em.promosjournee.com

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 44.229.201.252, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is em.promosjournee.com.
TLS certificate: Issued by R3 on August 6th 2023. Valid for: 3 months.

This is the only time em.promosjournee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	44.229.201.252 44.229.201.252	16509 (AMAZON-02) (AMAZON-02)
2	44.235.163.254 44.235.163.254	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
7	6

1 44.229.201.252 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-201-252.us-west-2.compute.amazonaws.com

em.promosjournee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.235.163.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-163-254.us-west-2.compute.amazonaws.com

speckstats.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	gstatic.com www.gstatic.com fonts.gstatic.com	193 KB
2	speckstats.fr speckstats.fr	159 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	710 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	promosjournee.com em.promosjournee.com	402 B
7	5

	Domain	Requested by
2	speckstats.fr	em.promosjournee.com speckstats.fr
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	speckstats.fr
1	www.google.com	speckstats.fr
1	em.promosjournee.com
7	6

This site contains no links.

Subject Issuer	Validity	Valid
em.promosjournee.com R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
speckstats.fr R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://em.promosjournee.com/
Frame ID: 66028DF90643F6A37ED9DE44535666AA
Requests: 1 HTTP requests in this frame

Frame: https://speckstats.fr/siteExt/donnees/em.promosjournee.com.html
Frame ID: 60A393F911415A7B86CB8FFD4B2986C5
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

7
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

355 kB
Transfer

626 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
em.promosjournee.com/ 208 B
402 B 506ms
88ms Document
text/html 44.229.201.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://em.promosjournee.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.201.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-201-252.us-west-2.compute.amazonaws.com
Software: nginx / PHP/5.3.3
Resource Hash: d3f543091feb3ba178dcfd276cf3de26b077a89cf68b90e6168fef43ea8013bf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 05 Sep 2023 04:35:42 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3

GET
H/1.1 200
OK em.promosjournee.com.html Show response
speckstats.fr/siteExt/donnees/ Frame 60A3 5 KB
2 KB 703ms
173ms Document
text/html 44.235.163.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://speckstats.fr/siteExt/donnees/em.promosjournee.com.html
Requested by: Host: em.promosjournee.com
URL: https://em.promosjournee.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.235.163.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-163-254.us-west-2.compute.amazonaws.com
Software: nginx / PHP/5.3.3
Resource Hash: 99b400d6372a96af4142245d9e971c7b5ce360e874e16fa023a3e565cc1efc61

Request headers

Referer: https://em.promosjournee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Sep 2023 04:35:23 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 60A3 1 KB
1 KB 154ms
62ms Script
text/javascript 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: speckstats.fr
URL: https://speckstats.fr/siteExt/donnees/em.promosjournee.com.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe5e157c57b8a5017a03e866ec659bd8efa054c5e54276593ab43be9420fba14

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://speckstats.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:35:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 834
x-xss-protection: 1; mode=block
expires: Tue, 05 Sep 2023 04:35:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 60A3 386 B
710 B 142ms
56ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Candal

Requested by

Host: speckstats.fr
URL: https://speckstats.fr/siteExt/donnees/em.promosjournee.com.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bcef800867269a61c0c29a8d34fdcb69a7d565ac91549f7ede2e0d739cea7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://speckstats.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Sep 2023 04:35:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 03:19:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Sep 2023 04:35:43 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 60A3 451 KB
181 KB 122ms
34ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://speckstats.fr/
Origin: https://speckstats.fr
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185062
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 20:21:07 GMT

GET
H/1.1 200
OK default.jpg
speckstats.fr/site/img/speckstats.fr/ Frame 60A3 157 KB
157 KB 173ms
173ms Image
image/jpeg 44.235.163.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://speckstats.fr/site/img/speckstats.fr/default.jpg
Requested by: Host: speckstats.fr
URL: https://speckstats.fr/siteExt/donnees/em.promosjournee.com.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.235.163.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-163-254.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 16c88f6755bb0296861b0a05e00784f63f25463b586b3c99ce2cffdeb4a45ccf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://speckstats.fr/siteExt/donnees/em.promosjournee.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 04:35:23 GMT
Last-Modified: Fri, 08 Jun 2018 09:57:54 GMT
Server: nginx
ETag: "5b1a5322-27273"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 160371

GET
H2 200 XoHn2YH6T7-t_8c9BhQI.woff2
fonts.gstatic.com/s/candal/v15/ Frame 60A3 12 KB
12 KB 115ms
33ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/candal/v15/XoHn2YH6T7-t_8c9BhQI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Candal

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15111cc66f3435add60217e85003e1e15573f03522918e21d1d888fd8b9d83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://speckstats.fr
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:52:11 GMT
x-content-type-options: nosniff
age: 459812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11796
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:57:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:52:11 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

em.promosjournee.com
fonts.googleapis.com
fonts.gstatic.com
speckstats.fr
www.google.com
www.gstatic.com
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2003
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
44.229.201.252
44.235.163.254
16c88f6755bb0296861b0a05e00784f63f25463b586b3c99ce2cffdeb4a45ccf
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
8bcef800867269a61c0c29a8d34fdcb69a7d565ac91549f7ede2e0d739cea7be
99b400d6372a96af4142245d9e971c7b5ce360e874e16fa023a3e565cc1efc61
b15111cc66f3435add60217e85003e1e15573f03522918e21d1d888fd8b9d83b
d3f543091feb3ba178dcfd276cf3de26b077a89cf68b90e6168fef43ea8013bf
fe5e157c57b8a5017a03e866ec659bd8efa054c5e54276593ab43be9420fba14

em.promosjournee.com Open in urlscan Pro 44.229.201.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

67 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

355 kBTransfer

626 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

em.promosjournee.com Open in urlscan Pro
44.229.201.252 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

355 kB
Transfer

626 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions