secure.ecircle-ag.com Open in urlscan Pro
195.140.186.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news.loffertagiusta.com/public/read_message.jsp?tsp=1728100521641&custid=6761&uid=7247647001&sig=IEKFMOKLLAHMBAGF&mid=65...
Effective URL:
https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827
Submission Tags: falconsandbox
Submission: On October 07 via api (October 7th 2024, 11:49:43 am UTC) from US — Scanned from US

Summary HTTP 13 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 195.140.186.104, located in Germany and belongs to GLOBALACCESS, DE. The main domain is secure.ecircle-ag.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on February 11th 2024. Valid for: a year.

This is the only time secure.ecircle-ag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	91.192.43.153 91.192.43.153	15960 (GLOBALACCESS) (GLOBALACCESS)
2	195.140.186.104 195.140.186.104	15960 (GLOBALACCESS) (GLOBALACCESS)
1	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
5	91.215.216.8 91.215.216.8	49699 (ICN-) (ICN-)
1	107.20.61.247 107.20.61.247	14618 (AMAZON-AES) (AMAZON-AES)
3	173.194.205.94 173.194.205.94	15169 (GOOGLE) (GOOGLE)
13	6

2 91.192.43.153 (Germany) 1 redirects

ASN15960 (GLOBALACCESS, DE)

news.loffertagiusta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.140.186.104 (Germany)

ASN15960 (GLOBALACCESS, DE)
PTR: secure.l3.ec-messenger.com

secure.ecircle-ag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 91.215.216.8 (Sofia, Bulgaria)

ASN49699 (ICN-, BG)
PTR: aron.icnhost.net

media.loffertagiusta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.61.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-61-247.compute-1.amazonaws.com

ct.tk2gk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.205.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	loffertagiusta.com 1 redirects news.loffertagiusta.com media.loffertagiusta.com	190 KB
3	gstatic.com fonts.gstatic.com	56 KB
2	ecircle-ag.com secure.ecircle-ag.com	60 KB
1	tk2gk.com ct.tk2gk.com	568 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
13	5

	Domain	Requested by
5	media.loffertagiusta.com	secure.ecircle-ag.com
3	fonts.gstatic.com	fonts.googleapis.com
2	secure.ecircle-ag.com
2	news.loffertagiusta.com	1 redirects secure.ecircle-ag.com
1	ct.tk2gk.com	secure.ecircle-ag.com
1	fonts.googleapis.com	secure.ecircle-ag.com
13	6

This site contains links to these domains. Also see Links.

Domain
news.loffertagiusta.com

Subject Issuer	Validity	Valid
secure.ecircle-ag.com RapidSSL TLS RSA CA G1	`2024-02-11` - `2025-03-06`	a year	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
www.media.loffertagiusta.com R11	`2024-08-11` - `2024-11-09`	3 months	crt.sh
ct.tk2gk.com Amazon RSA 2048 M02	`2024-08-17` - `2025-09-15`	a year	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827
Frame ID: 5746C18B1009239D9900C72650AFE83B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

#{SUBJECT}

Page URL History Show full URLs

http://news.loffertagiusta.com/public/read_message.jsp?tsp=1728100521641&custid=6761&uid=7247647001&sig=IEK... HTTP 307
https://news.loffertagiusta.com/public/read_message.jsp?tsp=1728100521641&custid=6761&uid=7247647001&sig=IEK... HTTP 302
https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827 Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

308 kB
Transfer

313 kB
Size

1
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://news.loffertagiusta.com/public/read_message.jsp?tsp=1728301776241&custid=6761&uid=7247647001&sig=BHKOCEDJKNCMKPCA&mid=652639548&l=D0IaskbwcI3bv287tI&slt=0
Title: clicca qui

Search URL Search Domain Scan URL

URL: http://news.loffertagiusta.com/public/unsubscribe.jsp?gid=650677305&uid=7247647001&mid=652639548&sig=INJPFNFEPNCIKIAL&l=D0IaskbwcI3bv287tI&slt=4
Title: clicca qui

Search URL Search Domain Scan URL

URL: http://news.loffertagiusta.com/re?l=D0IaskbwcI3bv287tI9ITm1t1ldxc&s=NKBOAILBPOGJOINC
Title: VOGLIO AIUTARE

Search URL Search Domain Scan URL

URL: http://news.loffertagiusta.com/re?l=D0IaskbwcI3bv287tIaITm1t1ldxc&s=NKBOAILBPOGJOINC

Search URL Search Domain Scan URL

URL: http://news.loffertagiusta.com/re?l=D0IaskbwcI3bv287tIbITm1t1ldxc&s=NKBOAILBPOGJOINC
Title: VOGLIO AIUTARE

Search URL Search Domain Scan URL

URL: http://news.loffertagiusta.com/re?l=D0IaskbwcI3bv287tIcITm1t1ldxc&s=NKBOAILBPOGJOINC

Search URL Search Domain Scan URL

URL: http://news.loffertagiusta.com/re?l=D0IaskbwcI3bv287tIdITm1t1ldxc&s=NKBOAILBPOGJOINC
Title: DONA 7€ AL MESE

Search URL Search Domain Scan URL

URL: http://news.loffertagiusta.com/re?l=D0IaskbwcI3bv287tIeITm1t1ldxc&s=NKBOAILBPOGJOINC

Search URL Search Domain Scan URL

URL: http://news.loffertagiusta.com/re?l=D0IaskbwcI3bv287tIfITm1t1ldxc&s=NKBOAILBPOGJOINC
Title: DONA 20€ AL MESE

Search URL Search Domain Scan URL

URL: http://news.loffertagiusta.com/re?l=D0IaskbwcI3bv287tIgITm1t1ldxc&s=NKBOAILBPOGJOINC

Search URL Search Domain Scan URL

URL: http://news.loffertagiusta.com/re?l=D0IaskbwcI3bv287tIhITm1t1ldxc&s=NKBOAILBPOGJOINC
Title: SCEGLI TU

Search URL Search Domain Scan URL

URL: http://news.loffertagiusta.com/re?l=D0IaskbwcI3bv287tIiITm1t1ldxc&s=NKBOAILBPOGJOINC
Title: privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news.loffertagiusta.com/public/read_message.jsp?tsp=1728100521641&custid=6761&uid=7247647001&sig=IEKFMOKLLAHMBAGF&mid=652639548&l=D0IaskbwcI3bv287tI&slt=0 HTTP 307
https://news.loffertagiusta.com/public/read_message.jsp?tsp=1728100521641&custid=6761&uid=7247647001&sig=IEKFMOKLLAHMBAGF&mid=652639548&l=D0IaskbwcI3bv287tI&slt=0 HTTP 302
https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request read_message.jsp;jsessionid=0;apw71 Show response
secure.ecircle-ag.com/loffertagiusta/public/
Redirect Chain

http://news.loffertagiusta.com/public/read_message.jsp?tsp=1728100521641&custid=6761&uid=7247647001&sig=IEKFMOKLLAHMBAGF&mid=652639548&l=D0IaskbwcI3bv287tI&slt=0
https://news.loffertagiusta.com/public/read_message.jsp?tsp=1728100521641&custid=6761&uid=7247647001&sig=IEKFMOKLLAHMBAGF&mid=652639548&l=D0IaskbwcI3bv287tI&slt=0
https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827

59 KB
60 KB

741ms
349ms

Document
text/html

195.140.186.104
GLOBALACCESS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

195.140.186.104 , Germany, ASN15960 (GLOBALACCESS, DE),

Reverse DNS

secure.l3.ec-messenger.com

Software

WebServer /

Resource Hash

8256ab1e81073172a8541475a2c9f4baa7402d4a26e131b4043eb4402ead26e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, no-cache, no-store, must-revalidate, proxy-revalidate
content-type: text/html;charset=UTF-8
date: Mon, 07 Oct 2024 11:49:35 GMT
expires: Sun, 06 Oct 2024 11:49:36 GMT
feature-policy: autoplay 'self'; camera 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self';
p3p: CP="CAO PSA OUR"
pragma: no-cache
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: WebServer
transfer-encoding: chunked
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Mon, 07 Oct 2024 11:49:35 GMT
feature-policy: autoplay 'self'; camera 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self';
location: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: WebServer
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 364ms
28ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: secure.ecircle-ag.com
URL: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

95163955b6b773ad8db1a902904bb212526dd2f906b6f761df793448b8254526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.ecircle-ag.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 07 Oct 2024 11:49:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 11:49:36 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 07 Oct 2024 10:20:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200 p.gif
news.loffertagiusta.com/tr/ 42 B
216 B 322ms
109ms Image
image/gif 91.192.43.153
GLOBALACCESS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.loffertagiusta.com/tr/p.gif?uid=7247647001&mid=652639548&msd=1727944588992&s=AKAMANKFCBPGACGF&st=0
Requested by: Host: secure.ecircle-ag.com
URL: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.192.43.153 , Germany, ASN15960 (GLOBALACCESS, DE),
Reverse DNS
Software: WebServer /
Resource Hash: 492b292fd4e408db92b71f2c83f609203f9f716c9d7cdb35c3e663f1f8ca72ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.ecircle-ag.com/

Response headers

expires: Wed Feb 9 0:19:49 CET 2000
content-length: 42
date: Mon, 07 Oct 2024 11:49:36 GMT
pragma: no-cache
content-type: image/gif
server: WebServer

GET
H2 200 351f83488e1c42fc55dee891fc6fbd14.jpg
media.loffertagiusta.com/files/ 20 KB
20 KB 1256ms
231ms Image
image/jpeg 91.215.216.8
ICN-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.loffertagiusta.com/files/351f83488e1c42fc55dee891fc6fbd14.jpg
Requested by: Host: secure.ecircle-ag.com
URL: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.215.216.8 Sofia, Bulgaria, ASN49699 (ICN-, BG),
Reverse DNS: aron.icnhost.net
Software: Apache /
Resource Hash: 3dd277ce49527ec6d1c72618337c6fa6cf079c83a7f250f1f98894c887a6b554

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.ecircle-ag.com/

Response headers

accept-ranges: bytes
content-length: 20821
etag: "f031318-5155-6237e0c4df202"
date: Mon, 07 Oct 2024 11:49:37 GMT
last-modified: Wed, 02 Oct 2024 13:02:19 GMT
content-type: image/jpeg
server: Apache

GET
H2 200 cf703e28d653ef8281e5e56f70cb8feb.jpg
media.loffertagiusta.com/files/ 39 KB
39 KB 1495ms
471ms Image
image/jpeg 91.215.216.8
ICN-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.loffertagiusta.com/files/cf703e28d653ef8281e5e56f70cb8feb.jpg
Requested by: Host: secure.ecircle-ag.com
URL: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.215.216.8 Sofia, Bulgaria, ASN49699 (ICN-, BG),
Reverse DNS: aron.icnhost.net
Software: Apache /
Resource Hash: 3f2f2a51809ef39a11910e180711f28cd840db6f878a78120b89f94be3f69f5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.ecircle-ag.com/

Response headers

accept-ranges: bytes
content-length: 39590
etag: "f031319-9aa6-6237e0c596394"
date: Mon, 07 Oct 2024 11:49:37 GMT
last-modified: Wed, 02 Oct 2024 13:02:20 GMT
content-type: image/jpeg
server: Apache

GET
H2 200 366b0f653c90ed78a0681d6b4ba92e7d.png
media.loffertagiusta.com/files/ 101 KB
101 KB 1236ms
231ms Image
image/png 91.215.216.8
ICN-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.loffertagiusta.com/files/366b0f653c90ed78a0681d6b4ba92e7d.png
Requested by: Host: secure.ecircle-ag.com
URL: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.215.216.8 Sofia, Bulgaria, ASN49699 (ICN-, BG),
Reverse DNS: aron.icnhost.net
Software: Apache /
Resource Hash: 538d1ce3dd9ce606b1caebc9a3452e9c6e3f6e949acd229a8538c73feea0fe00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.ecircle-ag.com/

Response headers

accept-ranges: bytes
content-length: 103570
etag: "f03131c-19492-6237e0c6536cc"
date: Mon, 07 Oct 2024 11:49:37 GMT
last-modified: Wed, 02 Oct 2024 13:02:21 GMT
content-type: image/png
server: Apache

GET
H2 200 c151e35b0f19f910fd75e45884a9529c.jpg
media.loffertagiusta.com/files/ 12 KB
12 KB 1425ms
469ms Image
image/jpeg 91.215.216.8
ICN-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.loffertagiusta.com/files/c151e35b0f19f910fd75e45884a9529c.jpg
Requested by: Host: secure.ecircle-ag.com
URL: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.215.216.8 Sofia, Bulgaria, ASN49699 (ICN-, BG),
Reverse DNS: aron.icnhost.net
Software: Apache /
Resource Hash: 264ba91584479eb64a7fa7de72a442f5c4ea5bb775e14018dbab4923695a405d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.ecircle-ag.com/

Response headers

accept-ranges: bytes
content-length: 11963
etag: "f03131d-2ebb-6237e0c6faa78"
date: Mon, 07 Oct 2024 11:49:37 GMT
last-modified: Wed, 02 Oct 2024 13:02:21 GMT
content-type: image/jpeg
server: Apache

GET
H2 200 2d00d4581678ef0bacf71617e1a34ccb.jpg
media.loffertagiusta.com/files/ 17 KB
17 KB 1186ms
231ms Image
image/jpeg 91.215.216.8
ICN-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.loffertagiusta.com/files/2d00d4581678ef0bacf71617e1a34ccb.jpg
Requested by: Host: secure.ecircle-ag.com
URL: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.215.216.8 Sofia, Bulgaria, ASN49699 (ICN-, BG),
Reverse DNS: aron.icnhost.net
Software: Apache /
Resource Hash: 1b8ca6c117eca92edfe68a50385a4b71dc9976276ac86504b43c54f950a08f21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.ecircle-ag.com/

Response headers

accept-ranges: bytes
content-length: 17337
etag: "f031322-43b9-6237e0c796e5d"
date: Mon, 07 Oct 2024 11:49:37 GMT
last-modified: Wed, 02 Oct 2024 13:02:22 GMT
content-type: image/jpeg
server: Apache

GET
H/1.1 200
OK aff_i
ct.tk2gk.com/ 43 B
568 B 178ms
18ms Image
image/gif 107.20.61.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.tk2gk.com/aff_i?offer_id=911&aff_id=1132&file_id=8261&source=Mayeutika&aff_sub2=1&aff_sub5=14141
Requested by: Host: secure.ecircle-ag.com
URL: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.20.61.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-61-247.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.ecircle-ag.com/

Response headers

Transfer-Encoding: chunked
X-Request-Id: 10c4b5112450e2142c1a04a738b20f7e
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Accept-CH: Sec-CH-UA-Model, Sec-CH-DPR, DPR
Tracking_id: 1029d289f4fc35563b0541d489063a
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *
Date: Mon, 07 Oct 2024 11:49:36 GMT
Content-Type: image/gif
Server: nginx
Access-Control-Allow-Headers: Tune-SDK-Version

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 373ms
27ms Font
font/woff2 173.194.205.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.205.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f94.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://secure.ecircle-ag.com
Referer: https://fonts.googleapis.com/

Response headers

age: 436031
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 02 Oct 2025 10:42:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 02 Oct 2024 10:42:26 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 366ms
21ms Font
font/woff2 173.194.205.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.205.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f94.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://secure.ecircle-ag.com
Referer: https://fonts.googleapis.com/

Response headers

age: 435871
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 02 Oct 2025 10:45:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 02 Oct 2024 10:45:06 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 19 KB
19 KB 389ms
43ms Font
font/woff2 173.194.205.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.205.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f94.1e100.net

Software

sffe /

Resource Hash

0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://secure.ecircle-ag.com
Referer: https://fonts.googleapis.com/

Response headers

age: 436847
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 02 Oct 2025 10:28:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 02 Oct 2024 10:28:50 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19780
x-xss-protection: 0
server: sffe

GET
H/1.1 404
Not Found favicon.ico
secure.ecircle-ag.com/ 83 B
179 B 106ms
106ms Other
text/html 195.140.186.104
GLOBALACCESS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.ecircle-ag.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 195.140.186.104 , Germany, ASN15960 (GLOBALACCESS, DE),
Reverse DNS: secure.l3.ec-messenger.com
Software: /
Resource Hash: 37aa963285b643c2e5504aa1f3dec16653e222b5b8d9531347206e3a5f51c4ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827

Response headers

content-type: text/html
cache-control: no-cache
content-length: 83

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			secure.ecircle-ag.com/loffertagiusta/	1970-01-21 00:05:02	Name: ECM Value: 5A64F147FC50AF3CB74DC6E1D71E61D6

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security	warning	URL: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827 Message: Mixed Content: The page at 'https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827' was loaded over HTTPS, but requested an insecure element 'http://news.loffertagiusta.com/tr/p.gif?uid=7247647001&mid=652639548&msd=1727944588992&s=AKAMANKFCBPGACGF&st=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827(Line 33) Message: Mixed Content: The page at 'https://secure.ecircle-ag.com/loffertagiusta/public/read_message.jsp;jsessionid=0;apw71?sigreq=-249362827' was loaded over HTTPS, but requested an insecure element 'http://news.loffertagiusta.com/tr/p.gif?uid=7247647001&mid=652639548&msd=1727944588992&s=AKAMANKFCBPGACGF&st=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://secure.ecircle-ag.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ct.tk2gk.com
fonts.googleapis.com
fonts.gstatic.com
media.loffertagiusta.com
news.loffertagiusta.com
secure.ecircle-ag.com
107.20.61.247
172.253.122.95
173.194.205.94
195.140.186.104
91.192.43.153
91.215.216.8
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440
1b8ca6c117eca92edfe68a50385a4b71dc9976276ac86504b43c54f950a08f21
264ba91584479eb64a7fa7de72a442f5c4ea5bb775e14018dbab4923695a405d
37aa963285b643c2e5504aa1f3dec16653e222b5b8d9531347206e3a5f51c4ae
3dd277ce49527ec6d1c72618337c6fa6cf079c83a7f250f1f98894c887a6b554
3f2f2a51809ef39a11910e180711f28cd840db6f878a78120b89f94be3f69f5b
492b292fd4e408db92b71f2c83f609203f9f716c9d7cdb35c3e663f1f8ca72ff
538d1ce3dd9ce606b1caebc9a3452e9c6e3f6e949acd229a8538c73feea0fe00
8256ab1e81073172a8541475a2c9f4baa7402d4a26e131b4043eb4402ead26e2
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
95163955b6b773ad8db1a902904bb212526dd2f906b6f761df793448b8254526
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

secure.ecircle-ag.com Open in urlscan Pro 195.140.186.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

6 IPs

3 Countries

308 kBTransfer

313 kBSize

1 Cookies

12 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

4 Console Messages

Security Headers

Indicators

secure.ecircle-ag.com Open in urlscan Pro
195.140.186.104 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

308 kB
Transfer

313 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions