news.premium-mail.info

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 7 HTTP transactions. The main IP is 2.58.55.1, located in Germany and belongs to CEBE, DE. The main domain is news.premium-mail.info.
TLS certificate: Issued by R3 on August 6th 2022. Valid for: 3 months.

This is the only time news.premium-mail.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2.58.55.1 2.58.55.1	207732 (CEBE) (CEBE)
1	52.218.89.218 52.218.89.218	16509 (AMAZON-02) (AMAZON-02)
1	94.31.29.128 94.31.29.128	33438 (STACKPATH) (STACKPATH)
1	104.17.213.185 104.17.213.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.157.38.177 35.157.38.177	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
7	6

1 2.58.55.1 (Germany)

ASN207732 (CEBE, DE)
PTR: smtp-a-1.pro-marketing-email.de

news.premium-mail.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.89.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

llcrm.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.128 (London, United Kingdom)

ASN33438 (STACKPATH, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net

lottoland-lottoland.bannerflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.213.185 (None, )

ASN13335 (CLOUDFLARENET, US)

www.lottoland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.38.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-38-177.eu-central-1.compute.amazonaws.com

www.trustedshops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

img.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	icons8.com img.icons8.com — Cisco Umbrella Rank: 32625	12 KB
1	trustedshops.com www.trustedshops.com — Cisco Umbrella Rank: 104428	12 KB
1	lottoland.com www.lottoland.com — Cisco Umbrella Rank: 522019	17 KB
1	bannerflow.com lottoland-lottoland.bannerflow.com — Cisco Umbrella Rank: 326840	146 KB
1	amazonaws.com llcrm.s3.amazonaws.com — Cisco Umbrella Rank: 766502	9 KB
1	premium-mail.info news.premium-mail.info	22 KB
7	6

	Domain	Requested by
2	img.icons8.com	news.premium-mail.info
1	www.trustedshops.com	news.premium-mail.info
1	www.lottoland.com	news.premium-mail.info
1	lottoland-lottoland.bannerflow.com	news.premium-mail.info
1	llcrm.s3.amazonaws.com	news.premium-mail.info
1	news.premium-mail.info
7	6

This site contains links to these domains. Also see Links.

Domain
www.lottoland.com

Subject Issuer	Validity	Valid
news.premium-mail.info R3	`2022-08-06` - `2022-11-04`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.bannerflow.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-26` - `2023-01-24`	a year	crt.sh
www.lottoland.com AlphaSSL CA - SHA256 - G2	`2022-02-12` - `2023-03-16`	a year	crt.sh
*.trustedshops.com Amazon	`2021-11-28` - `2022-12-26`	a year	crt.sh
1004834818.rsc.cdn77.org R3	`2022-07-23` - `2022-10-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://news.premium-mail.info/ga/webviews/4-80374462-32-3919-3931-6669-i2831607e4
Frame ID: 5FEA95972FE0BD76EF67C97CD8186329
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Das Glück trifft dich:

Page Statistics

7
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

218 kB
Transfer

214 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lottoland.com/lotto6aus49-12fuer1?lottolapid=email_369431_de&sid=b4c8367242b30dceeadaf8e58269f547-20220804.4817.trstnl

