urlscan.io logo urlscan.io
SecurityTrails logo

slickdeals.net Open in urlscan Pro
95.101.22.186  Public Scan

Go To Rescan Add Verdict Report
URL: https://slickdeals.net/images/daImageHandler.php?size=300&threadId=15870253&t=1738
Submission: On June 30 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 95.101.22.186, located in Milan, Italy and belongs to AKAMAI-ASN1, NL. The main domain is slickdeals.net. The Cisco Umbrella rank of the primary domain is 13660.
TLS certificate: Issued by R3 on April 26th 2022. Valid for: 3 months.
This is the only time slickdeals.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 95.101.22.186 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 2
Apex Domain
Subdomains		 Transfer
2 slickdeals.net
slickdeals.net — Cisco Umbrella Rank: 13660
18 KB
1 gstatic.com
fonts.gstatic.com
36 KB
3 2
Domain Requested by
2 slickdeals.net
1 fonts.gstatic.com
3 2

This site contains no links.

Subject Issuer Validity Valid
www.slickdeals.net
R3		 2022-04-26 -
2022-07-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://slickdeals.net/images/daImageHandler.php?size=300&threadId=15870253&t=1738
Frame ID: E2AB057C29267FAD8C4C157537212A45
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

daImageHandler.php (300×300)

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

55 kB
Transfer

53 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request daImageHandler.php
slickdeals.net/images/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://slickdeals.net/images/daImageHandler.php?size=300&threadId=15870253&t=1738
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.22.186 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-22-186.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
6758c12b9be8b12400c6e58f8b5f3299e8fe20ba6ba5039e3e520ddda31827a4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, sd-extension-client, sd-extension-version, sd-extension-user, sd-extension-distribution
access-control-allow-origin
*
cache-control
private, no-transform, max-age=1800
content-length
5858
content-type
image/jpeg
date
Thu, 30 Jun 2022 16:37:40 GMT
expires
Thu, 30 Jun 2022 17:07:40 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
link
<https://slickdeals.net/build/fonts/sd-blueprint.b3acca3.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://fonts.gstatic.com/s/inter/v2/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://js.slickdealscdn.com>;rel="preconnect",<https://slickdeals.btttag.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://fonts.gstatic.com>;rel="preconnect"
server
Akamai Image Server
server-timing
cdn-cache; desc=HIT edge; dur=311
strict-transport-security
max-age=15768000
x-akamai-im-skip-dlr
1
sd-blueprint.b3acca3.woff2
slickdeals.net/build/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slickdeals.net/build/fonts/sd-blueprint.b3acca3.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.22.186 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-22-186.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f07845f4950bce81e9617f21aaaf31a8a457568cf8a5015e23e11a8404a661a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15768000
X-Frame-Options sameorigin

Request headers

Referer
https://slickdeals.net/images/daImageHandler.php?size=300&threadId=15870253&t=1738
Origin
https://slickdeals.net
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-frame-options
sameorigin
date
Thu, 30 Jun 2022 16:37:40 GMT
strict-transport-security
max-age=15768000
content-type
application/octet-stream
cache-control
max-age=362647
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
11452
expires
Mon, 04 Jul 2022 21:21:47 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v2/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v2/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9bba27460b9836abf81fb74f66ce01b11aeebe183706bbc116ed2fdcb04433d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://slickdeals.net/
Origin
https://slickdeals.net
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 07:59:50 GMT
x-content-type-options
nosniff
age
203870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36564
x-xss-protection
0
last-modified
Fri, 26 Jun 2020 02:37:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 07:59:50 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

2 Console Messages

Source Level URL
Text
javascript warning URL: https://slickdeals.net/images/daImageHandler.php?size=300&threadId=15870253&t=1738
Message:
The resource https://slickdeals.net/build/fonts/sd-blueprint.b3acca3.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://slickdeals.net/images/daImageHandler.php?size=300&threadId=15870253&t=1738
Message:
The resource https://fonts.gstatic.com/s/inter/v2/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
slickdeals.net
2a00:1450:4001:827::2003
95.101.22.186
4f07845f4950bce81e9617f21aaaf31a8a457568cf8a5015e23e11a8404a661a
6758c12b9be8b12400c6e58f8b5f3299e8fe20ba6ba5039e3e520ddda31827a4
f9bba27460b9836abf81fb74f66ce01b11aeebe183706bbc116ed2fdcb04433d