sales-promotion.website Open in urlscan Pro
51.255.126.221 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10
Submission: On August 22 via manual (August 22nd 2023, 9:00:17 am UTC) from PT — Scanned from FR

Summary HTTP 14 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 8 domains to perform 14 HTTP transactions. The main IP is 51.255.126.221, located in France and belongs to OVH, FR. The main domain is sales-promotion.website.
TLS certificate: Issued by R3 on August 13th 2023. Valid for: 3 months.

This is the only time sales-promotion.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.255.126.221 51.255.126.221	16276 (OVH) (OVH)
8 8	164.90.215.51 164.90.215.51	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	178.33.161.3 178.33.161.3	16276 (OVH) (OVH)
1 1	18.159.229.247 18.159.229.247	16509 (AMAZON-02) (AMAZON-02)
1	34.251.71.112 34.251.71.112	16509 (AMAZON-02) (AMAZON-02)
1	54.224.160.191 54.224.160.191	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
14	7

1 51.255.126.221 (France)

ASN16276 (OVH, FR)
PTR: server.sales-promotion.website

sales-promotion.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 164.90.215.51 (Frankfurt am Main, Germany) 8 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

groupmserverone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn.groupmserverone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.33.161.3 (Madrid, Spain)

ASN16276 (OVH, FR)
PTR: expressinginterest.online

expressinginterest.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.229.247 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-229-247.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.71.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-71-112.eu-west-1.compute.amazonaws.com

neural28.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.224.160.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-160-191.compute-1.amazonaws.com

adsplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	groupmserverone.com 8 redirects groupmserverone.com cdn.groupmserverone.com	256 KB
1	gstatic.com fonts.gstatic.com	32 KB
1	adsplatform.com adsplatform.com	469 B
1	cdnwebcloud.com neural28.cdnwebcloud.com — Cisco Umbrella Rank: 343280	323 B
1	serving-sys.com 1 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1587	669 B
1	expressinginterest.online expressinginterest.online	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	833 B
1	sales-promotion.website sales-promotion.website	28 KB
14	8

	Domain	Requested by
8	cdn.groupmserverone.com	sales-promotion.website
8	groupmserverone.com	8 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	adsplatform.com	sales-promotion.website
1	neural28.cdnwebcloud.com	sales-promotion.website
1	bs.serving-sys.com	1 redirects
1	expressinginterest.online	sales-promotion.website
1	fonts.googleapis.com	client
1	sales-promotion.website
14	9

This site contains links to these domains. Also see Links.

Domain
adsplatform.com
connect-me.me

Subject Issuer	Validity	Valid
*.sales-promotion.website R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
expressinginterest.online R3	`2023-07-07` - `2023-10-05`	3 months	crt.sh
adsplatform.com Amazon RSA 2048 M03	`2023-08-10` - `2024-09-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10
Frame ID: 4914DB24D07738E2DFD092DFB8E1FBCA
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Credibom

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

14
Requests

36 %
HTTPS

22 %
IPv6

8
Domains

9
Subdomains

7
IPs

5
Countries

318 kB
Transfer

316 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://adsplatform.com/?adsid=74285753c241a5bbafd17318b1f0b814

Search URL Search Domain Scan URL

URL: https://connect-me.me/
Title: CONNECT

Search URL Search Domain Scan URL

URL: https://connect-me.me/privacy
Title: política de privacidade

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://groupmserverone.com/content/credibom/1/img/top-img-2.jpg HTTP 301
https://cdn.groupmserverone.com/credibom/1/img/top-img-2.jpg

Request Chain 1

https://groupmserverone.com/content/credibom/1/img/form_30_05_2023.jpg HTTP 301
https://cdn.groupmserverone.com/credibom/1/img/form_30_05_2023.jpg

Request Chain 2

https://groupmserverone.com/content/credibom/1/img/prazo.png HTTP 301
https://cdn.groupmserverone.com/credibom/1/img/prazo.png

Request Chain 4

https://groupmserverone.com/content/credibom/1/img/atendimento.png HTTP 301
https://cdn.groupmserverone.com/credibom/1/img/atendimento.png

Request Chain 5

https://groupmserverone.com/content/credibom/1/img/tempo.png HTTP 301
https://cdn.groupmserverone.com/credibom/1/img/tempo.png

Request Chain 6

https://groupmserverone.com/content/credibom/1/img/middel-img.jpg HTTP 301
https://cdn.groupmserverone.com/credibom/1/img/middel-img.jpg

Request Chain 7

https://groupmserverone.com/content/credibom/3/img/5-estrelas.png HTTP 301
https://cdn.groupmserverone.com/credibom/3/img/5-estrelas.png

Request Chain 9

https://bs.serving-sys.com/Serving/adServer.bs?cn=display&c=19&pli=1078820865&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&adid=1089372380&ord=[timestamp] HTTP 302
https://neural28.cdnwebcloud.com/atp?tc=37729&ord=5645108707516529114

Request Chain 11

https://groupmserverone.com/content/credibom/1/img/bg.png HTTP 301
https://cdn.groupmserverone.com/credibom/1/img/bg.png

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request display.php Show response
sales-promotion.website/iem/ 28 KB
28 KB 324ms
148ms Document
text/html 51.255.126.221
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.255.126.221 , France, ASN16276 (OVH, FR),
Reverse DNS: server.sales-promotion.website
Software: Apache /
Resource Hash: edc40a837cb7672844880ca8c6ee6fc16c92d73669ba235e8fb2aa77adb9fc58

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 22 Aug 2023 09:00:10 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2

200

top-img-2.jpg
cdn.groupmserverone.com/credibom/1/img/
Redirect Chain

https://groupmserverone.com/content/credibom/1/img/top-img-2.jpg
https://cdn.groupmserverone.com/credibom/1/img/top-img-2.jpg

101 KB
101 KB

311ms
24ms

Image
image/jpeg

205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.groupmserverone.com/credibom/1/img/top-img-2.jpg

Requested by

Host: sales-promotion.website
URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10

Protocol

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

12de1334dc0874c41cd27bfd0ec483b56ea83345c26c4a42c6adf326e9917361

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Tue, 20 Jun 2023 09:53:37 GMT
x-amz-request-id: tx0000000000000a693915c-0064e47427-ad936504-fra1b
etag: "e55cd6f08f3414c16e61964ab99d1127"
surrogate-control: max-age=2332;hw-h2proxy
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1692694811.cdn4-pxy204-cdg02.pa1.evs,1692694811.cds211.pa1.c
content-type: image/jpeg
cache-control: max-age=2332
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 103431

Redirect headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://cdn.groupmserverone.com/credibom/1/img/top-img-2.jpg
content-length: 162
x-xss-protection: 1; mode=block

GET
H2

200

form_30_05_2023.jpg
cdn.groupmserverone.com/credibom/1/img/
Redirect Chain

https://groupmserverone.com/content/credibom/1/img/form_30_05_2023.jpg
https://cdn.groupmserverone.com/credibom/1/img/form_30_05_2023.jpg

75 KB
76 KB

365ms
78ms

Image
image/jpeg

205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.groupmserverone.com/credibom/1/img/form_30_05_2023.jpg

Requested by

Host: sales-promotion.website
URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10

Protocol

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

62a6d26b395b956ffedcc8fb0d04c779a9ecb88364aae701f660a9f6337e739d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 07 Jun 2023 14:32:43 GMT
x-amz-request-id: tx0000000000000a697b6b4-0064e4754d-ad92bddc-fra1b
etag: "66fdefb1064ef219842c8ef109d26252"
surrogate-control: max-age=2626;hw-h2proxy
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1692694811.cdn4-pxy204-cdg02.pa1.evs,1692694811.cds236.pa1.c
content-type: image/jpeg
cache-control: max-age=2626
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 77196

Redirect headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://cdn.groupmserverone.com/credibom/1/img/form_30_05_2023.jpg
content-length: 162
x-xss-protection: 1; mode=block

GET
H2

200

prazo.png
cdn.groupmserverone.com/credibom/1/img/
Redirect Chain

https://groupmserverone.com/content/credibom/1/img/prazo.png
https://cdn.groupmserverone.com/credibom/1/img/prazo.png

2 KB
2 KB

374ms
87ms

Image
image/png

205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.groupmserverone.com/credibom/1/img/prazo.png

Requested by

Host: sales-promotion.website
URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10

Protocol

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

cbb7c5da1795b4169d4de4bec8189d0e345522f9714fa123f18051a73e0f81a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 07 Jun 2023 14:32:40 GMT
x-amz-request-id: tx0000000000000a685f57d-0064e4704d-ad9364d7-fra1b
etag: "67adf2c032b231d7a150f66e9a071f8f"
surrogate-control: max-age=1346;hw-h2proxy
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1692694811.cdn4-pxy204-cdg02.pa1.evs,1692694811.cds215.pa1.c
content-type: image/png
cache-control: max-age=1346
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 1594

Redirect headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://cdn.groupmserverone.com/credibom/1/img/prazo.png
content-length: 162
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
833 B 103ms
36ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Outfit:wght@400;700;800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c66a11ea2333cb92fff8e78df8be8140bba378722e1ddc05ef72ebcec37fe91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 09:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 09:00:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 09:00:11 GMT

GET
H2

200

atendimento.png
cdn.groupmserverone.com/credibom/1/img/
Redirect Chain

https://groupmserverone.com/content/credibom/1/img/atendimento.png
https://cdn.groupmserverone.com/credibom/1/img/atendimento.png

1 KB
2 KB

364ms
77ms

Image
image/png

205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.groupmserverone.com/credibom/1/img/atendimento.png

Requested by

Host: sales-promotion.website
URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10

Protocol

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

179dece0714ff950a80eab6d8c192d8d276bef9c08ba227b70c0404a084cfeff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 07 Jun 2023 14:32:40 GMT
x-amz-request-id: tx0000000000000a6938c97-0064e47428-ad9364d7-fra1b
etag: "62992a1e60c57fcaf4f64826fbfc6d67"
surrogate-control: max-age=2333;hw-h2proxy
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1692694811.cdn4-pxy204-cdg02.pa1.evs,1692694811.cds243.pa1.c
content-type: image/png
cache-control: max-age=2333
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 1389

Redirect headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://cdn.groupmserverone.com/credibom/1/img/atendimento.png
content-length: 162
x-xss-protection: 1; mode=block

GET
H2

200

tempo.png
cdn.groupmserverone.com/credibom/1/img/
Redirect Chain

https://groupmserverone.com/content/credibom/1/img/tempo.png
https://cdn.groupmserverone.com/credibom/1/img/tempo.png

2 KB
2 KB

363ms
76ms

Image
image/png

205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.groupmserverone.com/credibom/1/img/tempo.png

Requested by

Host: sales-promotion.website
URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10

Protocol

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

c17f3f292190e2aca79d6e1533ec64edbd0798653a19adda0060782c58881dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 07 Jun 2023 14:32:43 GMT
x-amz-request-id: tx00000000000009dfdb401-0064e471c5-adce137d-fra1b
etag: "1ca6495b6e53f14cc66dba65762559d0"
surrogate-control: max-age=1722;hw-h2proxy
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1692694811.cdn4-pxy204-cdg02.pa1.evs,1692694811.cds043.pa1.c
content-type: image/png
cache-control: max-age=1722
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 1554

Redirect headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://cdn.groupmserverone.com/credibom/1/img/tempo.png
content-length: 162
x-xss-protection: 1; mode=block

GET
H2

200

middel-img.jpg
cdn.groupmserverone.com/credibom/1/img/
Redirect Chain

https://groupmserverone.com/content/credibom/1/img/middel-img.jpg
https://cdn.groupmserverone.com/credibom/1/img/middel-img.jpg

64 KB
64 KB

376ms
89ms

Image
image/jpeg

205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.groupmserverone.com/credibom/1/img/middel-img.jpg

Requested by

Host: sales-promotion.website
URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10

Protocol

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

ab249f4dd6be8cce16a373988e24e5d00615c9cccf6a701fb44bedce207f7a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 07 Jun 2023 14:32:42 GMT
x-amz-request-id: tx0000000000000a69d48a9-0064e476f0-ad9364d7-fra1b
etag: "f30a3b381dbfd34f3c12080105ffe713"
surrogate-control: max-age=3045;hw-h2proxy
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1692694811.cdn4-pxy204-cdg02.pa1.evs,1692694811.cds245.pa1.c
content-type: image/jpeg
cache-control: max-age=3045
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 65239

Redirect headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://cdn.groupmserverone.com/credibom/1/img/middel-img.jpg
content-length: 162
x-xss-protection: 1; mode=block

GET
H2

200

5-estrelas.png
cdn.groupmserverone.com/credibom/3/img/
Redirect Chain

https://groupmserverone.com/content/credibom/3/img/5-estrelas.png
https://cdn.groupmserverone.com/credibom/3/img/5-estrelas.png

8 KB
8 KB

383ms
96ms

Image
image/png

205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.groupmserverone.com/credibom/3/img/5-estrelas.png

Requested by

Host: sales-promotion.website
URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10

Protocol

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

36ac367fa7e0d135c1ed2a5e66096e2fee34825ecb55a5d3f270ab625285cf4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 07 Jun 2023 14:32:43 GMT
x-amz-request-id: tx00000000000009e17c75f-0064e4791b-adcbe5b3-fra1b
etag: "8f0fa5e05f797258a952ddccd76962c9"
surrogate-control: max-age=3600;hw-h2proxy
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1692694811.cdn4-pxy204-cdg02.pa1.evs,1692694811.cds243.pa1.pr
content-type: image/png
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7800

Redirect headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://cdn.groupmserverone.com/credibom/3/img/5-estrelas.png
content-length: 162
x-xss-protection: 1; mode=block

GET
H2 200 power.png
expressinginterest.online/img/ 1 KB
2 KB 112ms
21ms Image
image/png 178.33.161.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://expressinginterest.online/img/power.png

Requested by

Host: sales-promotion.website
URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.33.161.3 Madrid, Spain, ASN16276 (OVH, FR),

Reverse DNS

expressinginterest.online

Software

nginx / PleskLin

Resource Hash

0bc20e673c00f53b5e1c6f471786b10d6da376335c1e515cf729b8c0b03f5633

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Mon, 21 Nov 2022 17:59:26 GMT
server: nginx
etag: "637bbc7e-5ce"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1486

GET
H2

200

atp
neural28.cdnwebcloud.com/
Redirect Chain

https://bs.serving-sys.com/Serving/adServer.bs?cn=display&c=19&pli=1078820865&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&adid=1089372380&ord=[timestamp]
https://neural28.cdnwebcloud.com/atp?tc=37729&ord=5645108707516529114

74 B
323 B

107ms
28ms

Image
image/png

34.251.71.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural28.cdnwebcloud.com/atp?tc=37729&ord=5645108707516529114
Requested by: Host: sales-promotion.website
URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10
Protocol: H2
Server: 34.251.71.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-71-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Aug 2023 09:00:11 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 09:00:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
location: https://neural28.cdnwebcloud.com/atp?tc=37729&ord=5645108707516529114
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 196
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 /
adsplatform.com/ 43 B
469 B 433ms
237ms Image
image/gif 54.224.160.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsplatform.com/?action=impress&adsid=74285753c241a5bbafd17318b1f0b814
Requested by: Host: sales-promotion.website
URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.160.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-160-191.compute-1.amazonaws.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 09:00:11 GMT
cache-control: no-cache
server: Apache
content-length: 43
content-type: image/gif

GET
H2

200

bg.png
cdn.groupmserverone.com/credibom/1/img/
Redirect Chain

https://groupmserverone.com/content/credibom/1/img/bg.png
https://cdn.groupmserverone.com/credibom/1/img/bg.png

96 B
279 B

362ms
95ms

Image
image/png

205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.groupmserverone.com/credibom/1/img/bg.png

Requested by

Host: sales-promotion.website
URL: https://sales-promotion.website/iem/display.php?M=897&C=ce1054bbd0883ebe5f1e1b25a994b8f1&S=14&L=1&N=10

Protocol

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

c0f7b32c91c7d7e96b1acbdd93f941d21f6f937993ccdb1457dfb973bd3c0a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sales-promotion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 07 Jun 2023 14:32:43 GMT
x-amz-request-id: tx00000000000009dfd9371-0064e471c5-adce6df8-fra1b
etag: "41730785f6361f9d8b362010ce1f7a17"
surrogate-control: max-age=1722;hw-h2proxy
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-envoy-upstream-healthchecked-cluster
content-type: image/png
x-hw: 1692694811.cdn4-pxy204-cdg02.pa1.evs,1692694811.cds221.pa1.c
cache-control: max-age=1722
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 96

Redirect headers

date: Tue, 22 Aug 2023 09:00:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://cdn.groupmserverone.com/credibom/1/img/bg.png
content-length: 162
x-xss-protection: 1; mode=block

GET
H2 200 QGYvz_MVcBeNP4NJtEtq.woff2
fonts.gstatic.com/s/outfit/v11/ 32 KB
32 KB 91ms
27ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/outfit/v11/QGYvz_MVcBeNP4NJtEtq.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Outfit:wght@400;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sales-promotion.website
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 23:17:42 GMT
x-content-type-options: nosniff
age: 294149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32272
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:30:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 23:17:42 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bs.serving-sys.com/Serving	1970-01-20 14:13:44	Name: S_1078820865 Value: 3978320773015374318
bs.serving-sys.com/Serving	1969-12-31 23:59:59	Name: r1 Value: 1692694811_1
.serving-sys.com/	1970-01-20 14:54:46	Name: A6 Value: 10XE3szoVs000ymH000000000
.serving-sys.com/	1970-01-20 14:54:46	Name: u2 Value: 49278079-e95f-41a7-a6e2-fc47aad66f8e4O7060
.neural28.cdnwebcloud.com/	1970-01-20 22:57:10	Name: n_one Value: 4c8a1914-40ca-11ee-b309-0242ac110002
adsplatform.com/	1970-01-20 23:47:34	Name: laravel_session Value: eyJpdiI6ImNQNzlJQnUwZ1VIcm1pdXVQbHpCbmc9PSIsInZhbHVlIjoiT0RyZHppbVF6Yk1kK0pOZUlcL21yZGN4QWRpVWlGZzd0K1NzRXp5N2U5UU9ITmYxeUlGejFuamtvM0xQemw2RmhYS25tRUxPTHBESEtaZTBOejZEeEF3PT0iLCJtYWMiOiI3ZjAwYmNiMmJhMGI5NjMxZTZiM2MxNTcwMGZhZWI0NjRmNGZkZmExZTc5MzU1ZGViOTIzYTRiNzg4M2ZmYWRjIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsplatform.com
bs.serving-sys.com
cdn.groupmserverone.com
expressinginterest.online
fonts.googleapis.com
fonts.gstatic.com
groupmserverone.com
neural28.cdnwebcloud.com
sales-promotion.website
164.90.215.51
178.33.161.3
18.159.229.247
205.185.216.10
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2003
34.251.71.112
51.255.126.221
54.224.160.191
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
0bc20e673c00f53b5e1c6f471786b10d6da376335c1e515cf729b8c0b03f5633
12de1334dc0874c41cd27bfd0ec483b56ea83345c26c4a42c6adf326e9917361
179dece0714ff950a80eab6d8c192d8d276bef9c08ba227b70c0404a084cfeff
36ac367fa7e0d135c1ed2a5e66096e2fee34825ecb55a5d3f270ab625285cf4e
45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390
62a6d26b395b956ffedcc8fb0d04c779a9ecb88364aae701f660a9f6337e739d
ab249f4dd6be8cce16a373988e24e5d00615c9cccf6a701fb44bedce207f7a6e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c0f7b32c91c7d7e96b1acbdd93f941d21f6f937993ccdb1457dfb973bd3c0a89
c17f3f292190e2aca79d6e1533ec64edbd0798653a19adda0060782c58881dae
c66a11ea2333cb92fff8e78df8be8140bba378722e1ddc05ef72ebcec37fe91e
cbb7c5da1795b4169d4de4bec8189d0e345522f9714fa123f18051a73e0f81a7
edc40a837cb7672844880ca8c6ee6fc16c92d73669ba235e8fb2aa77adb9fc58

sales-promotion.website Open in urlscan Pro 51.255.126.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

36 %HTTPS

22 %IPv6

8 Domains

9 Subdomains

7 IPs

5 Countries

318 kBTransfer

316 kBSize

6 Cookies

3 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

6 Cookies

Indicators

sales-promotion.website Open in urlscan Pro
51.255.126.221 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

36 %
HTTPS

22 %
IPv6

8
Domains

9
Subdomains

7
IPs

5
Countries

318 kB
Transfer

316 kB
Size

6
Cookies

14 HTTP transactions
0 data transactions