ramdani-cv.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ramdani-cv.fr.gd/
Effective URL:
https://ramdani-cv.fr.gd/
Submission: On January 13 via manual (January 13th 2024, 1:21:53 pm UTC) from PL — Scanned from FR

Summary HTTP 34 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 34 HTTP transactions. The main IP is 193.238.27.28, located in Germany and belongs to IPX-AS15598, DE. The main domain is ramdani-cv.fr.gd.
TLS certificate: Issued by R3 on October 30th 2023. Valid for: 3 months.

This is the only time ramdani-cv.fr.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	193.238.27.28 193.238.27.28	15598 (IPX-AS15598) (IPX-AS15598)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	178.162.223.113 178.162.223.113	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
6	178.162.223.114 178.162.223.114	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	2606:4700:303... 2606:4700:3035::6815:35fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	38.99.77.16 38.99.77.16	36323 (EZRI-36323) (EZRI-36323)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	176.9.183.55 176.9.183.55	24940 (HETZNER-AS) (HETZNER-AS)
3	3.75.56.58 3.75.56.58	16509 (AMAZON-02) (AMAZON-02)
1 3	52.59.24.203 52.59.24.203	16509 (AMAZON-02) (AMAZON-02)
1 2	3.70.162.45 3.70.162.45	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::681a:109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.156.47.223 18.156.47.223	16509 (AMAZON-02) (AMAZON-02)
1	23.227.38.65 23.227.38.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	18

2 193.238.27.28 (Germany) 1 redirects

ASN15598 (IPX-AS15598, DE)
PTR: fr.gd

ramdani-cv.fr.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.223.113 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com

theme.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.162.223.114 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: img.webme.com

img.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:35fc (United States)

ASN13335 (CLOUDFLARENET, US)

www.recherche-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

asrv205.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.99.77.16 (Santa Clara, United States)

ASN36323 (EZRI-36323, US)
PTR: imagizer-cv.imageshack.us

img17.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:cb40:200::242 (Germany) 1 redirects

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

nextlevel-f353.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de

fwdtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com

visifeed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.59.24.203 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-24-203.eu-central-1.compute.amazonaws.com

api.yieldads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.70.162.45 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-162-45.eu-central-1.compute.amazonaws.com

xuve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:109 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.secprf2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.47.223 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-47-223.eu-central-1.compute.amazonaws.com

pin.sheesh-beauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.65 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

sheesh-beauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	webme.com theme.webme.com img.webme.com — Cisco Umbrella Rank: 414033	102 KB
3	yieldads.net 1 redirects api.yieldads.net — Cisco Umbrella Rank: 120597	15 KB
3	visifeed.org visifeed.org — Cisco Umbrella Rank: 119580	2 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	187 KB
2	sheesh-beauty.com 1 redirects pin.sheesh-beauty.com sheesh-beauty.com	497 B
2	secprf2.com 1 redirects r.secprf2.com — Cisco Umbrella Rank: 151656	2 KB
2	xuve.com 1 redirects xuve.com — Cisco Umbrella Rank: 377637	2 KB
2	adcell.com 1 redirects t.adcell.com — Cisco Umbrella Rank: 57836	633 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	5 KB
2	fr.gd 1 redirects ramdani-cv.fr.gd	29 KB
1	fwdtrk.com fwdtrk.com fwd.fwdtrk.com Failed	2 KB
1	kxcdn.com nextlevel-f353.kxcdn.com — Cisco Umbrella Rank: 447568	80 KB
1	imageshack.us img17.imageshack.us
1	asrv205.com asrv205.com	1 KB
1	recherche-web.com www.recherche-web.com	14 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	2 KB
0	tinypic.com Failed i34.tinypic.com Failed i35.tinypic.com Failed i33.tinypic.com Failed
34	17

	Domain	Requested by
6	img.webme.com	ramdani-cv.fr.gd
3	api.yieldads.net	1 redirects visifeed.org api.yieldads.net
3	visifeed.org	fwdtrk.com visifeed.org
3	pagead2.googlesyndication.com	ramdani-cv.fr.gd pagead2.googlesyndication.com
2	r.secprf2.com	1 redirects xuve.com
2	xuve.com	1 redirects api.yieldads.net
2	t.adcell.com	1 redirects asrv205.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	theme.webme.com	ramdani-cv.fr.gd
2	ramdani-cv.fr.gd	1 redirects
1	sheesh-beauty.com	r.secprf2.com
1	pin.sheesh-beauty.com	1 redirects
1	fwdtrk.com	asrv205.com
1	nextlevel-f353.kxcdn.com	asrv205.com
1	img17.imageshack.us	ramdani-cv.fr.gd
1	asrv205.com	ramdani-cv.fr.gd
1	www.recherche-web.com	ramdani-cv.fr.gd
1	cdnjs.cloudflare.com	ramdani-cv.fr.gd
0	fwd.fwdtrk.com Failed	fwdtrk.com
0	i33.tinypic.com Failed	ramdani-cv.fr.gd
0	i35.tinypic.com Failed	ramdani-cv.fr.gd
0	i34.tinypic.com Failed	ramdani-cv.fr.gd
34	22

This site contains links to these domains. Also see Links.

Domain
www.recherche-web.com
www.ma-page.fr

Subject Issuer	Validity	Valid
fr.gd R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
misc.webme.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
img.webme.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
recherche-web.com E1	`2023-12-21` - `2024-03-20`	3 months	crt.sh
asrv205.com GTS CA 1P5	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.imageshack.us Go Daddy Secure Certificate Authority - G2	`2023-01-01` - `2024-02-02`	a year	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
fwdtrk.com R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
visifeed.org R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
api.yieldads.net Amazon RSA 2048 M01	`2023-10-04` - `2024-11-02`	a year	crt.sh
xuve.com Amazon RSA 2048 M01	`2023-06-21` - `2024-07-20`	a year	crt.sh
secprf2.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
sheesh-beauty.com R3	`2024-01-10` - `2024-04-09`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://ramdani-cv.fr.gd/
Frame ID: F798B4640D355475071A6F308334A8D6
Requests: 19 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: FB4C81F7D3C0E2CB3EB80D4C3DE45D82
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 6A9E1D0BF227838EA1711B16657F5DB1
Requests: 1 HTTP requests in this frame

Frame: https://t.adcell.com/p/view?promoId=268545&slotId=105746&pv=1
Frame ID: 7291DBFF976DCE9A308231A22B7170F0
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTYsImNyZWF0aXZlX2lkIjoyNiwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRlIiLCJ0cyI6MTcwNTE1MjEwOX0%3D
Frame ID: C577452F09B7C6CB6E9809CEAFDCCA1C
Requests: 2 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a6a&ci=yC%5Bu.Pt%3B&its=9F%5Bt%2ALp5d7bA%21QD%3BwgPWbV%60&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: 5F32F8D5F5C8A767158F58DD2211FF55
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3913132933055379&output=html&adk=1812271804&adf=3025194257&lmt=1705152109&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Framdani-cv.fr.gd%2F&ea=0&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705152109277&bpp=1&bdt=187&idt=226&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5921643115954&frm=20&pv=2&ga_vid=445723479.1705152110&ga_sid=1705152110&ga_hid=125465226&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080223%2C31080263%2C95320378%2C95320868%2C95320893&oid=2&pvsid=3707461756583017&tmod=599133165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=235
Frame ID: AC9956533A65B10B0756A18756216545
Requests: 1 HTTP requests in this frame

Frame: https://sheesh-beauty.com/?utm_source=adtraction&utm_medium=affiliate&utm_campaign=adtraction&at_gd=65393198F457B438228A742F5E82E49664DA512F
Frame ID: FD12B3220533C85442D870981658122E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CV EMPLOI

Page URL History Show full URLs

http://ramdani-cv.fr.gd/ HTTP 301
https://ramdani-cv.fr.gd/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Ramda (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

ramda.*\.js

Page Statistics

34
Requests

82 %
HTTPS

44 %
IPv6

17
Domains

22
Subdomains

18
IPs

4
Countries

440 kB
Transfer

825 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.recherche-web.com/
Title: .

Search URL Search Domain Scan URL

URL: https://www.ma-page.fr/?c=4000&utm_source=selfpromotion&utm_campaign=overlay&utm_medium=footer
Title: Ce site web a été créé gratuitement avec Ma-page.fr. Tu veux aussi ton propre site web ? S'inscrire gratuitement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ramdani-cv.fr.gd/ HTTP 301
https://ramdani-cv.fr.gd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://t.adcell.com/p/image?promoId=284482&slotId=105746 HTTP 302
https://nextlevel-f353.kxcdn.com/BioBloom/Standard/14.02.2022/Starterpaket_300x250.png

Request Chain 30

https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjE2IFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMTYgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
https://xuve.com/de/y?t=sheesh-beauty.com&cid=a0714b407ba87a6ad2e74115f058fc8b2cf4bd5ba8e49a9b87ae0049d9e7b501&identifier=70db11580586afa8 HTTP 302
https://xuve.com/de/search/sheesh-beauty.com

Request Chain 31

https://r.secprf2.com/v1/redirect?url=https://sheesh-beauty.com&api_key=7db24a42cd27ebc761d660ebd5d0ad1f&site_id=b02d1d0446924a059b8c5830b3b4d2bb&type=url&source=https://xuve.com/de/search/sheesh-beauty.com&yk_tag=a0714b407ba87a6ad2e74115f058fc8b2cf4bd5ba8e49a9b87ae0049d9e7b501 HTTP 302
https://r.secprf2.com/v2/go?t=mtcpy%3Au%2Fei-.sheesh2bFa%25t3.sot%2Fh%2Fl%3Fu%3Dm8c8e2u6.2wa-%3D8130d500329tc2btf%3D4%26ep1%3De090c05024215084739v8i1ee10kf%269%3Dc%26b27083c8c10sw%26w1x2v2.4o1%26art%3Dttmpc%25yAu2e%25-Fsheeshnbpa%2Fts.toh&e=1&ai=5de80ba773584a638f2e78420d3b49b8&sct=0&ct=1705152110210&cu=58c799e811ee40ffb9cc9b3708dc3c80&ykuid=29817305df014676b7e9250a3b7b87db&sc=1&cs=f041afdae8b4efa58441ce9d4d274df0

Request Chain 32

https://pin.sheesh-beauty.com/t/t?a=1848222612&as=1180350022&t=2&tk=1&epi=v03040001422558c799e811ee40ffb9cc9b3708dc3c80-www.xuve.com&url=https%3A%2F%2Fsheesh-beauty.com HTTP 302
https://sheesh-beauty.com/?utm_source=adtraction&utm_medium=affiliate&utm_campaign=adtraction&at_gd=65393198F457B438228A742F5E82E49664DA512F

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request / Show response
ramdani-cv.fr.gd/
Redirect Chain

http://ramdani-cv.fr.gd/
https://ramdani-cv.fr.gd/

28 KB
29 KB

290ms
90ms

Document
text/html

193.238.27.28
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL: https://ramdani-cv.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.238.27.28 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS: fr.gd
Software: nginx /
Resource Hash: d28fbd46e036558188d7b227f93c6dd310cd1463f723873d756a8fabbb87eef9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Age: 0
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=ISO-8859-15
Date: Sat, 13 Jan 2024 13:21:49 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: User-Agent
Via: 1.1 varnish-v4
X-Varnish: 814318443
X-wm-1: 64ef455219bf45ba236b8d390f06c9ce
X-wm-VIP: 193.238.27.28
X-wm-req.backend: SitesGET
X-wm-req.backend.healthy: true
X-wm-req.restarts: 0

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jan 2024 13:21:48 GMT
Location: https://ramdani-cv.fr.gd/
Server: Varnish
X-Varnish: 813302388

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 4 KB
2 KB 72ms
31ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Requested by

Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 13:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3756194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1618
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-11d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhbRv9Y71ES%2BSrxbR2zC8Hf5tihRM%2FxKp5OseZQUmHBCru8gZB5yQdpg91yLCEpJUph91Ns%2FbRjzGAPyqyiRDkyCE%2BPRZ%2Fjnkddl%2B%2Ble8ORk746uInAuzWjod1ZSqlirN%2F9sWio0iivqP1A%2FqiG8RcIk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 844df1ca1bf2f0a3-CDG
expires: Thu, 02 Jan 2025 13:21:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 137ms
78ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3913132933055379&host=ca-host-pub-1483906849246906

Requested by

Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59c78467dab079907a1a0feb7ec5719a637ce78bdcd62891fc71a0f6279cc67b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ramdani-cv.fr.gd/
Origin: https://ramdani-cv.fr.gd
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 13:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51195
x-xss-protection: 0
server: cafe
etag: 17243415468620960085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 13:21:49 GMT

GET
H/1.1 200
OK navi_ende.gif
theme.webme.com/designs/iceblue/images/ 4 KB
4 KB 197ms
23ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/iceblue/images/navi_ende.gif
Requested by: Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 52738ef63f4f5d74aec2c2d009710029efc884cf4918fb7792eec9f9475be020

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 13:21:49 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 45308
Content-Type: image/gif
X-Varnish: 729604539, 238086913 235693542
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3928
Expires: Sat, 24 Feb 2024 00:46:40 GMT

GET
H/1.1 200
OK noconnect.gif
img.webme.com/pic/r/ramdani-cv/ 3 KB
3 KB 158ms
23ms Image
image/gif 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/r/ramdani-cv/noconnect.gif
Requested by: Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 4b509bcb58670c2fc6bb6489820df79efce092578d8954d31bc6477a80489f8b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 13:21:49 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Thu, 01 Jan 2015 12:21:26 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 121007
ETag: "54a53bc6-ac4"
X-Varnish: 549396298, 233602509 228704173
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2756

GET
H2 200 logorecherche.gif
www.recherche-web.com/ 14 KB
14 KB 90ms
30ms Image
image/gif 2606:4700:3035::6815:35fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recherche-web.com/logorecherche.gif

Requested by

Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:35fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca5bdb80b446f313f955885509683506295b195b25eb7de8884f1e6251c673f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 13:21:49 GMT
strict-transport-security: max-age=16000000
cf-cache-status: HIT
last-modified: Thu, 30 Jul 2020 10:17:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6069
etag: W/"3667-5aba5fa596f8c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMzd362d2PLfKWnlRMdDYr25eSY6zUWznoG5nR%2BjOGqRjjloGROq8xijHnMZmjVsgc0RzUjipqB38Wy10mhrafm4wRtk5pbpeIRttp7NlKP%2F839BnxkLV48vNRAtJ8Lb58RqLJfWAqw3N3QeL7bABx6Zxes%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 844df1cabf85d2c9-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0= Show response
asrv205.com/adframe/ Frame FB4C 2 KB
1 KB 138ms
86ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by: Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d8e25221c0439c0ce31c51ad97caba69c928044a5eae80d78c416b0147a9af5

Request headers

Referer: https://ramdani-cv.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844df1caabb60288-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 13 Jan 2024 13:21:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Oqdby4mAnfbJmN97LwjCuktS3DeQ3MO0sU61kZ7CH6Y9SPw0LrABnzIscc2kg%2BwI4krGVooLBuXUhZ0MUlChTWunf24vgze%2F%2FZttCwCIQk8lIV%2Bs3By8yidWW0QSDjqJHoFJbXLBbuLzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK gd-final1-.jpg
img.webme.com/pic/d/doued/ 69 KB
69 KB 133ms
46ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/d/doued/gd-final1-.jpg
Requested by: Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 85c11320102fc04a39dac524555ff02afa4b307a1ff1134d1931e34a9ada0fe0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 13:21:49 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 06 Jan 2015 19:45:19 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 70061
ETag: "54ac3b4f-112ca"
X-Varnish: 675784762, 205929835 233509714
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70346

GET 2r2x2ef.jpg
i34.tinypic.com/ 0
0

GET
H/1.1 200
OK gauche.png
img.webme.com/pic/d/doued/ 2 KB
3 KB 119ms
23ms Image
image/png 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/d/doued/gauche.png
Requested by: Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: b3f329de044fbbae319448014e42b44fb440d256d2b5b7901b86c56914fe3798

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 13:21:49 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 06 Jan 2015 19:45:17 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 70061
ETag: "54ac3b4d-933"
X-Varnish: 690554465, 238086911 232969988
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2355

GET dpyb0j.png
i35.tinypic.com/ 0
0

GET
H/1.1 200
OK td.edit_content_top2.png
img.webme.com/pic/d/doued/ 3 KB
3 KB 120ms
23ms Image
image/png 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/d/doued/td.edit_content_top2.png
Requested by: Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 1e7476ad1ee6df9efa2f02694acefa98b3eb5568119573413a047165c1e5801f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 13:21:49 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 06 Jan 2015 19:45:20 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 70061
ETag: "54ac3b50-c92"
X-Varnish: 675784766, 205929837 232827871
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3218

GET
H/1.1 200
OK td.edit_content.png
img.webme.com/pic/d/doued/ 10 KB
10 KB 132ms
23ms Image
image/png 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/d/doued/td.edit_content.png
Requested by: Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 1664eb5ff6d9166e5b1a7026123a7465773bcb313e9f98acad159105f70d6fad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 13:21:49 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 06 Jan 2015 19:45:20 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 70061
ETag: "54ac3b50-2756"
X-Varnish: 675784764, 238086915 231271074
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10070

GET
H/1.1 404
Not Found abajoi.png
img17.imageshack.us/img17/808/ 0
0 1063ms
164ms Image
text/html 38.99.77.16
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img17.imageshack.us/img17/808/abajoi.png
Requested by: Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.99.77.16 Santa Clara, United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET 52l2dt.jpg
i33.tinypic.com/ 0
0

GET
H/1.1 200
OK td.sidebar_heading1.png
img.webme.com/pic/d/doued/ 2 KB
2 KB 54ms
23ms Image
image/png 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/d/doued/td.sidebar_heading1.png
Requested by: Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 95df9ffdb6726dad10bf0c33ec99b12a78159f2c2cece27e36fbb57e2044435f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 13:21:49 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 06 Jan 2015 19:45:20 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 70061
ETag: "54ac3b50-7b1"
X-Varnish: 683315248, 205929831 232827874
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1969

GET 28cd1rr.png
i34.tinypic.com/ 0
0

GET
H/1.1 200
OK s_bg.gif
theme.webme.com/designs/iceblue/images/ 6 KB
7 KB 93ms
24ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/iceblue/images/s_bg.gif
Requested by: Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 4f5460dfd092fd9590362384eb00333f8b88fa1489703e21fb14271387baf063

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 13:21:49 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 29356
Content-Type: image/gif
X-Varnish: 773295516, 238086909 236819623
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6503
Expires: Sat, 24 Feb 2024 05:12:32 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 136ms
82ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3913132933055379&plah=ramdani-cv.fr.gd

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3913132933055379&host=ca-host-pub-1483906849246906

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24d23b56f591a31c37e9f971cfd9b30ce9b8a11fa5c4d82792cd235e1549143d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 13:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139385
x-xss-protection: 0
server: cafe
etag: 11527409752708404597
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 13:21:49 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 6A9E 9 KB
4 KB 84ms
25ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3913132933055379&host=ca-host-pub-1483906849246906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ramdani-cv.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 60097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 20:40:12 GMT
etag: 9219409622527106327
expires: Fri, 26 Jan 2024 20:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

Starterpaket_300x250.png
nextlevel-f353.kxcdn.com/BioBloom/Standard/14.02.2022/ Frame FB4C
Redirect Chain

https://t.adcell.com/p/image?promoId=284482&slotId=105746
https://nextlevel-f353.kxcdn.com/BioBloom/Standard/14.02.2022/Starterpaket_300x250.png

80 KB
80 KB

98ms
28ms

Image
image/png

2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextlevel-f353.kxcdn.com/BioBloom/Standard/14.02.2022/Starterpaket_300x250.png
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: H2
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: b5e7eab75ce103fdc2b1bf25fda76fdca9b01edab98a22410ea781afbd0a9e62

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://asrv205.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 13:21:49 GMT
last-modified: Fri, 11 Feb 2022 07:40:12 GMT
server: keycdn
x-edge-location: defr
etag: "14005-5d7b92d456f00"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
link: <https://media.imocash.com/BioBloom/Standard/14.02.2022/Starterpaket_300x250.png>; rel="canonical"
content-length: 81925
expires: Sat, 13 Jan 2024 14:21:49 GMT

Redirect headers

date: Sat, 13 Jan 2024 13:21:49 GMT
strict-transport-security: max-age=15768000
server: myracloud
content-type: text/html
location: https://nextlevel-f353.kxcdn.com/BioBloom/Standard/14.02.2022/Starterpaket_300x250.png
cache-control: max-age=0
content-length: 0
expires: Sat, 13 Jan 2024 13:21:49 GMT

GET
H2 200 view Show response
t.adcell.com/p/ Frame 7291 42 B
419 B 129ms
62ms Document
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/p/view?promoId=268545&slotId=105746&pv=1

Requested by

Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
content-type: image/gif
date: Sat, 13 Jan 2024 13:21:49 GMT
expires: Sat, 11 Jan 2003 12:59:00 GMT
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
pragma: no-cache
server: myracloud
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK eyJjYW1wYWlnbl9pZCI6MTYsImNyZWF0aXZlX2lkIjoyNiwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwN... Show response
fwdtrk.com/track/ Frame C577 1 KB
2 KB 104ms
39ms Document
text/html 176.9.183.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTYsImNyZWF0aXZlX2lkIjoyNiwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRlIiLCJ0cyI6MTcwNTE1MjEwOX0%3D
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.183.9.176.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 13:21:49 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET track
fwd.fwdtrk.com/ Frame C577 0
0

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame 5F32 405 B
735 B 136ms
61ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTYsImNyZWF0aXZlX2lkIjoyNiwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRlIiLCJ0cyI6MTcwNTE1MjEwOX0%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: fb4e05b9640c6a55037bc48c816849d3fc1774b13ff5cd9cf33acd2594902019

Request headers

Referer: https://fwdtrk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 13:21:49 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC99 603 B
218 B 205ms
205ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3913132933055379&output=html&adk=1812271804&adf=3025194257&lmt=1705152109&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Framdani-cv.fr.gd%2F&ea=0&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705152109277&bpp=1&bdt=187&idt=226&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5921643115954&frm=20&pv=2&ga_vid=445723479.1705152110&ga_sid=1705152110&ga_hid=125465226&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080223%2C31080263%2C95320378%2C95320868%2C95320893&oid=2&pvsid=3707461756583017&tmod=599133165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=235

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3913132933055379&plah=ramdani-cv.fr.gd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ramdani-cv.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 13:21:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ramdani-cv.fr.gd
URL: https://ramdani-cv.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ramdani-cv.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 13:21:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i Show response
visifeed.org/ Frame 5F32 410 B
734 B 33ms
32ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a6a&ci=yC%5Bu.Pt%3B&its=9F%5Bt%2ALp5d7bA%21QD%3BwgPWbV%60&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 3de1ef640c8fd9eb475e98f0416f1b948d1911c48dfa2b1a3cd5ba34d910b980

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 13:21:49 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame FD12 347 B
670 B 42ms
42ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a00&ci=yC%5Bu.Pt%3B&its=9F%5Bt%2ALp5d7bA%21QD%3BwgPWbV%60&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a6a&ci=yC%5Bu.Pt%3B&its=9F%5Bt%2ALp5d7bA%21QD%3BwgPWbV%60&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: de6cfe618a30e562d027879e09ee6b4b6929b7f24069b66d8a61826c4a252576

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 13:21:49 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H2 200 redirect Show response
api.yieldads.net/ Frame FD12 2 KB
2 KB 94ms
28ms Document
text/html 52.59.24.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a00&ci=yC%5Bu.Pt%3B&its=9F%5Bt%2ALp5d7bA%21QD%3BwgPWbV%60&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.24.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-24-203.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/8.2.14
Resource Hash: 0c4154fa9da69a4661dc4f5cfdd7d808542b61c528b2c0aa0606b4d34e9b2d02

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 13 Jan 2024 13:21:49 GMT
server: nginx
x-powered-by: PHP/8.2.14

GET
H2 200 fp.min.js Show response
api.yieldads.net/js/ Frame FD12 34 KB
12 KB 26ms
25ms Script
application/javascript 52.59.24.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldads.net/js/fp.min.js
Requested by: Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.24.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-24-203.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 13:21:49 GMT
content-encoding: gzip
last-modified: Fri, 12 Jan 2024 13:37:28 GMT
server: nginx
etag: W/"65a14098-864c"
content-type: application/javascript

GET
H2

200

sheesh-beauty.com Show response
xuve.com/de/search/ Frame FD12
Redirect Chain

https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c...
https://xuve.com/de/y?t=sheesh-beauty.com&cid=a0714b407ba87a6ad2e74115f058fc8b2cf4bd5ba8e49a9b87ae0049d9e7b501&identifier=70db11580586afa8
https://xuve.com/de/search/sheesh-beauty.com

536 B
1 KB

51ms
51ms

Document
text/html

3.70.162.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xuve.com/de/search/sheesh-beauty.com
Requested by: Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.162.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-162-45.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/7.1.33
Resource Hash: c40645af4db599dc16023c52306fc42fd4585e64e0e6fe0565ee5cd2ad73f5de

Request headers

Referer: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5b6ae43ad42a7995ea1dde792c14bd49b3c3ec39ac77feb0a6a2cf7c092c8a00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sat, 13 Jan 2024 13:21:50 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sat, 13 Jan 2024 13:21:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://xuve.com/de/search/sheesh-beauty.com
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

GET
H2

200

go Show response
r.secprf2.com/v2/ Frame FD12
Redirect Chain

https://r.secprf2.com/v1/redirect?url=https://sheesh-beauty.com&api_key=7db24a42cd27ebc761d660ebd5d0ad1f&site_id=b02d1d0446924a059b8c5830b3b4d2bb&type=url&source=https://xuve.com/de/search/sheesh-b...
https://r.secprf2.com/v2/go?t=mtcpy%3Au%2Fei-.sheesh2bFa%25t3.sot%2Fh%2Fl%3Fu%3Dm8c8e2u6.2wa-%3D8130d500329tc2btf%3D4%26ep1%3De090c05024215084739v8i1ee10kf%269%3Dc%26b27083c8c10sw%26w1x2v2.4o1%26ar...

2 KB
848 B

72ms
72ms

Document
text/html

2606:4700:20::681a:109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.secprf2.com/v2/go?t=mtcpy%3Au%2Fei-.sheesh2bFa%25t3.sot%2Fh%2Fl%3Fu%3Dm8c8e2u6.2wa-%3D8130d500329tc2btf%3D4%26ep1%3De090c05024215084739v8i1ee10kf%269%3Dc%26b27083c8c10sw%26w1x2v2.4o1%26art%3Dttmpc%25yAu2e%25-Fsheeshnbpa%2Fts.toh&e=1&ai=5de80ba773584a638f2e78420d3b49b8&sct=0&ct=1705152110210&cu=58c799e811ee40ffb9cc9b3708dc3c80&ykuid=29817305df014676b7e9250a3b7b87db&sc=1&cs=f041afdae8b4efa58441ce9d4d274df0
Requested by: Host: xuve.com
URL: https://xuve.com/de/search/sheesh-beauty.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abec96abd300b0b4f712f103a9074c60a10933196508e599e92b6b89ca19d00a

Request headers

Referer: https://xuve.com/de/search/sheesh-beauty.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 844df1d10a8fd3ab-CDG
content-encoding: br
content-type: text/html;charset=UTF-8
date: Sat, 13 Jan 2024 13:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFypqq%2FJLX1yeBIQMDnL5u%2Baj75I7hnwr59g%2FzbNFFx1VVIZaDKEaIYfut0ofdwCMLHCE6krWvNge1E8jvTeyEgjxqPz3eRD7m7tpLL5HUWaIBT0Zc9Gw8Mbf6RijhuM6MOeFXkURv9rimQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 844df1d039b8d3ab-CDG
content-length: 0
date: Sat, 13 Jan 2024 13:21:50 GMT
location: /v2/go?t=mtcpy%3Au%2Fei-.sheesh2bFa%25t3.sot%2Fh%2Fl%3Fu%3Dm8c8e2u6.2wa-%3D8130d500329tc2btf%3D4%26ep1%3De090c05024215084739v8i1ee10kf%269%3Dc%26b27083c8c10sw%26w1x2v2.4o1%26art%3Dttmpc%25yAu2e%25-Fsheeshnbpa%2Fts.toh&e=1&ai=5de80ba773584a638f2e78420d3b49b8&sct=0&ct=1705152110210&cu=58c799e811ee40ffb9cc9b3708dc3c80&ykuid=29817305df014676b7e9250a3b7b87db&sc=1&cs=f041afdae8b4efa58441ce9d4d274df0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO PSA OUR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1w%2BBZNTw1ag%2BcdGfkYy1kKp0lIurghaSDn0Uu2omAv4kcRcQSIQZZ8KTyWIaM3YXTsTxoFc%2F%2By27BNvSagmPC59i2gqqZdTfT49yQv8QqxhYN59aYAli1ZdoAqiLR0HZq79GqDqfeOY4C30%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

200

/
sheesh-beauty.com/ Frame FD12
Redirect Chain

https://pin.sheesh-beauty.com/t/t?a=1848222612&as=1180350022&t=2&tk=1&epi=v03040001422558c799e811ee40ffb9cc9b3708dc3c80-www.xuve.com&url=https%3A%2F%2Fsheesh-beauty.com
https://sheesh-beauty.com/?utm_source=adtraction&utm_medium=affiliate&utm_campaign=adtraction&at_gd=65393198F457B438228A742F5E82E49664DA512F

0
0

431ms
367ms

Document
text/html

23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sheesh-beauty.com/?utm_source=adtraction&utm_medium=affiliate&utm_campaign=adtraction&at_gd=65393198F457B438228A742F5E82E49664DA512F

Requested by

Host: r.secprf2.com
URL: https://r.secprf2.com/v2/go?t=mtcpy%3Au%2Fei-.sheesh2bFa%25t3.sot%2Fh%2Fl%3Fu%3Dm8c8e2u6.2wa-%3D8130d500329tc2btf%3D4%26ep1%3De090c05024215084739v8i1ee10kf%269%3Dc%26b27083c8c10sw%26w1x2v2.4o1%26art%3Dttmpc%25yAu2e%25-Fsheeshnbpa%2Fts.toh&e=1&ai=5de80ba773584a638f2e78420d3b49b8&sct=0&ct=1705152110210&cu=58c799e811ee40ffb9cc9b3708dc3c80&ykuid=29817305df014676b7e9250a3b7b87db&sc=1&cs=f041afdae8b4efa58441ce9d4d274df0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.secprf2.com/v2/go?t=mtcpy%3Au%2Fei-.sheesh2bFa%25t3.sot%2Fh%2Fl%3Fu%3Dm8c8e2u6.2wa-%3D8130d500329tc2btf%3D4%26ep1%3De090c05024215084739v8i1ee10kf%269%3Dc%26b27083c8c10sw%26w1x2v2.4o1%26art%3Dttmpc%25yAu2e%25-Fsheeshnbpa%2Fts.toh&e=1&ai=5de80ba773584a638f2e78420d3b49b8&sct=0&ct=1705152110210&cu=58c799e811ee40ffb9cc9b3708dc3c80&ykuid=29817305df014676b7e9250a3b7b87db&sc=1&cs=f041afdae8b4efa58441ce9d4d274df0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844df1d3be0c016f-CDG
content-encoding: br
content-language: de
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sat, 13 Jan 2024 13:21:51 GMT
etag: W/"cacheable:6fa58ee8081d44800fc67188f59ef8c6"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LZc%2FnR3uO1BDUN3c2k6QwAyGTLhV9HHgxIsFRPg%2F0YLt9TcPgIDf22dHVgB%2FHQYGLe1KDY8S8q2PlkJOYLiEe2jTbLepoL2ggUxvACdoIPIq1qysLhFDkHtzftsvXQsakOR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=311;desc="gc:55", db;dur=66, render;dur=133, wasm, asn;desc="16276", edge;desc="CDG", country;desc="FR", theme;desc="146890064140", pageType;desc="index", servedBy;desc="vcrq", requestID;desc="c92adf5f-731c-400c-80d4-f7db41f5d331" cfRequestDuration;dur=345.999956, earlyhints
strict-transport-security: max-age=7889238
vary: Accept
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-europe-west9,gcp-europe-west3,gcp-europe-west3
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: c92adf5f-731c-400c-80d4-f7db41f5d331
x-shardid: 267
x-shopid: 61694312689
x-shopify-stage: production
x-sorting-hat-podid: 267
x-sorting-hat-shopid: 61694312689
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Date: Sat, 13 Jan 2024 13:21:50 GMT
Location: https://sheesh-beauty.com?utm_source=adtraction&utm_medium=affiliate&utm_campaign=adtraction&at_gd=65393198F457B438228A742F5E82E49664DA512F
Transfer-Encoding: chunked
X-TraceId: 875171b3-1f60-4576-af33-a01351d81b17

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i34.tinypic.com
URL: https://i34.tinypic.com/2r2x2ef.jpg

Domain: i35.tinypic.com
URL: https://i35.tinypic.com/dpyb0j.png

Domain: i33.tinypic.com
URL: https://i33.tinypic.com/52l2dt.jpg

Domain: i34.tinypic.com
URL: https://i34.tinypic.com/28cd1rr.png

Domain: fwd.fwdtrk.com
URL: https://fwd.fwdtrk.com/track?id=

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ramdani-cv.fr.gd/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5195f5d2524ed5f3b923ca4a2a4e6767
t.adcell.com/	1970-01-20 17:40:38	Name: ADCELLvpid9696 Value: 268545-105746-%23%23%23%23https%3A%2F%2Fasrv205.com%2F%40%40%40%401705152109
.doubleclick.net/	1970-01-20 17:39:13	Name: test_cookie Value: CheckForPermission
api.yieldads.net/	1970-01-20 17:49:16	Name: AWSALBTGCORS Value: OupXjup3LCxEKS84yvfYkDvNnoRvepNH0Zj2pHqaKo9rIUjfYXvOVfhaYsDVOYw8litHTA421G/qxREwp1MXqcXb1NnnLWY2DJbtFL35IhjwQmCtasCpE1vAn12qD8AZeYskrsNTwZz4tJko8OL7p5kxeqEcbpy+PH2f0QTUt6NLxWzgbpY=
api.yieldads.net/	1970-01-20 17:49:16	Name: AWSALBCORS Value: 4KEVr/pvJMYrFi0IWtUBQsLHRRxITHt9whjnvDcaNL8RVhNVJ5neRTInewsuLe5pcY0Abqci75GyjJijzVBFq99dsZBuGyHKNEEFg/sMkTFETvEWgDrYDVWWv7jb
xuve.com/	1970-01-20 17:49:16	Name: AWSALBCORS Value: U++VZcCOIf10uH5jXEHLmf0vL9fOOwFvI1mMBbN9MxAMLoL/pBscZBDD8It+IqjiKOWDnCeFrT43Vqw9Z19ImJlSnYT9s9VIvjZJ2m+iaLzIwwCackh7AKUYzo3p
.pin.sheesh-beauty.com/	1970-01-21 03:15:12	Name: at_gd Value: 65393198F457B438228A742F5E82E49664DA512F

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ramdani-cv.fr.gd/ Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	URL: https://ramdani-cv.fr.gd/ Message: Mixed Content: The page at 'https://ramdani-cv.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://www.recherche-web.com/logorecherche.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ramdani-cv.fr.gd/(Line 556) Message: Mixed Content: The page at 'https://ramdani-cv.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://www.recherche-web.com/logorecherche.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ramdani-cv.fr.gd/(Line 556) Message: Mixed Content: The page at 'https://ramdani-cv.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://i34.tinypic.com/2r2x2ef.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ramdani-cv.fr.gd/(Line 556) Message: Mixed Content: The page at 'https://ramdani-cv.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://i35.tinypic.com/dpyb0j.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ramdani-cv.fr.gd/(Line 556) Message: Mixed Content: The page at 'https://ramdani-cv.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://img17.imageshack.us/img17/808/abajoi.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ramdani-cv.fr.gd/(Line 556) Message: Mixed Content: The page at 'https://ramdani-cv.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://i33.tinypic.com/52l2dt.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ramdani-cv.fr.gd/(Line 556) Message: Mixed Content: The page at 'https://ramdani-cv.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://i34.tinypic.com/28cd1rr.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://i34.tinypic.com/2r2x2ef.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://i34.tinypic.com/28cd1rr.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://i35.tinypic.com/dpyb0j.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://i33.tinypic.com/52l2dt.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3913132933055379&output=html&adk=1812271804&adf=3025194257&lmt=1705152109&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Framdani-cv.fr.gd%2F&ea=0&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705152109277&bpp=1&bdt=187&idt=226&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5921643115954&frm=20&pv=2&ga_vid=445723479.1705152110&ga_sid=1705152110&ga_hid=125465226&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080223%2C31080263%2C95320378%2C95320868%2C95320893&oid=2&pvsid=3707461756583017&tmod=599133165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=235 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://img17.imageshack.us/img17/808/abajoi.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	Message: Refused to frame 'https://sheesh-beauty.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.yieldads.net
asrv205.com
cdnjs.cloudflare.com
fwd.fwdtrk.com
fwdtrk.com
googleads.g.doubleclick.net
i33.tinypic.com
i34.tinypic.com
i35.tinypic.com
img.webme.com
img17.imageshack.us
nextlevel-f353.kxcdn.com
pagead2.googlesyndication.com
pin.sheesh-beauty.com
r.secprf2.com
ramdani-cv.fr.gd
sheesh-beauty.com
t.adcell.com
theme.webme.com
visifeed.org
www.recherche-web.com
xuve.com
fwd.fwdtrk.com
i33.tinypic.com
i34.tinypic.com
i35.tinypic.com
176.9.183.55
178.162.223.113
178.162.223.114
18.156.47.223
193.238.27.28
23.227.38.65
2606:4700:20::681a:109
2606:4700:3035::6815:35fc
2606:4700::6811:180e
2a00:1450:4001:829::2002
2a00:1450:4001:831::2002
2a02:cb40:200::242
2a06:98c1:3121::3
2a0b:4d07:102::1
3.70.162.45
3.75.56.58
38.99.77.16
52.59.24.203
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0c4154fa9da69a4661dc4f5cfdd7d808542b61c528b2c0aa0606b4d34e9b2d02
1664eb5ff6d9166e5b1a7026123a7465773bcb313e9f98acad159105f70d6fad
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
1e7476ad1ee6df9efa2f02694acefa98b3eb5568119573413a047165c1e5801f
24d23b56f591a31c37e9f971cfd9b30ce9b8a11fa5c4d82792cd235e1549143d
3de1ef640c8fd9eb475e98f0416f1b948d1911c48dfa2b1a3cd5ba34d910b980
4b509bcb58670c2fc6bb6489820df79efce092578d8954d31bc6477a80489f8b
4f5460dfd092fd9590362384eb00333f8b88fa1489703e21fb14271387baf063
52738ef63f4f5d74aec2c2d009710029efc884cf4918fb7792eec9f9475be020
59c78467dab079907a1a0feb7ec5719a637ce78bdcd62891fc71a0f6279cc67b
5d8e25221c0439c0ce31c51ad97caba69c928044a5eae80d78c416b0147a9af5
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
85c11320102fc04a39dac524555ff02afa4b307a1ff1134d1931e34a9ada0fe0
95df9ffdb6726dad10bf0c33ec99b12a78159f2c2cece27e36fbb57e2044435f
abec96abd300b0b4f712f103a9074c60a10933196508e599e92b6b89ca19d00a
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3f329de044fbbae319448014e42b44fb440d256d2b5b7901b86c56914fe3798
b5e7eab75ce103fdc2b1bf25fda76fdca9b01edab98a22410ea781afbd0a9e62
c40645af4db599dc16023c52306fc42fd4585e64e0e6fe0565ee5cd2ad73f5de
ca5bdb80b446f313f955885509683506295b195b25eb7de8884f1e6251c673f8
d28fbd46e036558188d7b227f93c6dd310cd1463f723873d756a8fabbb87eef9
de6cfe618a30e562d027879e09ee6b4b6929b7f24069b66d8a61826c4a252576
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
fb4e05b9640c6a55037bc48c816849d3fc1774b13ff5cd9cf33acd2594902019

ramdani-cv.fr.gd Open in urlscan Pro 193.238.27.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

82 %HTTPS

44 %IPv6

17 Domains

22 Subdomains

18 IPs

4 Countries

440 kBTransfer

825 kBSize

7 Cookies

2 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

ramdani-cv.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

82 %
HTTPS

44 %
IPv6

17
Domains

22
Subdomains

18
IPs

4
Countries

440 kB
Transfer

825 kB
Size

7
Cookies

34 HTTP transactions
0 data transactions