urlscan.io logo urlscan.io
SecurityTrails logo

shoes.dosumpchan.ga Open in urlscan Pro
2a06:98c1:3121::c  Public Scan

Go To Rescan Add Verdict Report
URL: http://shoes.dosumpchan.ga/
Submission: On January 13 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 5 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is shoes.dosumpchan.ga.
This is the only time shoes.dosumpchan.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 46.105.152.34 16276 (OVH)
1 91.134.165.186 16276 (OVH)
1 217.61.52.165 31034 (ARUBA-ASN)
1 89.46.107.238 31034 (ARUBA-ASN)
5 5
1    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
shoes.dosumpchan.ga
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
via.placeholder.com
1    46.105.152.34 (France)

ASN16276 (OVH, FR)
PTR: ip34.ip-46-105-152.eu
1.citynews-veronasera.stgy.ovh
1    91.134.165.186 (France)

ASN16276 (OVH, FR)
PTR: lb-varnish02.citynews.ovh
1.citynews-veronasera.stgy.ovh
1    217.61.52.165 (Ponte San Pietro, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host165-52-61-217.static.dns-aruba.cloud
primadituttoverona.it
1    89.46.107.238 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: webx1240.aruba.it
www.notizieaudaci.it
Domain Requested by
2 1.citynews-veronasera.stgy.ovh 1 redirects shoes.dosumpchan.ga
1 www.notizieaudaci.it shoes.dosumpchan.ga
1 primadituttoverona.it shoes.dosumpchan.ga
1 via.placeholder.com shoes.dosumpchan.ga
1 shoes.dosumpchan.ga
5 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
primadituttoverona.it
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
*.notizieaudaci.it
Actalis Domain Validation Server CA G3		 2022-12-30 -
2024-01-30		 a year crt.sh

This page contains 1 frames:

Primary Page: http://shoes.dosumpchan.ga/
Frame ID: 4689EFA54EE697EB7BEDAC3CB96F70C6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Escort Verona e provincia

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

5
Requests

60 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

310 kB
Transfer

324 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://1.citynews-veronasera.stgy.ovh/~media/original-hi/18177378686916/corso-di-cucina-antinfiammatoria.jpg HTTP 308
  • https://1.citynews-veronasera.stgy.ovh/~media/original-hi/18177378686916/corso-di-cucina-antinfiammatoria.jpg

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shoes.dosumpchan.ga/ 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://shoes.dosumpchan.ga/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc9cb2b66fde6fba09b5ab678f80f04e7ca8d63622b5400efc6d558360f31dd9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
788c0ece0ffcb8a3-AMS
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 Jan 2023 06:26:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2AXVJCbYnDgZvlqPv6nqLw%2BA8zic2Cd90%2BRmc6Ja08nsJyUpQLV0xmJqBousEimjm31gcJN5Xa4uPPbBecRf%2BE84o%2BEzWtHEpN4LX8IC7pUD%2BnjGqwbFeHC%2Fkur5ueBO2im7nxMIXR7GQnrCU7bu1UJ"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
50x50
via.placeholder.com/ 		182 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://via.placeholder.com/50x50
Requested by
Host: shoes.dosumpchan.ga
URL: http://shoes.dosumpchan.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ba955e85f14e7e5eed8c286db702c3ef9cb6bfc9c0ec1f20e4e09837939996

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://shoes.dosumpchan.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 06:26:00 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 30 Dec 2020 01:00:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5febd112-b6"
x-cache
L1
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3EKc5xtjlINMNnir6d0N%2BJpRrow9rHw%2Bxi%2BgKjrtMCp82x9nXoaDkWlEKZQOkykz3sB1FIfYaC9yI4At%2FkhQaRJ3%2FkURd5VmsDmGgrYIKzPI2FK0hhoRpkE43NW0ZixASAWTzOFdWM5U7K%2FtVRr5gzn"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
788c0ecf2eae0a79-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
182
expires
Fri, 20 Jan 2023 06:25:43 GMT
corso-di-cucina-antinfiammatoria.jpg
1.citynews-veronasera.stgy.ovh/~media/original-hi/18177378686916/
Redirect Chain
  • http://1.citynews-veronasera.stgy.ovh/~media/original-hi/18177378686916/corso-di-cucina-antinfiammatoria.jpg
  • https://1.citynews-veronasera.stgy.ovh/~media/original-hi/18177378686916/corso-di-cucina-antinfiammatoria.jpg
75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.citynews-veronasera.stgy.ovh/~media/original-hi/18177378686916/corso-di-cucina-antinfiammatoria.jpg
Requested by
Host: shoes.dosumpchan.ga
URL: http://shoes.dosumpchan.ga/
Protocol
H2
Server
91.134.165.186 , France, ASN16276 (OVH, FR),
Reverse DNS
lb-varnish02.citynews.ovh
Software
nginx /
Resource Hash
d4d086c7deaec4a57c1303008a80d87bde094c2aa37706da81c01f21a3e6a49e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://shoes.dosumpchan.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 06:26:00 GMT
via
1.1 varnish (Varnish/7.1)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-ua-device
desktop
content-disposition
inline; filename="corso di cucina antinfiammatoria .jpg"
x-varnish-beresp
200
remote-ip
31.204.153.46
content-length
77307
last-modified
Mon, 23 Sep 2019 14:00:13 GMT
server
nginx
x-varnsih-cache
MISS
etag
"5d88cfed-12dfb"
x-varnish-backend
ovh129
vary
User-Agent
content-type
image/jpeg
x-varnish
342648408
cache-control
public, max-age=31536000, post-check=31536000, pre-check=31536000
accept-ranges
bytes
server-hostname
varnish02-ovh.img
expires
Sat, 13 Jan 2024 06:26:00 GMT

Redirect headers

location
https://1.citynews-veronasera.stgy.ovh/~media/original-hi/18177378686916/corso-di-cucina-antinfiammatoria.jpg
content-length
0
blablab-locandina-2-febbraio-420x252.jpg
primadituttoverona.it/media/2019/01/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primadituttoverona.it/media/2019/01/blablab-locandina-2-febbraio-420x252.jpg
Requested by
Host: shoes.dosumpchan.ga
URL: http://shoes.dosumpchan.ga/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.61.52.165 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host165-52-61-217.static.dns-aruba.cloud
Software
nginx /
Resource Hash
72054eadba3d7384b7b87427de398e32000139884f0386aed784131db182b4bc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://shoes.dosumpchan.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 06:25:59 GMT
last-modified
Wed, 22 Jan 2020 09:56:43 GMT
server
nginx
etag
"5e281c5b-61f2"
content-type
image/jpeg
cache-control
max-age=315360000
x-process-handler
nginx
x-machine
fs
accept-ranges
bytes
content-length
25074
expires
Thu, 31 Dec 2037 23:55:55 GMT
cropped-Louise-Porton.png
www.notizieaudaci.it/wp-content/uploads/2019/08/ 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notizieaudaci.it/wp-content/uploads/2019/08/cropped-Louise-Porton.png
Requested by
Host: shoes.dosumpchan.ga
URL: http://shoes.dosumpchan.ga/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.46.107.238 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1240.aruba.it
Software
aruba-proxy /
Resource Hash
eff8f783aaf398a36237d1cdab9d221b84a627f8e56cd82659c3ee15f05f65e2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://shoes.dosumpchan.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-servername
ipvsproxy121.ad.aruba.it
date
Fri, 13 Jan 2023 06:26:00 GMT
last-modified
Fri, 02 Aug 2019 22:25:09 GMT
server
aruba-proxy
accept-ranges
bytes
content-length
204575
content-type
image/png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

2 Cookies

Domain/Path Name / Value
shoes.dosumpchan.ga/ Name: ch1c
Value: b
1.citynews-veronasera.stgy.ovh/ Name: __cc
Value: NL