Submitted URL: http://t.connect.rcsmediagroup.it/r/?id=h4ecd1b48%2C94e8c8dc%2C94f5634f
Effective URL: https://www.landrover.it/vehicles/discovery-sport/test-drive.html?utm_source=sfera&utm_medium=email_coldlist&utm_campaign...
Submission Tags: falconsandbox
Submission: On June 20 via api from US

Summary

This website contacted 2 IPs in 3 countries across 4 domains to perform 2 HTTP transactions. The main IP is 104.109.67.106, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.landrover.it.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on August 25th 2020. Valid for: 2 years.
This is the only time www.landrover.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.15.49.4 199349 (NEOLANE-SA)
1 1 52.58.46.39 16509 (AMAZON-02)
1 2 78.159.222.145 28716 (RETELIT-A...)
1 104.109.67.106 16625 (AKAMAI-AS)
2 2
Apex Domain
Subdomains
Transfer
2 portalejlr.it
landroverform.portalejlr.it
1 KB
1 landrover.it
www.landrover.it
3 KB
1 serving-sys.com
bs.serving-sys.com
937 B
1 rcsmediagroup.it
t.connect.rcsmediagroup.it
601 B
2 4
Domain Requested by
2 landroverform.portalejlr.it 1 redirects
1 www.landrover.it landroverform.portalejlr.it
1 bs.serving-sys.com 1 redirects
1 t.connect.rcsmediagroup.it 1 redirects
2 4

This site contains no links.

Subject Issuer Validity Valid
*.portalejlr.it
GeoTrust RSA CA 2018
2020-10-21 -
2021-10-31
a year crt.sh
www.landrover.com
GlobalSign RSA OV SSL CA 2018
2020-08-25 -
2022-10-06
2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.landrover.it/vehicles/discovery-sport/test-drive.html?utm_source=sfera&utm_medium=email_coldlist&utm_campaign=l550|it/diss_urban_easyland_apr18&utm_content=dem
Frame ID: 62778C929DDA20D161A5F26672DC56B8
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://t.connect.rcsmediagroup.it/r/?id=h4ecd1b48%2C94e8c8dc%2C94f5634f HTTP 302
    http://bs.serving-sys.com/serving/adServer.bs?cn=trd&mc=click&pli=24694365&PluID=0&ord=%%REALRAND%% HTTP 302
    http://landroverform.portalejlr.it/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_ca... HTTP 303
    https://landroverform.portalejlr.it/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_ca... Page URL
  2. https://www.landrover.it/vehicles/discovery-sport/test-drive.html?utm_source=sfera&utm_medium=email_c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

3 kB
Transfer

4 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.connect.rcsmediagroup.it/r/?id=h4ecd1b48%2C94e8c8dc%2C94f5634f HTTP 302
    http://bs.serving-sys.com/serving/adServer.bs?cn=trd&mc=click&pli=24694365&PluID=0&ord=%%REALRAND%% HTTP 302
    http://landroverform.portalejlr.it/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_campaign=l550%7cit%2fdiss_urban_easyland_apr18&utm_content=dem HTTP 303
    https://landroverform.portalejlr.it/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_campaign=l550%7cit%2fdiss_urban_easyland_apr18&utm_content=dem Page URL
  2. https://www.landrover.it/vehicles/discovery-sport/test-drive.html?utm_source=sfera&utm_medium=email_coldlist&utm_campaign=l550|it/diss_urban_easyland_apr18&utm_content=dem Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://t.connect.rcsmediagroup.it/r/?id=h4ecd1b48%2C94e8c8dc%2C94f5634f HTTP 302
  • http://bs.serving-sys.com/serving/adServer.bs?cn=trd&mc=click&pli=24694365&PluID=0&ord=%%REALRAND%% HTTP 302
  • http://landroverform.portalejlr.it/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_campaign=l550%7cit%2fdiss_urban_easyland_apr18&utm_content=dem HTTP 303
  • https://landroverform.portalejlr.it/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_campaign=l550%7cit%2fdiss_urban_easyland_apr18&utm_content=dem

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
ub.aspx
landroverform.portalejlr.it/url-builder/
Redirect Chain
  • http://t.connect.rcsmediagroup.it/r/?id=h4ecd1b48%2C94e8c8dc%2C94f5634f
  • http://bs.serving-sys.com/serving/adServer.bs?cn=trd&mc=click&pli=24694365&PluID=0&ord=%%REALRAND%%
  • http://landroverform.portalejlr.it/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_campaign=l550%7cit%2fdiss_urban_easyland_apr18&utm_content=dem
  • https://landroverform.portalejlr.it/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_campaign=l550%7cit%2fdiss_urban_easyland_apr18&utm_content=dem
1 KB
920 B
Document
General
Full URL
https://landroverform.portalejlr.it/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_campaign=l550%7cit%2fdiss_urban_easyland_apr18&utm_content=dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.159.222.145 Monteviale, Italy, ASN28716 (RETELIT-AS Internet Service Provider, IT),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e9baf0a3275cc2b41cd45d800536c574f7b9e6c012bc2d2a3f39a89564f38822

Request headers

:method
GET
:authority
landroverform.portalejlr.it
:scheme
https
:path
/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_campaign=l550%7cit%2fdiss_urban_easyland_apr18&utm_content=dem
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sun, 20 Jun 2021 06:11:51 GMT
content-length
760

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://landroverform.portalejlr.it/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_campaign=l550%7cit%2fdiss_urban_easyland_apr18&utm_content=dem
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Date
Sun, 20 Jun 2021 06:11:51 GMT
Content-Length
342
Primary Request test-drive.html
www.landrover.it/vehicles/discovery-sport/
2 KB
3 KB
Document
General
Full URL
https://www.landrover.it/vehicles/discovery-sport/test-drive.html?utm_source=sfera&utm_medium=email_coldlist&utm_campaign=l550|it/diss_urban_easyland_apr18&utm_content=dem
Requested by
Host: landroverform.portalejlr.it
URL: https://landroverform.portalejlr.it/url-builder/ub.aspx?c=1109&utm_medium=email_coldlist&utm_source=sfera&utm_campaign=l550%7cit%2fdiss_urban_easyland_apr18&utm_content=dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.67.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-67-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c5d35c0bca6d6c4072c35cdd4d199c773ac8a679f76c65e566cad2b58e2ecee7
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

:method
GET
:authority
www.landrover.it
:scheme
https
:path
/vehicles/discovery-sport/test-drive.html?utm_source=sfera&utm_medium=email_coldlist&utm_campaign=l550|it/diss_urban_easyland_apr18&utm_content=dem
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://landroverform.portalejlr.it/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://landroverform.portalejlr.it/

Response headers

content-type
text/html;charset=utf-8
content-length
2299
vary
accept-encoding
content-language
en
x-akam-sw-version
0.5.0
date
Sun, 20 Jun 2021 06:11:51 GMT
set-cookie
AKA_A2=A; expires=Sun, 20-Jun-2021 07:11:51 GMT; path=/; domain=landrover.it; secure; HttpOnly
server-timing
cdn-cache; desc=REVALIDATE edge; dur=18 origin; dur=95
strict-transport-security
max-age=86400

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Domain/Path Name / Value
.landrover.it/ Name: AKA_A2
Value: A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bs.serving-sys.com
landroverform.portalejlr.it
t.connect.rcsmediagroup.it
www.landrover.it
104.109.67.106
185.15.49.4
52.58.46.39
78.159.222.145
c5d35c0bca6d6c4072c35cdd4d199c773ac8a679f76c65e566cad2b58e2ecee7
e9baf0a3275cc2b41cd45d800536c574f7b9e6c012bc2d2a3f39a89564f38822