOrzfbwlQlK9qohx-y/F/H7U/F/e2c51c53 HTTP 302
    https://kr.club.coffretcafe.fr/jp?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countkey=FR&dbid=70587&adv=Tech_VIP&brd=Airpods&clt=Absolutely_digital&trm=Christina&creaid=19605 HTTP 301
    https://kr.club.coffretcafe.fr/jp/?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countkey=FR&dbid=70587&adv=Tech_VIP&brd=Airpods&clt=Absolutely_digital&trm=Christina&creaid=19605 Page URL
  2. http://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be HTTP 302
    https://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://links.club.coffretcafe.fr/c/nEY/2i/pG-hJOrzfbwlQlK9qohx-y/F/H7U/F/e2c51c53 HTTP 302
  • https://kr.club.coffretcafe.fr/jp?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countkey=FR&dbid=70587&adv=Tech_VIP&brd=Airpods&clt=Absolutely_digital&trm=Christina&creaid=19605 HTTP 301
  • https://kr.club.coffretcafe.fr/jp/?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countkey=FR&dbid=70587&adv=Tech_VIP&brd=Airpods&clt=Absolutely_digital&trm=Christina&creaid=19605
Request Chain 10
  • https://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be HTTP 302
  • https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kr.club.coffretcafe.fr/jp/
Redirect Chain
  • https://links.club.coffretcafe.fr/c/nEY/2i/pG-hJOrzfbwlQlK9qohx-y/F/H7U/F/e2c51c53
  • https://kr.club.coffretcafe.fr/jp?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countkey...
  • https://kr.club.coffretcafe.fr/jp/?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countke...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kr.club.coffretcafe.fr/jp/?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countkey=FR&dbid=70587&adv=Tech_VIP&brd=Airpods&clt=Absolutely_digital&trm=Christina&creaid=19605
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Amsterdam, Netherlands, ASN20773 (GODADDY, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
0954f823a372676ddb211d895b44d98ca73bc7f8ac3a2fd57ac4cd7f29ccc5fa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

Date
Sun, 27 Feb 2022 00:10:15 GMT
Server
Apache
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=ISO-8859-1

Redirect headers

Date
Sun, 27 Feb 2022 00:10:14 GMT
Server
Apache
Location
https://kr.club.coffretcafe.fr/jp/?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countkey=FR&dbid=70587&adv=Tech_VIP&brd=Airpods&clt=Absolutely_digital&trm=Christina&creaid=19605
Content-Length
543
Connection
close
Content-Type
text/html; charset=iso-8859-1
redirect1.gif
kr.club.coffretcafe.fr/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kr.club.coffretcafe.fr/images/redirect1.gif
Requested by
Host: kr.club.coffretcafe.fr
URL: https://kr.club.coffretcafe.fr/jp/?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countkey=FR&dbid=70587&adv=Tech_VIP&brd=Airpods&clt=Absolutely_digital&trm=Christina&creaid=19605
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Amsterdam, Netherlands, ASN20773 (GODADDY, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
da1e92fc3fb9a19f018b1d0f6bf371f2a7499b72476879ac01ca86264d6a2ed8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kr.club.coffretcafe.fr/jp/?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countkey=FR&dbid=70587&adv=Tech_VIP&brd=Airpods&clt=Absolutely_digital&trm=Christina&creaid=19605
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 00:10:15 GMT
Last-Modified
Wed, 18 Aug 2021 15:14:07 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1452
Content-Type
image/gif
gtm.js
www.googletagmanager.com/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T2D9W3L
Requested by
Host: kr.club.coffretcafe.fr
URL: https://kr.club.coffretcafe.fr/jp/?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countkey=FR&dbid=70587&adv=Tech_VIP&brd=Airpods&clt=Absolutely_digital&trm=Christina&creaid=19605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f96702bb97dfd95123c42b5dc1dbf89269ff260f8ffdb13e1b139b81a323401d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kr.club.coffretcafe.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 00:10:15 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42071
x-xss-protection
0
expires
Sun, 27 Feb 2022 00:10:15 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2D9W3L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kr.club.coffretcafe.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
323
date
Sun, 27 Feb 2022 00:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 27 Feb 2022 02:04:52 GMT
collect
www.google-analytics.com/j/ 		1 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1745870610&t=pageview&_s=1&dl=https%3A%2F%2Fkr.club.coffretcafe.fr%2Fjp%2F%3Fh%3Dc4bb14689b28810ae13b12a216edc261%26email%3Dsuspect%2540safeonweb.be%26emailmd5%3Dd89a49469cc482a0e1ea42bdabfae7dd%26utm_source%3DCCC%26utm_medium%3Dcpm%26utm_term%3DEcommerce%26countkey%3DFR%26dbid%3D70587%26adv%3DTech_VIP%26brd%3DAirpods%26clt%3DAbsolutely_digital%26trm%3DChristina%26creaid%3D19605&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=714828378&gjid=437374641&cid=2480480.1645920615&uid=d89a49469cc482a0e1ea42bdabfae7dd&tid=UA-117927431-4&_gid=1633447629.1645920615&_r=1&gtm=2wg2n0T2D9W3L&cd1=70587&cd2=Tech_VIP&cd3=Airpods&cd4=Absolutely_digital&cd5=Christina&cd6=FR&cd7=d89a49469cc482a0e1ea42bdabfae7dd&cd8=undefined&z=1071144849
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kr.club.coffretcafe.fr/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 00:10:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kr.club.coffretcafe.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1745870610&t=pageview&_s=1&dl=https%3A%2F%2Fkr.club.coffretcafe.fr%2Fjp%2F%3Fh%3Dc4bb14689b28810ae13b12a216edc261%26email%3Dsuspect%2540safeonweb.be%26emailmd5%3Dd89a49469cc482a0e1ea42bdabfae7dd%26utm_source%3DCCC%26utm_medium%3Dcpm%26utm_term%3DEcommerce%26countkey%3DFR%26dbid%3D70587%26adv%3DTech_VIP%26brd%3DAirpods%26clt%3DAbsolutely_digital%26trm%3DChristina%26creaid%3D19605&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=2480480.1645920615&uid=d89a49469cc482a0e1ea42bdabfae7dd&tid=UA-117927431-4&_gid=1633447629.1645920615&gtm=2wg2n0T2D9W3L&cd1=70587&cd2=Tech_VIP&cd3=Airpods&cd4=Absolutely_digital&cd5=Christina&cd6=FR&cd7=d89a49469cc482a0e1ea42bdabfae7dd&cd8=undefined&z=2019325524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kr.club.coffretcafe.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Feb 2022 08:48:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55278
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1745870610&t=pageview&_s=1&dl=https%3A%2F%2Fkr.club.coffretcafe.fr%2Fjp%2F%3Fh%3Dc4bb14689b28810ae13b12a216edc261%26email%3Dsuspect%2540safeonweb.be%26emailmd5%3Dd89a49469cc482a0e1ea42bdabfae7dd%26utm_source%3DCCC%26utm_medium%3Dcpm%26utm_term%3DEcommerce%26countkey%3DFR%26dbid%3D70587%26adv%3DTech_VIP%26brd%3DAirpods%26clt%3DAbsolutely_digital%26trm%3DChristina%26creaid%3D19605&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=2480480.1645920615&uid=d89a49469cc482a0e1ea42bdabfae7dd&tid=UA-117927431-4&_gid=1633447629.1645920615&gtm=2wg2n0T2D9W3L&cd1=70587&cd2=Tech_VIP&cd3=Airpods&cd4=Absolutely_digital&cd5=Christina&cd6=FR&cd7=d89a49469cc482a0e1ea42bdabfae7dd&cd8=undefined&z=484223307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kr.club.coffretcafe.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Feb 2022 08:48:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55279
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Primary Request click
clk.tradedoubler.com/
Redirect Chain
  • http://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be
  • https://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be
Requested by
Host: kr.club.coffretcafe.fr
URL: https://kr.club.coffretcafe.fr/jp/?h=c4bb14689b28810ae13b12a216edc261&email=suspect%40safeonweb.be&emailmd5=d89a49469cc482a0e1ea42bdabfae7dd&utm_source=CCC&utm_medium=cpm&utm_term=Ecommerce&countkey=FR&dbid=70587&adv=Tech_VIP&brd=Airpods&clt=Absolutely_digital&trm=Christina&creaid=19605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.231.186.35.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
a285f153aa57813707912cb125e0afc54983dda575d47f4803696c86bf5539ce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Sun, 27 Feb 2022 00:10:16 GMT
content-length
1113
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

Location
https://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be
Date
Sun, 27 Feb 2022 00:10:16 GMT
Content-Length
368
Content-Type
text/html; charset=ISO-8859-1
Via
1.1 google
collect
www.google-analytics.com/ 		0
0
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-3.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 19:21:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
Age
449298
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
3705
X-Amz-Cf-Id
Y32nTUYbofj4zigtXOaN3z1fjnJf2SGmqbCiqpauBaRpiI7EIApCLQ==
/
analytics.tradedoubler.com/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS
lb02.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 27 Feb 2022 00:10:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
index.html
tech-vip.com/fr/ow/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=323405&a=3245074&g=25175606&epi=&url=https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be
  • https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.159.89.114 -, , ASN (),
Reverse DNS
Software
Apache/2.4.46 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
Origin
https://clk.tradedoubler.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://clk.tradedoubler.com/

Response headers

Date
Sun, 27 Feb 2022 00:10:17 GMT
Server
Apache/2.4.46 (Ubuntu)
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17695
Keep-Alive
timeout=3, max=500
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

location
https://tech-vip.com/fr/ow/index.html?id=54&ref=NLKONTIKI_XXXX&email=suspect@safeonweb.be
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Sun, 27 Feb 2022 00:10:17 GMT
content-length
294
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1745870610&t=pageview&_s=1&dl=https%3A%2F%2Fkr.club.coffretcafe.fr%2Fjp%2F%3Fh%3Dc4bb14689b28810ae13b12a216edc261%26email%3Dsuspect%2540safeonweb.be%26emailmd5%3Dd89a49469cc482a0e1ea42bdabfae7dd%26utm_source%3DCCC%26utm_medium%3Dcpm%26utm_term%3DEcommerce%26countkey%3DFR%26dbid%3D70587%26adv%3DTech_VIP%26brd%3DAirpods%26clt%3DAbsolutely_digital%26trm%3DChristina%26creaid%3D19605&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=2480480.1645920615&uid=d89a49469cc482a0e1ea42bdabfae7dd&tid=UA-117927431-4&_gid=1633447629.1645920615&gtm=2wg2n0T2D9W3L&cd1=70587&cd2=Tech_VIP&cd3=Airpods&cd4=Absolutely_digital&cd5=Christina&cd6=FR&cd7=d89a49469cc482a0e1ea42bdabfae7dd&cd8=undefined&z=46668490

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

8 Cookies

Domain/Path Name / Value
links.club.coffretcafe.fr/ Name: TEMP_DATA
Value: ee225d4a-0b49-4aeb-91bb-a9ce01a1c03f
links.club.coffretcafe.fr/ Name: esg1
Value: nEY/2i/pG-hJOrzfbwlQlK9qohx-y/F/H7U/F/66a12b74
.coffretcafe.fr/ Name: _ga
Value: GA1.2.2480480.1645920615
.coffretcafe.fr/ Name: _gid
Value: GA1.2.1633447629.1645920615
.coffretcafe.fr/ Name: _gat_UA-117927431-4
Value: 1
.tradedoubler.com/ Name: EH_0
Value: 1z11z1zsoz1V0NFKz1To5yZQe2pWbyD.29CsSnT1EVNwTkKDlHLAuRGuhK_ML6F%7a9pBRxKc7BJ_7BTZY%7ao1oHg
.tradedoubler.com/ Name: GUID
Value: 1z11zzsoz24E43nz6bf007e11a2954a24a25c3dc18f144b0
.tradedoubler.com/ Name: TradeDoublerGUID
Value: 6bf007e11a2954a24a25c3dc18f144b0