promos.fling.com - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 64.210.151.32, located in United States and belongs to REFLECTED, US. The main domain is promos.fling.com. The Cisco Umbrella rank of the primary domain is 442549.
TLS certificate: Issued by R3 on December 9th 2022. Valid for: 3 months.

This is the only time promos.fling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	23.21.212.132 23.21.212.132	14618 (AMAZON-AES) (AMAZON-AES)
1	64.210.151.32 64.210.151.32	29789 (REFLECTED) (REFLECTED)
1	64.88.254.161 64.88.254.161	30361 (SWIFTWILL2) (SWIFTWILL2)
3	3

2 23.21.212.132 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-212-132.compute-1.amazonaws.com

track.gpsecureads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.210.151.32 (United States)

ASN29789 (REFLECTED, US)

promos.fling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.88.254.161 (United States)

ASN30361 (SWIFTWILL2, US)

cachep.fling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	fling.com promos.fling.com — Cisco Umbrella Rank: 442549 cachep.fling.com — Cisco Umbrella Rank: 505462	176 KB
2	gpsecureads.com 1 redirects track.gpsecureads.com — Cisco Umbrella Rank: 277377	2 KB
3	2

	Domain	Requested by
2	track.gpsecureads.com	1 redirects promos.fling.com
1	cachep.fling.com	promos.fling.com
1	promos.fling.com
3	3

This site contains no links.

Subject Issuer	Validity	Valid
promos.fling.com R3	`2022-12-09` - `2023-03-09`	3 months	crt.sh
track.gpsecureads.com R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
*.fling.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-30` - `2023-01-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://promos.fling.com/html/mem/?banner=blind_600x195_riding_doggystyle-9.mp4&vcid=4a934e91-0d26-4e0e-a537-901c1fb1f2d6&clickurl=https%3A%2F%2Ftrack.gpsecureads.com%2Fclick&cep=LUlMWfa1XwFFJIt8jdPoeu5mzXugmvWlEnlsHYK-yY17FETmxxOcm4HVJmB5udh0htJh_JhYbnDiWR3eDia8G9G7jqnknkx188GeB4kneqmc73iVGEhsGn6piwr-uWQNtkRvaV5qubVjx8SZzMla4S-taubTLx0Eg99rBJwoOKTCGtXXuUiNzly8bxW4fJJkcooHvS20Phn25Mj3DqIhraMBhCSoJWt2S0hov0N8FsSw3im77TIq9mhJaw7WvhON_teMrid4loyaf_IX0Mbs1nAsxcJqLfWRuEYXWUndxlclYDtANbIqDPAwxmrmhHU-yp1d_eXfaob6mR5YPPCsPstZtrUiDRRdlyxTIwFmtr4&lptoken=161070be65b7635032b1
Frame ID: E5E8314AFF9DE753D2181A62A06DE700
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mem

Page URL History Show full URLs

https://track.gpsecureads.com/4a934e91-0d26-4e0e-a537-901c1fb1f2d6 HTTP 302
https://promos.fling.com/html/mem/?banner=blind_600x195_riding_doggystyle-9.mp4&vcid=4a934e91-0d26-4e... Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

177 kB
Transfer

176 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.gpsecureads.com/4a934e91-0d26-4e0e-a537-901c1fb1f2d6 HTTP 302
https://promos.fling.com/html/mem/?banner=blind_600x195_riding_doggystyle-9.mp4&vcid=4a934e91-0d26-4e0e-a537-901c1fb1f2d6&clickurl=https%3A%2F%2Ftrack.gpsecureads.com%2Fclick&cep=LUlMWfa1XwFFJIt8jdPoeu5mzXugmvWlEnlsHYK-yY17FETmxxOcm4HVJmB5udh0htJh_JhYbnDiWR3eDia8G9G7jqnknkx188GeB4kneqmc73iVGEhsGn6piwr-uWQNtkRvaV5qubVjx8SZzMla4S-taubTLx0Eg99rBJwoOKTCGtXXuUiNzly8bxW4fJJkcooHvS20Phn25Mj3DqIhraMBhCSoJWt2S0hov0N8FsSw3im77TIq9mhJaw7WvhON_teMrid4loyaf_IX0Mbs1nAsxcJqLfWRuEYXWUndxlclYDtANbIqDPAwxmrmhHU-yp1d_eXfaob6mR5YPPCsPstZtrUiDRRdlyxTIwFmtr4&lptoken=161070be65b7635032b1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response promos.fling.com/html/mem/ Redirect Chain https://track.gpsecureads.com/4a934e91-0d26-4e0e-a537-901c1fb1f2d6 https://promos.fling.com/html/mem/?banner=blind_600x195_riding_doggystyle-9.mp4&vcid=4a934e91-0d26-4e0e-a537-901c1fb1f2d6&clickurl=https%3A%2F%2Ftrack.gpsecureads.com%2Fclick&cep=LUlMWfa1XwFFJIt8jd...	1 KB 1 KB	131ms 32ms	Document text/html	64.210.151.32 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://promos.fling.com/html/mem/?banner=blind_600x195_riding_doggystyle-9.mp4&vcid=4a934e91-0d26-4e0e-a537-901c1fb1f2d6&clickurl=https%3A%2F%2Ftrack.gpsecureads.com%2Fclick&cep=LUlMWfa1XwFFJIt8jdPoeu5mzXugmvWlEnlsHYK-yY17FETmxxOcm4HVJmB5udh0htJh_JhYbnDiWR3eDia8G9G7jqnknkx188GeB4kneqmc73iVGEhsGn6piwr-uWQNtkRvaV5qubVjx8SZzMla4S-taubTLx0Eg99rBJwoOKTCGtXXuUiNzly8bxW4fJJkcooHvS20Phn25Mj3DqIhraMBhCSoJWt2S0hov0N8FsSw3im77TIq9mhJaw7WvhON_teMrid4loyaf_IX0Mbs1nAsxcJqLfWRuEYXWUndxlclYDtANbIqDPAwxmrmhHU-yp1d_eXfaob6mR5YPPCsPstZtrUiDRRdlyxTIwFmtr4&lptoken=161070be65b7635032b1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.210.151.32 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software nginx / Resource Hash `8cad0fc6c904041ebf45910323a333657377f3eabc725e9eaf97733ec0ce8b86` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 content-type text/html; charset=UTF-8 date Sat, 10 Dec 2022 06:42:12 GMT pragma no-cache server nginx transfer-encoding chunked Redirect headers cache-control no-store, no-cache, pre-check=0, post-check=0 content-length 0 date Sat, 10 Dec 2022 06:42:12 GMT expires Thu, 01 Jan 1970 00:00:00 GMT location https://promos.fling.com/html/mem/?banner=blind_600x195_riding_doggystyle-9.mp4&vcid=4a934e91-0d26-4e0e-a537-901c1fb1f2d6&clickurl=https%3A%2F%2Ftrack.gpsecureads.com%2Fclick&cep=LUlMWfa1XwFFJIt8jdPoeu5mzXugmvWlEnlsHYK-yY17FETmxxOcm4HVJmB5udh0htJh_JhYbnDiWR3eDia8G9G7jqnknkx188GeB4kneqmc73iVGEhsGn6piwr-uWQNtkRvaV5qubVjx8SZzMla4S-taubTLx0Eg99rBJwoOKTCGtXXuUiNzly8bxW4fJJkcooHvS20Phn25Mj3DqIhraMBhCSoJWt2S0hov0N8FsSw3im77TIq9mhJaw7WvhON_teMrid4loyaf_IX0Mbs1nAsxcJqLfWRuEYXWUndxlclYDtANbIqDPAwxmrmhHU-yp1d_eXfaob6mR5YPPCsPstZtrUiDRRdlyxTIwFmtr4&lptoken=161070be65b7635032b1 pragma no-cache server nginx
GET H2	204	4a934e91-0d26-4e0e-a537-901c1fb1f2d6 track.gpsecureads.com/impression/	0 496 B	32ms 32ms	Image text/plain	23.21.212.132 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track.gpsecureads.com/impression/4a934e91-0d26-4e0e-a537-901c1fb1f2d6 Requested by Host: promos.fling.com URL: https://promos.fling.com/html/mem/?banner=blind_600x195_riding_doggystyle-9.mp4&vcid=4a934e91-0d26-4e0e-a537-901c1fb1f2d6&clickurl=https%3A%2F%2Ftrack.gpsecureads.com%2Fclick&cep=LUlMWfa1XwFFJIt8jdPoeu5mzXugmvWlEnlsHYK-yY17FETmxxOcm4HVJmB5udh0htJh_JhYbnDiWR3eDia8G9G7jqnknkx188GeB4kneqmc73iVGEhsGn6piwr-uWQNtkRvaV5qubVjx8SZzMla4S-taubTLx0Eg99rBJwoOKTCGtXXuUiNzly8bxW4fJJkcooHvS20Phn25Mj3DqIhraMBhCSoJWt2S0hov0N8FsSw3im77TIq9mhJaw7WvhON_teMrid4loyaf_IX0Mbs1nAsxcJqLfWRuEYXWUndxlclYDtANbIqDPAwxmrmhHU-yp1d_eXfaob6mR5YPPCsPstZtrUiDRRdlyxTIwFmtr4&lptoken=161070be65b7635032b1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.21.212.132 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-21-212-132.compute-1.amazonaws.com Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer https://promos.fling.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Sat, 10 Dec 2022 06:42:12 GMT cache-control no-store, no-cache, pre-check=0, post-check=0 server nginx expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	206	blind_600x195_riding_doggystyle-9.mp4 cachep.fling.com/html/mem/media/	174 KB 175 KB	695ms 25ms	Media video/mp4	64.88.254.161 SWIFTWILL2
General Check archive.org Show headers Download Go to Full URL https://cachep.fling.com/html/mem/media/blind_600x195_riding_doggystyle-9.mp4 Requested by Host: promos.fling.com URL: https://promos.fling.com/html/mem/?banner=blind_600x195_riding_doggystyle-9.mp4&vcid=4a934e91-0d26-4e0e-a537-901c1fb1f2d6&clickurl=https%3A%2F%2Ftrack.gpsecureads.com%2Fclick&cep=LUlMWfa1XwFFJIt8jdPoeu5mzXugmvWlEnlsHYK-yY17FETmxxOcm4HVJmB5udh0htJh_JhYbnDiWR3eDia8G9G7jqnknkx188GeB4kneqmc73iVGEhsGn6piwr-uWQNtkRvaV5qubVjx8SZzMla4S-taubTLx0Eg99rBJwoOKTCGtXXuUiNzly8bxW4fJJkcooHvS20Phn25Mj3DqIhraMBhCSoJWt2S0hov0N8FsSw3im77TIq9mhJaw7WvhON_teMrid4loyaf_IX0Mbs1nAsxcJqLfWRuEYXWUndxlclYDtANbIqDPAwxmrmhHU-yp1d_eXfaob6mR5YPPCsPstZtrUiDRRdlyxTIwFmtr4&lptoken=161070be65b7635032b1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.88.254.161 , United States, ASN30361 (SWIFTWILL2, US), Reverse DNS Software / Resource Hash `fd4075eae34af487dedb6b65e36d9bef9cc09ccdbcb8428ab8b3f0f31026a3c6` Request headers Referer https://promos.fling.com/ Accept-Encoding identity;q=1, ;q=0 accept-language* en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Range bytes=0- Response headers date Sat, 10 Dec 2022 06:42:13 GMT last-modified Thu, 30 Jun 2022 22:32:33 GMT etag "62be2481-2b9a9" content-type video/mp4 Content-Range bytes 0-178600/178601 cache-control max-age=172800, public, no-transform x-cdn-diag jfk4-2050-3-18327-h-0-0---;2050-25-16467----0-0-1 Content-Length 178601 expires Mon, 04 Jul 2022 21:25:02 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.track.gpsecureads.com/	1970-01-20 08:05:40	Name: 4a934e91-0d26-4e0e-a537-901c1fb1f2d6-v4 Value: 61XcFlCII2mD0kR-w9e9a8L7t8nHsc8qH7RPgxZxwyc
.track.gpsecureads.com/	1970-01-20 08:05:40	Name: cep-v4 Value: PW1KaTOLdP7JcWzJf-t5zUE6MF76D1j-YcZcO7D_50Di3E2lI0PaUN0MyKmULMERe_sgexqDA89LGLjvA_6xpTYFPhwtZQd8RR5tvDefnZFIekgTyCBtP2sHnPJ6C9mcLa2YregBo1uBqZsdwS4kbOp6SXO8in1V4ZBzKryrGKR_Y_GQaCxBfVX-jA9pFq6MmIR4lmDHxLwMiwT4t5NfvAi1o8mfnqKLLeQyZT-Az2z6mFwDJZykay3jAPRQ7XD-gHKMbXcm3Bc3GBJO4AMKp65_OXGlXSE_hWl2DVDCMWZke3F9_OkET6YNnWcOZxCK5LRfRNCrO8JiPa4f6wYHchO5zOL1FhmRZofmQTzfQow
promos.fling.com/	1969-12-31 23:59:59	Name: RNLBSERVERID Value: ded3241
.track.gpsecureads.com/	1969-12-31 23:59:59	Name: 4a934e91-0d26-4e0e-a537-901c1fb1f2d6-osz-v4 Value: 5sm2j51gkHOgCfjDHQ72XpfjXQivZCfIiHvRC7CnXs8kCynHZUSJvnmccEE8rCk3igQbq-IbbHlRM3ooliwos0c-8So-k-Cm_xvz_TmH1t6nJYulvisHj5-AkKgVHwwEcZQPDrQN60UoviWFDBhqpRG5h9HTP0n11eFtZXfau9PzMwUV2htPULThOSP2B48J_ynPCPW-Ay52l6C4mLB2uybFTYeSCO-HHfuG29K-pBs4zPXDCBlr9z9SVtAP6lxX1zGjaZrgwBt0TeAK3cWhjBOFdyrlZzw4uaSTcv_X96JwEWZ1pTh3L6Aw9xIdGus0kF_m7gfpexNz8rjY-G2T8w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cachep.fling.com
promos.fling.com
track.gpsecureads.com
23.21.212.132
64.210.151.32
64.88.254.161
8cad0fc6c904041ebf45910323a333657377f3eabc725e9eaf97733ec0ce8b86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd4075eae34af487dedb6b65e36d9bef9cc09ccdbcb8428ab8b3f0f31026a3c6

promos.fling.com Open in urlscan Pro 64.210.151.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

177 kBTransfer

176 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

4 Cookies

Indicators

promos.fling.com Open in urlscan Pro
64.210.151.32 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

177 kB
Transfer

176 kB
Size

4
Cookies

3 HTTP transactions
0 data transactions