res.technooffer.com
Open in
urlscan Pro
178.32.79.100
Public Scan
Effective URL: https://res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca...
Submission: On May 24 via api from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 20th 2019. Valid for: 3 months.
This is the only time res.technooffer.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 91.190.170.12 91.190.170.12 | 31688 (SPLIO-AS) (SPLIO-AS) | |
1 3 | 2001:41d0:8:8... 2001:41d0:8:88c8:: | 16276 (OVH) (OVH) | |
2 | 2001:41d0:2:d... 2001:41d0:2:dbba:: | 16276 (OVH) (OVH) | |
1 1 | 34.250.175.193 34.250.175.193 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 54.246.228.167 54.246.228.167 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 3 | 80.70.210.161 80.70.210.161 | 34913 (DALENYS) (DALENYS) | |
1 1 | 54.171.2.228 54.171.2.228 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 2 | 52.51.175.46 52.51.175.46 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 2 | 185.33.223.210 185.33.223.210 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
1 | 34.95.92.78 34.95.92.78 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 2 | 35.190.16.14 35.190.16.14 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2600:1901:0:3... 2600:1901:0:37f::a:1 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 104.155.63.91 104.155.63.91 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 178.32.79.99 178.32.79.99 | 16276 (OVH) (OVH) | |
1 | 178.32.79.100 178.32.79.100 | 16276 (OVH) (OVH) | |
9 | 7 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-175-193.eu-west-1.compute.amazonaws.com
er.cloud-media.fr |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-228-167.eu-west-1.compute.amazonaws.com
er.cloud-media.fr |
ASN34913 (DALENYS, FR)
PTR: email-reflex.com
ep.la-meteo-mail.fr | |
email-reflex.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-2-228.eu-west-1.compute.amazonaws.com
ejp.rlcdn.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-175-46.eu-west-1.compute.amazonaws.com
iei.rlcdn.com |
ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 91.63.155.104.bc.googleusercontent.com
csync.pwspace.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
grands-meres.com
2 redirects
ml.news.grands-meres.com wtm.news.grands-meres.com pws.news.grands-meres.com |
7 KB |
4 |
rlcdn.com
3 redirects
ejp.rlcdn.com iei.rlcdn.com idsync.rlcdn.com |
2 KB |
2 |
weborama.fr
2 redirects
redirect.frontend.weborama.fr |
677 B |
2 |
adnxs.com
2 redirects
ib.adnxs.com |
2 KB |
2 |
email-reflex.com
1 redirects
email-reflex.com |
972 B |
2 |
cloud-media.fr
1 redirects
er.cloud-media.fr |
550 B |
2 |
phywi.org
r.phywi.org |
747 B |
1 |
technooffer.com
res.technooffer.com |
2 KB |
1 |
osittock.com
1 redirects
cd.osittock.com |
284 B |
1 |
pwspace.com
1 redirects
csync.pwspace.com |
284 B |
1 |
la-meteo-mail.fr
1 redirects
ep.la-meteo-mail.fr |
387 B |
9 | 11 |
Domain | Requested by | |
---|---|---|
3 | wtm.news.grands-meres.com |
1 redirects
wtm.news.grands-meres.com
|
2 | redirect.frontend.weborama.fr | 2 redirects |
2 | ib.adnxs.com | 2 redirects |
2 | iei.rlcdn.com | 2 redirects |
2 | email-reflex.com |
1 redirects
wtm.news.grands-meres.com
|
2 | er.cloud-media.fr |
1 redirects
wtm.news.grands-meres.com
|
2 | r.phywi.org |
wtm.news.grands-meres.com
|
1 | res.technooffer.com |
wtm.news.grands-meres.com
|
1 | cd.osittock.com | 1 redirects |
1 | csync.pwspace.com | 1 redirects |
1 | pws.news.grands-meres.com | 1 redirects |
1 | idsync.rlcdn.com |
wtm.news.grands-meres.com
|
1 | ejp.rlcdn.com | 1 redirects |
1 | ep.la-meteo-mail.fr | 1 redirects |
1 | ml.news.grands-meres.com | |
9 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ml.news.grands-meres.com Let's Encrypt Authority X3 |
2019-05-06 - 2019-08-04 |
3 months | crt.sh |
*.cloud-media.fr Amazon |
2018-10-18 - 2019-11-18 |
a year | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-04-24 - 2020-04-23 |
a year | crt.sh |
*.phywi.org Gandi Standard SSL CA 2 |
2018-02-21 - 2020-03-02 |
2 years | crt.sh |
res.technooffer.com Let's Encrypt Authority X3 |
2019-04-20 - 2019-07-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca1-68247fb96962
Frame ID: 74D30507A8A4C4D53E215571414C1CF2
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://ml.news.grands-meres.com/l2/78bnvKyjU7/13386416/3025835054.html Page URL
-
http://wtm.news.grands-meres.com/w/111473/3fb76a11dfb9a1970941a8bd8d97832a/1835/450/?mid=17bc35381f30b89240d0...
