urlscan.io logo urlscan.io
SecurityTrails logo

pg.guardofferte.com Open in urlscan Pro
185.249.183.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
Effective URL: https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
Submission: On August 30 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 6 HTTP transactions. The main IP is 185.249.183.231, located in Urtijëi, Italy and belongs to SERVER24-AS INCUBATEC GmbH - Srl, IT. The main domain is pg.guardofferte.com.
TLS certificate: Issued by R11 on July 27th 2024. Valid for: 3 months.
This is the only time pg.guardofferte.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 185.249.183.231 34081 (SERVER24-...)
1 142.250.186.42 15169 (GOOGLE)
1 172.104.226.213 63949 (AKAMAI-LI...)
6 3
Domain Requested by
3 tr.guardofferte.com 2 redirects pg.guardofferte.com
2 pg.guardofferte.com
1 funnelconsulting.postaffiliatepro.com pg.guardofferte.com
1 media.guardofferte.com pg.guardofferte.com
1 fonts.googleapis.com pg.guardofferte.com
6 5

This site contains links to these domains. Also see Links.

Domain
tr.guardofferte.com
Subject Issuer Validity Valid
media.guardofferte.com
R11		 2024-07-27 -
2024-10-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
Frame ID: C19E230C0EF8A25268F3C1B3DE521D85
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Optima Super Casa Smart

Page URL History Show full URLs

  1. http://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162 HTTP 307
    https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162 Page URL

Page Statistics

6
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

3
Countries

382 kB
Transfer

385 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162 HTTP 307
    https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://tr.guardofferte.com/r/QGwVxUDnG84faewG1WscIWP5soWkkAWlA22S5GLUzsmaUsmR63HU_eVrw9xFaQXEChUUTPaJa090v80my9MpYQ HTTP 302
  • https://fonts.googleapis.com/css?family=Nunito%20Sans:400,700
Request Chain 2
  • https://tr.guardofferte.com/r/AFIO7ILe-PM32R9sjXBZLvhy7Xm8wK5rHMbMbqxAAktjyVGH_NTq8Hlb_8DW039knzkKAX1nYJUU7K8ycGiLvXfFRY09fIMxY1Flw_gQGvK3TD1JA8F_v5122snpVsMH HTTP 302
  • https://funnelconsulting.postaffiliatepro.com/scripts/imp.php?a_bid=ba06ec83&a_aid=c6f2cf2a1

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 162
pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/
Redirect Chain
  • http://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
  • https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.183.231 Urtijëi, Italy, ASN34081 (SERVER24-AS INCUBATEC GmbH - Srl, IT),
Reverse DNS
Software
nginx /
Resource Hash
54c303f0c2c30bba42fd79a7b428c339d5cf32af5364c61a4fd98a572cd97dc7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 30 Aug 2024 23:47:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1;mode=block

Redirect headers

Location
https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/
Redirect Chain
  • https://tr.guardofferte.com/r/QGwVxUDnG84faewG1WscIWP5soWkkAWlA22S5GLUzsmaUsmR63HU_eVrw9xFaQXEChUUTPaJa090v80my9MpYQ
  • https://fonts.googleapis.com/css?family=Nunito%20Sans:400,700
4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito%20Sans:400,700
Requested by
Host: pg.guardofferte.com
URL: https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
Protocol
H2
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
4a69df0770bb0a34440629f658e135e3aa51898e3f5f51c9d08e6db470e93712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 23:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 23:47:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 23:47:37 GMT

Redirect headers

date
Fri, 30 Aug 2024 23:47:35 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://fonts.googleapis.com/css?family=Nunito%20Sans:400,700
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
alt-svc
h3=":443"; ma=86400
x-xss-protection
1;mode=block
17175903546902_visual2.jpg
media.guardofferte.com/securityproject/ext/1717590354/ 		375 KB
376 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.guardofferte.com/securityproject/ext/1717590354/17175903546902_visual2.jpg
Requested by
Host: pg.guardofferte.com
URL: https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.183.231 Urtijëi, Italy, ASN34081 (SERVER24-AS INCUBATEC GmbH - Srl, IT),
Reverse DNS
Software
nginx /
Resource Hash
92fa00070cf7e66c487c125c134bceac936dd93155e82adaa276963f437d73e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Thu, 06 Jun 2024 15:25:01 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000;includeSubDomains;preload
age
7374154
x-ua-device
x-varnish-beresp
200
remote-ip
185.198.62.44
content-length
383870
x-xss-protection
1;mode=block
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
x-varnish-cache-hits
10297
last-modified
Wed, 05 Jun 2024 12:25:55 GMT
server
nginx
etag
"66605953-5db7e"
x-varnish-backend
www2
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
745335668 173741096
cache-control
max-age=315360000, public
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
accept-ranges
bytes
server-hostname
varnish
expires
Thu, 31 Dec 2037 23:55:55 GMT
imp.php
funnelconsulting.postaffiliatepro.com/scripts/
Redirect Chain
  • https://tr.guardofferte.com/r/AFIO7ILe-PM32R9sjXBZLvhy7Xm8wK5rHMbMbqxAAktjyVGH_NTq8Hlb_8DW039knzkKAX1nYJUU7K8ycGiLvXfFRY09fIMxY1Flw_gQGvK3TD1JA8F_v5122snpVsMH
  • https://funnelconsulting.postaffiliatepro.com/scripts/imp.php?a_bid=ba06ec83&a_aid=c6f2cf2a1
43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funnelconsulting.postaffiliatepro.com/scripts/imp.php?a_bid=ba06ec83&a_aid=c6f2cf2a1
Requested by
Host: pg.guardofferte.com
URL: https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
Protocol
H2
Server
172.104.226.213 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-104-226-213.ip.linodeusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Fri, 30 Aug 2024 23:47:37 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

date
Fri, 30 Aug 2024 23:47:36 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://funnelconsulting.postaffiliatepro.com/scripts/imp.php?a_bid=ba06ec83&a_aid=c6f2cf2a1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
alt-svc
h3=":443"; ma=86400
x-xss-protection
1;mode=block
image.png
tr.guardofferte.com/image/1717590354/1679569065/1izl7nlr/18/162/ 		91 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.guardofferte.com/image/1717590354/1679569065/1izl7nlr/18/162/image.png?w=1
Requested by
Host: pg.guardofferte.com
URL: https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.183.231 Urtijëi, Italy, ASN34081 (SERVER24-AS INCUBATEC GmbH - Srl, IT),
Reverse DNS
Software
nginx /
Resource Hash
5244a0c7065b9bf939a18af4be0b1bf2d73b94c48db1df0b13af4ed5b3596f2a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:47:35 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
alt-svc
h3=":443"; ma=86400
x-xss-protection
1;mode=block
favicon.ico
pg.guardofferte.com/ 		0
741 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pg.guardofferte.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.183.231 Urtijëi, Italy, ASN34081 (SERVER24-AS INCUBATEC GmbH - Srl, IT),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://pg.guardofferte.com/web/view/1717590354/1679569065/1izl7nlr/18/162
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:47:37 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
alt-svc
h3=":443"; ma=86400
x-xss-protection
1;mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
pg.guardofferte.com/ Name: PHPSESSID
Value: 032b803eca5ff00ff675318a0636793a
tr.guardofferte.com/ Name: _backend
Value: www4|ZtJaG|ZtJaG
.postaffiliatepro.com/ Name: PAPCookie_Imp_ba06ec83
Value: pap
pg.guardofferte.com/ Name: _backend
Value: www1|ZtJaH|ZtJaG

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block