urlscan.io logo urlscan.io
SecurityTrails logo

coolgiftforyou.life Open in urlscan Pro
5.188.178.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://memesicurezza.it/
Effective URL: https://coolgiftforyou.life/?u=ezrkte4&o=7khpypv&t=jp
Submission: On September 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 5.188.178.75, located in and belongs to . The main domain is coolgiftforyou.life.
TLS certificate: Issued by R3 on August 19th 2021. Valid for: 3 months.
This is the only time coolgiftforyou.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 104.21.77.251 13335 (CLOUDFLAR...)
1 104.18.10.207 13335 (CLOUDFLAR...)
6 206.189.240.188 14061 (DIGITALOC...)
2 5.188.178.75 ()
11 5
Domain Requested by
5 express-news.me memesicurezza.it
express-news.me
0.express-news.me
3 memesicurezza.it 1 redirects memesicurezza.it
2 coolgiftforyou.life 0.express-news.me
coolgiftforyou.life
1 0.express-news.me express-news.me
1 stackpath.bootstrapcdn.com memesicurezza.it
11 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-28 -
2022-09-27		 a year crt.sh
express-news.me
R3		 2021-08-04 -
2021-11-02		 3 months crt.sh
0.1music-online.me
R3		 2021-08-07 -
2021-11-05		 3 months crt.sh
coolgiftforyou.life
R3		 2021-08-19 -
2021-11-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://coolgiftforyou.life/?u=ezrkte4&o=7khpypv&t=jp
Frame ID: 3443DCC4AD12E3566BB51ED89ABC0A80
Requests: 12 HTTP requests in this frame

Frame: https://coolgiftforyou.life/media/mainstream/frame.html
Frame ID: 537F956E87EEC2E1536A8B6A9745E264
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://memesicurezza.it/ Page URL
  2. https://memesicurezza.it/ HTTP 302
    https://express-news.me/?p=heygizdcmm5gi3bpge2tkna Page URL
  3. https://0.express-news.me/?p=heygizdcmm5gi3bpge2tkna Page URL
  4. https://coolgiftforyou.life/?u=ezrkte4&o=7khpypv&t=jp Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

127 kB
Transfer

308 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://memesicurezza.it/ Page URL
  2. https://memesicurezza.it/ HTTP 302
    https://express-news.me/?p=heygizdcmm5gi3bpge2tkna Page URL
  3. https://0.express-news.me/?p=heygizdcmm5gi3bpge2tkna Page URL
  4. https://coolgiftforyou.life/?u=ezrkte4&o=7khpypv&t=jp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://memesicurezza.it/ HTTP 302
  • https://express-news.me/?p=heygizdcmm5gi3bpge2tkna

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
memesicurezza.it/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://memesicurezza.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.77.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c079aba4c8952ec500096c21bda94477d95fdb2e9572906405edbae6ea427162

Request headers

:method
GET
:authority
memesicurezza.it
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 28 Sep 2021 08:16:31 GMT
content-type
text/html; charset=UTF-8
set-cookie
antibot_uid=30bc71615f2e376a6ca6fe800a12153d; expires=Wed, 28-Sep-2022 08:16:31 GMT; Max-Age=31536000; path=/ antibot_referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ antibot_country=DE; expires=Wed, 29-Sep-2021 08:16:31 GMT; Max-Age=86400; path=/; domain=memesicurezza.it antibot_lang=de; expires=Wed, 29-Sep-2021 08:16:31 GMT; Max-Age=86400; path=/; domain=memesicurezza.it antibot_ptr=45.111.131.216.x.reliablehosting.com; expires=Wed, 29-Sep-2021 08:16:31 GMT; Max-Age=86400; path=/; domain=memesicurezza.it
x-powered-cms
AntiBot.Cloud (See: https://antibot.cloud/)
expires
Mon, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnbhMBDaolmUADIlQFKW4JBvPBP1V%2FoR8ogWKzcmruLOXVTurwiiBGzM1HdbVYXHYGkRWv%2FQ5tLr2IxuRspiRLepdC4LBhz8AUmlt%2BVsJvACjwGKMIEtc3q2OgtZ6hvekmFr"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
695b87b5c8c20893-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: memesicurezza.it
URL: https://memesicurezza.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://memesicurezza.it/
Origin
https://memesicurezza.it
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
601
access-control-allow-origin
*
cdn-cachedat
08/03/2021 15:16:56
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
857159a3f85278b5869c596998566cc0
cf-ray
695b87b82bdf218d-DUS
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ab.php
memesicurezza.it/antibot/ 		72 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://memesicurezza.it/antibot/ab.php
Requested by
Host: memesicurezza.it
URL: https://memesicurezza.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.77.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-fetch-mode
cors
origin
https://memesicurezza.it
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
antibot_uid=30bc71615f2e376a6ca6fe800a12153d; antibot_country=DE; antibot_lang=de; antibot_ptr=45.111.131.216.x.reliablehosting.com
content-length
248
:path
/antibot/ab.php
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded;
accept
*/*
cache-control
no-cache
:authority
memesicurezza.it
referer
https://memesicurezza.it/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://memesicurezza.it/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded;

Response headers

date
Tue, 28 Sep 2021 08:16:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
695b87c4fb500893-CDG
x-powered-cms
AntiBot.Cloud (See: https://antibot.cloud/)
access-control-allow-methods
POST
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWcbWiIwzDfDzuXSIBDNPw0GyrrzAIfjF3A0D1g6zDnlGxLVbDlX3rnTGQ5EVZ6GmYLrQy869Z1Ewy6EiRHT%2BMh7vkkvmCIDcL8glFyzZy%2FXbZblGY%2FHVe39oCRHq1U43%2FnY"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex
access-control-allow-headers
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
express-news.me/
Redirect Chain
  • https://memesicurezza.it/
  • https://express-news.me/?p=heygizdcmm5gi3bpge2tkna
26 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://express-news.me/?p=heygizdcmm5gi3bpge2tkna
Requested by
Host: memesicurezza.it
URL: https://memesicurezza.it/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.189.240.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4fea77cc7797af0cebce92bb8f6d3dcf9e4cf7b1eb8787776b8fb9cfb72f123f
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
express-news.me
:scheme
https
:path
/?p=heygizdcmm5gi3bpge2tkna
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://memesicurezza.it/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://memesicurezza.it/

Response headers

server
nginx
date
Tue, 28 Sep 2021 08:16:34 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
set-cookie
uuid=b2337241-4ccc-4a84-b1cd-9d9f50782b4a; expires=Thu, 28-Oct-2021 08:16:34 GMT; Max-Age=2592000; path=/; domain=express-news.me
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests

Redirect headers

date
Tue, 28 Sep 2021 08:16:34 GMT
content-type
text/html; charset=UTF-8
set-cookie
antibot_referer=https%3A%2F%2Fmemesicurezza.it%2F; expires=Sat, 27-Nov-2021 08:16:34 GMT; Max-Age=5184000; path=/ lastcid=0; expires=Tue, 28-Sep-2021 08:14:54 GMT; Max-Age=0; path=/ PHPSESSID=74mj75uh5g4g3cu5a37a9atkk62uhufk; path=/ _subid=u8ibbl3o9a9u; expires=Wed, 29-Sep-2021 08:16:34 GMT; Max-Age=86400; path=/; domain=.memesicurezza.it 3e8b1=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE5NlwiOjE2MzI4MTY5OTR9LFwiY2FtcGFpZ25zXCI6e1wiNjFcIjoxNjMyODE2OTk0fSxcInRpbWVcIjoxNjMyODE2OTk0fSJ9.pRV4DiBgbGj1d6Q_YIa_GugvsqIrCP7y5JSZj0Ri8y8; expires=Wed, 29-Sep-2021 08:16:34 GMT; Max-Age=86400; path=/; domain=.memesicurezza.it
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://express-news.me/?p=heygizdcmm5gi3bpge2tkna
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2gmHqVRROIwy0G7%2BvXYnOa5k8N3hstxxVCoBJKYArvw379dWvZrb279b9tZ%2BY7R3vFWZF8RmvJ3p5KDiNHh%2BOW10F4Dt5dODSWhJlbW1nNr9HaUQZVW0KaGZ1QPIVjwWUCu"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
695b87c54aef088b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1.png
express-news.me/img/9/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-news.me/img/9/1.png
Requested by
Host: express-news.me
URL: https://express-news.me/?p=heygizdcmm5gi3bpge2tkna
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.189.240.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:path
/img/9/1.png
pragma
no-cache
cookie
uuid=b2337241-4ccc-4a84-b1cd-9d9f50782b4a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
express-news.me
referer
https://express-news.me/?p=heygizdcmm5gi3bpge2tkna
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://express-news.me/?p=heygizdcmm5gi3bpge2tkna
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:16:34 GMT
last-modified
Mon, 27 Jan 2020 15:28:39 GMT
server
nginx
etag
"5e2f01a7-295f"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
10591
expires
Thu, 28 Oct 2021 08:16:34 GMT
2.png
express-news.me/img/9/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-news.me/img/9/2.png
Requested by
Host: express-news.me
URL: https://express-news.me/?p=heygizdcmm5gi3bpge2tkna
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.189.240.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:path
/img/9/2.png
pragma
no-cache
cookie
uuid=b2337241-4ccc-4a84-b1cd-9d9f50782b4a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
express-news.me
referer
https://express-news.me/?p=heygizdcmm5gi3bpge2tkna
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://express-news.me/?p=heygizdcmm5gi3bpge2tkna
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:16:34 GMT
last-modified
Mon, 27 Jan 2020 15:28:39 GMT
server
nginx
etag
"5e2f01a7-425"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
1061
expires
Thu, 28 Oct 2021 08:16:34 GMT
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
/
0.express-news.me/ 		26 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.express-news.me/?p=heygizdcmm5gi3bpge2tkna
Requested by
Host: express-news.me
URL: https://express-news.me/?p=heygizdcmm5gi3bpge2tkna
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.189.240.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3d4ebdb38e1a2ffe93df6568eb224fb3eaf5682778a8d0b1897c9e84e329ea9f
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
0.express-news.me
:scheme
https
:path
/?p=heygizdcmm5gi3bpge2tkna
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://express-news.me/
accept-encoding
gzip, deflate, br
cookie
uuid=b2337241-4ccc-4a84-b1cd-9d9f50782b4a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://express-news.me/

Response headers

server
nginx
date
Tue, 28 Sep 2021 08:16:34 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
set-cookie
uuid=b2337241-4ccc-4a84-b1cd-9d9f50782b4a; expires=Thu, 28-Oct-2021 08:16:34 GMT; Max-Age=2592000; path=/; domain=0.express-news.me
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
1.png
express-news.me/img/9/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-news.me/img/9/1.png
Requested by
Host: 0.express-news.me
URL: https://0.express-news.me/?p=heygizdcmm5gi3bpge2tkna
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.189.240.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0.express-news.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:16:34 GMT
last-modified
Mon, 27 Jan 2020 15:28:39 GMT
server
nginx
etag
"5e2f01a7-295f"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
10591
expires
Thu, 28 Oct 2021 08:16:34 GMT
2.png
express-news.me/img/9/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-news.me/img/9/2.png
Requested by
Host: 0.express-news.me
URL: https://0.express-news.me/?p=heygizdcmm5gi3bpge2tkna
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.189.240.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0.express-news.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:16:34 GMT
last-modified
Mon, 27 Jan 2020 15:28:39 GMT
server
nginx
etag
"5e2f01a7-425"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
1061
expires
Thu, 28 Oct 2021 08:16:34 GMT
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Primary Request Cookie set /
coolgiftforyou.life/ 		51 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coolgiftforyou.life/?u=ezrkte4&o=7khpypv&t=jp
Requested by
Host: 0.express-news.me
URL: https://0.express-news.me/?p=heygizdcmm5gi3bpge2tkna
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.188.178.75 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0174a7568fddadd752afa1e593585b8575c036a345a89401a1097fc6fbc367aa

Request headers

Host
coolgiftforyou.life
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://0.express-news.me/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0.express-news.me/

Response headers

Server
nginx
Date
Tue, 28 Sep 2021 08:16:35 GMT
Content-Type
text/html
Content-Length
21421
Connection
keep-alive
Cache-Control
private no-transform
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
sid=t1~dzmkcvotydkvk4mpp2maexja; path=/ sid=t1~dzmkcvotydkvk4mpp2maexja; path=/ p1=https://servethreefelt.top/jtywecjf/; path=/ s1=kp5wqxpoqflxhms7; path=/
frame.html
coolgiftforyou.life/media/mainstream/ Frame 537F 		39 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://coolgiftforyou.life/media/mainstream/frame.html
Requested by
Host: coolgiftforyou.life
URL: https://coolgiftforyou.life/?u=ezrkte4&o=7khpypv&t=jp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.188.178.75 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Request headers

Host
coolgiftforyou.life
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://coolgiftforyou.life/?u=ezrkte4&o=7khpypv&t=jp
Accept-Encoding
gzip, deflate, br
Cookie
sid=t1~dzmkcvotydkvk4mpp2maexja; p1=https://servethreefelt.top/jtywecjf/; s1=kp5wqxpoqflxhms7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://coolgiftforyou.life/?u=ezrkte4&o=7khpypv&t=jp

Response headers

Server
nginx
Date
Tue, 28 Sep 2021 08:16:35 GMT
Content-Type
text/html
Content-Length
39
Connection
keep-alive
Last-Modified
Wed, 19 May 2021 13:17:43 GMT
Vary
Accept-Encoding
ETag
"60a50ff7-27"
Cache-Control
no-transform
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Domain/Path Name / Value
memesicurezza.it/ Name: antibot_uid
Value: 30bc71615f2e376a6ca6fe800a12153d
.memesicurezza.it/ Name: antibot_country
Value: DE
.memesicurezza.it/ Name: antibot_lang
Value: de
.memesicurezza.it/ Name: antibot_ptr
Value: 45.111.131.216.x.reliablehosting.com
memesicurezza.it/ Name: antibot_19fb29ff3d577803cf1c05480951d3ec
Value: 19a22dd7850476630a36a6516cfe6567
memesicurezza.it/ Name: antibot_referer
Value: https%3A%2F%2Fmemesicurezza.it%2F
memesicurezza.it/ Name: PHPSESSID
Value: 74mj75uh5g4g3cu5a37a9atkk62uhufk
.memesicurezza.it/ Name: _subid
Value: u8ibbl3o9a9u
.memesicurezza.it/ Name: 3e8b1
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE5NlwiOjE2MzI4MTY5OTR9LFwiY2FtcGFpZ25zXCI6e1wiNjFcIjoxNjMyODE2OTk0fSxcInRpbWVcIjoxNjMyODE2OTk0fSJ9.pRV4DiBgbGj1d6Q_YIa_GugvsqIrCP7y5JSZj0Ri8y8
.express-news.me/ Name: uuid
Value: b2337241-4ccc-4a84-b1cd-9d9f50782b4a
.0.express-news.me/ Name: uuid
Value: b2337241-4ccc-4a84-b1cd-9d9f50782b4a