urlscan.io logo urlscan.io
SecurityTrails logo

mirror.news.promo-gazzetta.it Open in urlscan Pro
185.151.189.219  Public Scan

Go To Rescan Add Verdict Report
URL: https://mirror.news.promo-gazzetta.it/?eis=267577&s=89&b=2701
Submission: On October 31 via manual from IN — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 185.151.189.219, located in France and belongs to ODISO-AS, FR. The main domain is mirror.news.promo-gazzetta.it.
TLS certificate: Issued by R3 on October 17th 2022. Valid for: 3 months.
This is the only time mirror.news.promo-gazzetta.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.151.189.219 34993 (ODISO-AS)
1 2001:41d0:301... 16276 (OVH)
1 192.46.236.54 63949 (LINODE-AP...)
4 3
Domain Requested by
1 toogooddeal.net mirror.news.promo-gazzetta.it
1 t.news.promo-gazzetta.it mirror.news.promo-gazzetta.it
1 promogazzetta.it mirror.news.promo-gazzetta.it
1 mirror.news.promo-gazzetta.it
4 4

This site contains links to these domains. Also see Links.

Domain
t.news.promo-gazzetta.it
Subject Issuer Validity Valid
mirror.news.promo-gazzetta.it
R3		 2022-10-17 -
2023-01-15		 3 months crt.sh
promogazzetta.it
R3		 2022-08-26 -
2022-11-24		 3 months crt.sh
t.news.promo-gazzetta.it
R3		 2022-10-17 -
2023-01-15		 3 months crt.sh
toogooddeal.net
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mirror.news.promo-gazzetta.it/?eis=267577&s=89&b=2701
Frame ID: 4047CAD7DDEA904BE584E4C389F6B29D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

21 kB
Transfer

23 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mirror.news.promo-gazzetta.it/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mirror.news.promo-gazzetta.it/?eis=267577&s=89&b=2701
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.151.189.219 , France, ASN34993 (ODISO-AS, FR),
Reverse DNS
mindproxyvip.odiso.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
79c7a47f215263cafba32f2fc96da0b406f8e3be96726b01942b2b2275270d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
2004
content-type
text/html; charset=utf-8
date
Mon, 31 Oct 2022 06:05:12 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000;
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
header.png
promogazzetta.it/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promogazzetta.it/images/header.png
Requested by
Host: mirror.news.promo-gazzetta.it
URL: https://mirror.news.promo-gazzetta.it/?eis=267577&s=89&b=2701
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:4::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
767d4313d757b5f867df1ba597746e9cdc5a77cd73c2a5da7061e472f3abd8e2

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://mirror.news.promo-gazzetta.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 06:05:13 GMT
last-modified
Tue, 03 Aug 2021 08:33:05 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
18294
expires
Mon, 31 Oct 2022 06:20:13 GMT
/
t.news.promo-gazzetta.it/o/ 		180 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.news.promo-gazzetta.it/o/?t=8si-z1-14ckf
Requested by
Host: mirror.news.promo-gazzetta.it
URL: https://mirror.news.promo-gazzetta.it/?eis=267577&s=89&b=2701
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.151.189.219 , France, ASN34993 (ODISO-AS, FR),
Reverse DNS
mindproxyvip.odiso.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://mirror.news.promo-gazzetta.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 06:05:13 GMT
strict-transport-security
max-age=31536000;
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private
content-length
180
%7Bemail%7D
toogooddeal.net/v2/open/84bsmdcg3wrifygbg5x/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://toogooddeal.net/v2/open/84bsmdcg3wrifygbg5x/%7Bemail%7D
Requested by
Host: mirror.news.promo-gazzetta.it
URL: https://mirror.news.promo-gazzetta.it/?eis=267577&s=89&b=2701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.46.236.54 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
192-46-236-54.ip.linodeusercontent.com
Software
openresty / PHP/7.4.28
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://mirror.news.promo-gazzetta.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 06:04:47 GMT
server
openresty
x-powered-by
PHP/7.4.28
content-type
image/gif
cache-control
max-age=10
x-robots-tag
noindex
content-length
43
x-served-by
toogooddeal.net

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

5 Cookies

Domain/Path Name / Value
mirror.news.promo-gazzetta.it/ Name: ASP.NET_SessionId
Value: impukj2qzueibignwsfisvz3
mirror.news.promo-gazzetta.it/ Name: SERVERID
Value: mindweb3.odiso.net
toogooddeal.net/ Name: op[84bsmdcg3wrifygbg5x]
Value: 1
t.news.promo-gazzetta.it/ Name: ASP.NET_SessionId
Value: r1zl4glnx1xk5a5eelkv4saw
t.news.promo-gazzetta.it/ Name: SERVERID
Value: mindtrack3.odiso.net

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN