redirect.gentside-news.fr
Open in
urlscan Pro
2a00:1450:4001:800::2013
Public Scan
Submitted URL: https://alert.gentside-news.fr/l2/7g4ejO18H17/74679/730860493.html
Effective URL: https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?rt=1676581128&rh=0e3e43c539d229095d5411edc073774833e...
Submission: On February 16 via api from BE — Scanned from FR
Effective URL: https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?rt=1676581128&rh=0e3e43c539d229095d5411edc073774833e...
Submission: On February 16 via api from BE — Scanned from FR
Summary
This website contacted 10 IPs
in 6 countries
across 15 domains to perform 20 HTTP transactions.
The main IP is 2a00:1450:4001:800::2013, located in
Frankfurt am Main, Germany and
belongs to GOOGLE, US.
The main domain is redirect.gentside-news.fr.
TLS certificate: Issued by GTS CA 1D4 on January 31st 2023. Valid for: 3 months.
This is the only time redirect.gentside-news.fr was scanned on urlscan.io!
TLS certificate: Issued by GTS CA 1D4 on January 31st 2023. Valid for: 3 months.
This is the only time redirect.gentside-news.fr was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
2
2a00:1450:4001:800::2013
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| redirect.gentside-news.fr |
6
35.244.174.68
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
| ejp.rlcdn.com | |
| idsync.rlcdn.com |
4
142.250.180.226
(United States)
ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
| cm.g.doubleclick.net |
2
34.140.227.143
(Brussels, Belgium)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.227.140.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.227.140.34.bc.googleusercontent.com
| ipe.gentside.com |
2
34.117.157.22
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
| ipm.ivitrack.com |
8
34.250.124.187
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-124-187.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-124-187.eu-west-1.compute.amazonaws.com
| er.cloud-media.fr |
2
54.194.46.76
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-46-76.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-46-76.eu-west-1.compute.amazonaws.com
| ntf.gentside-news.fr |
2
54.229.131.110
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-131-110.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-131-110.eu-west-1.compute.amazonaws.com
| notify.adleadevent.com |
10
54.36.150.180
(France)
ASN16276 (OVH, FR)
PTR: ip180.ip-54-36-150.eu
ASN16276 (OVH, FR)
PTR: ip180.ip-54-36-150.eu
| prisma-tr.prismamedia.com | |
| cookie-matching.mediarithmics.com |
3
185.89.211.12
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
| ib.adnxs.com |
2
35.190.24.218
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
| redirect.frontend.weborama.fr |
2
51.158.29.13
(Paris, France)
ASN12876 (Online SAS, FR)
PTR: 51-158-29-13.rev.poneytelecom.eu
ASN12876 (Online SAS, FR)
PTR: 51-158-29-13.rev.poneytelecom.eu
| sir.gentside-news.fr |
2
212.129.3.112
(France)
ASN12876 (Online SAS, FR)
PTR: 212-129-3-112.rev.poneytelecom.eu
ASN12876 (Online SAS, FR)
PTR: 212-129-3-112.rev.poneytelecom.eu
| js.sddan.com |
2
104.87.134.7
(Vienna, Austria)
ASN16625 (AKAMAI-AS, US)
PTR: a104-87-134-7.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-87-134-7.deploy.static.akamaitechnologies.com
| api.prismaconnect.fr |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
cloud-media.fr
4 redirects
er.cloud-media.fr — Cisco Umbrella Rank: 291233 |
2 KB |
| 7 |
gentside-news.fr
4 redirects
alert.gentside-news.fr redirect.gentside-news.fr ntf.gentside-news.fr sir.gentside-news.fr |
6 KB |
| 6 |
rlcdn.com
4 redirects
ejp.rlcdn.com — Cisco Umbrella Rank: 86477 idsync.rlcdn.com — Cisco Umbrella Rank: 340 |
865 B |
| 5 |
mediarithmics.com
3 redirects
cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 17648 |
2 KB |
| 5 |
prismamedia.com
5 redirects
prisma-tr.prismamedia.com — Cisco Umbrella Rank: 165158 |
2 KB |
| 4 |
doubleclick.net
4 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 205 |
2 KB |
| 3 |
adnxs.com
3 redirects
ib.adnxs.com — Cisco Umbrella Rank: 203 |
3 KB |
| 2 |
prismaconnect.fr
2 redirects
api.prismaconnect.fr — Cisco Umbrella Rank: 179134 www.prismaconnect.fr Failed |
4 KB |
| 2 |
sddan.com
js.sddan.com — Cisco Umbrella Rank: 35568 |
1 KB |
| 2 |
weborama.fr
2 redirects
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12008 |
679 B |
| 2 |
adleadevent.com
notify.adleadevent.com — Cisco Umbrella Rank: 528892 |
1 KB |
| 2 |
easydmp.net
asset.easydmp.net — Cisco Umbrella Rank: 45355 |
2 KB |
| 2 |
ivitrack.com
ipm.ivitrack.com |
786 B |
| 2 |
gentside.com
2 redirects
ipe.gentside.com |
743 B |
| 1 |
stickyadstv.com
1 redirects
ads.stickyadstv.com |
629 B |
| 20 | 15 |
| Domain | Requested by | |
|---|---|---|
| 8 | er.cloud-media.fr |
4 redirects
redirect.gentside-news.fr
|
| 5 | cookie-matching.mediarithmics.com | 3 redirects |
| 5 | prisma-tr.prismamedia.com | 5 redirects |
| 4 | cm.g.doubleclick.net | 4 redirects |
| 4 | ejp.rlcdn.com | 4 redirects |
| 3 | ib.adnxs.com | 3 redirects |
| 2 | api.prismaconnect.fr | 2 redirects |
| 2 | js.sddan.com | |
| 2 | sir.gentside-news.fr | 2 redirects |
| 2 | redirect.frontend.weborama.fr | 2 redirects |
| 2 | notify.adleadevent.com |
redirect.gentside-news.fr
|
| 2 | ntf.gentside-news.fr | 2 redirects |
| 2 | asset.easydmp.net |
redirect.gentside-news.fr
|
| 2 | ipm.ivitrack.com |
redirect.gentside-news.fr
|
| 2 | ipe.gentside.com | 2 redirects |
| 2 | idsync.rlcdn.com | |
| 2 | redirect.gentside-news.fr |
redirect.gentside-news.fr
|
| 1 | ads.stickyadstv.com | 1 redirects |
| 1 | alert.gentside-news.fr | |
| 0 | www.prismaconnect.fr Failed |
redirect.gentside-news.fr
|
| 20 | 20 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| alert.gentside-news.fr R3 |
2023-02-16 - 2023-05-17 |
3 months | crt.sh |
| redirect.gentside-news.fr GTS CA 1D4 |
2023-01-31 - 2023-05-01 |
3 months | crt.sh |
| asset.cpdcsn.com R3 |
2023-01-20 - 2023-04-20 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://www.prismaconnect.fr/presentation/
Frame ID: 780C108BC330B5262EE0834FCB199157
Requests: 20 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://alert.gentside-news.fr/l2/7g4ejO18H17/74679/730860493.html Page URL
- https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf17623... Page URL
-
https://api.prismaconnect.fr/prd/login/action-token?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjI...
HTTP 302
https://api.prismaconnect.fr/prd/login/multi-connect?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij... HTTP 302
https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?rt=1676581128&rh=0e3e43c539d2290... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://alert.gentside-news.fr/l2/7g4ejO18H17/74679/730860493.html Page URL
- https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=27519da3&d=20230216&pk=&cl=1&n=18&l=o&u=https%3A%2F%2Fwww.prismaconnect.fr%2Fpresentation%2F Page URL
-
https://api.prismaconnect.fr/prd/login/action-token?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjIxYzI2ZjA3OWQ2YWY2OWNmYjMwYjNmZWYwMjg5MjIzYjU4Yzk1YjMifQ.eyJhY3Rpb25zIjpbIkFVVE9MT0dJTl9OTCJdLCJ1c2VySWQiOiI2ODc4NDg4Yy0wYzMyLTQ1YTgtYTJkMi00Njg2ZWMwOTk0YzQiLCJ1bmlxIjoibGU3bDQ2OHkiLCJleHAiOjE2NzY4NDAzMjgsImlhdCI6MTY3NjU4MTEyOH0.iVg4l4p6lj-0vjRLeO6p3oZWMD_Tl1pXuk43t8yEpalmrS9l7vZ_RnpU5kfSSw6zc5ceilKY_D7uyijAST5aDE-y3Hp3vVdz7Hq8xUB0_nWot2EJtzDoT5YqSqFdvXkcWrMgQ5ocu3Hb3TqsIcvoBxvyoaUlFB0qYWw8-_wLN-lBygYxldCMRFF1l2sKwT88EeUOWWYrwpq-GzngEwp77sq1REsHZiDuHrCyH7pB0T7Awm6cTyGLTKvLmDRr1jVaqsrGVcHfSXPZb6mpFm0e92VfhHWI0wy8pMsUrqKnAJcxBulkDQ0JkZxoKOu69mmZNZ8Ofg0OI1cQ72R3K0RoCg&autoLoginNL=true&callbackUrl=https%3A%2F%2Fredirect.gentside-news.fr%2FP-0-4b00552d77e2d110476fc20cd828bb6b-0-222%2F%3Frt%3D1676581128%26rh%3D0e3e43c539d229095d5411edc073774833e91c47a82ec85a39759a513a7ed551%26sid%3D63ee99087de21%26sh%3D79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d%26et%3D829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba%26lh%3D27519da3%26d%3D20230216%26pk%3D%26cl%3D1%26n%3D18%26l%3Do%26u%3Dhttps%253A%252F%252Fwww.prismaconnect.fr%252Fpresentation%252F&signupService=PMC_NEWSLETTERS_NEWSLETTER-AUTOLOGIN_NL-PMC_TRAFIC-NL&fake=fake
HTTP 302
https://api.prismaconnect.fr/prd/login/multi-connect?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjIxYzI2ZjA3OWQ2YWY2OWNmYjMwYjNmZWYwMjg5MjIzYjU4Yzk1YjMifQ.eyJyb2xlcyI6WyJBVVRPTE9HSU5fTkwiLCJBVVRPTE9HSU5fTkwiXSwidWlkIjoiZjlmNmRkMDEtNTRlYS00ZDM4LTkwM2MtMzQ2NTExNGFmMjk0IiwicmVmcmVzaFRva2VuSWQiOiJkZDU5MWYzMTkwYTYzZWU1N2RhMzE5YTQ3OWM4NjMwZSIsInVzZXJJZCI6IjY4Nzg0ODhjLTBjMzItNDVhOC1hMmQyLTQ2ODZlYzA5OTRjNCIsImFjdGlvbnMiOlsiQVVUT0xPR0lOX05MIiwiTVVMVElfQ09OTkVDVCJdLCJ1bmlxIjoibGU3bDQ2bGQiLCJleHAiOjE2NzY1ODEyNDksImlhdCI6MTY3NjU4MTEyOX0.4i3M56j8AFflvWjIjgRKJ-ffHBQXIlO3z4OfKF9Rc5Ag0vGWTCXxJSD3NzVVYHigqqkmc1GM9FB7fd9Q3Ml50gRGGgdJUinfu6IY7uCYGdvYT28PWZaaXARCVGbGGQnOrAY9NMxbYUGX4bkSa6Mi7FLx6STATR8-QvJ9BTk75015pRAWEoq50ZTfK-BidDEkRSxiQ3ZAjWygqb3fRy2E3iSJNqomNPkECW_UsHPgkO9iNN5_jhz_gz3J1NHpJfcwkiD3us6Rf9LeuXbUOHagU44aXI7XQLv76eZgWqqb8DyJGV2eLJpf61zm51fwQd7e5fFipcYGNXDK6fHkfvrYmA&callbackUrl=https%3A%2F%2Fredirect.gentside-news.fr%2FP-0-4b00552d77e2d110476fc20cd828bb6b-0-222%2F%3Frt%3D1676581128%26rh%3D0e3e43c539d229095d5411edc073774833e91c47a82ec85a39759a513a7ed551%26sid%3D63ee99087de21%26sh%3D79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d%26et%3D829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba%26lh%3D27519da3%26d%3D20230216%26pk%3D%26cl%3D1%26n%3D18%26l%3Do%26u%3Dhttps%253A%252F%252Fwww.prismaconnect.fr%252Fpresentation%252F HTTP 302
https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?rt=1676581128&rh=0e3e43c539d229095d5411edc073774833e91c47a82ec85a39759a513a7ed551&sid=63ee99087de21&sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=27519da3&d=20230216&pk=&cl=1&n=18&l=o&u=https%3A%2F%2Fwww.prismaconnect.fr%2Fpresentation%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://ejp.rlcdn.com/468466.gif?m=4b00552d77e2d110476fc20cd828bb6b&n=1 HTTP 307
- https://ejp.rlcdn.com/1000.gif?memo=CPLLHBIsCiYIBBAAGiA0YjAwNTUyZDc3ZTJkMTEwNDc2ZmMyMGNkODI4YmI2YhD6_CEaDQiIsrqfBhIFCOgHEABCAEoA HTTP 307
- https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
- https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJhEI7xlc4LK6l2wWJnkczk&google_cver=1
- https://ipe.gentside.com/t/57c8004b1021c2c579d0139e/touch.gif?n=5cab70645ed951b4980bcd68&h=4b00552d77e2d110476fc20cd828bb6b HTTP 302
- https://ipm.ivitrack.com/edito/click?h=4b00552d77e2d110476fc20cd828bb6b&n=5cab70645ed951b4980bcd68&o=57c8004b1021c2c579d0139e&orig=programmatic
- https://er.cloud-media.fr/r/4b00552d77e2d110476fc20cd828bb6b/14561f47-7dda-4bd1-ac54-ce85699b8296 HTTP 302
- https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/14561f47-7dda-4bd1-ac54-ce85699b8296
- https://er.cloud-media.fr/r/4b00552d77e2d110476fc20cd828bb6b/55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3 HTTP 302
- https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3
- https://ntf.gentside-news.fr/adtckrtg.gif?ids=2422&s=2501&hash=4b00552d77e2d110476fc20cd828bb6b&hash256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d HTTP 301
- https://notify.adleadevent.com/adtckrtg.gif?ids=2422&s=2501&hash=4b00552d77e2d110476fc20cd828bb6b&hash256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
- https://prisma-tr.prismamedia.com/v1/touches/pixel?$ev=$email_click&$dat_token=gpm-v2&$email_hash=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&brand=GEN&thematic=gentside_voyage_nl HTTP 303
- https://prisma-tr.prismamedia.com/v1/check_cookie/pixel?$chk=0989d92b-c33c-4614-bc3f-fcb3605a69d5&$etid=&$stgid=fcc68c36-0240-4dc7-a763-821de9e7956c&$fmt=px&$dat_token=gpm-v2&$site_token&$gdpr_consent&$gdpr HTTP 303
- https://prisma-tr.prismamedia.com/v1/update_mapping/pixel?$etid=&$stgid=fcc68c36-0240-4dc7-a763-821de9e7956c&$fmt=px&$dat_token=gpm-v2&$site_token&$gdpr_consent&$gdpr HTTP 303
- https://cookie-matching.mediarithmics.com/v1/get_or_create?etid=&domid=1035&$stgid=fcc68c36-0240-4dc7-a763-821de9e7956c&$fmt=px&$dat_token=gpm-v2 HTTP 303
- https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=fcc68c36-0240-4dc7-a763-821de9e7956c&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=fcc68c36-0240-4dc7-a763-821de9e7956c&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx&google_tc= HTTP 302
- https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=fcc68c36-0240-4dc7-a763-821de9e7956c&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx&google_gid=CAESEAMJrDsAjcVBZ-1uLcvfOS4&google_cver=1 HTTP 303
- https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEAMJrDsAjcVBZ-1uLcvfOS4&$dat_token=gpm-v2&$fmt=px&$stgid=fcc68c36-0240-4dc7-a763-821de9e7956c&action=GET_ID&etid=&domid=1035 HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEAMJrDsAjcVBZ-1uLcvfOS4%26%24dat_token%3Dgpm-v2%26%24fmt%3Dpx%26%24stgid%3Dfcc68c36-0240-4dc7-a763-821de9e7956c%26action%3DGET_ID%26etid%3D%26domid%3D1035 HTTP 302
- https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1182195377762930150&opid=apx&ops=&utidl=tech:goo:CAESEAMJrDsAjcVBZ-1uLcvfOS4&$dat_token=gpm-v2&$fmt=px&$stgid=fcc68c36-0240-4dc7-a763-821de9e7956c&action=GET_ID&etid=&domid=1035 HTTP 303
- https://prisma-tr.prismamedia.com/v1/set_id?vid=vec%3A32584792582<s=1676581129182&uaid=&sig=4a363a599fc402427934899140c6a2eb72b3c363&d=false&$dat_token=gpm-v2&$fmt=px&$stgid=fcc68c36-0240-4dc7-a763-821de9e7956c HTTP 303
- https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fcookie-matching.mediarithmics.com%2Fv1%2Fset_user_agent_id_mapping%3Fdom_token%3Dwebo18%26identifier%3D%7BWEBO_CID%7D HTTP 307
- https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fcookie-matching.mediarithmics.com%2Fv1%2Fset_user_agent_id_mapping%3Fdom_token%3Dwebo18%26identifier%3D%7BWEBO_CID%7D&bounce=1&random=1562903420 HTTP 302
- https://cookie-matching.mediarithmics.com/v1/set_user_agent_id_mapping?dom_token=webo18&identifier=.Ri7JVIpSrxnncjUecsiJ.
- https://sir.gentside-news.fr/HDM.d?pa=22594&si=13&hd_m=4b00552d77e2d110476fc20cd828bb6b&hd_s256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d HTTP 301
- https://js.sddan.com/HDM.d?pa=22594&si=13&hd_m=4b00552d77e2d110476fc20cd828bb6b&hd_s256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
- https://ejp.rlcdn.com/468466.gif?m=4b00552d77e2d110476fc20cd828bb6b&n=1 HTTP 307
- https://ejp.rlcdn.com/1000.gif?memo=CPLLHBIsCiYIBBAAGiA0YjAwNTUyZDc3ZTJkMTEwNDc2ZmMyMGNkODI4YmI2YhD6_CEaDQiLsrqfBhIFCOgHEABCAEoA HTTP 307
- https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
- https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1182195377762930150
- https://ipe.gentside.com/t/57c8004b1021c2c579d0139e/touch.gif?n=5cab70645ed951b4980bcd68&h=4b00552d77e2d110476fc20cd828bb6b HTTP 302
- https://ipm.ivitrack.com/edito/click?h=4b00552d77e2d110476fc20cd828bb6b&n=5cab70645ed951b4980bcd68&o=57c8004b1021c2c579d0139e&orig=programmatic
- https://er.cloud-media.fr/r/4b00552d77e2d110476fc20cd828bb6b/14561f47-7dda-4bd1-ac54-ce85699b8296 HTTP 302
- https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/14561f47-7dda-4bd1-ac54-ce85699b8296
- https://er.cloud-media.fr/r/4b00552d77e2d110476fc20cd828bb6b/55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3 HTTP 302
- https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3
- https://ntf.gentside-news.fr/adtckrtg.gif?ids=2422&s=2501&hash=4b00552d77e2d110476fc20cd828bb6b&hash256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d HTTP 301
- https://notify.adleadevent.com/adtckrtg.gif?ids=2422&s=2501&hash=4b00552d77e2d110476fc20cd828bb6b&hash256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
- https://prisma-tr.prismamedia.com/v1/touches/pixel?$ev=$email_click&$dat_token=gpm-v2&$email_hash=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&brand=GEN&thematic=gentside_voyage_nl HTTP 303
- https://ads.stickyadstv.com/data-registering?dataProviderId=1265&redirectId=1649 HTTP 302
- https://cookie-matching.mediarithmics.com/v1/set_user_agent_id_mapping?dom_token=freewh17&identifier=b071b6bc3fba234994c7c088ff9f7c
- https://sir.gentside-news.fr/HDM.d?pa=22594&si=13&hd_m=4b00552d77e2d110476fc20cd828bb6b&hd_s256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d HTTP 301
- https://js.sddan.com/HDM.d?pa=22594&si=13&hd_m=4b00552d77e2d110476fc20cd828bb6b&hd_s256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
20 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
730860493.html
alert.gentside-news.fr/l2/7g4ejO18H17/74679/ |
392 B 742 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
362358.gif
idsync.rlcdn.com/ Redirect Chain
|
42 B 209 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
click
ipm.ivitrack.com/edito/ Redirect Chain
|
42 B 487 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
collect_v2.img.php
asset.easydmp.net/ |
43 B 873 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
14561f47-7dda-4bd1-ac54-ce85699b8296
er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/ Redirect Chain
|
35 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3
er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/ Redirect Chain
|
35 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adtckrtg.gif
notify.adleadevent.com/ Redirect Chain
|
43 B 724 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
set_user_agent_id_mapping
cookie-matching.mediarithmics.com/v1/ Redirect Chain
|
70 B 179 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HDM.d
js.sddan.com/ Redirect Chain
|
42 B 603 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/ Redirect Chain
|
2 KB 994 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
52154.gif
idsync.rlcdn.com/ Redirect Chain
|
42 B 59 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
click
ipm.ivitrack.com/edito/ Redirect Chain
|
42 B 299 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
collect_v2.img.php
asset.easydmp.net/ |
43 B 867 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
14561f47-7dda-4bd1-ac54-ce85699b8296
er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/ Redirect Chain
|
35 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3
er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/ Redirect Chain
|
35 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adtckrtg.gif
notify.adleadevent.com/ Redirect Chain
|
43 B 347 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
set_user_agent_id_mapping
cookie-matching.mediarithmics.com/v1/ Redirect Chain
|
70 B 179 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HDM.d
js.sddan.com/ Redirect Chain
|
42 B 603 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
www.prismaconnect.fr/presentation/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.prismaconnect.fr
- URL
- https://www.prismaconnect.fr/presentation/
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange22 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .prismamedia.com/ | Name: chk Value: 0989d92b-c33c-4614-bc3f-fcb3605a69d5 |
|
| ipe.gentside.com/ | Name: ivid_dev Value: c30667ff-d0a9-4b5b-beef-0273db94e883 |
|
| ipe.gentside.com/ | Name: ivid_emh Value: 4b00552d77e2d110476fc20cd828bb6b |
|
| .rlcdn.com/ | Name: pxrc Value: CIiyup8GEgUI6AcQABIGCLrqARAA |
|
| .easydmp.net/ | Name: livraison Value: 000000000000000002%3As%3A0%3AeJwFwV1PglAYAODz8iWJnmycUnF01qzbLmxzXTWiMEWGZ3woGsPZ3NJKw8Qa2eqv9zye1yGlpXyEP79mW3rM3UpRkeV364xlMKBplWwaFf6iSx%2B4EDuxgmkSTGw0rZuy9NMgBfAXBmfP8%2Beta4i9oIwmuXqdiWvlbJGasB9X7FyzwCs5gnPwKIIZCH9tKdGG5916vLRaFrhP7y83RYJ1HCXlprraiJlE0ewE9gwJl7oFYaHP16ATgcFCY1ojOExPCeLZivBaO2996FV%2F4Pe5K81%2F3Y126pCb36PfiB99k%2FgwRD3UfJMNV%2FkHC0QyLQ%3D%3D%3B |
|
| .ivitrack.com/ | Name: id Value: b3ff81c8-aaad-4134-b3d4-3c228b768bdf |
|
| .ivitrack.com/ | Name: ivid Value: 4b00552d77e2d110476fc20cd828bb6b |
|
| .cloud-media.fr/ | Name: l_id Value: 4b00552d77e2d110476fc20cd828bb6b |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUl5aLbqo5e_gK0Kjyz5l_lcbNECDKLGiLvyziRC9f1s0TuZqO_My9QbJNc3Ja8 |
|
| .adleadevent.com/ | Name: adtrck_st[2422] Value: eyJpZHMiOjI0MjIsInMiOiIyNTAxIiwiaGFzaCI6IjRiMDA1NTJkNzdlMmQxMTA0NzZmYzIwY2Q4MjhiYjZiIiwiaGFzaDI1NiI6Ijc5ZDkxZmViYjczYjg3ZTMzZTcwMDJiZjE3NjIzNjZmMDNlMjYwZGI0Y2Y2Zjk3ZDA1ZjcwMGFiNGI3NTRkNmQiLCJjcmVhdGVkIjoiMjAyMy0wMi0xNiAyMDo1ODo0OSIsImlkY3RyIjoxfQ%3D%3D |
|
| .prismaconnect.fr/ | Name: x-pmc-ping Value: {"message":true,"_user":{"id":"fb6a6e30347862740aa793dddbff9957e4b1eeec956a3d7785f50e5e3d171b0b"},"_roles":["AUTOLOGIN_NL","AUTOLOGIN_NL"]} |
|
| .prismaconnect.fr/ | Name: x-pmc-jwt-refresh Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImYyMTgzMDEzMmMyNjBkYWNhY2I4OTBjY2E2ZjYzNjg4ZTZmYWVhZjYifQ.eyJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xMDAgU2FmYXJpLzUzNy4zNiIsInJvbGVzIjpbIkFVVE9MT0dJTl9OTCIsIkFVVE9MT0dJTl9OTCJdLCJ1aWQiOiJmOWY2ZGQwMS01NGVhLTRkMzgtOTAzYy0zNDY1MTE0YWYyOTQiLCJ0eXBlIjoiUmVmcmVzaCIsImlkIjoiNjg3ODQ4OGMtMGMzMi00NWE4LWEyZDItNDY4NmVjMDk5NGM0IiwiZXhwIjoxNjkyMzQ5MTI5LCJpYXQiOjE2NzY1ODExMjl9.VHkVwmCJl11jWefbpPghmiNIdW2Z4R14oecwr4UAPD69vrQ1CcmPhZfYydlOfkeMPbuZ_bU0UVWnFCcmkm14zcPSAbNjjJvncPw-c3tWDpnipQ6HJLMz23Y9y6cpmAFgQKVFNkxMo0AFIaTKe79NKglGKrih6KcF95R5B4C0mXwCNB_hI-6N4goRPnSRS1yKflcfZ6I3hzaVLiGHDSism2A6DY-AWU6wIwaXR920e3IgbeiFFdxfe5t8tARZbiX8l2Lf09NUnqIAj3hRnNOxEMj_8lunaWO-Tb67dIXlriTy4UwWMTPz34uTuJOVo4Flk-OwIVjL4SpOpbL55Houcw |
|
| .prismaconnect.fr/ | Name: x-pmc-jwt Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImYyMTgzMDEzMmMyNjBkYWNhY2I4OTBjY2E2ZjYzNjg4ZTZmYWVhZjYifQ.eyJyb2xlcyI6WyJBVVRPTE9HSU5fTkwiLCJBVVRPTE9HSU5fTkwiXSwidWlkIjoiZjlmNmRkMDEtNTRlYS00ZDM4LTkwM2MtMzQ2NTExNGFmMjk0IiwidHlwZSI6IkFjY2VzcyIsImlkIjoiNjg3ODQ4OGMtMGMzMi00NWE4LWEyZDItNDY4NmVjMDk5NGM0IiwiZXhwIjoxNjc2NTgxNzI5LCJpYXQiOjE2NzY1ODExMjl9.xCvo0N6is-yyBNNmlpRSTIX5LAqA4pZlF59X7OTG8lrfWOtTwTHJXe_kfJd5FyeunQoYNLbRCBPdgnmuApvDljLimc-6hyKJM8Y8270nj-PQtB3AbZ8iZxsnl22Qyki3bEc_A7Qnduki_L5ASwfAFIW6QQRgHKuuEVcZx-pOdmTV9g2QKVxO7jZ_JWt5QJF9OSqF_72yUnnvvgqGztcHlTW8xL9KbTtAcxK0A35H5fnPw0BeOrWaheqB0c3_KVFomUdAuQ9M1P8MHGmMUf1Kvozwd_cBv8gFTf_VohSKa9oNSZ4vcnz5p0A-pwkVGkvVPbQYLcrImU49gV7L2CQivA |
|
| .adnxs.com/ | Name: uuid2 Value: 1182195377762930150 |
|
| .mediarithmics.com/ | Name: mics_vid Value: 32584792582 |
|
| .mediarithmics.com/ | Name: mics_uaid Value: web:1:efa564d1-c5dc-4adc-9c05-c96b4ed85453 |
|
| .mediarithmics.com/ | Name: mics_lts Value: 1676581129182 |
|
| .prismamedia.com/ | Name: mics_uaid Value: web:1035:2ad539ac-e683-47ce-9923-afd82c74c095 |
|
| .prismamedia.com/ | Name: uid Value: 2ad539ac-e683-47ce-9923-afd82c74c095 |
|
| .prismamedia.com/ | Name: mics_vid Value: 32584792582 |
|
| .prismamedia.com/ | Name: mics_lts Value: 1676581129182 |
|
| .weborama.fr/ | Name: AFFICHE_W Value: ByLXJQLlV0cH41 |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.stickyadstv.com
alert.gentside-news.fr
api.prismaconnect.fr
asset.easydmp.net
cm.g.doubleclick.net
cookie-matching.mediarithmics.com
ejp.rlcdn.com
er.cloud-media.fr
ib.adnxs.com
idsync.rlcdn.com
ipe.gentside.com
ipm.ivitrack.com
js.sddan.com
notify.adleadevent.com
ntf.gentside-news.fr
prisma-tr.prismamedia.com
redirect.frontend.weborama.fr
redirect.gentside-news.fr
sir.gentside-news.fr
www.prismaconnect.fr
www.prismaconnect.fr
104.87.134.7
142.250.180.226
185.89.211.12
2.18.79.139
2001:41d0:301:100:145:239:193:53
212.129.3.112
2a00:1450:4001:800::2013
34.117.157.22
34.140.227.143
34.250.124.187
35.190.24.218
35.244.174.68
51.158.29.13
54.194.46.76
54.229.131.110
54.36.150.180
91.190.170.12
45be0c99a8b287fd467cc02208d796ffe8db090cb46635881db00934e83189b8
7bde020a7a05ab5a797f23da7f560a538e477442614d63898633618242ea70db
8429c9293a00f46ba44e2eea4ed78745a64f31d6f1bdeb33c46a1d5836652276
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda