taxas.promo Open in urlscan Pro
65.108.68.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://taxas.promo/
Effective URL:
https://taxas.promo/
Submission: On April 02 via api (April 2nd 2024, 4:58:35 pm UTC) from US — Scanned from FI

Summary HTTP 13 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 65.108.68.22, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is taxas.promo.
TLS certificate: Issued by R3 on March 20th 2024. Valid for: 3 months.

This is the only time taxas.promo was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	65.108.68.22 65.108.68.22	24940 (HETZNER-AS) (HETZNER-AS)
9	172.64.154.100 172.64.154.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2

4 65.108.68.22 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: horizon.nvme-servers.com

taxas.promo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.64.154.100 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.zyrosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.zyrosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	zyrosite.com assets.zyrosite.com — Cisco Umbrella Rank: 144958 cdn.zyrosite.com — Cisco Umbrella Rank: 150270	161 KB
4	taxas.promo taxas.promo	928 KB
13	2

	Domain	Requested by
6	assets.zyrosite.com	taxas.promo
4	taxas.promo	taxas.promo
3	cdn.zyrosite.com	taxas.promo
13	3

This site contains links to these domains. Also see Links.

Domain
blicktemp.zyrosite.com
play.google.com
www.apple.com
blickpkok4.zyrosite.com
twitter.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
*.techbankbr.com R3	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.zyrosite.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://taxas.promo/
Frame ID: 36208993FFDB8264D2C92F88137FE336
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

http://taxas.promo/ HTTP 307
https://taxas.promo/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

1089 kB
Transfer

1332 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://blicktemp.zyrosite.com/#download
Title: Download now

Search URL Search Domain Scan URL

URL: https://play.google.com/store
Title: Google Play

Search URL Search Domain Scan URL

URL: https://www.apple.com/app-store/
Title: App Store

Search URL Search Domain Scan URL

URL: https://blickpkok4.zyrosite.com/privacy-policy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://blickpkok4.zyrosite.com/terms-and-conditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://taxas.promo/ HTTP 307
https://taxas.promo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
taxas.promo/
Redirect Chain

http://taxas.promo/
https://taxas.promo/

82 KB
10 KB

349ms
147ms

Document
text/html

65.108.68.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taxas.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.68.22 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: horizon.nvme-servers.com
Software: LiteSpeed /
Resource Hash: 989e95199b81ce8969de307234ac837d16050ffa7ab0c836aa7f40a4fe1fb982

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 10269
content-type: text/html
date: Tue, 02 Apr 2024 16:58:31 GMT
last-modified: Thu, 08 Feb 2024 22:41:59 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Location: https://taxas.promo/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 index-cd09d65e.js.download Show response
taxas.promo/index_files/ 888 KB
889 KB 177ms
174ms Script
application/octet-stream 65.108.68.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taxas.promo/index_files/index-cd09d65e.js.download
Requested by: Host: taxas.promo
URL: https://taxas.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.68.22 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: horizon.nvme-servers.com
Software: LiteSpeed /
Resource Hash: cf7ac787eb6398e8f42b596cc94cad0b8511677e208d94ad635907fb762c00c0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
Origin: https://taxas.promo
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:31 GMT
last-modified: Thu, 08 Feb 2024 22:42:06 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 909402
content-type: application/octet-stream

GET
H2 200 index-93960b95.css
taxas.promo/index_files/ 192 KB
22 KB 143ms
142ms Stylesheet
text/css 65.108.68.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taxas.promo/index_files/index-93960b95.css
Requested by: Host: taxas.promo
URL: https://taxas.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.68.22 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: horizon.nvme-servers.com
Software: LiteSpeed /
Resource Hash: 93960b9550987bb2f91717979958700db73e55f708346000bf0aa88c68e9b64e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:31 GMT
content-encoding: br
last-modified: Thu, 08 Feb 2024 22:42:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22485
expires: Tue, 09 Apr 2024 16:58:31 GMT

GET
H2 200 font-faces
taxas.promo/index_files/ 7 KB
7 KB 174ms
173ms Stylesheet
text/plain 65.108.68.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taxas.promo/index_files/font-faces
Requested by: Host: taxas.promo
URL: https://taxas.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.68.22 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: horizon.nvme-servers.com
Software: LiteSpeed /
Resource Hash: 64d2b683ce600196ba27653bfef94d569da29a72c24a0a7d63b2da30563024a3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:31 GMT
last-modified: Thu, 08 Feb 2024 22:42:02 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 6735

GET
H2 200 gradient_1-AGBjrE8Wxpc68qqN.svg
assets.zyrosite.com/blickpkok4/ 1 KB
716 B 715ms
247ms Image
image/svg+xml 172.64.154.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.zyrosite.com/blickpkok4/gradient_1-AGBjrE8Wxpc68qqN.svg
Requested by: Host: taxas.promo
URL: https://taxas.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed843f7f1ce9f98ee07b9986740328b04dce81d1cd6e0d43a604305ef273538

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:31 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 14:38:48 GMT
server: cloudflare
etag: W/"3165b7cc57ec52029a5b5f4a7e6681df"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 86e25d373ccf2d8d-ARN

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 17 KB
17 KB 992ms
542ms Font
font/woff2 172.64.154.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Rubik:wght@300&subset=latin&display=swap

Requested by

Host: taxas.promo
URL: https://taxas.promo/index_files/font-faces

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.154.100 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31c98a184b7b53b5f731394b7f963d9e3da9bb4fc512773bb0da6b35a08a129e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
Origin: https://taxas.promo
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFV0U1dYPFkZVO.woff2
x-hostinger-datacenter: gcp
content-length: 17644
x-xss-protection: 1; mode=block
x-request-id: b76ca72f210e9097abe787fd5156140b
last-modified: Thu, 29 Jun 2023 16:06:12 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"44ec-tOV0uAABgPRfwqjFksV2URLx8UE"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 86e25d384a755f19-ARN
timing-allow-origin: *
expires: Wed, 02 Apr 2025 16:58:31 GMT

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 19 KB
19 KB 694ms
246ms Font
font/woff2 172.64.154.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Rubik:wght@400&subset=latin&display=swap

Requested by

Host: taxas.promo
URL: https://taxas.promo/index_files/font-faces

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.154.100 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b27ba432c3d87a200713650e6decfc7008ca14746a8a9605ada7345f851d7385

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
Origin: https://taxas.promo
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1dYPFkZVO.woff2
x-hostinger-datacenter: gcp
content-length: 18956
x-xss-protection: 1; mode=block
x-request-id: 25c6923f19b99f0244b0b3d09e712aaf
last-modified: Thu, 29 Jun 2023 16:06:17 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"4a0c-Xke9U7nO+NIY7ygrOQrpZs55He4"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 86e25d384a795f19-ARN
timing-allow-origin: *
expires: Wed, 02 Apr 2025 16:58:31 GMT

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 19 KB
19 KB 667ms
219ms Font
font/woff2 172.64.154.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Rubik:wght@700&subset=latin&display=swap

Requested by

Host: taxas.promo
URL: https://taxas.promo/index_files/font-faces

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.154.100 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a07b721144472f1ee3ef91496bffb58f9f7295ad7a02fc4bd456270a7ea361c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
Origin: https://taxas.promo
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1dYPFkZVO.woff2
x-hostinger-datacenter: gcp
content-length: 19144
x-xss-protection: 1; mode=block
x-request-id: fc4f2a1c7d232832e3a7272ece667348
last-modified: Thu, 29 Jun 2023 16:10:08 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"4ac8-N+DHxdp6KVledNrZbfrq1a2lsbo"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 86e25d384a7c5f19-ARN
timing-allow-origin: *
expires: Wed, 02 Apr 2025 16:58:31 GMT

GET
H2 200 logo-dOq0Xev8QECl4yxO.svg
assets.zyrosite.com/blickpkok4/ 7 KB
3 KB 370ms
104ms Image
image/svg+xml 172.64.154.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.zyrosite.com/blickpkok4/logo-dOq0Xev8QECl4yxO.svg
Requested by: Host: taxas.promo
URL: https://taxas.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4047d5b20396a6307986f629aa9f0e41e79d43fcda1f56df6eef4aa786ef63

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:30 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 14:38:51 GMT
server: cloudflare
age: 132992
etag: W/"18219430cb9d21674c53b249218b7f66"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 86e25d373cd82d8d-ARN

GET
H2 200 mockup_1-AzGzyBl0Grt0gagr.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=709,h=704,fit=crop/blickpkok4/ 44 KB
44 KB 498ms
232ms Image
image/avif 172.64.154.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=709,h=704,fit=crop/blickpkok4/mockup_1-AzGzyBl0Grt0gagr.png

Requested by

Host: taxas.promo
URL: https://taxas.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.154.100 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1afc003db07bc1fdb5df8636defb39b798ba736b02a643d2aa929db6032145ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 13:56:14 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfnis9QbqXtUMHRnZEqWCMDSJokD9-QEhHUKhIFNEXDQ:c91189d930b296d48b273545775fd14d"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 86e25d373cd72d8d-ARN
content-length: 45003
cf-resized: internal=ok/h q=0 n=31+173 c=0+0 v=2024.3.2 l=45003

GET
H2 200 mockup_2-mp8N3033Rphb7DNZ.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=478,fit=crop/blickpkok4/ 20 KB
20 KB 509ms
243ms Image
image/avif 172.64.154.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=478,fit=crop/blickpkok4/mockup_2-mp8N3033Rphb7DNZ.png

Requested by

Host: taxas.promo
URL: https://taxas.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.154.100 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0600afc6635983f9401c373e51ed1aec2ff82c6fea59cbbe5b2ed92bfc5f4a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 13:56:07 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfSApdBf1IABczW0NeEJC4VR3yDlzgC5f4z66NSic0DQ:a8922cd18effd0c86b485b4127291c11"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 86e25d373cd22d8d-ARN
content-length: 20782
cf-resized: internal=ok/h q=0 n=23+141 c=0+0 v=2024.3.2 l=20782

GET
H2 200 mockup_3-YbN5DP0oORc6bR3x.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=480,fit=crop/blickpkok4/ 21 KB
21 KB 529ms
264ms Image
image/avif 172.64.154.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=480,fit=crop/blickpkok4/mockup_3-YbN5DP0oORc6bR3x.png

Requested by

Host: taxas.promo
URL: https://taxas.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.154.100 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a6dd0edc42a86d7c28d81e697dbb94f4c964010402efd76107d64db87a47bac

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 13:56:15 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfrEZXB0A_IBukBq7h8LH3aB4zt-lYuckVzUWuiC4NDQ:5f24ba67acaf5c105a0f183dd5eed3d6"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 86e25d373cd62d8d-ARN
content-length: 21345
cf-resized: internal=ok/h q=0 n=45+241 c=0+0 v=2024.3.2 l=21345

GET
H2 200 mockup_4-AQE98M88kgFWl5ey.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=496,fit=crop/blickpkok4/ 16 KB
16 KB 874ms
609ms Image
image/avif 172.64.154.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=496,fit=crop/blickpkok4/mockup_4-AQE98M88kgFWl5ey.png

Requested by

Host: taxas.promo
URL: https://taxas.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.154.100 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13a9aa128252f198cb57e531ab50f62ab0625d1f3211b8ba161c1d87b9c3b703

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://taxas.promo/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:58:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 13:56:11 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfcoQEUnCnXUEf9e_ZLv8KRai0Tkp40Hy15sSoszEODQ:c418e4a0d882b4b7390cb57f34363e47"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 86e25d373cd52d8d-ARN
content-length: 16064
cf-resized: internal=ram/h q=0 n=41+356 c=0+0 v=2024.3.2 l=16064

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://taxas.promo/index_files/index-cd09d65e.js.download Message: Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "application/octet-stream". Strict MIME type checking is enforced for module scripts per HTML spec.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.zyrosite.com
cdn.zyrosite.com
taxas.promo
172.64.154.100
65.108.68.22
13a9aa128252f198cb57e531ab50f62ab0625d1f3211b8ba161c1d87b9c3b703
1afc003db07bc1fdb5df8636defb39b798ba736b02a643d2aa929db6032145ec
31c98a184b7b53b5f731394b7f963d9e3da9bb4fc512773bb0da6b35a08a129e
4ed843f7f1ce9f98ee07b9986740328b04dce81d1cd6e0d43a604305ef273538
64d2b683ce600196ba27653bfef94d569da29a72c24a0a7d63b2da30563024a3
8a6dd0edc42a86d7c28d81e697dbb94f4c964010402efd76107d64db87a47bac
93960b9550987bb2f91717979958700db73e55f708346000bf0aa88c68e9b64e
989e95199b81ce8969de307234ac837d16050ffa7ab0c836aa7f40a4fe1fb982
a07b721144472f1ee3ef91496bffb58f9f7295ad7a02fc4bd456270a7ea361c2
b27ba432c3d87a200713650e6decfc7008ca14746a8a9605ada7345f851d7385
c0600afc6635983f9401c373e51ed1aec2ff82c6fea59cbbe5b2ed92bfc5f4a5
cf7ac787eb6398e8f42b596cc94cad0b8511677e208d94ad635907fb762c00c0
fe4047d5b20396a6307986f629aa9f0e41e79d43fcda1f56df6eef4aa786ef63

taxas.promo Open in urlscan Pro 65.108.68.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

1089 kBTransfer

1332 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

taxas.promo Open in urlscan Pro
65.108.68.22 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

1089 kB
Transfer

1332 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions