urlscan.io logo urlscan.io
SecurityTrails logo

www.hp.com Open in urlscan Pro
2a02:26f0:3500:18::1724:a297  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://guyanaembassyusa.org/
Effective URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=voyageforum&utm_content=0
Submission: On January 16 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 8 domains to perform 23 HTTP transactions. The main IP is 2a02:26f0:3500:18::1724:a297, located in and belongs to . The main domain is www.hp.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 25th 2022. Valid for: a year.
This is the only time www.hp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 50.87.235.242 46606 (UNIFIEDLA...)
2 159.69.234.10 24940 (HETZNER-AS)
1 2 194.135.30.40 50321 (BYTES-AS)
1 2a00:1178:1:4... 35415 (WEBZILLA)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 35.186.231.97 15169 (GOOGLE)
1 65.9.66.107 16509 (AMAZON-02)
1 188.165.150.178 16276 (OVH)
1 1 52.209.203.76 16509 (AMAZON-02)
1 2 2a02:26f0:350... ()
23 9
2    50.87.235.242 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-87-235-242.unifiedlayer.com
guyanaembassyusa.org
2    159.69.234.10 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.10.234.69.159.clients.your-server.de
track.violetlovelines.com
way.specialblueitems.com
2    194.135.30.40 (Czech Republic)

ASN50321 (BYTES-AS, UA)
short.interestmoments.com
1    2a00:1178:1:4b::17 (Netherlands)

ASN35415 (WEBZILLA, NL)
wholegrady.com
1    2606:4700:3037::6815:b34 (United States)

ASN13335 (CLOUDFLARENET, US)
t.voyageforum.top
2    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
clk.tradedoubler.com
1    65.9.66.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-107.fra56.r.cloudfront.net
vht.tradedoubler.com
1    188.165.150.178 (France)

ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com
analytics.tradedoubler.com
1    52.209.203.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-203-76.eu-west-1.compute.amazonaws.com
redirects.tradedoubler.com
2    2a02:26f0:3500:18::1724:a297 (None, )

ASN- ()
www.hp.com
Apex Domain
Subdomains		 Transfer
5 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 96684
vht.tradedoubler.com — Cisco Umbrella Rank: 108156
analytics.tradedoubler.com — Cisco Umbrella Rank: 157029
redirects.tradedoubler.com — Cisco Umbrella Rank: 141308
7 KB
2 hp.com
www.hp.com
2 KB
2 interestmoments.com
short.interestmoments.com — Cisco Umbrella Rank: 381274 Failed
794 B
2 guyanaembassyusa.org
guyanaembassyusa.org
500 B
1 voyageforum.top
t.voyageforum.top
693 B
1 wholegrady.com
wholegrady.com — Cisco Umbrella Rank: 373806 Failed
1 KB
1 specialblueitems.com
way.specialblueitems.com — Cisco Umbrella Rank: 296682
2 KB
1 violetlovelines.com
track.violetlovelines.com — Cisco Umbrella Rank: 385484
3 KB
23 8
Domain Requested by
2 www.hp.com 1 redirects www.hp.com
2 clk.tradedoubler.com 1 redirects wholegrady.com
2 short.interestmoments.com way.specialblueitems.com
2 guyanaembassyusa.org 1 redirects
1 redirects.tradedoubler.com 1 redirects
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 t.voyageforum.top 1 redirects
1 wholegrady.com short.interestmoments.com
1 way.specialblueitems.com track.violetlovelines.com
1 track.violetlovelines.com guyanaembassyusa.org
23 11

This site contains no links.

Subject Issuer Validity Valid
www.guyanaembassyusa.org
R3		 2022-12-20 -
2023-03-20		 3 months crt.sh
track.violetlovelines.com
R3		 2022-12-03 -
2023-03-03		 3 months crt.sh
way.specialblueitems.com
R3		 2022-12-03 -
2023-03-03		 3 months crt.sh
short.interestmoments.com
R3		 2023-01-11 -
2023-04-11		 3 months crt.sh
wholegrady.com
R3		 2023-01-15 -
2023-04-15		 3 months crt.sh
*.tradedoubler.com
R3		 2022-12-12 -
2023-03-12		 3 months crt.sh
www.hp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=voyageforum&utm_content=0
Frame ID: 1E6D384CC53CCF344B85809EC9FFF30A
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://guyanaembassyusa.org/ HTTP 301
    https://guyanaembassyusa.org/ Page URL
  2. https://short.interestmoments.com/new-way.php?id=67869-23-454742&pid=85&zid=689532 HTTP 302
    https://short.interestmoments.com/new-way.php?id=856756-23-584324238&pid=367&zid=796&kid=45709543&from=MicroMash Page URL
  3. https://wholegrady.com/bK3EVB0YP.3jpuv/b/m/VZJJZ/DJ0O0PNkjSEmzSOqD/UUziLBTYQT2SMWTFMu4SN/T/Q- Page URL
  4. https://t.voyageforum.top/click.php?key=tk5zkr980387kdqbn3nq&ctoken=j0ff7mv6u1hi31jnmdnb&cpmid=0.00150... HTTP 302
    https://clk.tradedoubler.com/click?p=245746&a=3232571&epi=972744kxrdu8pwj8bb Page URL
  5. https://clk.tradedoubler.com/click?p=245746&a=3232571&epi=972744kxrdu8pwj8bb HTTP 302
    https://redirects.tradedoubler.com/projectr/?_td_ifelse=hpinstantink*td_string*https%3A%2F%2Fwww.hp.com%2Ffr-fr... HTTP 302
    https://www.hp.com/fr-fr/shop/GenericLandingPage.aspx?tduid=4eb6dbf49ae9dd128dcb1ba7bbe878ba&ur... HTTP 302
    https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=voyageforum&utm... Page URL

Page Statistics

23
Requests

39 %
HTTPS

30 %
IPv6

8
Domains

11
Subdomains

9
IPs

6
Countries

13 kB
Transfer

132 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://guyanaembassyusa.org/ HTTP 301
    https://guyanaembassyusa.org/ Page URL
  2. https://short.interestmoments.com/new-way.php?id=67869-23-454742&pid=85&zid=689532 HTTP 302
    https://short.interestmoments.com/new-way.php?id=856756-23-584324238&pid=367&zid=796&kid=45709543&from=MicroMash Page URL
  3. https://wholegrady.com/bK3EVB0YP.3jpuv/b/m/VZJJZ/DJ0O0PNkjSEmzSOqD/UUziLBTYQT2SMWTFMu4SN/T/Q- Page URL
  4. https://t.voyageforum.top/click.php?key=tk5zkr980387kdqbn3nq&ctoken=j0ff7mv6u1hi31jnmdnb&cpmid=0.001500&zoneid=E2PKMGP795&adid=465449&category=Mainstream&cpmbid=1.500000&browsername=Chrome&appname= HTTP 302
    https://clk.tradedoubler.com/click?p=245746&a=3232571&epi=972744kxrdu8pwj8bb Page URL
  5. https://clk.tradedoubler.com/click?p=245746&a=3232571&epi=972744kxrdu8pwj8bb HTTP 302
    https://redirects.tradedoubler.com/projectr/?_td_ifelse=hpinstantink*td_string*https%3A%2F%2Fwww.hp.com%2Ffr-fr%2Fshop%2F*td_true*_td_spaceport_encode=-1&utm_source=affiliate&utm_medium=instantink&utm_campaign=voyageforum&utm_content=0&utm_term=af_de38cc74e2&tduid=4eb6dbf49ae9dd128dcb1ba7bbe878ba&_td_deeplink=https%3A%2F%2Fwww.hp.com%2Ffr-fr%2Fshop%2F*td_false*_td_spaceport_encode=-1&_td_softclick=245746&utm_source=affiliate&utm_medium=cpa&utm_campaign=voyageforum&utm_content=0&_td_url=https://www.hp.com/fr-fr/shop/GenericLandingPage.aspx?tduid=4eb6dbf49ae9dd128dcb1ba7bbe878ba&_td_deeplink=https%3A%2F%2Fwww.hp.com%2Ffr-fr%2Fshop%2F HTTP 302
    https://www.hp.com/fr-fr/shop/GenericLandingPage.aspx?tduid=4eb6dbf49ae9dd128dcb1ba7bbe878ba&url=https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=voyageforum&utm_content=0 HTTP 302
    https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=voyageforum&utm_content=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://guyanaembassyusa.org/ HTTP 301
  • https://guyanaembassyusa.org/
Request Chain 4
  • https://short.interestmoments.com/new-way.php?id=67869-23-454742&pid=85&zid=689532 HTTP 302
  • https://short.interestmoments.com/new-way.php?id=856756-23-584324238&pid=367&zid=796&kid=45709543&from=MicroMash
Request Chain 9
  • https://t.voyageforum.top/click.php?key=tk5zkr980387kdqbn3nq&ctoken=j0ff7mv6u1hi31jnmdnb&cpmid=0.001500&zoneid=E2PKMGP795&adid=465449&category=Mainstream&cpmbid=1.500000&browsername=Chrome&appname= HTTP 302
  • https://clk.tradedoubler.com/click?p=245746&a=3232571&epi=972744kxrdu8pwj8bb

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
guyanaembassyusa.org/
Redirect Chain
  • http://guyanaembassyusa.org/
  • https://guyanaembassyusa.org/
382 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://guyanaembassyusa.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.235.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-235-242.unifiedlayer.com
Software
Apache /
Resource Hash
2bfc062f8acec4c70179a9def6c4eccb9519c274fb1a9cfa0315f5cbc754fd07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-length
122
content-type
text/html; charset=UTF-8
date
Mon, 16 Jan 2023 15:11:52 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
server
Apache
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
237
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 16 Jan 2023 15:11:51 GMT
Keep-Alive
timeout=5, max=75
Location
https://guyanaembassyusa.org/
Server
Apache
jack.js
track.violetlovelines.com/src/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.violetlovelines.com/src/jack.js?v=2.0.5
Requested by
Host: guyanaembassyusa.org
URL: https://guyanaembassyusa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.234.10 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.10.234.69.159.clients.your-server.de
Software
nginx /
Resource Hash
937551300557b02c1afaec800b8fe7c792909a4755c514e6bb4d18fe76cfd68b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://guyanaembassyusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 16 Jan 2023 15:11:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Jan 2023 21:15:16 GMT
Server
nginx
ETag
W/"63c1c9e4-1c88"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Expires
Thu, 26 Jan 2023 15:11:54 GMT
nw.js
way.specialblueitems.com/src/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://way.specialblueitems.com/src/nw.js?&se_referrer=&default_keyword=&&frm6393271e20c24=script6393271e20c28&_cid=c173b3d5-aa0c-8a4c-da69-bf2ee86a79cd
Requested by
Host: track.violetlovelines.com
URL: https://track.violetlovelines.com/src/jack.js?v=2.0.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.234.10 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.10.234.69.159.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://guyanaembassyusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 16 Jan 2023 15:11:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Jan 2023 21:13:42 GMT
Server
nginx
ETag
W/"63c1c986-189f"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Expires
Thu, 26 Jan 2023 15:11:55 GMT
new-way.php
short.interestmoments.com/ 		0
0
new-way.php
short.interestmoments.com/
Redirect Chain
  • https://short.interestmoments.com/new-way.php?id=67869-23-454742&pid=85&zid=689532
  • https://short.interestmoments.com/new-way.php?id=856756-23-584324238&pid=367&zid=796&kid=45709543&from=MicroMash
926 B
608 B 		Document
General
Check archive.org
Download Go to
Full URL
https://short.interestmoments.com/new-way.php?id=856756-23-584324238&pid=367&zid=796&kid=45709543&from=MicroMash
Requested by
Host: way.specialblueitems.com
URL: https://way.specialblueitems.com/src/nw.js?&se_referrer=&default_keyword=&&frm6393271e20c24=script6393271e20c28&_cid=c173b3d5-aa0c-8a4c-da69-bf2ee86a79cd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.135.30.40 , Czech Republic, ASN50321 (BYTES-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://guyanaembassyusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-length
466
content-type
text/html; charset=UTF-8
date
Mon, 16 Jan 2023 15:11:56 GMT
server
nginx
strict-transport-security
max-age=15768000;
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 16 Jan 2023 15:11:56 GMT
location
https://short.interestmoments.com/new-way.php?id=856756-23-584324238&pid=367&zid=796&kid=45709543&from=MicroMash
server
nginx
strict-transport-security
max-age=15768000;
Q-
wholegrady.com/bK3EVB0YP.3jpuv/b/m/VZJJZ/DJ0O0PNkjSEmzSOqD/UUziLBTYQT2SMWTFMu4SN/T/ 		0
0
Q-
wholegrady.com/bK3EVB0YP.3jpuv/b/m/VZJJZ/DJ0O0PNkjSEmzSOqD/UUziLBTYQT2SMWTFMu4SN/T/ 		0
0
Q-
wholegrady.com/bK3EVB0YP.3jpuv/b/m/VZJJZ/DJ0O0PNkjSEmzSOqD/UUziLBTYQT2SMWTFMu4SN/T/ 		0
0
Q-
wholegrady.com/bK3EVB0YP.3jpuv/b/m/VZJJZ/DJ0O0PNkjSEmzSOqD/UUziLBTYQT2SMWTFMu4SN/T/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wholegrady.com/bK3EVB0YP.3jpuv/b/m/VZJJZ/DJ0O0PNkjSEmzSOqD/UUziLBTYQT2SMWTFMu4SN/T/Q-
Requested by
Host: short.interestmoments.com
URL: https://short.interestmoments.com/new-way.php?id=856756-23-584324238&pid=367&zid=796&kid=45709543&from=MicroMash
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::17 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://short.interestmoments.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 16 Jan 2023 15:11:56 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
last-modified
Mon, 16 Jan 2023 15:11:56 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
referrer-policy
no-referrer
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
click
clk.tradedoubler.com/
Redirect Chain
  • https://t.voyageforum.top/click.php?key=tk5zkr980387kdqbn3nq&ctoken=j0ff7mv6u1hi31jnmdnb&cpmid=0.001500&zoneid=E2PKMGP795&adid=465449&category=Mainstream&cpmbid=1.500000&browsername=Chrome&appname=
  • https://clk.tradedoubler.com/click?p=245746&a=3232571&epi=972744kxrdu8pwj8bb
852 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=245746&a=3232571&epi=972744kxrdu8pwj8bb
Requested by
Host: wholegrady.com
URL: https://wholegrady.com/bA3BV.0CP_2EhF0GYHX-RJiKPLTME_mOcPnQJRp-ZTDU1VmWO_GYNZjaYbW-YdyeNfmgR_jiZjjkYly-ZnDoAp0qY_zsdtkuZvD-Ux3yYzjAA_wCZDGEUFx-YHzIgJ3KZ_SMZNyOcP3-JRjSPTWUh_pWcX3YRZv-cbncldieY_WgNhriJjn-NlJmZnDo0_0qNrjsEtz-OvDwUxzyJ_nApBvCbDm-VFJGZHDI0_0KNLjMENz-OPDQURzS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.231.186.35.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash

Request headers

Referer
https://wholegrady.com/bA3BV.0CP_2EhF0GYHX-RJiKPLTME_mOcPnQJRp-ZTDU1VmWO_GYNZjaYbW-YdyeNfmgR_jiZjjkYly-ZnDoAp0qY_zsdtkuZvD-Ux3yYzjAA_wCZDGEUFx-YHzIgJ3KZ_SMZNyOcP3-JRjSPTWUh_pWcX3YRZv-cbncldieY_WgNhriJjn-NlJmZnDo0_0qNrjsEtz-OvDwUxzyJ_nApBvCbDm-VFJGZHDI0_0KNLjMENz-OPDQURzS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
852
content-type
text/html; charset=ISO-8859-1
date
Mon, 16 Jan 2023 15:11:56 GMT
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
referrer-policy
origin
server
TXServerHttp
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78a7c95c4842f160-CDG
content-type
text/html; charset=UTF-8
date
Mon, 16 Jan 2023 15:11:56 GMT
location
https://clk.tradedoubler.com/click?p=245746&a=3232571&epi=972744kxrdu8pwj8bb
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pz3u9hVvSGtjdNkuyzYFLgi0glVWcrVshORi7WsAmpgDQ5%2FjexsTY%2FMrmHwB1uX8gH3rtb2GbEMbdlgT8dJ76cw%2FM8r9RpiNB4Tx8pRj%2Bp%2FSTp7e0sqgC0A%2BFavfSTGvKjCWIF9bE86sNcMiaPRc2g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=245746&a=3232571&epi=972744kxrdu8pwj8bb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-107.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 11 Jan 2023 16:10:06 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
Age
428511
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3705
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
t7YE8hBb3OOg5leSyj8RlDJ80gcdHWT51ZqTwUrHRCaCrXeaICWNeg==
/
analytics.tradedoubler.com/ 		0
176 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS
lb02.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 16 Jan 2023 15:11:57 GMT
content-encoding
gzip
x-via-popn
primary
server
nginx
vary
Accept-Encoding
x-via-poph
replica1
content-type
text/html; charset=UTF-8
Primary Request /
www.hp.com/fr-fr/shop/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=245746&a=3232571&epi=972744kxrdu8pwj8bb
  • https://redirects.tradedoubler.com/projectr/?_td_ifelse=hpinstantink*td_string*https%3A%2F%2Fwww.hp.com%2Ffr-fr%2Fshop%2F*td_true*_td_spaceport_encode=-1&utm_source=affiliate&utm_medium=instantink&...
  • https://www.hp.com/fr-fr/shop/GenericLandingPage.aspx?tduid=4eb6dbf49ae9dd128dcb1ba7bbe878ba&url=https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=voyageforum&utm_cont...
  • https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=voyageforum&utm_content=0
106 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=voyageforum&utm_content=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a297 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://clk.tradedoubler.com
Referer
https://clk.tradedoubler.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-expose-headers
Request-Context
akamai-grn
0.97a02417.1673881918.d83acb8e
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 16 Jan 2023 15:11:59 GMT
expires
Mon, 16 Jan 2023 15:11:59 GMT
link
<https://www.hp.com/P6LVa5VKe/X0v0Ww/MEm/qoBU-kKQ8/aYiQw8DJ3i/ChhnPnsWAg/AWcVP/Ed-Ej0>; rel=preload; as=script <https://www.hp.com/akam/13/71a8d4a4>; rel=preload; as=script
pragma
no-cache
request-context
appId=cid-v1:e845ceaa-3b44-4a98-8c75-021fad1b13e5
server
strict-transport-security
max-age=600
vary
Accept-Encoding
x-akamai-transformed
9 286778 0 pmb=mTOE,5
x-content-type-options
nosniff

Redirect headers

access-control-expose-headers
Request-Context
akamai-grn
0.97a02417.1673881918.d83ac21b
cache-control
private
content-length
234
content-type
text/html; charset=utf-8
date
Mon, 16 Jan 2023 15:11:58 GMT
link
<https://www.hp.com/P6LVa5VKe/X0v0Ww/MEm/qoBU-kKQ8/aYiQw8DJ3i/ChhnPnsWAg/AWcVP/Ed-Ej0>; rel=preload; as=script
location
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=voyageforum&utm_content=0
request-context
appId=cid-v1:e845ceaa-3b44-4a98-8c75-021fad1b13e5
server
strict-transport-security
max-age=600
x-content-type-options
nosniff
Ed-Ej0
www.hp.com/P6LVa5VKe/X0v0Ww/MEm/qoBU-kKQ8/aYiQw8DJ3i/ChhnPnsWAg/AWcVP/ 		0
0
71a8d4a4
www.hp.com/akam/13/ 		0
0
sm15-global.css
www.hp.com/fr-fr/shop/html/headermenus/css/ 		0
0
hpsimplified_lt.woff
www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/ 		0
0
hpsimplified_rg.woff
www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/ 		0
0
hpsimplified_bd.woff
www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/ 		0
0
jquery.plugins.min.js
www.hp.com/fr-fr/shop/html/headermenus/js/libs/ 		0
0
app.page.all.js
www.hp.com/fr-fr/shop/html/headermenus/js/ 		0
0
jquery-1.8.3.min.js
www.hp.com/fr-fr/shop/js/ 		0
0
homepage.css
www.hp.com/fr-fr/shop/html/headermenus/css/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
short.interestmoments.com
URL
https://short.interestmoments.com/new-way.php?id=67869-23-454742&pid=85&zid=689532
Domain
wholegrady.com
URL
https://wholegrady.com/bK3EVB0YP.3jpuv/b/m/VZJJZ/DJ0O0PNkjSEmzSOqD/UUziLBTYQT2SMWTFMu4SN/T/Q-
Domain
wholegrady.com
URL
https://wholegrady.com/bK3EVB0YP.3jpuv/b/m/VZJJZ/DJ0O0PNkjSEmzSOqD/UUziLBTYQT2SMWTFMu4SN/T/Q-
Domain
wholegrady.com
URL
https://wholegrady.com/bK3EVB0YP.3jpuv/b/m/VZJJZ/DJ0O0PNkjSEmzSOqD/UUziLBTYQT2SMWTFMu4SN/T/Q-
Domain
www.hp.com
URL
https://www.hp.com/P6LVa5VKe/X0v0Ww/MEm/qoBU-kKQ8/aYiQw8DJ3i/ChhnPnsWAg/AWcVP/Ed-Ej0
Domain
www.hp.com
URL
https://www.hp.com/akam/13/71a8d4a4
Domain
www.hp.com
URL
https://www.hp.com/fr-fr/shop/html/headermenus/css/sm15-global.css?ver=20230111163756
Domain
www.hp.com
URL
https://www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/hpsimplified_lt.woff
Domain
www.hp.com
URL
https://www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/hpsimplified_rg.woff
Domain
www.hp.com
URL
https://www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/hpsimplified_bd.woff
Domain
www.hp.com
URL
https://www.hp.com/fr-fr/shop/html/headermenus/js/libs/jquery.plugins.min.js?ver=20230111163756
Domain
www.hp.com
URL
https://www.hp.com/fr-fr/shop/html/headermenus/js/app.page.all.js?ver=20230111163756
Domain
www.hp.com
URL
https://www.hp.com/fr-fr/shop/js/jquery-1.8.3.min.js
Domain
www.hp.com
URL
https://www.hp.com/fr-fr/shop/html/headermenus/css/homepage.css?merchSv=20230111163756

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

15 Cookies

Domain/Path Name / Value
guyanaembassyusa.org/ Name: trainmeassystt
Value: 1
wholegrady.com/ Name: kadCCap
Value: 229562:1:1673881916
wholegrady.com/ Name: kadACap
Value: 346327:1:1673840594
wholegrady.com/ Name: kadCSCap
Value: 229562:1:1673881916
wholegrady.com/ Name: kadASCap
Value: 346327:1:1673840594
wholegrady.com/ Name: kadRPixJ
Value: bnVsbA==
wholegrady.com/ Name: kadUnP3
Value: CAIQ0o+TngYaDQjzwZkBEAEY0o+TngYaDQjdzZkCEAEYvNKVngYiCggDEAIY0o+TngYqDAiMvRIQARjSj5OeBioMCOK8KBABGLzSlZ4G
t.voyageforum.top/ Name: uclick
Value: 4kxrdu8pwj
t.voyageforum.top/ Name: uclickhash
Value: 4kxrdu8pwj-4kxrdu8pwj-3v-0-3v-b48w-uswj-80d816
.tradedoubler.com/ Name: EH_0
Value: 1z11z1zy7zqTp0Sz18FkyZxHXJH7yEhNu6_T02qd4CX5I2ex638wlLL2ak_u_vs4po%7aZ4fqg2I4YuAkH%7awFxYvNSfLnWrcscfd496aYRZU4hMIKUAOl8
.tradedoubler.com/ Name: GUID
Value: 1z11zzy7z2GpaBaz4eb6dbf49ae9dd128dcb1ba7bbe878ba
.tradedoubler.com/ Name: TradeDoublerGUID
Value: 4eb6dbf49ae9dd128dcb1ba7bbe878ba
redirects.tradedoubler.com/ Name: TD_SOFT
Value: IzAVtoN8nLzt8MakafrzvVVZLfkQkgbmrUPj5juE5P4%3D
redirects.tradedoubler.com/ Name: AWSELB
Value: FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C92448B5DC41B6DF8F1BB665B74D1DBC44C6D7EBC787BD0F6BE79D5AC5A5888F948C1BA03E231E71D15DBA2CF9A7C59ACA2
redirects.tradedoubler.com/ Name: AWSELBCORS
Value: FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C92448B5DC41B6DF8F1BB665B74D1DBC44C6D7EBC787BD0F6BE79D5AC5A5888F948C1BA03E231E71D15DBA2CF9A7C59ACA2