urlscan.io logo urlscan.io
SecurityTrails logo

campaigns.neckermann.be Open in urlscan Pro
194.213.114.92  Public Scan

Go To Rescan Add Verdict Report
URL: https://campaigns.neckermann.be/optiext/optiextension.dll?ID=sWXsXUDem9YFIZ83UXNspVsEIL4MOBERUe7o8Es2E6e8LhAIANZ5MyrmlTN_Vr6c7ab...
Submission: On July 02 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main IP is 194.213.114.92, located in Belgium and belongs to COMBELL-AS, BE. The main domain is campaigns.neckermann.be.
TLS certificate: Issued by DigiCert Global CA G2 on March 9th 2018. Valid for: 2 years.
This is the only time campaigns.neckermann.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 194.213.114.92 34762 (COMBELL-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 3
Domain Requested by
2 fonts.gstatic.com campaigns.neckermann.be
2 thomascook.emsecure.net campaigns.neckermann.be
1 fonts.googleapis.com campaigns.neckermann.be
1 campaigns.neckermann.be
6 4

This site contains links to these domains. Also see Links.

Domain
thomascook.emsecure.net
Subject Issuer Validity Valid
campaigns.neckermann.be
DigiCert Global CA G2		 2018-03-09 -
2020-03-08		 2 years crt.sh
*.emsecure.net
DigiCert SHA2 Secure Server CA		 2019-03-11 -
2021-05-12		 2 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://campaigns.neckermann.be/optiext/optiextension.dll?ID=sWXsXUDem9YFIZ83UXNspVsEIL4MOBERUe7o8Es2E6e8LhAIANZ5MyrmlTN_Vr6c7abXkHbrZpZ4WssnZVzfVGOBRdx6V
Frame ID: 4CE92C2AC667498A501BD687D234A128
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

6
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

185 kB
Transfer

315 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request optiextension.dll
campaigns.neckermann.be/optiext/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://campaigns.neckermann.be/optiext/optiextension.dll?ID=sWXsXUDem9YFIZ83UXNspVsEIL4MOBERUe7o8Es2E6e8LhAIANZ5MyrmlTN_Vr6c7abXkHbrZpZ4WssnZVzfVGOBRdx6V
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
194.213.114.92 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
webapp92.emsecure.net
Software
/
Resource Hash
10c5443339e4d26939ed85974b05de1ee19108444445043c36c5cf692e7c2834
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
campaigns.neckermann.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Tue, 02 Jul 2019 22:18:38 GMT
Content-Length
1191
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Cache-Tag
10655
style.css
thomascook.emsecure.net/scripts/preferences/css/ 		164 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thomascook.emsecure.net/scripts/preferences/css/style.css
Requested by
Host: campaigns.neckermann.be
URL: https://campaigns.neckermann.be/optiext/optiextension.dll?ID=sWXsXUDem9YFIZ83UXNspVsEIL4MOBERUe7o8Es2E6e8LhAIANZ5MyrmlTN_Vr6c7abXkHbrZpZ4WssnZVzfVGOBRdx6V
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
194.213.114.92 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
webapp92.emsecure.net
Software
/
Resource Hash
1d2df98f4b0a98350a573c9c35d79611836b5b4e2a58b13a6749898a47b81372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://campaigns.neckermann.be/optiext/optiextension.dll?ID=sWXsXUDem9YFIZ83UXNspVsEIL4MOBERUe7o8Es2E6e8LhAIANZ5MyrmlTN_Vr6c7abXkHbrZpZ4WssnZVzfVGOBRdx6V
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 02 Jul 2019 22:18:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 12 Feb 2018 09:38:38 GMT
ETag
"57af7142e5a3d31:0"
Vary
Accept-Encoding
Cache-Tag
10655
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
36029
X-Xss-Protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
522 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,400i,900
Requested by
Host: campaigns.neckermann.be
URL: https://campaigns.neckermann.be/optiext/optiextension.dll?ID=sWXsXUDem9YFIZ83UXNspVsEIL4MOBERUe7o8Es2E6e8LhAIANZ5MyrmlTN_Vr6c7abXkHbrZpZ4WssnZVzfVGOBRdx6V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b8617dabeb6a085a689cd52f23ca316d2f7d0de103561c97b11cae0e39950209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://campaigns.neckermann.be/optiext/optiextension.dll?ID=sWXsXUDem9YFIZ83UXNspVsEIL4MOBERUe7o8Es2E6e8LhAIANZ5MyrmlTN_Vr6c7abXkHbrZpZ4WssnZVzfVGOBRdx6V
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jul 2019 22:18:38 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 02 Jul 2019 22:18:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 02 Jul 2019 22:18:38 GMT
930x300_hangmat-LOGO.jpg
thomascook.emsecure.net/images/preferences/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thomascook.emsecure.net/images/preferences/930x300_hangmat-LOGO.jpg
Requested by
Host: campaigns.neckermann.be
URL: https://campaigns.neckermann.be/optiext/optiextension.dll?ID=sWXsXUDem9YFIZ83UXNspVsEIL4MOBERUe7o8Es2E6e8LhAIANZ5MyrmlTN_Vr6c7abXkHbrZpZ4WssnZVzfVGOBRdx6V
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
194.213.114.92 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
webapp92.emsecure.net
Software
/
Resource Hash
d1f386456edf24c0eb85f8ea235a75375d07d134334f123e76c65080f49cb1c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://campaigns.neckermann.be/optiext/optiextension.dll?ID=sWXsXUDem9YFIZ83UXNspVsEIL4MOBERUe7o8Es2E6e8LhAIANZ5MyrmlTN_Vr6c7abXkHbrZpZ4WssnZVzfVGOBRdx6V
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 02 Jul 2019 22:18:51 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 28 Jan 2018 14:52:01 GMT
ETag
"281a88e4798d31:0"
Strict-Transport-Security
max-age=31536000; includeSubdomains
Cache-Tag
10655
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
122609
X-Xss-Protection
1; mode=block
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v15/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: campaigns.neckermann.be
URL: https://campaigns.neckermann.be/optiext/optiextension.dll?ID=sWXsXUDem9YFIZ83UXNspVsEIL4MOBERUe7o8Es2E6e8LhAIANZ5MyrmlTN_Vr6c7abXkHbrZpZ4WssnZVzfVGOBRdx6V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,400i,900
Origin
https://campaigns.neckermann.be

Response headers

date
Tue, 25 Jun 2019 16:04:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:00 GMT
server
sffe
age
627278
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Wed, 24 Jun 2020 16:04:14 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v15/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v15/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: campaigns.neckermann.be
URL: https://campaigns.neckermann.be/optiext/optiextension.dll?ID=sWXsXUDem9YFIZ83UXNspVsEIL4MOBERUe7o8Es2E6e8LhAIANZ5MyrmlTN_Vr6c7abXkHbrZpZ4WssnZVzfVGOBRdx6V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,400i,900
Origin
https://campaigns.neckermann.be

Response headers

date
Thu, 13 Jun 2019 23:01:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:11:22 GMT
server
sffe
age
1639057
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13732
x-xss-protection
0
expires
Fri, 12 Jun 2020 23:01:15 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block