urlscan.io logo urlscan.io
SecurityTrails logo

premiumbros.com Open in urlscan Pro
2606:4700:3037::6815:8cf  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.timesofinda.com/
Effective URL: https://premiumbros.com/lp_wp.html?cid=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7
Submission Tags: falconsandbox
Submission: On July 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 10 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3037::6815:8cf, located in United States and belongs to CLOUDFLARENET, US. The main domain is premiumbros.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 14th 2020. Valid for: a year.
This is the only time premiumbros.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 134.119.176.21 29066 (VELIANET-...)
2 2 173.192.101.24 36351 (SOFTLAYER)
1 3.227.187.116 14618 (AMAZON-AES)
2 104.22.65.104 13335 (CLOUDFLAR...)
1 1 3.208.106.250 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 139.45.196.201 9002 (RETN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
8 7
1    134.119.176.21 (Strasbourg, France)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
www.timesofinda.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p185689.mybetterdl.com
1    3.227.187.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
besty-deals.com
2    104.22.65.104 (United States)

ASN13335 (CLOUDFLARENET, US)
feed.r-tb.com
t.r-tb.com
1    3.208.106.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
news-easy.org
1    2606:4700:3037::6815:8cf (United States)

ASN13335 (CLOUDFLARENET, US)
premiumbros.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    139.45.196.201 (United Kingdom)

ASN9002 (RETN-AS, GB)
bigrourg.net
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
1 fonts.gstatic.com fonts.googleapis.com
1 bigrourg.net premiumbros.com
1 fonts.googleapis.com premiumbros.com
1 t.r-tb.com besty-deals.com
1 premiumbros.com besty-deals.com
1 news-easy.org 1 redirects
1 feed.r-tb.com besty-deals.com
1 besty-deals.com
1 p185689.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
1 www.timesofinda.com 1 redirects
0 mix.aff-track.net Failed besty-deals.com
8 12

This site contains no links.

Subject Issuer Validity Valid
besty-deals.com
R3		 2021-07-10 -
2021-10-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
bigrourg.net
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://premiumbros.com/lp_wp.html?cid=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7
Frame ID: FFF3C2BC9E924DA519980D17BBA99567
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.timesofinda.com/ HTTP 302
    https://mybetterdl.com/aS/feedclick?s=Q3qNwaNPmKXJrWaiuV3fAo8uDhK_8R6jpjcTajzqm_TkWVfCElI4GoLUfaDR_... HTTP 302
    https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12Lrv_qFipgSfiNgtyoeFa2JES7d3scLgdAyC4EtfKvKz6... HTTP 302
    https://besty-deals.com/TvpKtzHpURymE9T7dVxqEMbu6I9IMdC1OmG6Wk4u27I/?cid=86474541607&sid=63033026 Page URL
  2. https://news-easy.org/4DRJzt2u5Z_UUxafBO31UUZPunAiPR99nZ2SFmFJRVA/?cid=a2BPZ-EDjya43HPiyG3lE7gYa6O... HTTP 302
    https://premiumbros.com/lp_wp.html?cid=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

8
Requests

88 %
HTTPS

33 %
IPv6

10
Domains

12
Subdomains

7
IPs

4
Countries

89 kB
Transfer

144 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.timesofinda.com/ HTTP 302
    https://mybetterdl.com/aS/feedclick?s=Q3qNwaNPmKXJrWaiuV3fAo8uDhK_8R6jpjcTajzqm_TkWVfCElI4GoLUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwGVatJqgR1xMoDKoyvP4nOVIrIFFzO-PqxlOmzgR5fh3nQoQZVtH1UcHY6z5T2K7NFT_4ZRcycYiWlf6R4tpS4sHvKi3zg2M6_W_REN8aKeIFNVNxEakYzerf3dkrpWKIoia1eAzB8iiqZ4AvE9mBQcdKeIBfwGlSW-s4CDzeeiddGIM72A_e5VURDF3xFNYoptET1z13EU9ji9BeGm2bUB1XqdaS4566P3aJvlQqglN4STaLmGYjX_mZV9koMLhfRLAuj2WuI3a_L4M0U7R5-EDso48Go-Kk3mclsjXnQKGS6QRXTcmnmq7BRJhA9nwkPl_-uxptuwYZFGnN8rCWPsf6l1eQ0VYAbHAPe3gpva2lfqSZZtURey2GM4knyBetJt5P1qt2w4oGrvoEOyuL2DWF4g_LEcN2-oWZoVI3pBfSEzm6qmtwrCZBV797L4SlV7ii0uoYqn0YrICk24naj8JUpM0FIPUTtRuvJfPUcMXUT58Al9OT4oN8l9C04zNX0W-73kavMoxDPUvZn83qRzSswcCT-WhOkoP61Zcg8cz7UKhj3LU9BNWqRiZ1u9OOJfsLtxAdqiHNw0vPLMDJxeeBUWolOiVIJfxufkaDf0kfVIjqVsTy8pUHuytRse52cSt4vMPkYzQwTnxYQ7OHVeVha-GfHKN6nL4G2lff9kM_YprUrLnxP_yPI9JSwgvZ-gnx7FHmDz7n0QDvn03gAqMepHuW--p9NOcIk7PYkiZlrjGUK7BRE0n1tw5iF54hS_AU48GFi1IRQiB9jIatxIS7Ic7-0aCl6Xm47Ek70ksUJEA41yq1ar1VQVWkqklOrzrF4tBEUOxIU59LdZdhzMY5OWVHAp0LB5XpvL-NOTcMRZM93ErjIXoEeWeDjRScqQef3Q6N4c01IQSdjhcZgSu3xdP1B5MqghwVdWhYSbcH6P-0X2qlNE0IDmxslE5L4OY0RBpMs5gJdhQPTxd3Cfvmhmme-Fb6bFObeBq1IqkpwQ6GAfvpRaj_tCUjdzByrmebTv8vfbDCjRM-oJg5AmjKSH-Zy1mbM-usOU_KvMrFzCgUSbCP9Q_rkSUfD4JafndDnpOaTjfcpWIXpTs88Dq9webKr715ONM_q14QRJy7c2-wvqvGtLV789v2qeLfmYiVEXjZzwT44VX16Kl6ea_LbToNkaj2a37RBP85UfTPiMn62-8D6LGVJMYP-1rn9jPw9oOqpgLVGnLrhUvx5an7p3CGhIc3FymS2zSzkH7h8R3jd6QQOBWUV3P-qG0AMR6dg1ra_WXn4DIaHYDcZ5PAPFhqBSCGaPbXhlG7D3-gngA9SL4TWj_LFKaQfdCIV7zGDkXThF6fxRzXxISqKCG6-EnCPrjjd-p9flQvgrionx8B71l6CMW_LZEobZfJsgSZluxHBz07pgHk6WO8eNpqovRHA8A5hQo4QOZKHM-HX8y66E6MIDjFpjO-N-K6wvJ2ep-HLWh4ojMtUX73qoYUYJddZNGEFHmQcG0kBTpzDywUCrJWvVkY9nogME3neTRWUUN7gnrUVa_1m5TcXFljz7PBzihHQZqC7eN3hB4t7_G931LpUM5D13m_iWLT2vqWTb5gXwkD-RtqD0DhJyUtKaB5vULt9TPJjGkCNDY8ZaxjmeMa1d2FxZKDl0emltAiu4aEBHB2u4CWjGKv7SYAF_bgur4r3hRsoyTLh9YtAXVF0ZT9nqPGM3_l5dU1JGeOCvzODkNLvU4DgzxU7rX7IcEF_ChFOjAC9rVu4oqg0eeGvLJLcndK8FMDuacclZmTzLu_t8meMvkEQa5Jnu5XoEMSxoprZcOv9qgy04b0LQbBuAcKoUMjuXqBgtoxFszND-GJo0qybGnwSaRMRNFzcFrN8uk3s0rtUJUJrrY-1fU1p3QbUjZRJgQqctoyxYBMFr6_ZZ503vJrNW0uptXfzr--f6RcaB6OryCpoS2b_dINv-GJUZm72xRgkFogKjfNGeS1dIJR1P9IuvhaTNzYLW_VINChuCwoyTnI8Rxt51jBqPLKy3rrMH__U7H2edozOvh8r9JOKdIDMZDzvkjMKK23k-l4 HTTP 302
    https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12Lrv_qFipgSfiNgtyoeFa2JES7d3scLgdAyC4EtfKvKz63vYF6EySZkGRtUq9KIcs7LXXmoui8jtihkz-v8zpfohH2No6NxgU22JLNn4DighgU8Hl9QjshMlzUUlJYg0Z1cO0BDDmu3e2ES7hvOFXXVFRe-KSs2iBLnBCDlDzJajhKVLyXFB2mcFDjmy5Z021TEwYXzg8joMbErFkmrMzLT9G1IEEaQK5YKL0dJSBV_r8dc7dYlBnmWe_n3g2Xu5fBvb1MYIg3-_0f14-VbRbzEb9_006yTxQr-qrqI0tKVUlLsUpCFCJMVa1V3xPkFo1AaVVGJwRCrrA8PHWuAwt23ov5-I9G-CIUGKaNqSl0RptwW2EPX3lzlhOP4Y9yygj9tfb5FQeZl75NtmHa-sXA6Bvc7_FNfHOh52u4CWjGKv7StrhbbnuJlY69ojy3OPTxEDJ-XMM_Sd1e7Wv2wrj2oMP_yvaxlaGUJ-90Ra4o8xzSoeRhi4_Fo9q5_bMGinT0pcYQSLmb6Bj77AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZULVrisSgPMAVWQdFTAZXOx7j-HGqYGJ1nfj8RQEHtPdbkcEcAYjxpL4hR-C5Oa_CCt3Q5wgRfqudp7Au26wgIxqItqhQ6Scac&ui=Q3qNwaNPmKXJrWaiuV3fAvbWwvziNp_1xLgNeF8Zj-jUkI0KvFNSHEbtZdTi4-jfzFKcPhaUli133D3hDJ8NR7i79mjHVfYvxJ_ycvKrWfNAZeCf49quQw&si=1&oref=4ffb2f9059204df828951d9d29f3b92f&optunit=Voav5bVZcJ8GfkmkCP_Gww&rb=OZGG-tuiaBk&rr=1&isco=t&abtg=0 HTTP 302
    https://besty-deals.com/TvpKtzHpURymE9T7dVxqEMbu6I9IMdC1OmG6Wk4u27I/?cid=86474541607&sid=63033026 Page URL
  2. https://news-easy.org/4DRJzt2u5Z_UUxafBO31UUZPunAiPR99nZ2SFmFJRVA/?cid=a2BPZ-EDjya43HPiyG3lE7gYa6OS8-4h&sid=sam_w10_0507_fr_chrome HTTP 302
    https://premiumbros.com/lp_wp.html?cid=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.timesofinda.com/ HTTP 302
  • https://mybetterdl.com/aS/feedclick?s=Q3qNwaNPmKXJrWaiuV3fAo8uDhK_8R6jpjcTajzqm_TkWVfCElI4GoLUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwGVatJqgR1xMoDKoyvP4nOVIrIFFzO-PqxlOmzgR5fh3nQoQZVtH1UcHY6z5T2K7NFT_4ZRcycYiWlf6R4tpS4sHvKi3zg2M6_W_REN8aKeIFNVNxEakYzerf3dkrpWKIoia1eAzB8iiqZ4AvE9mBQcdKeIBfwGlSW-s4CDzeeiddGIM72A_e5VURDF3xFNYoptET1z13EU9ji9BeGm2bUB1XqdaS4566P3aJvlQqglN4STaLmGYjX_mZV9koMLhfRLAuj2WuI3a_L4M0U7R5-EDso48Go-Kk3mclsjXnQKGS6QRXTcmnmq7BRJhA9nwkPl_-uxptuwYZFGnN8rCWPsf6l1eQ0VYAbHAPe3gpva2lfqSZZtURey2GM4knyBetJt5P1qt2w4oGrvoEOyuL2DWF4g_LEcN2-oWZoVI3pBfSEzm6qmtwrCZBV797L4SlV7ii0uoYqn0YrICk24naj8JUpM0FIPUTtRuvJfPUcMXUT58Al9OT4oN8l9C04zNX0W-73kavMoxDPUvZn83qRzSswcCT-WhOkoP61Zcg8cz7UKhj3LU9BNWqRiZ1u9OOJfsLtxAdqiHNw0vPLMDJxeeBUWolOiVIJfxufkaDf0kfVIjqVsTy8pUHuytRse52cSt4vMPkYzQwTnxYQ7OHVeVha-GfHKN6nL4G2lff9kM_YprUrLnxP_yPI9JSwgvZ-gnx7FHmDz7n0QDvn03gAqMepHuW--p9NOcIk7PYkiZlrjGUK7BRE0n1tw5iF54hS_AU48GFi1IRQiB9jIatxIS7Ic7-0aCl6Xm47Ek70ksUJEA41yq1ar1VQVWkqklOrzrF4tBEUOxIU59LdZdhzMY5OWVHAp0LB5XpvL-NOTcMRZM93ErjIXoEeWeDjRScqQef3Q6N4c01IQSdjhcZgSu3xdP1B5MqghwVdWhYSbcH6P-0X2qlNE0IDmxslE5L4OY0RBpMs5gJdhQPTxd3Cfvmhmme-Fb6bFObeBq1IqkpwQ6GAfvpRaj_tCUjdzByrmebTv8vfbDCjRM-oJg5AmjKSH-Zy1mbM-usOU_KvMrFzCgUSbCP9Q_rkSUfD4JafndDnpOaTjfcpWIXpTs88Dq9webKr715ONM_q14QRJy7c2-wvqvGtLV789v2qeLfmYiVEXjZzwT44VX16Kl6ea_LbToNkaj2a37RBP85UfTPiMn62-8D6LGVJMYP-1rn9jPw9oOqpgLVGnLrhUvx5an7p3CGhIc3FymS2zSzkH7h8R3jd6QQOBWUV3P-qG0AMR6dg1ra_WXn4DIaHYDcZ5PAPFhqBSCGaPbXhlG7D3-gngA9SL4TWj_LFKaQfdCIV7zGDkXThF6fxRzXxISqKCG6-EnCPrjjd-p9flQvgrionx8B71l6CMW_LZEobZfJsgSZluxHBz07pgHk6WO8eNpqovRHA8A5hQo4QOZKHM-HX8y66E6MIDjFpjO-N-K6wvJ2ep-HLWh4ojMtUX73qoYUYJddZNGEFHmQcG0kBTpzDywUCrJWvVkY9nogME3neTRWUUN7gnrUVa_1m5TcXFljz7PBzihHQZqC7eN3hB4t7_G931LpUM5D13m_iWLT2vqWTb5gXwkD-RtqD0DhJyUtKaB5vULt9TPJjGkCNDY8ZaxjmeMa1d2FxZKDl0emltAiu4aEBHB2u4CWjGKv7SYAF_bgur4r3hRsoyTLh9YtAXVF0ZT9nqPGM3_l5dU1JGeOCvzODkNLvU4DgzxU7rX7IcEF_ChFOjAC9rVu4oqg0eeGvLJLcndK8FMDuacclZmTzLu_t8meMvkEQa5Jnu5XoEMSxoprZcOv9qgy04b0LQbBuAcKoUMjuXqBgtoxFszND-GJo0qybGnwSaRMRNFzcFrN8uk3s0rtUJUJrrY-1fU1p3QbUjZRJgQqctoyxYBMFr6_ZZ503vJrNW0uptXfzr--f6RcaB6OryCpoS2b_dINv-GJUZm72xRgkFogKjfNGeS1dIJR1P9IuvhaTNzYLW_VINChuCwoyTnI8Rxt51jBqPLKy3rrMH__U7H2edozOvh8r9JOKdIDMZDzvkjMKK23k-l4 HTTP 302
  • https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12Lrv_qFipgSfiNgtyoeFa2JES7d3scLgdAyC4EtfKvKz63vYF6EySZkGRtUq9KIcs7LXXmoui8jtihkz-v8zpfohH2No6NxgU22JLNn4DighgU8Hl9QjshMlzUUlJYg0Z1cO0BDDmu3e2ES7hvOFXXVFRe-KSs2iBLnBCDlDzJajhKVLyXFB2mcFDjmy5Z021TEwYXzg8joMbErFkmrMzLT9G1IEEaQK5YKL0dJSBV_r8dc7dYlBnmWe_n3g2Xu5fBvb1MYIg3-_0f14-VbRbzEb9_006yTxQr-qrqI0tKVUlLsUpCFCJMVa1V3xPkFo1AaVVGJwRCrrA8PHWuAwt23ov5-I9G-CIUGKaNqSl0RptwW2EPX3lzlhOP4Y9yygj9tfb5FQeZl75NtmHa-sXA6Bvc7_FNfHOh52u4CWjGKv7StrhbbnuJlY69ojy3OPTxEDJ-XMM_Sd1e7Wv2wrj2oMP_yvaxlaGUJ-90Ra4o8xzSoeRhi4_Fo9q5_bMGinT0pcYQSLmb6Bj77AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZULVrisSgPMAVWQdFTAZXOx7j-HGqYGJ1nfj8RQEHtPdbkcEcAYjxpL4hR-C5Oa_CCt3Q5wgRfqudp7Au26wgIxqItqhQ6Scac&ui=Q3qNwaNPmKXJrWaiuV3fAvbWwvziNp_1xLgNeF8Zj-jUkI0KvFNSHEbtZdTi4-jfzFKcPhaUli133D3hDJ8NR7i79mjHVfYvxJ_ycvKrWfNAZeCf49quQw&si=1&oref=4ffb2f9059204df828951d9d29f3b92f&optunit=Voav5bVZcJ8GfkmkCP_Gww&rb=OZGG-tuiaBk&rr=1&isco=t&abtg=0 HTTP 302
  • https://besty-deals.com/TvpKtzHpURymE9T7dVxqEMbu6I9IMdC1OmG6Wk4u27I/?cid=86474541607&sid=63033026

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
besty-deals.com/TvpKtzHpURymE9T7dVxqEMbu6I9IMdC1OmG6Wk4u27I/
Redirect Chain
  • http://www.timesofinda.com/
  • https://mybetterdl.com/aS/feedclick?s=Q3qNwaNPmKXJrWaiuV3fAo8uDhK_8R6jpjcTajzqm_TkWVfCElI4GoLUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwGVatJqgR1xMoDKoyvP4nOVIrIFFzO-PqxlOmzgR5fh3nQoQZVtH1UcHY6z5T2K7...
  • https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12Lrv_qFipgSfiNgtyoeFa2JES7d3scLgdAyC4EtfKvKz63vYF6EySZkGRtUq9KIcs7LXXmoui8jtihkz-v8zpfohH2No6NxgU22JLNn4DighgU8Hl9QjshMlzUUlJYg0Z1cO0BD...
  • https://besty-deals.com/TvpKtzHpURymE9T7dVxqEMbu6I9IMdC1OmG6Wk4u27I/?cid=86474541607&sid=63033026
43 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://besty-deals.com/TvpKtzHpURymE9T7dVxqEMbu6I9IMdC1OmG6Wk4u27I/?cid=86474541607&sid=63033026
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.187.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
besty-deals.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 07:38:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
session=a2BPZ-EDjya43HPiyG3lE7gYa6OS8-4h
Server
nginx

Redirect headers

server
nginx
date
Tue, 13 Jul 2021 07:38:55 GMT
content-length
0
set-cookie
rhid=79072924819; Max-Age=15552000; Expires=Sun, 09-Jan-2022 07:38:55 GMT; Domain=mybetterdl.com; Path=/; SameSite=None; secure; loi=ad_1112535_off_558515_aff_840_cid_185689-TIMESOFINDA.COM_ts_1626161935; Max-Age=3600; Expires=Tue, 13-Jul-2021 08:38:55 GMT; Domain=mybetterdl.com; Path=/; SameSite=None; secure;
location
https://besty-deals.com/TvpKtzHpURymE9T7dVxqEMbu6I9IMdC1OmG6Wk4u27I/?cid=86474541607&sid=63033026
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
mix.aff-track.net/RzBtWh/ 		0
0
AFU1kAAPatM
feed.r-tb.com/v1/native/ 		649 B
616 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feed.r-tb.com/v1/native/AFU1kAAPatM?subid=sam_w10_0507_fr_chrome&uid=82ce9cc4-98b0-4029-ba12-de6f116acdbf
Requested by
Host: besty-deals.com
URL: https://besty-deals.com/TvpKtzHpURymE9T7dVxqEMbu6I9IMdC1OmG6Wk4u27I/?cid=86474541607&sid=63033026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.65.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://besty-deals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 07:38:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
66e0dac38847edcf-CDG
Primary Request lp_wp.html
premiumbros.com/
Redirect Chain
  • https://news-easy.org/4DRJzt2u5Z_UUxafBO31UUZPunAiPR99nZ2SFmFJRVA/?cid=a2BPZ-EDjya43HPiyG3lE7gYa6OS8-4h&sid=sam_w10_0507_fr_chrome
  • https://premiumbros.com/lp_wp.html?cid=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://premiumbros.com/lp_wp.html?cid=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7
Requested by
Host: besty-deals.com
URL: https://besty-deals.com/TvpKtzHpURymE9T7dVxqEMbu6I9IMdC1OmG6Wk4u27I/?cid=86474541607&sid=63033026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:8cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31a94f4638290bdb4a79cc0bc546a327d7c324329efbbda93ce50853b3627a3

Request headers

:method
GET
:authority
premiumbros.com
:scheme
https
:path
/lp_wp.html?cid=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://besty-deals.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://besty-deals.com/TvpKtzHpURymE9T7dVxqEMbu6I9IMdC1OmG6Wk4u27I/?cid=86474541607&sid=63033026

Response headers

date
Tue, 13 Jul 2021 07:38:56 GMT
content-type
text/html
x-amz-id-2
aXrgjJ5Q/bj8GUsjSL7WHzXy54FjBlijnFcVlAFh5QQlsl7/mNdy3SMc1FJNFPMmrm34V+1+pe0=
x-amz-request-id
9FS2GEEXFH4F9ZG6
last-modified
Thu, 20 May 2021 18:05:24 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=npS5UtRJjg%2FuZxMo%2BKihynZXA7tKu2LJSkh0q5usEUY%2BzS4knYNjDWDBRFVpGVbcevD%2BT90bkr4zgjne2HdV48fIA5MK7QRjidG9kZOpF9UFYUeFnmWtUp1ZyKTY2gO8bDPYIciZBmvH"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66e0dac54c18c2f4-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date
Tue, 13 Jul 2021 07:38:56 GMT
Content-Type
text/html
Content-Length
142
Connection
keep-alive
Location
https://premiumbros.com/lp_wp.html?cid=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7
Set-Cookie
session=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7
Server
nginx
imp
t.r-tb.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.r-tb.com/imp?l2=9dPGq-lL1QMfiNE1ztKiAyRY_nAG_aYweqG7TMlgWGcM9Qzt63PwuVPcrayj8s7-tFlfuZsJ8o7D8LY3V6Qjoe_IZNzsQW2Lag7gxJfcr-11O3-UsnecvLPUQ3IrCqGhcmnFYSqwgG7SDhngqiayZQ5bEY1rSQ372PUiW3PkmIpDtIp2Ftu5u8AM_aBsJZrX
Requested by
Host: besty-deals.com
URL: https://besty-deals.com/TvpKtzHpURymE9T7dVxqEMbu6I9IMdC1OmG6Wk4u27I/?cid=86474541607&sid=63033026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.65.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://besty-deals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 13 Jul 2021 07:38:56 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
66e0dac57c80edcf-CDG
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
css
fonts.googleapis.com/ 		2 KB
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: premiumbros.com
URL: https://premiumbros.com/lp_wp.html?cid=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://premiumbros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 07:18:41 GMT
server
ESF
date
Tue, 13 Jul 2021 07:38:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jul 2021 07:38:56 GMT
truncated
/ 		316 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4f1945e807b1ab78412c1ef75ad6b0324cf3e32dee84bd6fdbe3d5ba17e5db8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
micro.tag.min.js
bigrourg.net/pfe/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bigrourg.net/pfe/current/micro.tag.min.js?z=4253018&ymid=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7&sw=/sw-check-permissions-18a82.js
Requested by
Host: premiumbros.com
URL: https://premiumbros.com/lp_wp.html?cid=3X63Ra_CTh1PKBiLyYUKrys3Y88Liag7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.201 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
805d8e3864ade4af8b4ede0cd61a5dadf9f1721d273a79494c433405f67e7b52

Request headers

Referer
https://premiumbros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jul 2021 07:38:49 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 15:48:19 GMT
server
nginx
etag
W/"60e71e43-133ce"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://premiumbros.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 18:26:10 GMT
x-content-type-options
nosniff
age
47566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 18:26:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mix.aff-track.net
URL
https://mix.aff-track.net/RzBtWh/?utm_source=756&utm_campaign=7590794&cid=[CLICK_ID]&sid=webdriver_sam_w10_0507_fr_chrome

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ntfcSDK

0 Cookies