urlscan.io logo urlscan.io
SecurityTrails logo

whois.gandi.net Open in urlscan Pro
217.70.185.84  Public Scan

Go To Rescan Add Verdict Report
URL: https://whois.gandi.net/en/wdrp/cu-soon.biz/K2PBHHJNTP7rtgDVgGWTHrZu_7bMiDbp09tyPJEMebvSlRbWRBfp8S4VBf9dMfwcprylSRDPNub2...
Submission: On September 30 via manual from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 217.70.185.84, located in Paris, France and belongs to GANDI-AS Domain name registrar - www.gandi.net, FR. The main domain is whois.gandi.net. The Cisco Umbrella rank of the primary domain is 488460.
TLS certificate: Issued by Gandi Standard SSL CA 2 on February 7th 2022. Valid for: a year.
This is the only time whois.gandi.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 217.70.185.84 29169 (GANDI-AS ...)
1 18.66.147.86 16509 (AMAZON-02)
1 13.227.210.105 16509 (AMAZON-02)
7 3
Apex Domain
Subdomains		 Transfer
5 gandi.net
whois.gandi.net — Cisco Umbrella Rank: 488460
146 KB
1 xiti.com
logs1412.xiti.com — Cisco Umbrella Rank: 66747
306 B
1 aticdn.net
tag.aticdn.net — Cisco Umbrella Rank: 19873
25 KB
7 3
Domain Requested by
5 whois.gandi.net whois.gandi.net
1 logs1412.xiti.com whois.gandi.net
1 tag.aticdn.net whois.gandi.net
7 3

This site contains links to these domains. Also see Links.

Domain
cu-soon.biz
Subject Issuer Validity Valid
whois.gandi.net
Gandi Standard SSL CA 2		 2022-02-07 -
2023-02-25		 a year crt.sh
tag.aticdn.net
Thawte RSA CA 2018		 2022-01-11 -
2023-01-22		 a year crt.sh
*.xiti.com
Thawte RSA CA 2018		 2022-04-29 -
2023-04-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://whois.gandi.net/en/wdrp/cu-soon.biz/K2PBHHJNTP7rtgDVgGWTHrZu_7bMiDbp09tyPJEMebvSlRbWRBfp8S4VBf9dMfwcprylSRDPNub2V69gmU-J0CqWcoKISAsN
Frame ID: 72C0FF9DF90CEC07893AB8D5A71F4884
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

cu-soon.biz WHOIS information

Detected technologies

Overall confidence: 100%
Detected patterns
  • xiti\.com/hit\.xiti

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

172 kB
Transfer

289 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request K2PBHHJNTP7rtgDVgGWTHrZu_7bMiDbp09tyPJEMebvSlRbWRBfp8S4VBf9dMfwcprylSRDPNub2V69gmU-J0CqWcoKISAsN
whois.gandi.net/en/wdrp/cu-soon.biz/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://whois.gandi.net/en/wdrp/cu-soon.biz/K2PBHHJNTP7rtgDVgGWTHrZu_7bMiDbp09tyPJEMebvSlRbWRBfp8S4VBf9dMfwcprylSRDPNub2V69gmU-J0CqWcoKISAsN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.70.185.84 Paris, France, ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR),
Reverse DNS
whois.gandi.net
Software
nginx /
Resource Hash
9a6c5d786fc93c16ac8085cb54bde10e995f67e99b6a3ff9b1cd4ed42dd3cb73

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
public, max-age=600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3565
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 22:28:40 GMT
Server
nginx
Surrogate-Control
max-age=86400, stale-if-error=172800, stale-while-revalidate=172800
Vary
Accept-Encoding
Via
1.1 varnish-v4, 1.1 varnish-v4
X-Cache
HIT
X-Cache-Age
65487
X-Cache-Hits
53
main.d564fae5.css
whois.gandi.net/assets/css/ 		60 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://whois.gandi.net/assets/css/main.d564fae5.css
Requested by
Host: whois.gandi.net
URL: https://whois.gandi.net/en/wdrp/cu-soon.biz/K2PBHHJNTP7rtgDVgGWTHrZu_7bMiDbp09tyPJEMebvSlRbWRBfp8S4VBf9dMfwcprylSRDPNub2V69gmU-J0CqWcoKISAsN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.70.185.84 Paris, France, ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR),
Reverse DNS
whois.gandi.net
Software
nginx /
Resource Hash
ce8cb4babaf7ad06817bfd098decaacd1ab857a74c40205a41724bdea52dba23

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://whois.gandi.net/en/wdrp/cu-soon.biz/K2PBHHJNTP7rtgDVgGWTHrZu_7bMiDbp09tyPJEMebvSlRbWRBfp8S4VBf9dMfwcprylSRDPNub2V69gmU-J0CqWcoKISAsN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Cache-Hits
0
Date
Fri, 30 Sep 2022 16:40:08 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4, 1.1 varnish-v4
Age
0
Transfer-Encoding
chunked
X-Cache
MISS
Connection
keep-alive
Pragma
no-cache
Last-Modified
Mon, 30 May 2022 12:54:58 GMT
Server
nginx
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Vary
Accept-Encoding
Accept-Ranges
bytes
Expires
Fri, 30 Sep 2022 16:40:08 GMT
index.5e752032.js
whois.gandi.net/assets/js/ 		89 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://whois.gandi.net/assets/js/index.5e752032.js
Requested by
Host: whois.gandi.net
URL: https://whois.gandi.net/en/wdrp/cu-soon.biz/K2PBHHJNTP7rtgDVgGWTHrZu_7bMiDbp09tyPJEMebvSlRbWRBfp8S4VBf9dMfwcprylSRDPNub2V69gmU-J0CqWcoKISAsN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.70.185.84 Paris, France, ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR),
Reverse DNS
whois.gandi.net
Software
nginx /
Resource Hash
79cfeda6114706bedd7cae90d717646eba0aed3d7c6ad71220f0831fb1bafd20

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://whois.gandi.net/en/wdrp/cu-soon.biz/K2PBHHJNTP7rtgDVgGWTHrZu_7bMiDbp09tyPJEMebvSlRbWRBfp8S4VBf9dMfwcprylSRDPNub2V69gmU-J0CqWcoKISAsN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Cache-Hits
0
Date
Fri, 30 Sep 2022 16:40:08 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
91430
Pragma
no-cache
Last-Modified
Mon, 30 May 2022 12:54:58 GMT
Server
nginx
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Accept-Ranges
bytes
Expires
Fri, 30 Sep 2022 16:40:08 GMT
smarttag.js
tag.aticdn.net/616708/ 		90 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/616708/smarttag.js
Requested by
Host: whois.gandi.net
URL: https://whois.gandi.net/en/wdrp/cu-soon.biz/K2PBHHJNTP7rtgDVgGWTHrZu_7bMiDbp09tyPJEMebvSlRbWRBfp8S4VBf9dMfwcprylSRDPNub2V69gmU-J0CqWcoKISAsN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-86.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b310b3daa1310f656811874e354916b36ec910f2cd89fb58e32fd14c1a641dfc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://whois.gandi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
PgBZws0fL47ASwxk16GvmInG32fcjZdi
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date
Fri, 30 Sep 2022 16:15:14 GMT
x-amz-cf-pop
FRA60-P4
age
1777
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 02 Sep 2022 11:39:33 GMT
server
AmazonS3
etag
W/"e9fc6edbbb23b59513359f6e1d02eb9b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-amz-cf-id
NjQBkkj_2XCjED4qhogaWdC4jgL1PlQEYDE_-G8AQZ9tqn53xd9kgA==
Montserrat-SemiBold.6fb1b562.woff2
whois.gandi.net/assets/fonts/montserrat/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://whois.gandi.net/assets/fonts/montserrat/Montserrat-SemiBold.6fb1b562.woff2
Requested by
Host: whois.gandi.net
URL: https://whois.gandi.net/assets/css/main.d564fae5.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.70.185.84 Paris, France, ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR),
Reverse DNS
whois.gandi.net
Software
nginx /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Request headers

Referer
https://whois.gandi.net/assets/css/main.d564fae5.css
Origin
https://whois.gandi.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Cache-Hits
0
Date
Fri, 30 Sep 2022 16:40:08 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
19264
Pragma
no-cache
Last-Modified
Mon, 30 May 2022 12:54:58 GMT
Server
nginx
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Accept-Ranges
bytes
Expires
Fri, 30 Sep 2022 16:40:08 GMT
Montserrat-Regular.bc3aa95d.woff2
whois.gandi.net/assets/fonts/montserrat/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://whois.gandi.net/assets/fonts/montserrat/Montserrat-Regular.bc3aa95d.woff2
Requested by
Host: whois.gandi.net
URL: https://whois.gandi.net/assets/css/main.d564fae5.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.70.185.84 Paris, France, ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR),
Reverse DNS
whois.gandi.net
Software
nginx /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Request headers

Referer
https://whois.gandi.net/assets/css/main.d564fae5.css
Origin
https://whois.gandi.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Cache-Hits
0
Date
Fri, 30 Sep 2022 16:40:08 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
19172
Pragma
no-cache
Last-Modified
Mon, 30 May 2022 12:54:58 GMT
Server
nginx
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Accept-Ranges
bytes
Expires
Fri, 30 Sep 2022 16:40:08 GMT
hit.xiti
logs1412.xiti.com/ 		35 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs1412.xiti.com/hit.xiti?s=616708&idclient=0bc2cce2-b1c6-4638-8cfa-4e4e029d02dd&vc=false&vm=exempt&ts=1664556008713&vtag=5.29.4&ptag=js&r=1600x1200x24x24&re=1600x1200&lang=en&p=Whois::WDRP::white_label&release=5.3.15&ref=
Requested by
Host: whois.gandi.net
URL: https://whois.gandi.net/en/wdrp/cu-soon.biz/K2PBHHJNTP7rtgDVgGWTHrZu_7bMiDbp09tyPJEMebvSlRbWRBfp8S4VBf9dMfwcprylSRDPNub2V69gmU-J0CqWcoKISAsN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.210.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-210-105.ams54.r.cloudfront.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://whois.gandi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 16:40:09 GMT
via
1.1 eec12a22159207af63748eccf10799b2.cloudfront.net (CloudFront)
strict-transport-security
max-age=15768000
x-amz-cf-pop
AMS54-C1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-store
content-length
35
x-amz-cf-id
ID-dpBoMYcMAvSahkrtBgqp-6ftPQ0_AOQ1wsTO4hqV3ZtyKxJLIVQ==

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| blockedMsg function| callback string| u object| d object| g object| s object| Gandi object| ATInternet function| ATCustomEvent object| tag

2 Cookies

Domain/Path Name / Value
.gandi.net/ Name: atuserid
Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%220bc2cce2-b1c6-4638-8cfa-4e4e029d02dd%22%2C%22options%22%3A%7B%22end%22%3A%222023-11-01T16%3A40%3A08.695Z%22%2C%22path%22%3A%22%2F%22%7D%7D
.gandi.net/ Name: atauthority
Value: %7B%22name%22%3A%22atauthority%22%2C%22val%22%3A%7B%22authority_name%22%3A%22cnil%22%2C%22visitor_mode%22%3A%22exempt%22%7D%2C%22options%22%3A%7B%22end%22%3A%222023-11-01T16%3A40%3A08.699Z%22%2C%22path%22%3A%22%2F%22%7D%7D