www.promote-travel-ads.com
Open in
urlscan Pro
2606:4700:3036::ac43:9a7c
Public Scan
Submission Tags: @phish_report
Submission: On April 22 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by E1 on March 26th 2024. Valid for: 3 months.
This is the only time www.promote-travel-ads.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700:303... 2606:4700:3036::ac43:9a7c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 172.67.154.124 172.67.154.124 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 3 |
ASN13335 (CLOUDFLARENET, US)
www.promote-travel-ads.com | |
9ecd39b31cd4549f.promote-travel-ads.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
promote-travel-ads.com
www.promote-travel-ads.com 9ecd39b31cd4549f.promote-travel-ads.com |
813 KB |
14 | 1 |
Domain | Requested by | |
---|---|---|
12 | www.promote-travel-ads.com |
www.promote-travel-ads.com
|
2 | 9ecd39b31cd4549f.promote-travel-ads.com |
www.promote-travel-ads.com
|
14 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
promote-travel-ads.com E1 |
2024-03-26 - 2024-06-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.promote-travel-ads.com/login
Frame ID: BF9108AF1275A32A935B9BC43475AF5E
Requests: 14 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
www.promote-travel-ads.com/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.439a5773.js
www.promote-travel-ads.com/js/ |
1 MB 403 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rocket-loader.min.js
www.promote-travel-ads.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-75558c9d.f4363161.js
www.promote-travel-ads.com/js/ |
0 223 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon-32x32.png
www.promote-travel-ads.com/img/icons/ |
4 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon-16x16.png
www.promote-travel-ads.com/img/icons/ |
4 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-75558c9d.f4363161.js
www.promote-travel-ads.com/js/ |
990 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
listCsConfig
9ecd39b31cd4549f.promote-travel-ads.com/hall/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
button.d88feab4.png
www.promote-travel-ads.com/img/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
btn_kefu.cfc0e5a3.png
www.promote-travel-ads.com/img/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg.b161feb3.png
www.promote-travel-ads.com/img/ |
130 KB 130 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.bc1c1d37.png
www.promote-travel-ads.com/img/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
listCsConfig
9ecd39b31cd4549f.promote-travel-ads.com/hall/ |
311 B 754 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
undefined
www.promote-travel-ads.com/ |
4 KB 4 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| __cfQR object| webpackJsonp boolean| __cfRLUnblockHandlers0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15638400; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
9ecd39b31cd4549f.promote-travel-ads.com
www.promote-travel-ads.com
172.67.154.124
2606:4700:3036::ac43:9a7c
03e021ca2ed99c528bd514a8517d570e60cd01f8266958299cfaba4e33df1f4a
30dc5b05114b604a55b8b52636aa5e4b27a928f0b0ef55ddd16f1d3b0ff748df
4cbb2fded13058bcb2c0d617eb2d9ba3fb028f4c53d80fc924e908550bb34825
6cf41692f745b11a4361f3d13a537b8b2327711befaeba21072910ff54ef2831
6d092b7c9a6191d0e715b74d48685f196fe7ab73a40a9b1d3d6bcd3a3c698683
73d266cf4f88123dfcbfac78d38343a3edfbab5a7b537a1d039597de538c0c9d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf874d1c2b63775e54a2358c9e35132803273584573b504ec9477717f8b70e08
d505eb0e7da1340bc38df297b89c839a0f83dd76d53b61b49cdcab505a0a5d0c
d9f7a6dba9bffbd6a7f8cdec45fe13deee29a19973db4e3cebf8b7e28b612e17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e426eb69bc0004bef66bb6e4dae921d63b137cbc6a9d939635057b179f8676
f60056d080b71013dff9ae609d72a58b391cd448cfa707640d2e1730ff381b63