This subdomain has a critical infrastructure weakness that could let someone hijack it. While it's part of a CDN network and otherwise looks normal, the dangling DNS record makes it untrustworthy until fixed. Don't rely on it or follow any links pointing to it.
What you should do now
Don't panic. These steps limit the damage, and the sooner you take them the better.
1
Don't enter any details
No passwords, card numbers or personal information — even if the site looks professional.
2
Close the tab
Especially if you got here from an email, text message or social media ad.
3
Already paid? Call your bank
Contact your bank or card provider right away. They can often stop or reverse a recent payment.
4
Warn others
Report the site and share this check with anyone who sent you the link.
Cross-referenced 27 live signals from Google Safe Browsing, VirusTotal, WHOIS and more on Jul 12, 2026.How we score →
Where the score comes from
We look at six areas. Here's how gti.images.tshiftcdn.com did in each.
70
Security
A valid SSL certificate with modern encryption and HSTS enforcement is in place, though the certificate expires soon and a few common security headers are missing. For a CDN endpoint this is a decent baseline.
90
Identity
No ownership information is available for this subdomain, which is standard — subdomains for content delivery aren't expected to reveal who runs them. Nothing unusual here.
90
Reputation
The domain is not on any blacklists and has no negative history. The lack of a Wayback Machine snapshot is normal for a subdomain used purely for image delivery.
95
Transparency
There is no contact info, about page, or social media — all expected for an infrastructure subdomain that isn't a standalone business. No points deducted.
95
Compliance
No privacy policy or terms of service are present, which is fine — this subdomain doesn't collect user data or serve as a commercial website.
25
Infrastructure
The subdomain is vulnerable to takeover: a dangling DNS record points to Fastly's unprovisioned service, meaning someone else could claim and control it. This is a serious security gap for any site, especially for one meant to serve content reliably.
What we checked
The 27 signals behind this report.
Security & Transport
Certificate Issuer
Certainly
Google Web Risk
Clean
HSTS Header
Present
SSL Certificate
Valid
Security Headers
2 of 6
Subdomain Takeover
Vulnerable
TLS Version
TLS 1.3
Identity & WHOIS
About Page
Not found
Branding
Missing
Business Disclosure
Not found
Contact Info
Not found
Legal Pages
Missing
Infrastructure & DNS
CDN
Cloud.ru / Selectel / generic
DNS Blacklists
Clean
DNS Resolution
8 IP(s)
DNSSEC
Not enabled
Email (MX Records)
None
Hosting Network (ASN)
AS54113 FASTLY
Page Load Time
189ms
Reputation & Reach
Sitemap
Not found
Social Media Presence
None found
Structured Data
None found
Tranco Rank
Not ranked
Trustpilot
No Trustpilot profile
Web Archive History
No archive found
Website Status
HTTP 404
robots.txt
Not found
Think this verdict is wrong?
Site owners can request a fresh scan. Scores update automatically as signals change.
gti.images.tshiftcdn.com is a subdomain that appears to be part of a content delivery network, likely used to serve images. In most respects it looks ordinary for that role: it has a valid SSL certificate, fast load times, and a clean reputation. But there's a serious problem that overshadows everything else. A dangling DNS record points this subdomain to Fastly's infrastructure in a way that isn't fully claimed. That means someone else could set up a server on that same Fastly account and start serving their own content under this address. For a site that's supposed to deliver reliable assets, this is a critical flaw. There's no evidence it has been hijacked yet, but the risk is real. Until the DNS configuration is cleaned up, treat any content served from gti.images.tshiftcdn.com with caution. This isn't a website you visit or buy from — it's a backend component. But if you run a site that references images from here, you should migrate away or ensure the DNS record is properly secured.