newsletter.belvita.it Open in urlscan Pro
52.19.18.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff...
Effective URL:
https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff...
Submission Tags: phishing malicious Search All
Submission: On March 27 via api (March 27th 2024, 11:02:40 am UTC) from NL — Scanned from IT

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 52.19.18.63, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is newsletter.belvita.it.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 13th 2023. Valid for: a year.

This is the only time newsletter.belvita.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.19.18.63 52.19.18.63	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
7	3.161.82.58 3.161.82.58	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	80.237.183.20 80.237.183.20	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
13	5

2 52.19.18.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-18-63.eu-west-1.compute.amazonaws.com

newsletter.belvita.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.crsend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.161.82.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-58.fra56.r.cloudfront.net

files.crsend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.237.183.20 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5021084.psmanaged.com

www.belvita.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	crsend.com files.crsend.com — Cisco Umbrella Rank: 144017 stats.crsend.com — Cisco Umbrella Rank: 331222	754 KB
2	gstatic.com fonts.gstatic.com	39 KB
2	belvita.it newsletter.belvita.it www.belvita.it	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 112	1 KB
13	4

	Domain	Requested by
7	files.crsend.com	newsletter.belvita.it
2	fonts.gstatic.com	fonts.googleapis.com
1	www.belvita.it
1	stats.crsend.com	newsletter.belvita.it
1	fonts.googleapis.com	newsletter.belvita.it
1	newsletter.belvita.it
13	6

This site contains no links.

Subject Issuer	Validity	Valid
cleverreach.com Amazon RSA 2048 M02	`2023-08-13` - `2024-09-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
files.crsend.com Amazon RSA 2048 M02	`2023-06-17` - `2024-07-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
belvita.it R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
Frame ID: 61DD4EF30C890DC6A6BB7762819FD8D9
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Belvita Leading Wellnesshotels Südtirol

Page URL History Show full URLs

http://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd... HTTP 307
https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

92 %
HTTPS

40 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

804 kB
Transfer

838 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn HTTP 307
https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn Show response
newsletter.belvita.it/m/14690054/
Redirect Chain

http://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn

41 KB
6 KB

352ms
201ms

Document
text/html

52.19.18.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.18.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-18-63.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 4f5f1630fee9bd34e50b8f3a854b9935a4c9bb10662845ffd49841635aca0de3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 5651
content-type: text/html; charset=UTF-8
date: Wed, 27 Mar 2024 11:02:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding
x-cr-i: www-eu-i-0cb93eb726e3989be D=152297 t=1711537355740543

Redirect headers

Location: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 236ms
49ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&display=swap

Requested by

Host: newsletter.belvita.it
URL: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

993a25094818b4394505bf9e1432af3425ced541b5dccf1d29b61ffc1ecdff91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://newsletter.belvita.it/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Mar 2024 11:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 09:04:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Mar 2024 11:02:36 GMT

GET
H2 200 Schrift-IT.png
files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/ 4 KB
4 KB 291ms
217ms Image
image/png 3.161.82.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/Schrift-IT.png
Requested by: Host: newsletter.belvita.it
URL: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43290c757df4b5ba61ea0ba5874d0c565badec2c1cdcd2401e5e8f96e7b2e4f7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://newsletter.belvita.it/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 10:03:30 GMT
via: 1.1 7b33e91c10f2279399751cc4de05f400.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 13:54:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 3546
x-amz-server-side-encryption: AES256
etag: "79cb3cb7a6abbeefc0f6ccd3f660a2ce"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4136
x-amz-cf-id: 0dbXgKVRq_G7paBzw937ULoLzmkG1E4CykYygQjSQzvL1KjC-AbM7g==

GET
H2 200 Design_ohne_Titel_91_.png
files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/ 302 KB
302 KB 202ms
129ms Image
image/png 3.161.82.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/Design_ohne_Titel_91_.png
Requested by: Host: newsletter.belvita.it
URL: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5bcb941a3fc131fca32cb8e0b09bb377d5a42c614cb312f72551acfd07919b91

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://newsletter.belvita.it/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 11:02:36 GMT
via: 1.1 7b33e91c10f2279399751cc4de05f400.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 13:31:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 3546
x-amz-server-side-encryption: AES256
etag: "4ebc84cc4f402b5c9384a2c3f5e4a845"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 308903
x-amz-cf-id: lEC0D5OOLuhZ0Hvf71Gb_HHUuHxSBPNU7RArFDSRuHGvveDiCDXNaQ==

GET
H2 200 Gutschein.png
files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/ 302 KB
302 KB 291ms
231ms Image
image/png 3.161.82.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/Gutschein.png
Requested by: Host: newsletter.belvita.it
URL: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ecb3fd215fa87c00bf9547e0f531b59f58f3744dc2a6fbd2161c6e35ef127bc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://newsletter.belvita.it/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 11:02:36 GMT
via: 1.1 7b33e91c10f2279399751cc4de05f400.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 13:35:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 3547
x-amz-server-side-encryption: AES256
etag: "13900bd52af8f0d4d1ba67a15ae59466"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 308957
x-amz-cf-id: uS56I88995faZg7MMOeH6YRrEyU6l7iiCaa5kAfkp_QgF74DDD-VPw==

GET
H2 200 social1.png
files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/ 37 KB
37 KB 274ms
214ms Image
image/png 3.161.82.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/social1.png
Requested by: Host: newsletter.belvita.it
URL: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85b4c712146f94c68fc17b7dfac8a450777dd434bcba35ff6b497929dd3cb172

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://newsletter.belvita.it/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 10:03:30 GMT
via: 1.1 7b33e91c10f2279399751cc4de05f400.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 13:40:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 3546
x-amz-server-side-encryption: AES256
etag: "4ed3b59784254012578ab0dc4e699cc6"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 37483
x-amz-cf-id: IwxzfkRGttar7xgFGsW5wQnUFHi9Nn7C1Miire2thmC3G_MDdHNNkQ==

GET
H2 200 Social2.png
files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/ 44 KB
45 KB 278ms
219ms Image
image/png 3.161.82.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/Social2.png
Requested by: Host: newsletter.belvita.it
URL: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d3e2f218bcd653e83abcb4c78f4feb017797920a9a96765ff1a6487e5571e41

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://newsletter.belvita.it/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 10:03:30 GMT
via: 1.1 7b33e91c10f2279399751cc4de05f400.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 13:40:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 3546
x-amz-server-side-encryption: AES256
etag: "f1d831575146f265832f588d82840e8a"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 45416
x-amz-cf-id: Uy0k6HeQ3Yq2Necnrmdgwfa4A8VcwPFUmCjuYw69iRQIQ25mQT3BSw==

GET
H2 200 Social3.png
files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/ 61 KB
62 KB 278ms
219ms Image
image/png 3.161.82.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.crsend.com/70000/70762/images/Bilder/2024/Februar/Nachversand/Social3.png
Requested by: Host: newsletter.belvita.it
URL: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23b633989e06407a313d3953e6babd2eaa40488d4b9dde33efa708b1a8f00a60

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://newsletter.belvita.it/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 10:03:31 GMT
via: 1.1 7b33e91c10f2279399751cc4de05f400.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 13:40:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 3546
x-amz-server-side-encryption: AES256
etag: "72cbca6f7636fc16273ba4f2fee22289"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 62800
x-amz-cf-id: Hq0MeI7Sko6rAhH_ImGuH8IxqiCUMHLfWbcdHPEkb6Q-UTwPYapPUg==

GET
H2 200 bn_logo.png
files.crsend.com/9000/9555/images/Layout2017/ 1 KB
1 KB 87ms
87ms Image
image/png 3.161.82.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.crsend.com/9000/9555/images/Layout2017/bn_logo.png
Requested by: Host: newsletter.belvita.it
URL: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3067acfb2fda199a88471d33f845464901db3919880bb752e277d6723914eb2f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://newsletter.belvita.it/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 10:16:13 GMT
via: 1.1 7b33e91c10f2279399751cc4de05f400.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2017 12:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 2784
etag: "bd4c1404e1841f9b91b30ee882c878e2"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1173
x-amz-cf-id: kj3GFf-BZma5HKMUcWHZb_9zIKAhdusyx5h8J6dM730es2e1e2ly8w==

GET
H2 200 mc_70762_14690054_5a8aee16ed1a-sb06ob.gif
stats.crsend.com/stats/ 49 B
344 B 337ms
132ms Image
image/gif 52.19.18.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.crsend.com/stats/mc_70762_14690054_5a8aee16ed1a-sb06ob.gif
Requested by: Host: newsletter.belvita.it
URL: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.18.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-18-63.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 8f5a7a860a933dde332de207de965350bb54d1923b6288db8c13dfefdf48f03b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://newsletter.belvita.it/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 11:02:36 GMT
server: Apache
content-type: image/gif
x-cr-i: stats-eu-i-0d4f6d7ca2cbeadd7 D=80205 t=1711537356168523
cache-control: no-store, no-cache, must-revalidate
content-length: 49
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 103ms
35ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://newsletter.belvita.it
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 18:38:30 GMT
x-content-type-options: nosniff
age: 145446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Mar 2025 18:38:30 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 93ms
26ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://newsletter.belvita.it
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:44:12 GMT
x-content-type-options: nosniff
age: 98304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Mar 2025 07:44:12 GMT

GET
H2 200 favicon.ico
www.belvita.it/ 3 KB
3 KB 127ms
31ms Other
image/vnd.microsoft.icon 80.237.183.20
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belvita.it/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.237.183.20 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: ma5021084.psmanaged.com
Software: nginx / PleskLin
Resource Hash: 3f24d3540210964e5356cc8f4d2f2fd2523ab6a8ba840be8d0c5d8fac4755d3d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://newsletter.belvita.it/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 11:02:36 GMT
last-modified: Mon, 11 Apr 2016 07:03:58 GMT
server: nginx
etag: "570b4c5e-cbe"
x-powered-by: PleskLin
content-type: image/vnd.microsoft.icon
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3262
expires: Wed, 03 Apr 2024 11:02:36 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			newsletter.belvita.it/	1969-12-31 23:59:59	Name: PHPSESSID Value: efVtng%2CgrWyo0Rycu2BpyxV1Hx8%2ChcTpp0qeldoPEPwfZfeF
			stats.crsend.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: AVRSg7mmrjt8jG8u9XVSQy8d7-arXRW4ZcVLK4Rv5KuNgcmO

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://newsletter.belvita.it/m/14690054/161103-e44552b7f249c3275d2ad97db8996a6d93e8ecccfe5a881caf15006cbd7b9a7222fc0e71b13cff8ce6c4066847b2588d-----------Wenn Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

files.crsend.com
fonts.googleapis.com
fonts.gstatic.com
newsletter.belvita.it
stats.crsend.com
www.belvita.it
2a00:1450:4001:801::2003
2a00:1450:4001:813::200a
3.161.82.58
52.19.18.63
80.237.183.20
23b633989e06407a313d3953e6babd2eaa40488d4b9dde33efa708b1a8f00a60
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2ecb3fd215fa87c00bf9547e0f531b59f58f3744dc2a6fbd2161c6e35ef127bc
3067acfb2fda199a88471d33f845464901db3919880bb752e277d6723914eb2f
3f24d3540210964e5356cc8f4d2f2fd2523ab6a8ba840be8d0c5d8fac4755d3d
43290c757df4b5ba61ea0ba5874d0c565badec2c1cdcd2401e5e8f96e7b2e4f7
4f5f1630fee9bd34e50b8f3a854b9935a4c9bb10662845ffd49841635aca0de3
5bcb941a3fc131fca32cb8e0b09bb377d5a42c614cb312f72551acfd07919b91
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
85b4c712146f94c68fc17b7dfac8a450777dd434bcba35ff6b497929dd3cb172
8d3e2f218bcd653e83abcb4c78f4feb017797920a9a96765ff1a6487e5571e41
8f5a7a860a933dde332de207de965350bb54d1923b6288db8c13dfefdf48f03b
993a25094818b4394505bf9e1432af3425ced541b5dccf1d29b61ffc1ecdff91

newsletter.belvita.it Open in urlscan Pro 52.19.18.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

40 %IPv6

4 Domains

6 Subdomains

5 IPs

3 Countries

804 kBTransfer

838 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

newsletter.belvita.it Open in urlscan Pro
52.19.18.63 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

40 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

804 kB
Transfer

838 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions