pg.promoeccezionali.eu Open in urlscan Pro
185.249.183.232 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
Submission: On February 02 via manual (February 2nd 2021, 9:01:21 am UTC) from IT

Summary HTTP 9 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 185.249.183.232, located in Italy and belongs to SERVER24-AS INCUBATEC GmbH - Srl, IT. The main domain is pg.promoeccezionali.eu.
TLS certificate: Issued by R3 on January 8th 2021. Valid for: 3 months.

This is the only time pg.promoeccezionali.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	185.249.183.232 185.249.183.232	34081 (SERVER24-...) (SERVER24-AS INCUBATEC GmbH - Srl)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2 4	85.199.80.233 85.199.80.233	12693 (EDISCOM A...) (EDISCOM Am Kanal 4a)
1	52.218.60.248 52.218.60.248	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
9	5

4 185.249.183.232 (Italy)

ASN34081 (SERVER24-AS INCUBATEC GmbH - Srl, IT)
PTR: mta183-232.maildome.com

pg.promoeccezionali.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.promoeccezionali.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.promoeccezionalitrack.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.199.80.233 (Dallgow-Doeberitz, Germany) 2 redirects

ASN12693 (EDISCOM Am Kanal 4a, 14467 Potsdam, DE)
PTR: fin-lamp-new.dns.boreus.de

financeads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.financeads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.60.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

prima-images.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	financeads.net 2 redirects financeads.net www.financeads.net	1 KB
3	promoeccezionali.eu pg.promoeccezionali.eu media.promoeccezionali.eu	10 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	amazonaws.com prima-images.s3-eu-west-1.amazonaws.com	472 KB
1	promoeccezionalitrack.eu tr.promoeccezionalitrack.eu	410 B
1	googleapis.com fonts.googleapis.com	585 B
9	6

	Domain	Requested by
2	media.promoeccezionali.eu	pg.promoeccezionali.eu
2	www.financeads.net	pg.promoeccezionali.eu
2	financeads.net	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	prima-images.s3-eu-west-1.amazonaws.com	pg.promoeccezionali.eu
1	tr.promoeccezionalitrack.eu	pg.promoeccezionali.eu
1	fonts.googleapis.com	pg.promoeccezionali.eu
1	pg.promoeccezionali.eu
9	8

This site contains links to these domains. Also see Links.

Domain
tr.promoeccezionalitrack.eu

Subject Issuer	Validity	Valid
app.promoeccezionali.eu R3	`2021-01-08` - `2021-04-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
financeads.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-28` - `2022-08-30`	2 years	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
Frame ID: 0A943E7F1D50975B78118A989A3FF4DB
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

9
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

8
Subdomains

5
IPs

3
Countries

498 kB
Transfer

504 kB
Size

2
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://tr.promoeccezionalitrack.eu/go/1612210723/1610378687/778b0463b4d6ce1a9b68dcacb18229d1/ycj9u9jd/9/173
Title: Ovunque tu vada noi ci saremo!

Search URL Search Domain Scan URL

URL: https://tr.promoeccezionalitrack.eu/go/1612210723/1610378687/cb62925baaeaee3c08d54ccd3c6efa8d/ycj9u9jd/9/173
Title: Polizza auto a partire da € 178*

Search URL Search Domain Scan URL

URL: https://tr.promoeccezionalitrack.eu/go/1612210723/1610378687/f3f74a57d9d795be2f1bc2e1d6f5fcec/ycj9u9jd/9/173
Title: Calcola ora

Search URL Search Domain Scan URL

URL: https://tr.promoeccezionalitrack.eu/go/1612210723/1610378687/db44c3f7818eb93b6cf6e6f6bdab06e4/ycj9u9jd/9/173
Title: Prima.it

Search URL Search Domain Scan URL

URL: https://tr.promoeccezionalitrack.eu/go/1612210723/1610378687/c2f4ca8df97253f67c9ad0a5ebd1b7c2/ycj9u9jd/9/173
Title: Prima.it

Search URL Search Domain Scan URL

URL: https://tr.promoeccezionalitrack.eu/go/1612210723/1610378687/91f5e916d6b89fa4841b6b675ca71b95/ycj9u9jd/9/173
Title: Qui puoi visionare la privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://financeads.net/tb.php?t=41873V329865324T HTTP 301
https://www.financeads.net/tb.php?t=41873V329865324T

Request Chain 2

https://financeads.net/tb.php?t=31096V329865324T HTTP 301
https://www.financeads.net/tb.php?t=31096V329865324T

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 173 Show response
pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/ 11 KB
4 KB 180ms
67ms Document
text/html 185.249.183.232
Srl

General

Check archive.org

Show headers Download Go to

Full URL

https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.249.183.232 , Italy, ASN34081 (SERVER24-AS INCUBATEC GmbH - Srl, IT),

Reverse DNS

mta183-232.maildome.com

Software

nginx /

Resource Hash

1d33aaa2114aa7ff896e16a581f34a77be972f3c6277a57026ed8cdc0885245b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: pg.promoeccezionali.eu
:scheme: https
:path: /web/view/1612210723/1610378687/ycj9u9jd/9/173
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Tue, 02 Feb 2021 09:01:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=964f20c975bc61b0fe1a2483e4176c3a; path=/; HttpOnly _backend=www1|YBkU0|YBkU0; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
strict-transport-security: max-age=15768000
x-content-type-options: nosniff

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
585 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Varela+Round&display=swap

Requested by

Host: pg.promoeccezionali.eu
URL: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b435ade19526cd80eeeae6c8a0366db1f49d38f5908b1489c91762a0a412676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 08:45:18 GMT
server: ESF
date: Tue, 02 Feb 2021 09:01:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Feb 2021 09:01:02 GMT

GET
H/1.1

200
OK

tb.php
www.financeads.net/
Redirect Chain

https://financeads.net/tb.php?t=41873V329865324T
https://www.financeads.net/tb.php?t=41873V329865324T

43 B
381 B

191ms
54ms

Image
image/gif

85.199.80.233
EDISCOM Am Kanal 4a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.financeads.net/tb.php?t=41873V329865324T
Requested by: Host: pg.promoeccezionali.eu
URL: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.199.80.233 Dallgow-Doeberitz, Germany, ASN12693 (EDISCOM Am Kanal 4a, 14467 Potsdam, DE),
Reverse DNS: fin-lamp-new.dns.boreus.de
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 09:01:02 9GMTFeb
Server: Apache/2.4.46 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, no-store, no-cache, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=600

Redirect headers

Location: https://www.financeads.net/tb.php?t=41873V329865324T
Date: Tue, 02 Feb 2021 09:01:02 GMT
Server: Apache/2.4.37 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 340
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

tb.php
www.financeads.net/
Redirect Chain

https://financeads.net/tb.php?t=31096V329865324T
https://www.financeads.net/tb.php?t=31096V329865324T

43 B
381 B

197ms
49ms

Image
image/gif

85.199.80.233
EDISCOM Am Kanal 4a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.financeads.net/tb.php?t=31096V329865324T
Requested by: Host: pg.promoeccezionali.eu
URL: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.199.80.233 Dallgow-Doeberitz, Germany, ASN12693 (EDISCOM Am Kanal 4a, 14467 Potsdam, DE),
Reverse DNS: fin-lamp-new.dns.boreus.de
Software: Apache/2.4.37 (Ubuntu) /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 09:01:02 9GMTFeb
Server: Apache/2.4.37 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, no-store, no-cache, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

Redirect headers

Location: https://www.financeads.net/tb.php?t=31096V329865324T
Date: Tue, 02 Feb 2021 09:01:02 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=600
Content-Length: 340
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 16122107344529_icon.png
media.promoeccezionali.eu/pubblivarese/ext/1612210723/ 4 KB
4 KB 40ms
38ms Image
image/png 185.249.183.232
Srl

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.promoeccezionali.eu/pubblivarese/ext/1612210723/16122107344529_icon.png

Requested by

Host: pg.promoeccezionali.eu
URL: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.249.183.232 , Italy, ASN34081 (SERVER24-AS INCUBATEC GmbH - Srl, IT),

Reverse DNS

mta183-232.maildome.com

Software

nginx /

Resource Hash

46ffd3383d821f14f496301443badd9a1d8bd53253d36eca99500a694d2e547c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:01:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 20:18:54 GMT
server: nginx
etag: "6018622e-ee0"
strict-transport-security: max-age=15768000
content-type: image/png
accept-ranges: bytes
content-length: 3808

GET
H2 200 16122107346154_logo.png
media.promoeccezionali.eu/pubblivarese/ext/1612210723/ 2 KB
2 KB 42ms
40ms Image
image/png 185.249.183.232
Srl

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.promoeccezionali.eu/pubblivarese/ext/1612210723/16122107346154_logo.png

Requested by

Host: pg.promoeccezionali.eu
URL: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.249.183.232 , Italy, ASN34081 (SERVER24-AS INCUBATEC GmbH - Srl, IT),

Reverse DNS

mta183-232.maildome.com

Software

nginx /

Resource Hash

8acdca00081a056f5e6a8f32ebc4d26773069e206d4f62c473566b11ed864bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:01:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 20:18:54 GMT
server: nginx
etag: "6018622e-82b"
strict-transport-security: max-age=15768000
content-type: image/png
accept-ranges: bytes
content-length: 2091

GET
H2 200 image.png
tr.promoeccezionalitrack.eu/image/1612210723/1610378687/ycj9u9jd/9/173/ 91 B
410 B 303ms
287ms Image
image/png 185.249.183.232
Srl

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.promoeccezionalitrack.eu/image/1612210723/1610378687/ycj9u9jd/9/173/image.png?w=1

Requested by

Host: pg.promoeccezionali.eu
URL: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.249.183.232 , Italy, ASN34081 (SERVER24-AS INCUBATEC GmbH - Srl, IT),

Reverse DNS

mta183-232.maildome.com

Software

nginx /

Resource Hash

5244a0c7065b9bf939a18af4be0b1bf2d73b94c48db1df0b13af4ed5b3596f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 09:01:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK background.png
prima-images.s3-eu-west-1.amazonaws.com/ 471 KB
472 KB 215ms
60ms Image
image/png 52.218.60.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prima-images.s3-eu-west-1.amazonaws.com/background.png
Requested by: Host: pg.promoeccezionali.eu
URL: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.60.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ea860ce4105b0cb6d713b9cebe8f09a86cab0116dac7804d33424fea8b69b120

Request headers

Referer: https://pg.promoeccezionali.eu/web/view/1612210723/1610378687/ycj9u9jd/9/173
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 09:01:03 GMT
Last-Modified: Wed, 24 Jun 2020 13:10:54 GMT
Server: AmazonS3
x-amz-request-id: 4F7CBEB014AA0581
ETag: "d3d596a11dd88c46bee60b4425434ac8"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 482595
x-amz-id-2: sEE6CTnTc9JrIDseI8LWOZyiUQrPSxeQVRqJEmJ/kdTK6yXzrfgjZ533GLfDBfLB17bHUIPY3hw=

GET
H2 200 w8gdH283Tvk__Lua32TysjIfp8uPLdshZg.woff2
fonts.gstatic.com/s/varelaround/v13/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfp8uPLdshZg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Varela+Round&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7c0b71cb6af711f4f47b8049b04f99fb860d3731e4ccf3db8a0a11d589073d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pg.promoeccezionali.eu
Referer: https://fonts.googleapis.com/css2?family=Varela+Round&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:39:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:36 GMT
server: sffe
age: 494487
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14172
x-xss-protection: 0
expires: Thu, 27 Jan 2022 15:39:35 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pg.promoeccezionali.eu/	1969-12-31 23:59:59	Name: _backend Value: www1\|YBkU0\|YBkU0
			pg.promoeccezionali.eu/	1969-12-31 23:59:59	Name: PHPSESSID Value: 964f20c975bc61b0fe1a2483e4176c3a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

financeads.net
fonts.googleapis.com
fonts.gstatic.com
media.promoeccezionali.eu
pg.promoeccezionali.eu
prima-images.s3-eu-west-1.amazonaws.com
tr.promoeccezionalitrack.eu
www.financeads.net
185.249.183.232
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
52.218.60.248
85.199.80.233
1d33aaa2114aa7ff896e16a581f34a77be972f3c6277a57026ed8cdc0885245b
46ffd3383d821f14f496301443badd9a1d8bd53253d36eca99500a694d2e547c
4d7c0b71cb6af711f4f47b8049b04f99fb860d3731e4ccf3db8a0a11d589073d
5244a0c7065b9bf939a18af4be0b1bf2d73b94c48db1df0b13af4ed5b3596f2a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b435ade19526cd80eeeae6c8a0366db1f49d38f5908b1489c91762a0a412676
8acdca00081a056f5e6a8f32ebc4d26773069e206d4f62c473566b11ed864bf5
ea860ce4105b0cb6d713b9cebe8f09a86cab0116dac7804d33424fea8b69b120

pg.promoeccezionali.eu Open in urlscan Pro 185.249.183.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

40 %IPv6

6 Domains

8 Subdomains

5 IPs

3 Countries

498 kBTransfer

504 kBSize

2 Cookies

6 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

pg.promoeccezionali.eu Open in urlscan Pro
185.249.183.232 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

8
Subdomains

5
IPs

3
Countries

498 kB
Transfer

504 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions