news.dinuovoperte.it
Open in
urlscan Pro
91.192.43.154
Public Scan
Effective URL: https://news.dinuovoperte.it/public/read_message.jsp;jsessionid=0;apw65?sigreq=1820832868
Submission Tags: phishing malicious Search All
Submission: On December 26 via api from NL — Scanned from IT
Summary
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on October 16th 2023. Valid for: a year.
This is the only time news.dinuovoperte.it was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 91.192.43.154 91.192.43.154 | 15960 (GLOBALACCESS) (GLOBALACCESS) | |
5 5 | 46.105.204.26 46.105.204.26 | 16276 (OVH) (OVH) | |
2 | 18.196.92.184 18.196.92.184 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 108.157.194.40 108.157.194.40 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.246.135.161 54.246.135.161 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 37.157.6.243 37.157.6.243 | 198622 (ADFORM) (ADFORM) | |
7 | 5 |
ASN16276 (OVH, FR)
PTR: cluster026.hosting.cdn.ovh.net
pixel.dinuovoperte.it |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-92-184.eu-central-1.compute.amazonaws.com
repo.edenred.it |
ASN16509 (AMAZON-02, US)
PTR: server-108-157-194-40.mxp53.r.cloudfront.net
media.go2speed.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-135-161.eu-west-1.compute.amazonaws.com
tracking.tuttooa.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
dinuovoperte.it
6 redirects
news.dinuovoperte.it pixel.dinuovoperte.it |
57 KB |
2 |
edenred.it
repo.edenred.it |
230 KB |
1 |
adform.net
track.adform.net — Cisco Umbrella Rank: 4289 |
394 B |
1 |
tuttooa.com
tracking.tuttooa.com |
659 B |
1 |
go2speed.org
media.go2speed.org — Cisco Umbrella Rank: 112500 |
4 KB |
7 | 5 |
Domain | Requested by | |
---|---|---|
5 | pixel.dinuovoperte.it | 5 redirects |
3 | news.dinuovoperte.it |
1 redirects
news.dinuovoperte.it
|
2 | repo.edenred.it |
news.dinuovoperte.it
|
1 | track.adform.net |
news.dinuovoperte.it
|
1 | tracking.tuttooa.com |
news.dinuovoperte.it
|
1 | media.go2speed.org |
news.dinuovoperte.it
|
7 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
news.dinuovoperte.it RapidSSL TLS RSA CA G1 |
2023-10-16 - 2024-11-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://news.dinuovoperte.it/public/read_message.jsp;jsessionid=0;apw65?sigreq=1820832868
Frame ID: 24F64FD144D31ED66A4D21FD1DB6A0FE
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
Page URL History Show full URLs
-
https://news.dinuovoperte.it/public/read_message.jsp?tsp=1703575395547&custid=13079&uid=13552478183&sig=N...
HTTP 302
https://news.dinuovoperte.it/public/read_message.jsp;jsessionid=0;apw65?sigreq=1820832868 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://news.dinuovoperte.it/public/read_message.jsp?tsp=1703575395547&custid=13079&uid=13552478183&sig=NMGLJBPFNEAPLHLO&mid=1304218408&s=OCBFGEJBFBMAMDMP
HTTP 302
https://news.dinuovoperte.it/public/read_message.jsp;jsessionid=0;apw65?sigreq=1820832868 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://pixel.dinuovoperte.it/?main_url=aHR0cHM6Ly9yZXBvLmVkZW5yZWQuaXQvREVNL0NSRUFUSVZJVEEvTE9HT1MvVFIvdGlja2V0UmVzdGF1cmFudC1jb2xvci5wbmc=&undefined HTTP 301
- https://repo.edenred.it/DEM/CREATIVITA/LOGOS/TR/ticketRestaurant-color.png?main_url=aHR0cHM6Ly9yZXBvLmVkZW5yZWQuaXQvREVNL0NSRUFUSVZJVEEvTE9HT1MvVFIvdGlja2V0UmVzdGF1cmFudC1jb2xvci5wbmc=&undefined
- https://pixel.dinuovoperte.it/?main_url=aHR0cHM6Ly9yZXBvLmVkZW5yZWQuaXQvL0RFTS9DUkVBVElWSVRBL0hFUk8vMjAyMy9UUi9Hcm91cCUyMDclMjAoMSkucG5n&undefined HTTP 301
- https://repo.edenred.it//DEM/CREATIVITA/HERO/2023/TR/Group%207%20(1).png?main_url=aHR0cHM6Ly9yZXBvLmVkZW5yZWQuaXQvL0RFTS9DUkVBVElWSVRBL0hFUk8vMjAyMy9UUi9Hcm91cCUyMDclMjAoMSkucG5n&undefined
- https://pixel.dinuovoperte.it/?main_url=aHR0cHM6Ly9tZWRpYS5nbzJzcGVlZC5vcmcvYnJhbmQvZmlsZXMvZGVtYWxpYXRyYWNraW5nLzE3ODgvMjAyMzExMTQxNzQ0Mzgtdm91Y2hlcl9fc21hcnRwaG9uZS5wbmc=&undefined HTTP 301
- https://media.go2speed.org/brand/files/demaliatracking/1788/20231114174438-voucher__smartphone.png?main_url=aHR0cHM6Ly9tZWRpYS5nbzJzcGVlZC5vcmcvYnJhbmQvZmlsZXMvZGVtYWxpYXRyYWNraW5nLzE3ODgvMjAyMzExMTQxNzQ0Mzgtdm91Y2hlcl9fc21hcnRwaG9uZS5wbmc=&undefined
- https://pixel.dinuovoperte.it/?main_url=aHR0cHM6Ly90cmFja2luZy50dXR0b29hLmNvbS9hZmZfaQ==&offer_id=1788&aff_id=2119&url_id=4170&file_id=9818&aff_sub=dinuovoperte HTTP 301
- https://tracking.tuttooa.com/aff_i?main_url=aHR0cHM6Ly90cmFja2luZy50dXR0b29hLmNvbS9hZmZfaQ==&offer_id=1788&aff_id=2119&url_id=4170&file_id=9818&aff_sub=dinuovoperte
- https://pixel.dinuovoperte.it/?main_url=aHR0cHM6Ly90cmFjay5hZGZvcm0ubmV0L2FkZnNlcnZlLw==&bn=69577451;1x1inv=1;srctype=3;ord=[timestamp] HTTP 301
- https://track.adform.net/adfserve/?main_url=aHR0cHM6Ly90cmFjay5hZGZvcm0ubmV0L2FkZnNlcnZlLw==&bn=69577451;1x1inv=1;srctype=3;ord=[timestamp]
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
read_message.jsp;jsessionid=0;apw65
news.dinuovoperte.it/public/ Redirect Chain
|
54 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p.gif
news.dinuovoperte.it/tr/ |
42 B 216 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ticketRestaurant-color.png
repo.edenred.it/DEM/CREATIVITA/LOGOS/TR/ Redirect Chain
|
33 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Group%207%20(1).png
repo.edenred.it//DEM/CREATIVITA/HERO/2023/TR/ Redirect Chain
|
196 KB 196 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20231114174438-voucher__smartphone.png
media.go2speed.org/brand/files/demaliatracking/1788/ Redirect Chain
|
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aff_i
tracking.tuttooa.com/ Redirect Chain
|
43 B 659 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
track.adform.net/adfserve/ Redirect Chain
|
11 B 394 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
news.dinuovoperte.it/ | Name: ECM Value: AEB4666E38E6DE014C555214FCD266B1 |
|
tracking.tuttooa.com/ | Name: aff_ran_url_1788 Value: 4170 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
media.go2speed.org
news.dinuovoperte.it
pixel.dinuovoperte.it
repo.edenred.it
track.adform.net
tracking.tuttooa.com
108.157.194.40
18.196.92.184
37.157.6.243
46.105.204.26
54.246.135.161
91.192.43.154
492b292fd4e408db92b71f2c83f609203f9f716c9d7cdb35c3e663f1f8ca72ff
60cdd424365e91505833d8954089778f34e9d5a7efbed1b69b189db917743127
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa
86ffdc9abe163dbdc9112e111e41b291c1c950a90da0fa6b8ba62708ab2c17f1
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
e944523d70858a3bb6678d06700d06364fb74b34ab63f5ac273be84b9986d300
eebcf7f53f0bbfbccde414a4f13f67abc320aec6deae95dc84c7d7c03420afb7