urlscan.io logo urlscan.io
SecurityTrails logo

redirect.giami.fr Open in urlscan Pro
2a00:1450:4001:81e::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://turiqeri.com/rnd/right?dvkn=cPmW1jL0LFhnFCc7Kb7Oyg==
Effective URL: https://redirect.giami.fr/
Submission: On February 28 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 10 HTTP transactions. The main IP is 2a00:1450:4001:81e::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is redirect.giami.fr.
TLS certificate: Issued by GTS CA 1D2 on February 26th 2020. Valid for: 3 months.
This is the only time redirect.giami.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 3.226.8.132 14618 (AMAZON-AES)
1 104.26.0.38 13335 (CLOUDFLAR...)
1 1 52.3.105.152 14618 (AMAZON-AES)
1 2 3.226.77.126 14618 (AMAZON-AES)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.190.50.89 15169 (GOOGLE)
10 8
1    2606:4700:20::681a:224 (United States)

ASN13335 (CLOUDFLARENET, US)
turiqeri.com
1    3.226.8.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-8-132.compute-1.amazonaws.com
sondagty.com
1    104.26.0.38 (United States)

ASN13335 (CLOUDFLARENET, US)
essipee.com
1    52.3.105.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-105-152.compute-1.amazonaws.com
estepifra.com
2    3.226.77.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-77-126.compute-1.amazonaws.com
getad.xyz
3    2a00:1450:4001:81e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirect.giami.fr
2    2a00:1450:4001:820::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
1    2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4.bp.blogspot.com
1    2a00:1450:4001:816::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
resources.blogblog.com
1    35.190.50.89 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 89.50.190.35.bc.googleusercontent.com
www.predictivdisplay.com
Domain Requested by
3 redirect.giami.fr 1 redirects getad.xyz
redirect.giami.fr
2 www.blogger.com redirect.giami.fr
2 getad.xyz 1 redirects essipee.com
1 www.predictivdisplay.com turiqeri.com
1 resources.blogblog.com redirect.giami.fr
1 4.bp.blogspot.com redirect.giami.fr
1 estepifra.com 1 redirects
1 essipee.com turiqeri.com
1 sondagty.com 1 redirects
1 turiqeri.com
10 10

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-17 -
2020-10-09		 8 months crt.sh
redirect.giami.fr
GTS CA 1D2		 2020-02-26 -
2020-05-26		 3 months crt.sh
*.blogger.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh

This page contains 1 frames:

Frame: http://www.predictivdisplay.com/jump/next.php?r=2454059&sub1=4
Frame ID: D6313312C2124D44D4B64AE5202A7D14
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://turiqeri.com/rnd/right?dvkn=cPmW1jL0LFhnFCc7Kb7Oyg== Page URL
  2. http://sondagty.com/0--6781264_371?adTagId=1d1eb730-60ff-11e9-aea3-0a15cb739170&cpm=&fallbackUrl... HTTP 302
    https://essipee.com/dyn/mai/228?clickid=edd88e80-59d5-11ea-91a0-124a143baa61 Page URL
  3. http://estepifra.com/0--hggasasfalb?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.01&fallbac... HTTP 302
    http://getad.xyz/go/216668/498903?clickid=ee1f0d62-59d5-11ea-af8d-0ad3b3a04467 Page URL
  4. http://getad.xyz/ad/ad?p=216668&w=498903&t=8bea4f8ee2ec0347&r=aHR0cHMlM0ElMkYlMkZlc3NpcGVlLmN... HTTP 303
    http://redirect.giami.fr/ HTTP 301
    https://redirect.giami.fr/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

10
Requests

70 %
HTTPS

50 %
IPv6

10
Domains

10
Subdomains

8
IPs

2
Countries

76 kB
Transfer

236 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://turiqeri.com/rnd/right?dvkn=cPmW1jL0LFhnFCc7Kb7Oyg== Page URL
  2. http://sondagty.com/0--6781264_371?adTagId=1d1eb730-60ff-11e9-aea3-0a15cb739170&cpm=&fallbackUrl=https%3A%2F%2Fessipee.com%2Fdyn%2Fmai%2F228 HTTP 302
    https://essipee.com/dyn/mai/228?clickid=edd88e80-59d5-11ea-91a0-124a143baa61 Page URL
  3. http://estepifra.com/0--hggasasfalb?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.01&fallbackUrl=http%3A%2F%2Fgetad.xyz%2Fgo%2F216668%2F498903 HTTP 302
    http://getad.xyz/go/216668/498903?clickid=ee1f0d62-59d5-11ea-af8d-0ad3b3a04467 Page URL
  4. http://getad.xyz/ad/ad?p=216668&w=498903&t=8bea4f8ee2ec0347&r=aHR0cHMlM0ElMkYlMkZlc3NpcGVlLmNvbSUyRg==&vw=1600&vh=1200 HTTP 303
    http://redirect.giami.fr/ HTTP 301
    https://redirect.giami.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://sondagty.com/0--6781264_371?adTagId=1d1eb730-60ff-11e9-aea3-0a15cb739170&cpm=&fallbackUrl=https%3A%2F%2Fessipee.com%2Fdyn%2Fmai%2F228 HTTP 302
  • https://essipee.com/dyn/mai/228?clickid=edd88e80-59d5-11ea-91a0-124a143baa61
Request Chain 2
  • http://estepifra.com/0--hggasasfalb?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.01&fallbackUrl=http%3A%2F%2Fgetad.xyz%2Fgo%2F216668%2F498903 HTTP 302
  • http://getad.xyz/go/216668/498903?clickid=ee1f0d62-59d5-11ea-af8d-0ad3b3a04467

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set right
turiqeri.com/rnd/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://turiqeri.com/rnd/right?dvkn=cPmW1jL0LFhnFCc7Kb7Oyg==
Protocol
HTTP/1.1
Server
2606:4700:20::681a:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb0450139535ea30d544ca1630cdd58de3e2f890c72e2fa0dd6ec0ec2a7b2b6

Request headers

Host
turiqeri.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 02:56:33 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d4406c7ea24caba4a859b335cb16783211582858593; expires=Sun, 29-Mar-20 02:56:33 GMT; path=/; domain=.turiqeri.com; HttpOnly; SameSite=Lax
Referrer-Policy
origin
Cache-control
no-store, no-cache
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
56bf2044386ddfa9-FRA
Content-Encoding
gzip
228
essipee.com/dyn/mai/
Redirect Chain
  • http://sondagty.com/0--6781264_371?adTagId=1d1eb730-60ff-11e9-aea3-0a15cb739170&cpm=&fallbackUrl=https%3A%2F%2Fessipee.com%2Fdyn%2Fmai%2F228
  • https://essipee.com/dyn/mai/228?clickid=edd88e80-59d5-11ea-91a0-124a143baa61
1 KB
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://essipee.com/dyn/mai/228?clickid=edd88e80-59d5-11ea-91a0-124a143baa61
Requested by
Host: turiqeri.com
URL: http://turiqeri.com/rnd/right?dvkn=cPmW1jL0LFhnFCc7Kb7Oyg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a13a9d8fcdeae41e8cc844e225cc7761d937611a3dd03fa6efac54f117d1c72

Request headers

:method
GET
:authority
essipee.com
:scheme
https
:path
/dyn/mai/228?clickid=edd88e80-59d5-11ea-91a0-124a143baa61
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://turiqeri.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://turiqeri.com/rnd/right?dvkn=cPmW1jL0LFhnFCc7Kb7Oyg==

Response headers

status
200
date
Fri, 28 Feb 2020 02:56:34 GMT
content-type
text/html;charset=ISO-8859-1
set-cookie
__cfduid=defc228662910d088b19a1311c880d4551582858594; expires=Sun, 29-Mar-20 02:56:34 GMT; path=/; domain=.essipee.com; HttpOnly; SameSite=Lax
cache-control
no-store, no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56bf20463a119c45-AMS
content-encoding
br

Redirect headers

Date
Fri, 28 Feb 2020 02:56:34 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Location
https://essipee.com/dyn/mai/228?clickid=edd88e80-59d5-11ea-91a0-124a143baa61
Server
ZeroPark-Traffic
498903
getad.xyz/go/216668/
Redirect Chain
  • http://estepifra.com/0--hggasasfalb?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.01&fallbackUrl=http%3A%2F%2Fgetad.xyz%2Fgo%2F216668%2F498903
  • http://getad.xyz/go/216668/498903?clickid=ee1f0d62-59d5-11ea-af8d-0ad3b3a04467
466 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
http://getad.xyz/go/216668/498903?clickid=ee1f0d62-59d5-11ea-af8d-0ad3b3a04467
Requested by
Host: essipee.com
URL: https://essipee.com/dyn/mai/228?clickid=edd88e80-59d5-11ea-91a0-124a143baa61
Protocol
HTTP/1.1
Server
3.226.77.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-77-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3e5f8b33d0a980a5da54b1d807ca12ab6f3bd232b386f1cc8cab5a1562591590

Request headers

Host
getad.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
https://essipee.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://essipee.com/dyn/mai/228?clickid=edd88e80-59d5-11ea-91a0-124a143baa61

Response headers

Date
Fri, 28 Feb 2020 02:56:34 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Date
Fri, 28 Feb 2020 02:56:34 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Location
http://getad.xyz/go/216668/498903?clickid=ee1f0d62-59d5-11ea-af8d-0ad3b3a04467
Server
ZeroPark-Traffic
Primary Request /
redirect.giami.fr/
Redirect Chain
  • http://getad.xyz/ad/ad?p=216668&w=498903&t=8bea4f8ee2ec0347&r=aHR0cHMlM0ElMkYlMkZlc3NpcGVlLmNvbSUyRg==&vw=1600&vh=1200
  • http://redirect.giami.fr/
  • https://redirect.giami.fr/
49 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.giami.fr/
Requested by
Host: getad.xyz
URL: http://getad.xyz/go/216668/498903?clickid=ee1f0d62-59d5-11ea-af8d-0ad3b3a04467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3cd9f5635c11e132af14372dcd784d395f48590d74b4e76857dbc79c5ab02791
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
redirect.giami.fr
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://getad.xyz/go/216668/498903?clickid=ee1f0d62-59d5-11ea-af8d-0ad3b3a04467
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://getad.xyz/go/216668/498903?clickid=ee1f0d62-59d5-11ea-af8d-0ad3b3a04467

Response headers

status
200
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
x-robots-tag
noindex, nofollow
content-type
text/html; charset=UTF-8
expires
Fri, 28 Feb 2020 02:56:35 GMT
date
Fri, 28 Feb 2020 02:56:35 GMT
cache-control
private, max-age=0
last-modified
Fri, 28 Feb 2020 00:58:04 GMT
etag
W/"49330e7d1ad85e07505a2b582171504057fc246d27fbaf0b1ff595620848cc3b"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9770
server
GSE

Redirect headers

X-Robots-Tag
noindex, nofollow
Location
https://redirect.giami.fr/
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Date
Fri, 28 Feb 2020 02:56:35 GMT
Expires
Fri, 28 Feb 2020 02:56:35 GMT
Cache-Control
private, max-age=0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self'
X-XSS-Protection
1; mode=block
Content-Length
174
Server
GSE
3597120983-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3597120983-css_bundle_v2.css
Requested by
Host: redirect.giami.fr
URL: https://redirect.giami.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://redirect.giami.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 24 Feb 2020 14:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Feb 2020 12:17:17 GMT
server
sffe
age
302773
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7979
x-xss-protection
0
expires
Tue, 23 Feb 2021 14:50:22 GMT
Untitled.jpg
4.bp.blogspot.com/-AIosjtVL6Aw/XkW2QX5XLUI/AAAAAAAAARM/dgrB0jzwdDQ9I1tsh6DiTxeFjrp_FKkZACK4BGAYYCw/s1600/ 		727 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-AIosjtVL6Aw/XkW2QX5XLUI/AAAAAAAAARM/dgrB0jzwdDQ9I1tsh6DiTxeFjrp_FKkZACK4BGAYYCw/s1600/Untitled.jpg
Requested by
Host: redirect.giami.fr
URL: https://redirect.giami.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a1a2b0d8164cc6c0cae4a0cead7d566097446b97f4acee3101d1c66f21c7c7e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 27 Feb 2020 23:06:45 GMT
x-content-type-options
nosniff
age
13790
status
200
content-disposition
inline;filename="Untitled.jpg"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
727
x-xss-protection
0
server
fife
etag
"v114"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 Feb 2020 14:17:09 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/ 		475 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: redirect.giami.fr
URL: https://redirect.giami.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 04:29:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 25 Feb 2020 17:25:31 GMT
server
sffe
age
167252
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
475
x-xss-protection
0
expires
Wed, 04 Mar 2020 04:29:03 GMT
cookienotice.js
redirect.giami.fr/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redirect.giami.fr/js/cookienotice.js
Requested by
Host: redirect.giami.fr
URL: https://redirect.giami.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 02:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 27 Feb 2020 23:38:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Fri, 06 Mar 2020 02:56:35 GMT
3236635003-widgets.js
www.blogger.com/static/v1/widgets/ 		140 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3236635003-widgets.js
Requested by
Host: redirect.giami.fr
URL: https://redirect.giami.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d766ec18d8c2f6f7ce42549b2926b1041f9c54acc748603a4652e4a47d1e375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 27 Feb 2020 09:50:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Feb 2020 23:58:33 GMT
server
sffe
age
61550
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
52800
x-xss-protection
0
expires
Fri, 26 Feb 2021 09:50:45 GMT
next.php
www.predictivdisplay.com/jump/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.predictivdisplay.com/jump/next.php?r=2454059&sub1=4
Requested by
Host: turiqeri.com
URL: http://turiqeri.com/rnd/right?dvkn=cPmW1jL0LFhnFCc7Kb7Oyg==
Protocol
HTTP/1.1
Server
35.190.50.89 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.50.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Host
www.predictivdisplay.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
openresty
Date
Fri, 28 Feb 2020 02:56:35 GMT
Access-Control-Allow-Origin
*
Referrer-Policy
no-referrer
Via
1.1 google

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| cookieChoices string| Language_code string| platform string| browser string| url_prepopped string| userLang string| codeLanguage

0 Cookies