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 4-80374462-32-3919-3931-6669-i2831607e4 Show response
news.premium-mail.info/ga/webviews/ 21 KB
22 KB 254ms
157ms Document
text/html 2.58.55.1
CEBE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.premium-mail.info/ga/webviews/4-80374462-32-3919-3931-6669-i2831607e4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.58.55.1 , Germany, ASN207732 (CEBE, DE),
Reverse DNS: smtp-a-1.pro-marketing-email.de
Software: Apache/2.4.52 (Unix) OpenSSL/1.1.1n PHP/7.3.33 / Phusion Passenger(R) 6.0.12
Resource Hash: 614a76469eb599397184449ed8011343d63ffd4d7592940eb747c6c5c7b4cad9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Date: Sun, 07 Aug 2022 14:16:23 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1n PHP/7.3.33
Status: 200 OK
Transfer-Encoding: chunked
X-Powered-By: Phusion Passenger(R) 6.0.12
X-Rack-Cache: miss
X-Request-Id: e9f704f9e44b9850a12305499dc8bca6
X-Runtime: 0.117648
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK ll_logo_2x.png
llcrm.s3.amazonaws.com/html/Thanos/ 8 KB
9 KB 254ms
81ms Image
image/png 52.218.89.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://llcrm.s3.amazonaws.com/html/Thanos/ll_logo_2x.png
Requested by: Host: news.premium-mail.info
URL: https://news.premium-mail.info/ga/webviews/4-80374462-32-3919-3931-6669-i2831607e4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.89.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 129cbf8d5af7d6e1a2243bb1b16b2fdeaf272c9dd6409a8f552ed285d5c87de7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.premium-mail.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 07 Aug 2022 14:16:25 GMT
Last-Modified: Fri, 20 Mar 2020 15:18:15 GMT
Server: AmazonS3
x-amz-request-id: VPBGV39NXGV2Y8HM
ETag: "8ce01c1d4633740ae52d96833694b17a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8509
x-amz-id-2: 14Kw0s8p8ZPIhAmLj6IMp2A62NxcsUYfEqwPbn+2MUGyGHAEmYWOkbhcKwvVvyvSfyzEqG/cRSA=

GET
H2 200 5eb93b435f987b4250be3183.OqqXGCOq95H1.jpg
lottoland-lottoland.bannerflow.com/bf-images/ 146 KB
146 KB 132ms
40ms Image
image/jpeg 94.31.29.128
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lottoland-lottoland.bannerflow.com/bf-images/5eb93b435f987b4250be3183.OqqXGCOq95H1.jpg
Requested by: Host: news.premium-mail.info
URL: https://news.premium-mail.info/ga/webviews/4-80374462-32-3919-3931-6669-i2831607e4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 London, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ea96c30b95286ba729e96d2920515c28289722041ef66bfb786b69f12057bbf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.premium-mail.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Aug 2022 14:16:23 GMT
content-md5: SYxyrsmsmEDeY2jItmLXdg==
x-cache: HIT
content-length: 149159
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Sat, 06 Aug 2022 18:02:10 GMT
server: NetDNA-cache/2.2
etag: "0x8DA77D5C88CE055"
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 086dc661-301e-000a-3066-aab6b5000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 200 trusted-shops-badge.png
www.lottoland.com/cms/5e708e2b337684002cd7f682/ 17 KB
17 KB 136ms
50ms Image
image/png 104.17.213.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lottoland.com/cms/5e708e2b337684002cd7f682/trusted-shops-badge.png

Requested by

Host: news.premium-mail.info
URL: https://news.premium-mail.info/ga/webviews/4-80374462-32-3919-3931-6669-i2831607e4

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.17.213.185 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de8316c83e639d7a4f3e64f044d7288ae5fe66ca9c10d923ba1d1580f668440e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.premium-mail.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 14:16:23 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Mar 2020 08:45:31 GMT
server: cloudflare
age: 1992920
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 7370a13dce36bb62-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16945
expires: Mon, 07 Aug 2023 14:16:23 GMT

GET
H2 200 X6DA5B2DCED3217D31688A89110B23EBF.gif
www.trustedshops.com/bewertung/widget/widgets/ 12 KB
12 KB 161ms
76ms Image
image/gif 35.157.38.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trustedshops.com/bewertung/widget/widgets/X6DA5B2DCED3217D31688A89110B23EBF.gif
Requested by: Host: news.premium-mail.info
URL: https://news.premium-mail.info/ga/webviews/4-80374462-32-3919-3931-6669-i2831607e4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.38.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-38-177.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: fcc790e1383a0e1cdb17ddea584d2d8577d5620f431c5f0d48a3aba945f022ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.premium-mail.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 14:16:23 GMT
last-modified: Sun, 07 Aug 2022 04:43:36 GMT
server: Apache
content-type: image/gif
cache-control: max-age=59232
accept-ranges: bytes
content-length: 11946
expires: Mon, 08 Aug 2022 06:43:36 GMT

GET
H2 200 facebook-like--v1.png
img.icons8.com/material/48/0dbedc/ 692 B
1 KB 148ms
37ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/material/48/0dbedc/facebook-like--v1.png

Requested by

Host: news.premium-mail.info
URL: https://news.premium-mail.info/ga/webviews/4-80374462-32-3919-3931-6669-i2831607e4

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

136fc7dfb77ac9415def681a8468856f036ede7b090fbe185c5b3b9bf9a0a7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.premium-mail.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 07 Aug 2022 14:16:23 GMT
icon-size: 48
x-content-type-options: nosniff
memory-svg-cache: true
access-control-allow-origin: *
from-cache: false
from-svg-cache: true
icon-format: png
x-cache: HIT
x-age: 33778
x-dns-prefetch-control: off
content-length: 692
x-xss-protection: 1; mode=block
x-77-nzt: AcO1qhEql2//8oMAAA
x-accel-expires: @1660150405
not-found-platform: false
last-modified: Sat, 06 Aug 2022 10:46:39 GMT
server: CDN77-Turbo
x-77-nzt-ray: OAdqdDyLlgc
x-download-options: noopen
x-77-cache: HIT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
memory-cache: false
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=302400
icon-id: 82836
accept-ranges: bytes
version: 0.1.0-SNAPSHOT.20220801222727994

GET
H2 200 instagram-verification-badge.png
img.icons8.com/color/344/ 10 KB
11 KB 158ms
48ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/color/344/instagram-verification-badge.png

Requested by

Host: news.premium-mail.info
URL: https://news.premium-mail.info/ga/webviews/4-80374462-32-3919-3931-6669-i2831607e4

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

4a65670a68e7ae4a70b49ab5eb98358fb2e4d06e26fd961cf2e5700d28a04525

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.premium-mail.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 07 Aug 2022 14:16:23 GMT
icon-size: 344
x-content-type-options: nosniff
memory-svg-cache: true
access-control-allow-origin: *
from-cache: false
from-svg-cache: true
icon-format: png
x-cache: HIT
x-age: 33778
x-dns-prefetch-control: off
content-length: 10473
x-xss-protection: 1; mode=block
x-77-nzt: AcO1qhHWncH/8oMAAA
x-accel-expires: @1660150405
not-found-platform: false
last-modified: Sat, 06 Aug 2022 04:18:36 GMT
server: CDN77-Turbo
x-77-nzt-ray: XaxRjdd13iA
x-download-options: noopen
x-77-cache: HIT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
memory-cache: true
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=302400
icon-id: 2sZ0sdlG9kWP
accept-ranges: bytes
version: 0.1.0-SNAPSHOT.20220801222318082

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.lottoland.com/	1970-01-20 05:04:43	Name: __cf_bm Value: 22taiK13vpXtzywoi8o_DR_O95wKgAZeU4HJFd2aoXo-1659881783-0-AZ9pSEKcL42SqTIaCl59mj+UyyzwwlPhn0E+wRqZg0nLltEmDQg8Zb11kz3XGrJjbacz4rjoUq5Tw8sNW2JWjL0=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://news.premium-mail.info/ga/webviews/4-80374462-32-3919-3931-6669-i2831607e4(Line 4) Message: The key "" is not recognized and ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.icons8.com
llcrm.s3.amazonaws.com
lottoland-lottoland.bannerflow.com
news.premium-mail.info
www.lottoland.com
www.trustedshops.com
104.17.213.185
2.58.55.1
2a02:6ea0:c700::19
35.157.38.177
52.218.89.218
94.31.29.128
129cbf8d5af7d6e1a2243bb1b16b2fdeaf272c9dd6409a8f552ed285d5c87de7
136fc7dfb77ac9415def681a8468856f036ede7b090fbe185c5b3b9bf9a0a7ac
4a65670a68e7ae4a70b49ab5eb98358fb2e4d06e26fd961cf2e5700d28a04525
614a76469eb599397184449ed8011343d63ffd4d7592940eb747c6c5c7b4cad9
de8316c83e639d7a4f3e64f044d7288ae5fe66ca9c10d923ba1d1580f668440e
ea96c30b95286ba729e96d2920515c28289722041ef66bfb786b69f12057bbf3
fcc790e1383a0e1cdb17ddea584d2d8577d5620f431c5f0d48a3aba945f022ff

news.premium-mail.info Open in urlscan Pro 2.58.55.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

17 %IPv6

6 Domains

6 Subdomains

6 IPs

4 Countries

218 kBTransfer

214 kBSize

1 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

news.premium-mail.info Open in urlscan Pro
2.58.55.1 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

218 kB
Transfer

214 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions