urlscan.io logo urlscan.io
SecurityTrails logo

res.technooffer.com Open in urlscan Pro
178.32.79.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ml.news.grands-meres.com/l2/78bnvKyjU7/13386416/3025835054.html
Effective URL: https://res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca...
Submission: On May 24 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 11 domains to perform 9 HTTP transactions. The main IP is 178.32.79.100, located in France and belongs to OVH, FR. The main domain is res.technooffer.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 20th 2019. Valid for: 3 months.
This is the only time res.technooffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 91.190.170.12 31688 (SPLIO-AS)
1 3 2001:41d0:8:8... 16276 (OVH)
2 2001:41d0:2:d... 16276 (OVH)
1 1 34.250.175.193 16509 (AMAZON-02)
1 54.246.228.167 16509 (AMAZON-02)
2 3 80.70.210.161 34913 (DALENYS)
1 1 54.171.2.228 16509 (AMAZON-02)
2 2 52.51.175.46 16509 (AMAZON-02)
2 2 185.33.223.210 29990 (ASN-APPNEXUS)
1 34.95.92.78 15169 (GOOGLE)
2 2 35.190.16.14 15169 (GOOGLE)
1 1 2600:1901:0:3... 15169 (GOOGLE)
1 1 104.155.63.91 15169 (GOOGLE)
1 1 178.32.79.99 16276 (OVH)
1 178.32.79.100 16276 (OVH)
9 7
1    91.190.170.12 (France)

ASN31688 (SPLIO-AS, FR)
PTR: s3s.fr
ml.news.grands-meres.com
3    2001:41d0:8:88c8:: (Lille, France)

ASN16276 (OVH, FR)
wtm.news.grands-meres.com
2    2001:41d0:2:dbba:: (Lille, France)

ASN16276 (OVH, FR)
r.phywi.org
1    34.250.175.193 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-175-193.eu-west-1.compute.amazonaws.com
er.cloud-media.fr
1    54.246.228.167 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-228-167.eu-west-1.compute.amazonaws.com
er.cloud-media.fr
3    80.70.210.161 (Houilles, France)

ASN34913 (DALENYS, FR)
PTR: email-reflex.com
ep.la-meteo-mail.fr
email-reflex.com
1    54.171.2.228 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-2-228.eu-west-1.compute.amazonaws.com
ejp.rlcdn.com
2    52.51.175.46 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-175-46.eu-west-1.compute.amazonaws.com
iei.rlcdn.com
2    185.33.223.210 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com
idsync.rlcdn.com
2    35.190.16.14 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    2600:1901:0:37f::a:1 (United States)

ASN15169 (GOOGLE - Google LLC, US)
pws.news.grands-meres.com
1    104.155.63.91 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 91.63.155.104.bc.googleusercontent.com
csync.pwspace.com
1    178.32.79.99 (France)

ASN16276 (OVH, FR)
PTR: ip99.ip-178-32-79.eu
cd.osittock.com
1    178.32.79.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-178-32-79.eu
res.technooffer.com
Domain Requested by
3 wtm.news.grands-meres.com 1 redirects wtm.news.grands-meres.com
2 redirect.frontend.weborama.fr 2 redirects
2 ib.adnxs.com 2 redirects
2 iei.rlcdn.com 2 redirects
2 email-reflex.com 1 redirects wtm.news.grands-meres.com
2 er.cloud-media.fr 1 redirects wtm.news.grands-meres.com
2 r.phywi.org wtm.news.grands-meres.com
1 res.technooffer.com wtm.news.grands-meres.com
1 cd.osittock.com 1 redirects
1 csync.pwspace.com 1 redirects
1 pws.news.grands-meres.com 1 redirects
1 idsync.rlcdn.com wtm.news.grands-meres.com
1 ejp.rlcdn.com 1 redirects
1 ep.la-meteo-mail.fr 1 redirects
1 ml.news.grands-meres.com
9 15

This site contains no links.

Subject Issuer Validity Valid
ml.news.grands-meres.com
Let's Encrypt Authority X3		 2019-05-06 -
2019-08-04		 3 months crt.sh
*.cloud-media.fr
Amazon		 2018-10-18 -
2019-11-18		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
*.phywi.org
Gandi Standard SSL CA 2		 2018-02-21 -
2020-03-02		 2 years crt.sh
res.technooffer.com
Let's Encrypt Authority X3		 2019-04-20 -
2019-07-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca1-68247fb96962
Frame ID: 74D30507A8A4C4D53E215571414C1CF2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ml.news.grands-meres.com/l2/78bnvKyjU7/13386416/3025835054.html Page URL
  2. http://wtm.news.grands-meres.com/w/111473/3fb76a11dfb9a1970941a8bd8d97832a/1835/450/?mid=17bc35381f30b89240d0... HTTP 302
    http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws... Page URL
  3. https://pws.news.grands-meres.com/ndc/7ZVLJYZV?ps_ee=3fb76a11dfb9a1970941a8bd8d97832a&ps_g=M&ps_a=$date_naissa... HTTP 302
    https://csync.pwspace.com/dpt?destUrl=aHR0cHM6Ly9jZC5vc2l0dG9jay5jb20vYS95L29mZmVycy95eS9sOTk5ejZpNWdt... HTTP 307
    https://cd.osittock.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=10... HTTP 302
    https://res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=10... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

9
Requests

56 %
HTTPS

20 %
IPv6

11
Domains

15
Subdomains

7
IPs

4
Countries

10 kB
Transfer

7 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ml.news.grands-meres.com/l2/78bnvKyjU7/13386416/3025835054.html Page URL
  2. http://wtm.news.grands-meres.com/w/111473/3fb76a11dfb9a1970941a8bd8d97832a/1835/450/?mid=17bc35381f30b89240d062eb2f6b2018&ct=nl&n=8&l=a&bi=1&ai=7028&u=http%3A%2F%2Fwtm.news.grands-meres.com%2Fredirection.html%3Fm%3D3fb76a11dfb9a1970941a8bd8d97832a%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.news.grands-meres.com%252Fndc%252F7ZVLJYZV%253Fps_ee%253D3fb76a11dfb9a1970941a8bd8d97832a%2526ps_g%253DM%2526ps_a%253D$date_naissance$%2526z%253D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%252B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%252FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%252FgthYDSbv%252FwZPhhY26Q2rHrfMM%252BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%252BTCZBe1Eqcj2FY5s%253D HTTP 302
    http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D Page URL
  3. https://pws.news.grands-meres.com/ndc/7ZVLJYZV?ps_ee=3fb76a11dfb9a1970941a8bd8d97832a&ps_g=M&ps_a=$date_naissance$&z=1 HTTP 302
    https://csync.pwspace.com/dpt?destUrl=aHR0cHM6Ly9jZC5vc2l0dG9jay5jb20vYS95L29mZmVycy95eS9sOTk5ejZpNWdtNTl6cTBzMHA1L2NsaWNrLzR4MGd2NnVzcG9sMXh6aGE3ZHhqMWg2LzQ%2FY2xpY2tJZD0xMDdmNTJkYS0yMDRlLTNlZjUtYWNhMS02ODI0N2ZiOTY5NjI%3D&pstuid=9e39563a-7455-39b9-bfbc-32a8591a95bd HTTP 307
    https://cd.osittock.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca1-68247fb96962 HTTP 302
    https://res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca1-68247fb96962 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://wtm.news.grands-meres.com/w/111473/3fb76a11dfb9a1970941a8bd8d97832a/1835/450/?mid=17bc35381f30b89240d062eb2f6b2018&ct=nl&n=8&l=a&bi=1&ai=7028&u=http%3A%2F%2Fwtm.news.grands-meres.com%2Fredirection.html%3Fm%3D3fb76a11dfb9a1970941a8bd8d97832a%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.news.grands-meres.com%252Fndc%252F7ZVLJYZV%253Fps_ee%253D3fb76a11dfb9a1970941a8bd8d97832a%2526ps_g%253DM%2526ps_a%253D$date_naissance$%2526z%253D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%252B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%252FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%252FgthYDSbv%252FwZPhhY26Q2rHrfMM%252BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%252BTCZBe1Eqcj2FY5s%253D HTTP 302
  • http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
Request Chain 4
  • http://er.cloud-media.fr/r/3fb76a11dfb9a1970941a8bd8d97832a/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
  • https://er.cloud-media.fr/c/3fb76a11dfb9a1970941a8bd8d97832a/20305b1d-4a14-4990-b6a1-7765863e4041
Request Chain 5
  • http://ep.la-meteo-mail.fr/tags/redirect.php?h=3fb76a11dfb9a1970941a8bd8d97832a&source=38 HTTP 301
  • http://email-reflex.com/tags/redirect.php?h=3fb76a11dfb9a1970941a8bd8d97832a&source=38 HTTP 302
  • http://email-reflex.com/tags/pixel.php?h=3fb76a11dfb9a1970941a8bd8d97832a&source=38
Request Chain 6
  • https://ejp.rlcdn.com/472906.gif?m=3fb76a11dfb9a1970941a8bd8d97832a&n=1 HTTP 302
  • https://iei.rlcdn.com/472906.gif?partner_uid=XY1005JCTbDAkJwidVuDES_L97uUTcA2lobvl3dP4iFKPXnhI&ipel=Xi1005GlEyapmr64eGsXNGFDSeZGjeKkREzxdYlL8pPY0zGnb55xnfZCgRjprrHo50ZRPD&n=1&pdata=eu-translator-ghost HTTP 302
  • https://iei.rlcdn.com/472906.gif?n=1&partner_uid=XY1005JCTbDAkJwidVuDES_L97uUTcA2lobvl3dP4iFKPXnhI&pdata=eu-translator-ghost&ipel=Xi1005GlEyapmr64eGsXNGFDSeZGjeKkREzxdYlL8pPY0zGnb55xnfZCgRjprrHo50ZRPD&redirect=1 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fpartner_uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fpartner_uid%253D%2524UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?partner_uid=5917321516049047524
Request Chain 7
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D3fb76a11dfb9a1970941a8bd8d97832a%26wb%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D3fb76a11dfb9a1970941a8bd8d97832a%26wb%3D%7BWEBO_CID%7D&bounce=1&random=3031971442 HTTP 302
  • https://r.phywi.org/webo.gif?md=3fb76a11dfb9a1970941a8bd8d97832a&wb=XB0clhSywvcXbaY25hRXGO

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 3025835054.html
ml.news.grands-meres.com/l2/78bnvKyjU7/13386416/ 		786 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ml.news.grands-meres.com/l2/78bnvKyjU7/13386416/3025835054.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash

Request headers

Host
ml.news.grands-meres.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 16:33:00 GMT
Server
Apache
Set-Cookie
grandsmeres_v2=13386416%2C78bnvKyjU%2C7%3B3671546240; expires=Sun, 23-Jun-2019 16:33:00 GMT; path=/; domain=.ml.news.grands-meres.com
Pragma
no-cache
Cache-Control
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag
noindex,nofollow
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html
redirection.html
wtm.news.grands-meres.com/
Redirect Chain
  • http://wtm.news.grands-meres.com/w/111473/3fb76a11dfb9a1970941a8bd8d97832a/1835/450/?mid=17bc35381f30b89240d062eb2f6b2018&ct=nl&n=8&l=a&bi=1&ai=7028&u=http%3A%2F%2Fwtm.news.grands-meres.com%2Fredir...
  • http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_...
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
Protocol
HTTP/1.1
Server
2001:41d0:8:88c8:: Lille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
08cf5192ca279514348360b606bd4c8f849a49ada77326912449f7c5494afa60
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Host
wtm.news.grands-meres.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Fri, 24 May 2019 16:33:00 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
4387
Connection
close
Expires
Fri, 24 May 2019 16:32:59 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=0;

Redirect headers

Server
nginx
Date
Fri, 24 May 2019 16:33:00 GMT
Content-Length
0
Connection
close
Expires
Fri, 24 May 2019 16:32:59 GMT
Cache-Control
no-cache
Pragma
no-cache
Location
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
Strict-Transport-Security
max-age=0;
https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D%24date_naissance%24%26z%3D1
wtm.news.grands-meres.com/ 		0
300 B 		Other
General
Check archive.org
Download Go to
Full URL
http://wtm.news.grands-meres.com/https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D%24date_naissance%24%26z%3D1
Requested by
Host: wtm.news.grands-meres.com
URL: http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
Protocol
HTTP/1.1
Server
2001:41d0:8:88c8:: Lille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Purpose
prefetch
Referer
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 May 2019 16:33:00 GMT
Server
nginx
Strict-Transport-Security
max-age=0;
Content-Type
image/gif
Cache-Control
no-cache
Connection
close
Content-Length
43
Expires
Fri, 24 May 2019 16:32:59 GMT
cl.gif
r.phywi.org/ 		43 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://r.phywi.org/cl.gif?m=3fb76a11dfb9a1970941a8bd8d97832a
Requested by
Host: wtm.news.grands-meres.com
URL: http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
Protocol
HTTP/1.1
Server
2001:41d0:2:dbba:: Lille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 16:33:00 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Connection
close
Transfer-Encoding
chunked
Content-Type
image/gif
20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/3fb76a11dfb9a1970941a8bd8d97832a/
Redirect Chain
  • http://er.cloud-media.fr/r/3fb76a11dfb9a1970941a8bd8d97832a/20305b1d-4a14-4990-b6a1-7765863e4041
  • https://er.cloud-media.fr/c/3fb76a11dfb9a1970941a8bd8d97832a/20305b1d-4a14-4990-b6a1-7765863e4041
35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er.cloud-media.fr/c/3fb76a11dfb9a1970941a8bd8d97832a/20305b1d-4a14-4990-b6a1-7765863e4041
Requested by
Host: wtm.news.grands-meres.com
URL: http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.228.167 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-228-167.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 24 May 2019 16:33:00 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

Date
Fri, 24 May 2019 16:33:00 GMT
X-Content-Type-Options
nosniff
Server
awselb/2.0
Content-Type
text/html
Location
https://er.cloud-media.fr/c/3fb76a11dfb9a1970941a8bd8d97832a/20305b1d-4a14-4990-b6a1-7765863e4041
Connection
keep-alive
Content-Length
126
X-XSS-Protection
1; mode=block
pixel.php
email-reflex.com/tags/
Redirect Chain
  • http://ep.la-meteo-mail.fr/tags/redirect.php?h=3fb76a11dfb9a1970941a8bd8d97832a&source=38
  • http://email-reflex.com/tags/redirect.php?h=3fb76a11dfb9a1970941a8bd8d97832a&source=38
  • http://email-reflex.com/tags/pixel.php?h=3fb76a11dfb9a1970941a8bd8d97832a&source=38
43 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://email-reflex.com/tags/pixel.php?h=3fb76a11dfb9a1970941a8bd8d97832a&source=38
Requested by
Host: wtm.news.grands-meres.com
URL: http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
Protocol
HTTP/1.1
Server
80.70.210.161 Houilles, France, ASN34913 (DALENYS, FR),
Reverse DNS
email-reflex.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 16:33:00 GMT
Via
1.1 varnish
Server
Apache
Age
0
X-Cache
MISS
P3P
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
X-Server-IP
10.67.37.23
X-Server
rp-front2-3
X-Varnish
1574706441
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Fri, 24 May 2019 16:33:00 GMT
Content-Encoding
gzip
Server
Apache
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/html
Location
http://email-reflex.com/tags/pixel.php?h=3fb76a11dfb9a1970941a8bd8d97832a&source=38
X-Server-IP
10.67.37.23
X-Server
rp-front2-3
X-Varnish
1574706437
Content-Length
20
Via
1.1 varnish
52154.gif
idsync.rlcdn.com/
Redirect Chain
  • https://ejp.rlcdn.com/472906.gif?m=3fb76a11dfb9a1970941a8bd8d97832a&n=1
  • https://iei.rlcdn.com/472906.gif?partner_uid=XY1005JCTbDAkJwidVuDES_L97uUTcA2lobvl3dP4iFKPXnhI&ipel=Xi1005GlEyapmr64eGsXNGFDSeZGjeKkREzxdYlL8pPY0zGnb55xnfZCgRjprrHo50ZRPD&n=1&pdata=eu-translator-ghost
  • https://iei.rlcdn.com/472906.gif?n=1&partner_uid=XY1005JCTbDAkJwidVuDES_L97uUTcA2lobvl3dP4iFKPXnhI&pdata=eu-translator-ghost&ipel=Xi1005GlEyapmr64eGsXNGFDSeZGjeKkREzxdYlL8pPY0zGnb55xnfZCgRjprrHo50Z...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fpartner_uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fpartner_uid%253D%2524UID
  • https://idsync.rlcdn.com/52154.gif?partner_uid=5917321516049047524
42 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?partner_uid=5917321516049047524
Requested by
Host: wtm.news.grands-meres.com
URL: http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
78.92.95.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 16:33:00 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
200
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
42

Redirect headers

Pragma
no-cache
Date
Fri, 24 May 2019 16:33:02 GMT
AN-X-Request-Uuid
b9ef63eb-ea61-4fbe-b35a-856d7d41a1ff
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://idsync.rlcdn.com/52154.gif?partner_uid=5917321516049047524
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
83.97.23.52; 83.97.23.52; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
webo.gif
r.phywi.org/
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D3fb76a11dfb9a1970941a8bd8d97832a%26wb%3D{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D3fb76a11dfb9a1970941a8bd8d97832a%26wb%3D%7BWEBO_CID%7D&bounce=1&random=3031971442
  • https://r.phywi.org/webo.gif?md=3fb76a11dfb9a1970941a8bd8d97832a&wb=XB0clhSywvcXbaY25hRXGO
43 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.phywi.org/webo.gif?md=3fb76a11dfb9a1970941a8bd8d97832a&wb=XB0clhSywvcXbaY25hRXGO
Requested by
Host: wtm.news.grands-meres.com
URL: http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2001:41d0:2:dbba:: Lille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 24 May 2019 16:33:00 GMT
server
nginx
strict-transport-security
max-age=15768000
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 24 May 2019 16:33:00 GMT
via
1.1 google
last-modified
Fri, 24 May 2019 16:33:00 GMT
server
nginx/1.12.0
access-control-allow-origin
*
location
https://r.phywi.org/webo.gif?md=3fb76a11dfb9a1970941a8bd8d97832a&wb=XB0clhSywvcXbaY25hRXGO
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
status
302
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
Primary Request 4
res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/
Redirect Chain
  • https://pws.news.grands-meres.com/ndc/7ZVLJYZV?ps_ee=3fb76a11dfb9a1970941a8bd8d97832a&ps_g=M&ps_a=$date_naissance$&z=1
  • https://csync.pwspace.com/dpt?destUrl=aHR0cHM6Ly9jZC5vc2l0dG9jay5jb20vYS95L29mZmVycy95eS9sOTk5ejZpNWdtNTl6cTBzMHA1L2NsaWNrLzR4MGd2NnVzcG9sMXh6aGE3ZHhqMWg2LzQ%2FY2xpY2tJZD0xMDdmNTJkYS0yMDRlLTNlZjUtY...
  • https://cd.osittock.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca1-68247fb96962
  • https://res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca1-68247fb96962
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca1-68247fb96962
Requested by
Host: wtm.news.grands-meres.com
URL: http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.32.79.100 , France, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-178-32-79.eu
Software
nginx /
Resource Hash
2782a553d9c397ea5feb22512d6957e427d71ddd3821971703f7a7a714e51b05

Request headers

:method
GET
:authority
res.technooffer.com
:scheme
https
:path
/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca1-68247fb96962
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D

Response headers

status
410
server
nginx
date
Fri, 24 May 2019 16:33:02 GMT
content-type
text/html; charset=utf-8
content-length
2173
x-trk-error
16
etag
W/"87d-b08XipPauFsgKkm6rtwxD3uDFKU"
p3p
policyref="https://www.prmfactory.com/w3c/policy.xml", CP="ALL DSP COR ADMa DEVa OUR STP UNI PUR COM NAV PRE"

Redirect headers

status
302
server
nginx
date
Fri, 24 May 2019 16:33:01 GMT
content-type
text/html; charset=utf-8
content-length
320
location
https://res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca1-68247fb96962
vary
Accept
p3p
policyref="https://www.prmfactory.com/w3c/policy.xml", CP="ALL DSP COR ADMa DEVa OUR STP UNI PUR COM NAV PRE"

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies