premiumaccess.link Open in urlscan Pro
207.154.254.62  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request cd5fl7k.php Show response premiumaccess.link/	6 KB 2 KB	159ms 110ms	Document text/html	207.154.254.62 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://premiumaccess.link/cd5fl7k.php?key=ph1od82pvew2ua0jizqf&visitor_id=729039104679088331&cost=0.000206&zoneid=5118175&campaignid=7422138&device=other&browser=chrome&os=android&osversion=android11&country=IT&language=it&isp=poste%20italiane%20s.p.a.&user_activity=low Protocol HTTP/1.1 Server 207.154.254.62 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.24.0 / Resource Hash a656bb476f382b7d4b8d4d844ef9bda2bd29fdcb657cea466ee9d551054667b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Fri, 22 Sep 2023 11:07:26 GMT Server nginx/1.24.0 Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked
GET H2	200	custom.css 3amstore.my.id/	8 KB 3 KB	236ms 48ms	Stylesheet text/css	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3amstore.my.id/custom.css Requested by Host: premiumaccess.link URL: http://premiumaccess.link/cd5fl7k.php?key=ph1od82pvew2ua0jizqf&visitor_id=729039104679088331&cost=0.000206&zoneid=5118175&campaignid=7422138&device=other&browser=chrome&os=android&osversion=android11&country=IT&language=it&isp=poste%20italiane%20s.p.a.&user_activity=low Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3061b6111f55d995dd9d569499d4f3ba1078cfbdac7d250bc776b3ea32ad5217 Request headers accept-language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Fri, 22 Sep 2023 11:07:26 GMT content-encoding br cf-cache-status HIT last-modified Thu, 14 Sep 2023 15:30:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 595269 etag W/"1ef7-6503272d-a0bd7;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MojKavsl4p3yOsl9XZimp8uYg6p%2BELdDr%2F4ijkPvB1yhEYDuSPvmMeLbk2TpOI%2FWNPAy71axczOy%2Bke5kxmLe1BHBUA4M%2FhGNKWq8ZDicr11gwaD0WfEBq59ciHJLBgNOg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 80aa159458cdba8f-MXP alt-svc h3=":443"; ma=86400 expires Fri, 22 Sep 2023 13:46:17 GMT
GET H/1.1	200 OK	js15_as.js Show response s10.histats.com/	11 KB 5 KB	115ms 72ms	Script text/javascript	104.20.9.31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://s10.histats.com/js15_as.js Requested by Host: premiumaccess.link URL: http://premiumaccess.link/cd5fl7k.php?key=ph1od82pvew2ua0jizqf&visitor_id=729039104679088331&cost=0.000206&zoneid=5118175&campaignid=7422138&device=other&browser=chrome&os=android&osversion=android11&country=IT&language=it&isp=poste%20italiane%20s.p.a.&user_activity=low Protocol HTTP/1.1 Server 104.20.9.31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers accept-language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Fri, 22 Sep 2023 11:07:26 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Thu, 16 Apr 2020 10:44:16 GMT Server cloudflare Age 14117 ETag "-375139978" Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=28800 Connection keep-alive Accept-Ranges bytes CF-RAY 80aa1593bbae27b9-LYS Content-Length 4547
GET		aliexpress://goto?url=https://s.click.aliexpress.com/e/_DEyh9wF?dp=1240bu3xsoce1e aliexpress://goto?url=https://s.click.aliexpress.com/e/_DEyh9wF?dp=1240bu3xsoce1e	0 0
GET		url com.android.chrome/https/www.google.com/	0 0
GET		url com.android.chrome/https//www.google.com/	0 0
GET		/ com.android.chrome/https//elrxkl.remarkabiedates.com/	0 0
GET		url com.android.chrome/https//www.google.com/	0 0
GET		/ com.android.chrome/https//elrxkl.remarkabiedates.com/	0 0
GET		url com.android.chrome/https//www.google.com/	0 0
GET		/ com.android.chrome/https//elrxkl.remarkabiedates.com/	0 0
GET		partnersearch.aspx www.agoda.com/partners/	0 0
GET		url com.android.chrome/https/www.google.com/	0 0
GET		/ com.android.chrome/https//elrxkl.remarkabiedates.com/	0 0
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	111 B 246 B	423ms 138ms	Script text/html	54.39.128.162 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?1869625&@f16&@g1&@h1&@i1&@j1695380846718&@k0&@l1&@m%3D%3D%3D%3D%3D%3D%20AGODA%20%3D%3D%3D%3D%3D%3D&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:64716040&@b3:1695380847&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fpremiumaccess.link%2Fcd5fl7k.php%3Fkey%3Dph1od82pvew2ua0jizqf%26visitor_id%3D729039104679088331%26cost%3D0.000206%26zoneid%3D5118175%26campaignid%3D7422138%26device%3Dother%26browser%3Dchrome%26os%3Dandroid%26osversion%3Dandroid11%26country%3DIT%26language%3Dit%26isp%3Dposte%20italiane%20s.p.a.%26user_activity%3Dlow&@w Requested by Host: s10.histats.com URL: http://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.39.128.162 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns562109.ip-54-39-128.net Software / Resource Hash 914713d59c7db7470a947bb1cd2780acc5f922726357f91091ab70a5e7bd4225 Request headers accept-language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Fri, 22 Sep 2023 11:07:19 GMT Connection close Content-Length 111 Content-Type text/html;charset=UTF-8
GET H2	200	gg.jpg 3amstore.my.id/	62 KB 62 KB	43ms 42ms	Image image/jpeg	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://3amstore.my.id/gg.jpg Requested by Host: 3amstore.my.id URL: https://3amstore.my.id/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 207dca9023e9c8283032f9dbc0d967466e6fb17125137402fb0c4e69b05dd716 Request headers accept-language it-IT,it;q=0.9 Referer https://3amstore.my.id/custom.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Fri, 22 Sep 2023 11:07:26 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 595268 alt-svc h3=":443"; ma=86400 content-length 63187 last-modified Thu, 14 Sep 2023 15:30:52 GMT server cloudflare etag "f6d3-6503272c-a0bd6;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgFhLLrNIs5U50e2wsywGB9CkrwLp5FD6Vzd8y%2FsZ3sT3kPIGsqlV8MR65qKPCeYo53LMoGvlAj%2FD52IdcGUDjonH4CDahk%2Fczzi7s7kMQJfpALxRw4DTpl0JqszqHunFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes cf-ray 80aa1594a929ba8f-MXP expires Fri, 22 Sep 2023 13:46:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

goto

URL

aliexpress://goto?url=https://s.click.aliexpress.com/e/_DEyh9wF?dp=1240bu3xsoce1e

Domain

com.android.chrome

URL

android-app://com.android.chrome/https/www.google.com/url?q=https://www.highcpmrevenuegate.com/hg5yr8bwsp?key=e547a5360a2ed0157ef71d6ffc865df3

Domain

com.android.chrome

URL

android-app://com.android.chrome/https//www.google.com/url?q=https://www.highcpmrevenuegate.com/hg5yr8bwsp?key=e547a5360a2ed0157ef71d6ffc865df3

Domain

com.android.chrome

URL

android-app://com.android.chrome/https//elrxkl.remarkabiedates.com/?utm_source=da57dc555e50572d&s1=202744&s2=1932687&j1=1

Domain

com.android.chrome

URL

android-app://com.android.chrome/https//www.google.com/url?q=https://www.highcpmrevenuegate.com/hg5yr8bwsp?key=e547a5360a2ed0157ef71d6ffc865df3

Domain

com.android.chrome

URL

android-app://com.android.chrome/https//elrxkl.remarkabiedates.com/?utm_source=da57dc555e50572d&s1=202744&s2=1932687&j1=1

Domain

com.android.chrome

URL

android-app://com.android.chrome/https//www.google.com/url?q=https://www.highcpmrevenuegate.com/hg5yr8bwsp?key=e547a5360a2ed0157ef71d6ffc865df3

Domain

com.android.chrome

URL

android-app://com.android.chrome/https//elrxkl.remarkabiedates.com/?utm_source=da57dc555e50572d&s1=202744&s2=1932687&j1=1

Domain

www.agoda.com

URL

https://www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1800724&hl=en-us

Domain

com.android.chrome

URL

android-app://com.android.chrome/https/www.google.com/url?q=https://www.highcpmrevenuegate.com/hg5yr8bwsp?key=e547a5360a2ed0157ef71d6ffc865df3

Domain

com.android.chrome

URL

android-app://com.android.chrome/https//elrxkl.remarkabiedates.com/?utm_source=da57dc555e50572d&s1=202744&s2=1932687&j1=1

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			premiumaccess.link/	1970-01-20 14:57:47	Name: uclick Value: u3xsoc
			premiumaccess.link/	1970-01-20 14:57:47	Name: uclickhash Value: u3xsoc-u3xsoc-fe-0-fe-i4-fe-11585f
			premiumaccess.link/	1970-01-20 23:41:56	Name: HstCfa1869625 Value: 1695380846718
			premiumaccess.link/	1970-01-20 23:41:56	Name: HstCla1869625 Value: 1695380846718
			premiumaccess.link/	1970-01-20 23:41:56	Name: HstCmu1869625 Value: 1695380846718
			premiumaccess.link/	1970-01-20 23:41:56	Name: HstPn1869625 Value: 1
			premiumaccess.link/	1970-01-20 23:41:56	Name: HstPt1869625 Value: 1
			premiumaccess.link/	1970-01-20 23:41:56	Name: HstCnv1869625 Value: 1
			premiumaccess.link/	1970-01-20 23:41:56	Name: HstCns1869625 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://premiumaccess.link/cd5fl7k.php?key=ph1od82pvew2ua0jizqf&visitor_id=729039104679088331&cost=0.000206&zoneid=5118175&campaignid=7422138&device=other&browser=chrome&os=android&osversion=android11&country=IT&language=it&isp=poste%20italiane%20s.p.a.&user_activity=low(Line 107) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3amstore.my.id
com.android.chrome
goto
premiumaccess.link
s10.histats.com
s4.histats.com
www.agoda.com
com.android.chrome
goto
www.agoda.com
104.20.9.31
188.114.97.3
207.154.254.62
54.39.128.162
207dca9023e9c8283032f9dbc0d967466e6fb17125137402fb0c4e69b05dd716
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3061b6111f55d995dd9d569499d4f3ba1078cfbdac7d250bc776b3ea32ad5217
914713d59c7db7470a947bb1cd2780acc5f922726357f91091ab70a5e7bd4225
a656bb476f382b7d4b8d4d844ef9bda2bd29fdcb657cea466ee9d551054667b0