142.44.148.212 Open in urlscan Pro
142.44.148.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://142.44.148.212/rc6b0.php?DqCbGhxAxOxMYbM_gAAAAABnTjFl-sLZqsS5G-yiDkgds62QCfkqTpN00aomye-_F32bsokjcEex2NcdEjDPtE...
Effective URL:
http://142.44.148.212/unsubscribe.php
Submission: On December 03 via api (December 3rd 2024, 2:55:38 pm UTC) from BE — Scanned from CA

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 142.44.148.212, located in Canada and belongs to OVH OVH SAS, FR. The main domain is 142.44.148.212.

This is the only time 142.44.148.212 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	142.44.148.212 142.44.148.212	16276 (OVH OVH SAS) (OVH OVH SAS)
1	142.251.35.170 142.251.35.170	15169 (GOOGLE) (GOOGLE)
2	142.251.41.3 142.251.41.3	15169 (GOOGLE) (GOOGLE)
13	3

11 142.44.148.212 (Canada) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ip212.ip-142-44-148.net

142.44.148.212	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.170 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	gstatic.com fonts.gstatic.com	45 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	910 B
13	2

	Domain	Requested by
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	142.44.148.212
13	2

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://142.44.148.212/unsubscribe.php
Frame ID: FF2D9138A69962500015A1C10F43D8B7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://142.44.148.212/rc6b0.php?DqCbGhxAxOxMYbM_gAAAAABnTjFl-sLZqsS5G-yiDkgds62QCfkqTpN00aomye-_F3... HTTP 307
https://142.44.148.212/rc6b0.php?DqCbGhxAxOxMYbM_gAAAAABnTjFl-sLZqsS5G-yiDkgds62QCfkqTpN00aomye-_F3... HTTP 307
http://142.44.148.212/rc6b0.php?DqCbGhxAxOxMYbM_gAAAAABnTjFl-sLZqsS5G-yiDkgds62QCfkqTpN00aomye-_F3... HTTP 302
http://142.44.148.212/unsubscribe.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

23 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

447 kB
Transfer

616 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://142.44.148.212/rc6b0.php?DqCbGhxAxOxMYbM_gAAAAABnTjFl-sLZqsS5G-yiDkgds62QCfkqTpN00aomye-_F32bsokjcEex2NcdEjDPtEnZNe5_ID1RefQQAn06LCgMD0uynSEsly-nhHK4USwhG3bDPtm2fmp9O4Z80C5pfD5ebKKnkvJOoAwJBIuW_2bSjB48Xg== HTTP 307
https://142.44.148.212/rc6b0.php?DqCbGhxAxOxMYbM_gAAAAABnTjFl-sLZqsS5G-yiDkgds62QCfkqTpN00aomye-_F32bsokjcEex2NcdEjDPtEnZNe5_ID1RefQQAn06LCgMD0uynSEsly-nhHK4USwhG3bDPtm2fmp9O4Z80C5pfD5ebKKnkvJOoAwJBIuW_2bSjB48Xg== HTTP 307
http://142.44.148.212/rc6b0.php?DqCbGhxAxOxMYbM_gAAAAABnTjFl-sLZqsS5G-yiDkgds62QCfkqTpN00aomye-_F32bsokjcEex2NcdEjDPtEnZNe5_ID1RefQQAn06LCgMD0uynSEsly-nhHK4USwhG3bDPtm2fmp9O4Z80C5pfD5ebKKnkvJOoAwJBIuW_2bSjB48Xg== HTTP 302
http://142.44.148.212/unsubscribe.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request unsubscribe.php Show response
142.44.148.212/
Redirect Chain

http://142.44.148.212/rc6b0.php?DqCbGhxAxOxMYbM_gAAAAABnTjFl-sLZqsS5G-yiDkgds62QCfkqTpN00aomye-_F32bsokjcEex2NcdEjDPtEnZNe5_ID1RefQQAn06LCgMD0uynSEsly-nhHK4USwhG3bDPtm2fmp9O4Z80C5pfD5ebKKnkvJOoAwJB...
https://142.44.148.212/rc6b0.php?DqCbGhxAxOxMYbM_gAAAAABnTjFl-sLZqsS5G-yiDkgds62QCfkqTpN00aomye-_F32bsokjcEex2NcdEjDPtEnZNe5_ID1RefQQAn06LCgMD0uynSEsly-nhHK4USwhG3bDPtm2fmp9O4Z80C5pfD5ebKKnkvJOoAwJ...
http://142.44.148.212/rc6b0.php?DqCbGhxAxOxMYbM_gAAAAABnTjFl-sLZqsS5G-yiDkgds62QCfkqTpN00aomye-_F32bsokjcEex2NcdEjDPtEnZNe5_ID1RefQQAn06LCgMD0uynSEsly-nhHK4USwhG3bDPtm2fmp9O4Z80C5pfD5ebKKnkvJOoAwJB...
http://142.44.148.212/unsubscribe.php

2 KB
1 KB

39ms
38ms

Document
text/html

142.44.148.212
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

http://142.44.148.212/unsubscribe.php

Protocol

HTTP/1.1

Server

142.44.148.212 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip212.ip-142-44-148.net

Software

nginx /

Resource Hash

9ff5fbb736233ff9a92fbd3530daf26c73f54791f3fd9dd0296834804755e08d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 03 Dec 2024 14:55:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 03 Dec 2024 14:55:30 GMT
Location: ./unsubscribe.php
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.css
142.44.148.212/assets/css/ 120 KB
18 KB 40ms
38ms Stylesheet
text/css 142.44.148.212
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

http://142.44.148.212/assets/css/bootstrap.css

Requested by

Host: 142.44.148.212
URL: http://142.44.148.212/unsubscribe.php

Protocol

HTTP/1.1

Server

142.44.148.212 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip212.ip-142-44-148.net

Software

nginx /

Resource Hash

cdd948b7d6c8d783b0565c35672c8d4bb66a63e8118f467dd5a5636ebf0838b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://142.44.148.212/unsubscribe.php

Response headers

Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ETag: W/"671631a8-1e076"
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Tue, 03 Dec 2024 14:55:30 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/css
Last-Modified: Mon, 21 Oct 2024 10:49:12 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK bootstrap-theme.css
142.44.148.212/assets/css/ 15 KB
2 KB 74ms
38ms Stylesheet
text/css 142.44.148.212
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

http://142.44.148.212/assets/css/bootstrap-theme.css

Requested by

Host: 142.44.148.212
URL: http://142.44.148.212/unsubscribe.php

Protocol

HTTP/1.1

Server

142.44.148.212 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip212.ip-142-44-148.net

Software

nginx /

Resource Hash

f32924767e9a199e417c4c030ef64a5742442eb320da082dbb8ee723593b02ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://142.44.148.212/unsubscribe.php

Response headers

Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ETag: W/"671631a6-3a58"
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Tue, 03 Dec 2024 14:55:30 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/css
Last-Modified: Mon, 21 Oct 2024 10:49:10 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK font-awesome.css
142.44.148.212/assets/css/ 34 KB
7 KB 75ms
38ms Stylesheet
text/css 142.44.148.212
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

http://142.44.148.212/assets/css/font-awesome.css

Requested by

Host: 142.44.148.212
URL: http://142.44.148.212/unsubscribe.php

Protocol

HTTP/1.1

Server

142.44.148.212 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip212.ip-142-44-148.net

Software

nginx /

Resource Hash

b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://142.44.148.212/unsubscribe.php

Response headers

Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ETag: W/"671631aa-893e"
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Tue, 03 Dec 2024 14:55:30 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/css
Last-Modified: Mon, 21 Oct 2024 10:49:14 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK style.css
142.44.148.212/assets/css/ 4 KB
2 KB 76ms
39ms Stylesheet
text/css 142.44.148.212
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

http://142.44.148.212/assets/css/style.css

Requested by

Host: 142.44.148.212
URL: http://142.44.148.212/unsubscribe.php

Protocol

HTTP/1.1

Server

142.44.148.212 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip212.ip-142-44-148.net

Software

nginx /

Resource Hash

3a59e8c41793471491b2fab4b35c4d17ec394c3a8ca03d5b4d8eca7a6b1b901b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://142.44.148.212/unsubscribe.php

Response headers

Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ETag: W/"671631ac-e48"
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Tue, 03 Dec 2024 14:55:30 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/css
Last-Modified: Mon, 21 Oct 2024 10:49:16 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK bootstrap.min.js Show response
142.44.148.212/assets/js/ 28 KB
8 KB 112ms
76ms Script
application/javascript 142.44.148.212
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

http://142.44.148.212/assets/js/bootstrap.min.js

Requested by

Host: 142.44.148.212
URL: http://142.44.148.212/unsubscribe.php

Protocol

HTTP/1.1

Server

142.44.148.212 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip212.ip-142-44-148.net

Software

nginx /

Resource Hash

03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://142.44.148.212/unsubscribe.php

Response headers

Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ETag: W/"671631d2-71a9"
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Tue, 03 Dec 2024 14:55:30 GMT
X-XSS-Protection: 1; mode=block
Content-Type: application/javascript
Last-Modified: Mon, 21 Oct 2024 10:49:54 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.countdown.min.js Show response
142.44.148.212/assets/js/ 4 KB
2 KB 78ms
39ms Script
application/javascript 142.44.148.212
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

http://142.44.148.212/assets/js/jquery.countdown.min.js

Requested by

Host: 142.44.148.212
URL: http://142.44.148.212/unsubscribe.php

Protocol

HTTP/1.1

Server

142.44.148.212 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip212.ip-142-44-148.net

Software

nginx /

Resource Hash

f2641058014a130c98bb4717ccecd765c10e17bf59f7efb10056e7c8a7d52556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://142.44.148.212/unsubscribe.php

Response headers

Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ETag: W/"671631d3-1167"
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Tue, 03 Dec 2024 14:55:30 GMT
X-XSS-Protection: 1; mode=block
Content-Type: application/javascript
Last-Modified: Mon, 21 Oct 2024 10:49:55 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 3 KB
910 B 134ms
53ms Stylesheet
text/css 142.251.35.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,300,700,900

Requested by

Host: 142.44.148.212
URL: http://142.44.148.212/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f10.1e100.net

Software

ESF /

Resource Hash

90e974df873feda1d776ead3f199c7e9144bc524114dc9a4acac291cd8f56512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://142.44.148.212/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 14:55:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 14:55:30 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 03 Dec 2024 14:34:30 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK main-bg.jpg
142.44.148.212/assets/img/ 289 KB
290 KB 37ms
37ms Image
image/jpeg 142.44.148.212
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://142.44.148.212/assets/img/main-bg.jpg

Requested by

Host: 142.44.148.212
URL: http://142.44.148.212/assets/css/style.css

Protocol

HTTP/1.1

Server

142.44.148.212 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip212.ip-142-44-148.net

Software

nginx /

Resource Hash

bb9ba156055a8f800096c611d461dd3ac700adaf79e4eb2d9ac54597483d21ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://142.44.148.212/assets/css/style.css

Response headers

ETag: "671631ca-484f3"
Connection: keep-alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 296179
Date: Tue, 03 Dec 2024 14:55:31 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/jpeg
Last-Modified: Mon, 21 Oct 2024 10:49:46 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 92ms
48ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://142.44.148.212
Referer: https://fonts.googleapis.com/

Response headers

age: 436678
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 13:37:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 13:37:33 GMT
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23236
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 76ms
33ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://142.44.148.212
Referer: https://fonts.googleapis.com/

Response headers

age: 412951
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 20:13:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 20:13:00 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK fontawesome-webfont.woff2
142.44.148.212/assets/fonts/ 70 KB
71 KB 38ms
37ms Font
font/woff2 142.44.148.212
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

http://142.44.148.212/assets/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: 142.44.148.212
URL: http://142.44.148.212/assets/css/font-awesome.css

Protocol

HTTP/1.1

Server

142.44.148.212 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip212.ip-142-44-148.net

Software

nginx /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://142.44.148.212
Referer: http://142.44.148.212/assets/css/font-awesome.css

Response headers

ETag: "671631c0-118d8"
Connection: keep-alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 71896
Date: Tue, 03 Dec 2024 14:55:31 GMT
X-XSS-Protection: 1; mode=block
Content-Type: font/woff2
Last-Modified: Mon, 21 Oct 2024 10:49:36 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN

GET
H/1.1 404
Not Found favicon.ico
142.44.148.212/ 70 B
312 B 146ms
146ms Other
text/html 142.44.148.212
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://142.44.148.212/favicon.ico
Protocol: HTTP/1.1
Server: 142.44.148.212 , Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip212.ip-142-44-148.net
Software: nginx /
Resource Hash: 51d3b694f77d2df4c62bbce623e55dd901c931797d7889645e50ddcb7ccf1e7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://142.44.148.212/unsubscribe.php

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Tue, 03 Dec 2024 14:55:31 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Server: nginx
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://142.44.148.212/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
142.251.35.170
142.251.41.3
142.44.148.212
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
3a59e8c41793471491b2fab4b35c4d17ec394c3a8ca03d5b4d8eca7a6b1b901b
51d3b694f77d2df4c62bbce623e55dd901c931797d7889645e50ddcb7ccf1e7c
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
90e974df873feda1d776ead3f199c7e9144bc524114dc9a4acac291cd8f56512
9ff5fbb736233ff9a92fbd3530daf26c73f54791f3fd9dd0296834804755e08d
b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159
bb9ba156055a8f800096c611d461dd3ac700adaf79e4eb2d9ac54597483d21ef
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cdd948b7d6c8d783b0565c35672c8d4bb66a63e8118f467dd5a5636ebf0838b5
f2641058014a130c98bb4717ccecd765c10e17bf59f7efb10056e7c8a7d52556
f32924767e9a199e417c4c030ef64a5742442eb320da082dbb8ee723593b02ff

142.44.148.212 Open in urlscan Pro 142.44.148.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

23 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

447 kBTransfer

616 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

142.44.148.212 Open in urlscan Pro
142.44.148.212 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

23 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

447 kB
Transfer

616 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions