urlscan.io logo urlscan.io
SecurityTrails logo

redirect.gentside-news.fr Open in urlscan Pro
2a00:1450:4001:800::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://alert.gentside-news.fr/l2/7g4ejO18H14/74679/730860493.html
Effective URL: https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d0...
Submission: On February 16 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 9 domains to perform 11 HTTP transactions. The main IP is 2a00:1450:4001:800::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is redirect.gentside-news.fr.
TLS certificate: Issued by GTS CA 1D4 on January 31st 2023. Valid for: 3 months.
This is the only time redirect.gentside-news.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 91.190.170.12 31688 (SPLIO-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 34.140.227.143 396982 (GOOGLE-CL...)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 2001:41d0:301... 16276 (OVH)
2 4 63.34.181.203 16509 (AMAZON-02)
1 1 51.158.28.82 12876 (Online SAS)
1 51.15.145.115 12876 (Online SAS)
1 2a03:2880:f22... 32934 (FACEBOOK)
11 8
1    91.190.170.12 (France)

ASN31688 (SPLIO-AS, FR)
PTR: s3s.fr
alert.gentside-news.fr
1    2a00:1450:4001:800::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirect.gentside-news.fr
1    34.140.227.143 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.227.140.34.bc.googleusercontent.com
ipe.gentside.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
ipm.ivitrack.com
1    2001:41d0:301:100:145:239:193:53 (France)

ASN16276 (OVH, FR)
asset.easydmp.net
4    63.34.181.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-181-203.eu-west-1.compute.amazonaws.com
er.cloud-media.fr
1    51.158.28.82 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-82.rev.poneytelecom.eu
sir.gentside-news.fr
1    51.15.145.115 (Noisy-le-Roi, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-115.rev.poneytelecom.eu
js.sddan.com
1    2a03:2880:f22d:e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
Apex Domain
Subdomains		 Transfer
4 cloud-media.fr
er.cloud-media.fr — Cisco Umbrella Rank: 291233
837 B
3 gentside-news.fr
alert.gentside-news.fr
redirect.gentside-news.fr
sir.gentside-news.fr
2 KB
1 instagram.com
www.instagram.com — Cisco Umbrella Rank: 1154
2 KB
1 sddan.com
js.sddan.com — Cisco Umbrella Rank: 35568
603 B
1 easydmp.net
asset.easydmp.net — Cisco Umbrella Rank: 45355
867 B
1 ivitrack.com
ipm.ivitrack.com
486 B
1 gentside.com
ipe.gentside.com
421 B
0 adleadevent.com Failed
notify.adleadevent.com Failed
0 doubleclick.net Failed
cm.g.doubleclick.net — Cisco Umbrella Rank: 205 Failed
11 9
Domain Requested by
4 er.cloud-media.fr 2 redirects
1 www.instagram.com redirect.gentside-news.fr
1 js.sddan.com
1 sir.gentside-news.fr 1 redirects
1 asset.easydmp.net redirect.gentside-news.fr
1 ipm.ivitrack.com
1 ipe.gentside.com 1 redirects
1 redirect.gentside-news.fr
1 alert.gentside-news.fr
0 notify.adleadevent.com Failed
0 cm.g.doubleclick.net Failed
11 11

This site contains no links.

Subject Issuer Validity Valid
alert.gentside-news.fr
R3		 2023-02-16 -
2023-05-17		 3 months crt.sh
redirect.gentside-news.fr
GTS CA 1D4		 2023-01-31 -
2023-05-01		 3 months crt.sh
asset.cpdcsn.com
R3		 2023-01-20 -
2023-04-20		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2022-11-26 -
2023-02-24		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.instagram.com/gentsidefr/
Frame ID: 48E324EE32A280F4A6672D54B8468971
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://alert.gentside-news.fr/l2/7g4ejO18H14/74679/730860493.html Page URL
  2. https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf17623... Page URL

Page Statistics

11
Requests

36 %
HTTPS

33 %
IPv6

9
Domains

11
Subdomains

8
IPs

5
Countries

7 kB
Transfer

3 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://alert.gentside-news.fr/l2/7g4ejO18H14/74679/730860493.html Page URL
  2. https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://ejp.rlcdn.com/468466.gif?m=4b00552d77e2d110476fc20cd828bb6b&n=1 HTTP 307
  • https://ejp.rlcdn.com/1000.gif?memo=CPLLHBIsCiYIBBAAGiA0YjAwNTUyZDc3ZTJkMTEwNDc2ZmMyMGNkODI4YmI2YhD6_CEaDQjRsbqfBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
Request Chain 2
  • https://ipe.gentside.com/t/57c8004b1021c2c579d0139e/touch.gif?n=5cab70645ed951b4980bcd68&h=4b00552d77e2d110476fc20cd828bb6b HTTP 302
  • https://ipm.ivitrack.com/edito/click?h=4b00552d77e2d110476fc20cd828bb6b&n=5cab70645ed951b4980bcd68&o=57c8004b1021c2c579d0139e&orig=programmatic
Request Chain 4
  • https://er.cloud-media.fr/r/4b00552d77e2d110476fc20cd828bb6b/14561f47-7dda-4bd1-ac54-ce85699b8296 HTTP 302
  • https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/14561f47-7dda-4bd1-ac54-ce85699b8296
Request Chain 5
  • https://er.cloud-media.fr/r/4b00552d77e2d110476fc20cd828bb6b/55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3 HTTP 302
  • https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3
Request Chain 6
  • https://ntf.gentside-news.fr/adtckrtg.gif?ids=2422&s=2501&hash=4b00552d77e2d110476fc20cd828bb6b&hash256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d HTTP 301
  • https://notify.adleadevent.com/adtckrtg.gif?ids=2422&s=2501&hash=4b00552d77e2d110476fc20cd828bb6b&hash256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
Request Chain 7
  • https://prisma-tr.prismamedia.com/v1/touches/pixel?$ev=$email_click&$dat_token=gpm-v2&$email_hash=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&brand=GEN&thematic=gentside_voyage_nl HTTP 303
  • https://prisma-tr.prismamedia.com/v1/check_cookie/pixel?$chk=de193f98-d1c7-4489-b365-9d83530e3ca7&$etid=&$stgid=8b42d730-d781-49e0-8ba0-0abd60b4ecdb&$fmt=px&$dat_token=gpm-v2&$site_token&$gdpr_consent&$gdpr HTTP 303
  • https://prisma-tr.prismamedia.com/v1/update_mapping/pixel?$etid=&$stgid=8b42d730-d781-49e0-8ba0-0abd60b4ecdb&$fmt=px&$dat_token=gpm-v2&$site_token&$gdpr_consent&$gdpr HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?etid=&domid=1035&$stgid=8b42d730-d781-49e0-8ba0-0abd60b4ecdb&$fmt=px&$dat_token=gpm-v2 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=8b42d730-d781-49e0-8ba0-0abd60b4ecdb&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=8b42d730-d781-49e0-8ba0-0abd60b4ecdb&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx&google_tc=
Request Chain 8
  • https://sir.gentside-news.fr/HDM.d?pa=22594&si=13&hd_m=4b00552d77e2d110476fc20cd828bb6b&hd_s256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d HTTP 301
  • https://js.sddan.com/HDM.d?pa=22594&si=13&hd_m=4b00552d77e2d110476fc20cd828bb6b&hd_s256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
730860493.html
alert.gentside-news.fr/l2/7g4ejO18H14/74679/ 		387 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://alert.gentside-news.fr/l2/7g4ejO18H14/74679/730860493.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Length
387
Content-Type
text/html
Date
Thu, 16 Feb 2023 20:57:52 GMT
Expires
Mon, 01 Jan 1990 00:00:00 GMT
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Pragma
no-cache
Server
Apache
X-Robots-Tag
noindex,nofollow
Primary Request /
redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
94afc521dcf875dcef4efb31262c1f9632405a5f63519df77282be84e046d279

Request headers

Referer
https://alert.gentside-news.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
859
content-type
text/html; charset=UTF-8
date
Thu, 16 Feb 2023 20:57:53 GMT
refresh
0.500000; url=https://www.instagram.com/gentsidefr/
server
Google Frontend
vary
Accept-Encoding
x-cloud-trace-context
208a905e58d6397b9eaada0ae4ba3aa7
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ejp.rlcdn.com/468466.gif?m=4b00552d77e2d110476fc20cd828bb6b&n=1
  • https://ejp.rlcdn.com/1000.gif?memo=CPLLHBIsCiYIBBAAGiA0YjAwNTUyZDc3ZTJkMTEwNDc2ZmMyMGNkODI4YmI2YhD6_CEaDQjRsbqfBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
0
0
click
ipm.ivitrack.com/edito/
Redirect Chain
  • https://ipe.gentside.com/t/57c8004b1021c2c579d0139e/touch.gif?n=5cab70645ed951b4980bcd68&h=4b00552d77e2d110476fc20cd828bb6b
  • https://ipm.ivitrack.com/edito/click?h=4b00552d77e2d110476fc20cd828bb6b&n=5cab70645ed951b4980bcd68&o=57c8004b1021c2c579d0139e&orig=programmatic
42 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipm.ivitrack.com/edito/click?h=4b00552d77e2d110476fc20cd828bb6b&n=5cab70645ed951b4980bcd68&o=57c8004b1021c2c579d0139e&orig=programmatic
Protocol
H2
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redirect.gentside-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 20:57:52 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://ipm.ivitrack.com/edito/click?h=4b00552d77e2d110476fc20cd828bb6b&n=5cab70645ed951b4980bcd68&o=57c8004b1021c2c579d0139e&orig=programmatic
date
Thu, 16 Feb 2023 20:57:53 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
x-ivi-hostname
programmatic-api-stable-54657f6b96-lvr8l
content-length
178
content-type
text/html; charset=utf-8
collect_v2.img.php
asset.easydmp.net/ 		43 B
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=1709&s=1709&m=4b00552d77e2d110476fc20cd828bb6b&email_sha256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
Requested by
Host: redirect.gentside-news.fr
URL: https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redirect.gentside-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Thu, 16 Feb 2023 20:57:53 GMT
Strict-Transport-Security
max-age=31536000
X-IPLB-Request-ID
00000000:8BD8_00000000:01BB_63EE98D1_702422:9981
X-IPLB-Instance
25257
Transfer-Encoding
chunked
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type
image/gif
Cache-Control
no-store, no-cache
14561f47-7dda-4bd1-ac54-ce85699b8296
er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/
Redirect Chain
  • https://er.cloud-media.fr/r/4b00552d77e2d110476fc20cd828bb6b/14561f47-7dda-4bd1-ac54-ce85699b8296
  • https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/14561f47-7dda-4bd1-ac54-ce85699b8296
35 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/14561f47-7dda-4bd1-ac54-ce85699b8296
Protocol
H2
Server
63.34.181.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-181-203.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redirect.gentside-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 20:57:53 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

location
https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/14561f47-7dda-4bd1-ac54-ce85699b8296
date
Thu, 16 Feb 2023 20:57:53 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
0
x-xss-protection
1; mode=block
content-type
text/html;charset=utf-8
55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3
er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/
Redirect Chain
  • https://er.cloud-media.fr/r/4b00552d77e2d110476fc20cd828bb6b/55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3
  • https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3
35 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3
Protocol
H2
Server
63.34.181.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-181-203.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redirect.gentside-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 20:57:53 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

location
https://er.cloud-media.fr/c/4b00552d77e2d110476fc20cd828bb6b/55e8ee6b-c8e6-4284-84d4-0f5b6e89fdb3
date
Thu, 16 Feb 2023 20:57:53 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
0
x-xss-protection
1; mode=block
content-type
text/html;charset=utf-8
adtckrtg.gif
notify.adleadevent.com/
Redirect Chain
  • https://ntf.gentside-news.fr/adtckrtg.gif?ids=2422&s=2501&hash=4b00552d77e2d110476fc20cd828bb6b&hash256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
  • https://notify.adleadevent.com/adtckrtg.gif?ids=2422&s=2501&hash=4b00552d77e2d110476fc20cd828bb6b&hash256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://prisma-tr.prismamedia.com/v1/touches/pixel?$ev=$email_click&$dat_token=gpm-v2&$email_hash=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&brand=GEN&thematic=gentside_voyage_nl
  • https://prisma-tr.prismamedia.com/v1/check_cookie/pixel?$chk=de193f98-d1c7-4489-b365-9d83530e3ca7&$etid=&$stgid=8b42d730-d781-49e0-8ba0-0abd60b4ecdb&$fmt=px&$dat_token=gpm-v2&$site_token&$gdpr_cons...
  • https://prisma-tr.prismamedia.com/v1/update_mapping/pixel?$etid=&$stgid=8b42d730-d781-49e0-8ba0-0abd60b4ecdb&$fmt=px&$dat_token=gpm-v2&$site_token&$gdpr_consent&$gdpr
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?etid=&domid=1035&$stgid=8b42d730-d781-49e0-8ba0-0abd60b4ecdb&$fmt=px&$dat_token=gpm-v2
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=8b42d730-d781-49e0-8ba0-0abd60b4ecdb&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=8b42d730-d781-49e0-8ba0-0abd60b4ecdb&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx&google_tc=
0
0
HDM.d
js.sddan.com/
Redirect Chain
  • https://sir.gentside-news.fr/HDM.d?pa=22594&si=13&hd_m=4b00552d77e2d110476fc20cd828bb6b&hd_s256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
  • https://js.sddan.com/HDM.d?pa=22594&si=13&hd_m=4b00552d77e2d110476fc20cd828bb6b&hd_s256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.sddan.com/HDM.d?pa=22594&si=13&hd_m=4b00552d77e2d110476fc20cd828bb6b&hd_s256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
Protocol
HTTP/1.1
Server
51.15.145.115 Noisy-le-Roi, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redirect.gentside-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Feb 2023 20:57:53 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
42
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location
https://js.sddan.com/HDM.d?pa=22594&si=13&hd_m=4b00552d77e2d110476fc20cd828bb6b&hd_s256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
Date
Thu, 16 Feb 2023 20:57:53 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
Connection
keep-alive
Content-Length
178
Content-Type
text/html
/
www.instagram.com/gentsidefr/ 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/gentsidefr/
Requested by
Host: redirect.gentside-news.fr
URL: https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com *.giphy.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://redirect.gentside-news.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com *.giphy.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
rollout
date
Thu, 16 Feb 2023 20:57:53 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-fb-debug
Tor2hf2hzyPhEKTWxrFDdrRQEn/NvPfsp8PgPpFsX1RfZpPOm7R+SjJqSIsXBo0YUQz4DEIPPi9BRlaBX4k43w==
x-fb-trip-id
1679558926
x-frame-options
DENY
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
Domain
notify.adleadevent.com
URL
https://notify.adleadevent.com/adtckrtg.gif?ids=2422&s=2501&hash=4b00552d77e2d110476fc20cd828bb6b&hash256=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=8b42d730-d781-49e0-8ba0-0abd60b4ecdb&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx&google_tc=

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

9 Cookies

Domain/Path Name / Value
.prismamedia.com/ Name: chk
Value: de193f98-d1c7-4489-b365-9d83530e3ca7
ipe.gentside.com/ Name: ivid_dev
Value: 8f621bc4-cf23-442a-ae6d-015f74542909
ipe.gentside.com/ Name: ivid_emh
Value: 4b00552d77e2d110476fc20cd828bb6b
.easydmp.net/ Name: livraison
Value: 000000000000000002%3As%3A0%3AeJwLCnIT4cnkEOQrK08slhdlcmSL5I8ucswoDqjl9JUvEBcplBZgVvWQd2cK5fOJ4eaTjwuJ8mKIl3TiYKuRFmFnDM5wYPJKqUwv9nNg9QzhZYiqFLYoYc3jVswocGKsjhTwqpRyZQzi8WH1ZIrmY3YJYJY2U%2BMXEdRxEYyMytT0CfJMrC6qD2ZkcAgO4ORTEbYoDdHj9A1LdAiuCWAK0fJyZghk82P2CHflC3MJY3Tj9BeMY9UXcA9hY7YRZvY21U9RlxdjlmXklQqS0qooDqjhiJBPdmWsDeUKr5B2lAxh8Wf14dBI8OOW9QEAsrAy1A%3D%3D%3B
.rlcdn.com/ Name: pxrc
Value: CNGxup8GEgUI6AcQABIGCLrqARAA
.ivitrack.com/ Name: id
Value: fcebc27c-7679-4fe3-a030-4c9415189116
.ivitrack.com/ Name: ivid
Value: 4b00552d77e2d110476fc20cd828bb6b
.cloud-media.fr/ Name: l_id
Value: 4b00552d77e2d110476fc20cd828bb6b
.doubleclick.net/ Name: IDE
Value: AHWqTUnhj4J5J-_knsz3wX1v4j8C54jnzk84qwjzxjrcDiY9xmU1SSyqYJvnfTZyAXo

5 Console Messages

Source Level URL
Text
security warning URL: https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F
Message:
Mixed Content: The page at 'https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F' was loaded over HTTPS, but requested an insecure element 'http://ejp.rlcdn.com/468466.gif?m=4b00552d77e2d110476fc20cd828bb6b&n=1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F
Message:
Mixed Content: The page at 'https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F' was loaded over HTTPS, but requested an insecure element 'http://ipe.gentside.com/t/57c8004b1021c2c579d0139e/touch.gif?n=5cab70645ed951b4980bcd68&h=4b00552d77e2d110476fc20cd828bb6b'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F(Line 25)
Message:
Mixed Content: The page at 'https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F' was loaded over HTTPS, but requested an insecure element 'http://ejp.rlcdn.com/468466.gif?m=4b00552d77e2d110476fc20cd828bb6b&n=1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F(Line 25)
Message:
Mixed Content: The page at 'https://redirect.gentside-news.fr/P-0-4b00552d77e2d110476fc20cd828bb6b-0-222/?sh=79d91febb73b87e33e7002bf1762366f03e260db4cf6f97d05f700ab4b754d6d&et=829918433763e9f27b2acfd8e743ab17390f14ece99680f2a0deb4c752eebeba&lh=9308405d&d=20230216&pk=&cl=1&n=15&l=o&u=https%3A%2F%2Fwww.instagram.com%2Fgentsidefr%2F' was loaded over HTTPS, but requested an insecure element 'http://ipe.gentside.com/t/57c8004b1021c2c579d0139e/touch.gif?n=5cab70645ed951b4980bcd68&h=4b00552d77e2d110476fc20cd828bb6b'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://www.instagram.com/gentsidefr/
Message:
Failed to load resource: the server responded with a status of 429 ()