HTTP 302
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws... Page URL
-
https://pws.news.grands-meres.com/ndc/7ZVLJYZV?ps_ee=3fb76a11dfb9a1970941a8bd8d97832a&ps_g=M&ps_a=$date_naissa...
HTTP 302
https://csync.pwspace.com/dpt?destUrl=aHR0cHM6Ly9jZC5vc2l0dG9jay5jb20vYS95L29mZmVycy95eS9sOTk5ejZpNWdt... HTTP 307
https://cd.osittock.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=10... HTTP 302
https://res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=10... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ml.news.grands-meres.com/l2/78bnvKyjU7/13386416/3025835054.html Page URL
-
http://wtm.news.grands-meres.com/w/111473/3fb76a11dfb9a1970941a8bd8d97832a/1835/450/?mid=17bc35381f30b89240d062eb2f6b2018&ct=nl&n=8&l=a&bi=1&ai=7028&u=http%3A%2F%2Fwtm.news.grands-meres.com%2Fredirection.html%3Fm%3D3fb76a11dfb9a1970941a8bd8d97832a%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.news.grands-meres.com%252Fndc%252F7ZVLJYZV%253Fps_ee%253D3fb76a11dfb9a1970941a8bd8d97832a%2526ps_g%253DM%2526ps_a%253D$date_naissance$%2526z%253D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%252B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%252FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%252FgthYDSbv%252FwZPhhY26Q2rHrfMM%252BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%252BTCZBe1Eqcj2FY5s%253D
HTTP 302
http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D Page URL
-
https://pws.news.grands-meres.com/ndc/7ZVLJYZV?ps_ee=3fb76a11dfb9a1970941a8bd8d97832a&ps_g=M&ps_a=$date_naissance$&z=1
HTTP 302
https://csync.pwspace.com/dpt?destUrl=aHR0cHM6Ly9jZC5vc2l0dG9jay5jb20vYS95L29mZmVycy95eS9sOTk5ejZpNWdtNTl6cTBzMHA1L2NsaWNrLzR4MGd2NnVzcG9sMXh6aGE3ZHhqMWg2LzQ%2FY2xpY2tJZD0xMDdmNTJkYS0yMDRlLTNlZjUtYWNhMS02ODI0N2ZiOTY5NjI%3D&pstuid=9e39563a-7455-39b9-bfbc-32a8591a95bd HTTP 307
https://cd.osittock.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca1-68247fb96962 HTTP 302
https://res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/4?clickId=107f52da-204e-3ef5-aca1-68247fb96962 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://wtm.news.grands-meres.com/w/111473/3fb76a11dfb9a1970941a8bd8d97832a/1835/450/?mid=17bc35381f30b89240d062eb2f6b2018&ct=nl&n=8&l=a&bi=1&ai=7028&u=http%3A%2F%2Fwtm.news.grands-meres.com%2Fredirection.html%3Fm%3D3fb76a11dfb9a1970941a8bd8d97832a%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.news.grands-meres.com%252Fndc%252F7ZVLJYZV%253Fps_ee%253D3fb76a11dfb9a1970941a8bd8d97832a%2526ps_g%253DM%2526ps_a%253D$date_naissance$%2526z%253D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%252B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%252FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%252FgthYDSbv%252FwZPhhY26Q2rHrfMM%252BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%252BTCZBe1Eqcj2FY5s%253D HTTP 302
- http://wtm.news.grands-meres.com/redirection.html?m=3fb76a11dfb9a1970941a8bd8d97832a&c=fr&u=https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D$date_naissance$%26z%3D1&dc=M8W7GhkcJbJVKaccvF8qtXfOxvrexQDHzxTqLIu3sUbAvTMaGaSpr%2B7vOaT2KvPiUTCe9yk33OENbN4MvCTfBFPlchkco2j3tJ%2FqAqYNSjJChHrMmFTQFiADos3jiw8Sj5UPjkDc%2FgthYDSbv%2FwZPhhY26Q2rHrfMM%2BPwTDg1LL2vqzt65wHo0dletOXWFhLyLOqF7EO8HSHfelcucNpxTg76Od%2BTCZBe1Eqcj2FY5s%3D
- http://er.cloud-media.fr/r/3fb76a11dfb9a1970941a8bd8d97832a/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
- https://er.cloud-media.fr/c/3fb76a11dfb9a1970941a8bd8d97832a/20305b1d-4a14-4990-b6a1-7765863e4041
- http://ep.la-meteo-mail.fr/tags/redirect.php?h=3fb76a11dfb9a1970941a8bd8d97832a&source=38 HTTP 301
- http://email-reflex.com/tags/redirect.php?h=3fb76a11dfb9a1970941a8bd8d97832a&source=38 HTTP 302
- http://email-reflex.com/tags/pixel.php?h=3fb76a11dfb9a1970941a8bd8d97832a&source=38
- https://ejp.rlcdn.com/472906.gif?m=3fb76a11dfb9a1970941a8bd8d97832a&n=1 HTTP 302
- https://iei.rlcdn.com/472906.gif?partner_uid=XY1005JCTbDAkJwidVuDES_L97uUTcA2lobvl3dP4iFKPXnhI&ipel=Xi1005GlEyapmr64eGsXNGFDSeZGjeKkREzxdYlL8pPY0zGnb55xnfZCgRjprrHo50ZRPD&n=1&pdata=eu-translator-ghost HTTP 302
- https://iei.rlcdn.com/472906.gif?n=1&partner_uid=XY1005JCTbDAkJwidVuDES_L97uUTcA2lobvl3dP4iFKPXnhI&pdata=eu-translator-ghost&ipel=Xi1005GlEyapmr64eGsXNGFDSeZGjeKkREzxdYlL8pPY0zGnb55xnfZCgRjprrHo50ZRPD&redirect=1 HTTP 302
- https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fpartner_uid%3D%24UID HTTP 302
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fpartner_uid%253D%2524UID HTTP 302
- https://idsync.rlcdn.com/52154.gif?partner_uid=5917321516049047524
- https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D3fb76a11dfb9a1970941a8bd8d97832a%26wb%3D{WEBO_CID} HTTP 302
- https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D3fb76a11dfb9a1970941a8bd8d97832a%26wb%3D%7BWEBO_CID%7D&bounce=1&random=3031971442 HTTP 302
- https://r.phywi.org/webo.gif?md=3fb76a11dfb9a1970941a8bd8d97832a&wb=XB0clhSywvcXbaY25hRXGO
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
3025835054.html
ml.news.grands-meres.com/l2/78bnvKyjU7/13386416/ |
786 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
redirection.html
wtm.news.grands-meres.com/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
https%3A%2F%2Fpws.news.grands-meres.com%2Fndc%2F7ZVLJYZV%3Fps_ee%3D3fb76a11dfb9a1970941a8bd8d97832a%26ps_g%3DM%26ps_a%3D%24date_naissance%24%26z%3D1
wtm.news.grands-meres.com/ |
0 300 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cl.gif
r.phywi.org/ |
43 B 431 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/3fb76a11dfb9a1970941a8bd8d97832a/ Redirect Chain
|
35 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.php
email-reflex.com/tags/ Redirect Chain
|
43 B 597 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
52154.gif
idsync.rlcdn.com/ Redirect Chain
|
42 B 364 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webo.gif
r.phywi.org/ Redirect Chain
|
43 B 316 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
4
res.technooffer.com/a/y/offers/yy/l999z6i5gm59zq0s0p5/click/4x0gv6uspol1xzha7dxj1h6/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cd.osittock.com
csync.pwspace.com
ejp.rlcdn.com
email-reflex.com
ep.la-meteo-mail.fr
er.cloud-media.fr
ib.adnxs.com
idsync.rlcdn.com
iei.rlcdn.com
ml.news.grands-meres.com
pws.news.grands-meres.com
r.phywi.org
redirect.frontend.weborama.fr
res.technooffer.com
wtm.news.grands-meres.com
104.155.63.91
178.32.79.100
178.32.79.99
185.33.223.210
2001:41d0:2:dbba::
2001:41d0:8:88c8::
2600:1901:0:37f::a:1
34.250.175.193
34.95.92.78
35.190.16.14
52.51.175.46
54.171.2.228
54.246.228.167
80.70.210.161
91.190.170.12
08cf5192ca279514348360b606bd4c8f849a49ada77326912449f7c5494afa60
2782a553d9c397ea5feb22512d6957e427d71ddd3821971703f7a7a714e51b05
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629