now.thebestflowingtraff.co

Summary

This website contacted 1 IPs in 2 countries across 4 domains to perform 1 HTTP transactions. The main IP is 67.212.184.150, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is now.thebestflowingtraff.co.
TLS certificate: Issued by R3 on November 27th 2023. Valid for: 3 months.

This is the only time now.thebestflowingtraff.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.143.9.110 104.143.9.110	399522 (TP) (TP)
1 1	148.135.95.235 148.135.95.235	35916 (MULTA-ASN1) (MULTA-ASN1)
1 1	2a05:d018:e36... 2a05:d018:e36:3910:4eca:3b31:3ec6:23d5	16509 (AMAZON-02) (AMAZON-02)
1	67.212.184.150 67.212.184.150	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	1

1 104.143.9.110 (United States) 1 redirects

ASN399522 (TP, US)

twitchs-claims.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.135.95.235 (Los Angeles, United States) 1 redirects

ASN35916 (MULTA-ASN1, US)
PTR: 107-26-82-173-dedicated.multacom.com

u.cellreva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:e36:3910:4eca:3b31:3ec6:23d5 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cddtsecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.212.184.150 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

now.thebestflowingtraff.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	thebestflowingtraff.co now.thebestflowingtraff.co	741 B
1	cddtsecure.com 1 redirects cddtsecure.com	3 KB
1	cellreva.com 1 redirects u.cellreva.com	337 B
1	twitchs-claims.com 1 redirects twitchs-claims.com	506 B
1	4

	Domain	Requested by
1	now.thebestflowingtraff.co
1	cddtsecure.com	1 redirects
1	u.cellreva.com	1 redirects
1	twitchs-claims.com	1 redirects
1	4

This site contains no links.

Subject Issuer	Validity	Valid
now.thebestflowingtraff.co R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://now.thebestflowingtraff.co/?utm_medium=4451766718d6d6af6232cd3e772ffb5117e3cb21&utm_campaign=Main&1=224010&cid=6073a68cae0d4d338a0348285877f71722b88
Frame ID: 30AF7621C3ACB03B459219CA30FA3178
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page URL History Show full URLs

http://twitchs-claims.com/ HTTP 301
https://u.cellreva.com/c2u6l3k.php?key=54sgs7c9m4qg4z7orf1f&p1ease=Wrench2_Emote_Backboard HTTP 302
https://cddtsecure.com/?a=224010&c=354210&s2=8567cgm7vvcfe82e HTTP 302
https://now.thebestflowingtraff.co/?utm_medium=4451766718d6d6af6232cd3e772ffb5117e3cb21&utm_campaign=Main&1=224... Page URL

Page Statistics

1
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

1
IPs

2
Countries

1 kB
Transfer

1 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://twitchs-claims.com/ HTTP 301
https://u.cellreva.com/c2u6l3k.php?key=54sgs7c9m4qg4z7orf1f&p1ease=Wrench2_Emote_Backboard HTTP 302
https://cddtsecure.com/?a=224010&c=354210&s2=8567cgm7vvcfe82e HTTP 302
https://now.thebestflowingtraff.co/?utm_medium=4451766718d6d6af6232cd3e772ffb5117e3cb21&utm_campaign=Main&1=224010&cid=6073a68cae0d4d338a0348285877f71722b88 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response now.thebestflowingtraff.co/ Redirect Chain http://twitchs-claims.com/ https://u.cellreva.com/c2u6l3k.php?key=54sgs7c9m4qg4z7orf1f&p1ease=Wrench2_Emote_Backboard https://cddtsecure.com/?a=224010&c=354210&s2=8567cgm7vvcfe82e https://now.thebestflowingtraff.co/?utm_medium=4451766718d6d6af6232cd3e772ffb5117e3cb21&utm_campaign=Main&1=224010&cid=6073a68cae0d4d338a0348285877f71722b88	726 B 741 B	492ms 161ms	Document text/html	67.212.184.150 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://now.thebestflowingtraff.co/?utm_medium=4451766718d6d6af6232cd3e772ffb5117e3cb21&utm_campaign=Main&1=224010&cid=6073a68cae0d4d338a0348285877f71722b88 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.212.184.150 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS server04.com-2.mobi Software nginx / PHP/8.2.12 Resource Hash `0af49e3e65552311638fb90718726435b4b8c92fc08f48a8825eb25eb23fce2b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version cache-control no-store, no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 07 Dec 2023 00:44:44 GMT expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/8.2.12 Redirect headers access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * content-language en-US content-type text/html;charset=ISO-8859-1 date Thu, 07 Dec 2023 00:44:44 GMT location https://now.thebestflowingtraff.co/?utm_medium=4451766718d6d6af6232cd3e772ffb5117e3cb21&utm_campaign=Main&1=224010&cid=6073a68cae0d4d338a0348285877f71722b88 server nginx

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| next

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
u.cellreva.com/	1970-01-20 16:46:36	Name: uclick Value: gm7vvcfe
u.cellreva.com/	1970-01-20 16:46:36	Name: uclickhash Value: gm7vvcfe-gm7vvcfe-fe-i4-vr-b4-bl-fa4ce3
.cddtsecure.com/	1970-01-20 18:54:45	Name: gdm_click_freq_v1_1_001 Value: 4fxtHJpkb8AQiYKRT1UBNo842qAOB0rmgpEGpPhI71cFxjOvLX26IxSCJB5c/jAs
.cddtsecure.com/	1970-01-20 18:54:45	Name: gdm_suid_v2_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/	1970-01-20 18:54:45	Name: gdm_sid_v2_3_001 Value: vfPfqzyTtxO/Yka+n4K4pWHi92HT9kYexW3eAoRcHyuUP2hhn/EcWKO4AiAb+gnzTjZ5gNiBzoTKMX+EtvxD1z0CSw7WHnr1G8ZTU4SHxamxLdwVxnwjWbjplmJo1LtaPw1gWKVudC+M27qRzcnKY1+3j1VKmH7Pi5BHVZlbC83tNamAcbe+7gHL2jgNps9Kjec1ww4PmwBbg9e8AIHClXQ2joK+1EnbBQRWDChkF1nfxWwtc0znQppcrVZ9ohFdB0e1ArmyHZgdRZkuEqmOzkmSDUqCgAZoLWaekhgHYzJa7IvGx1y/g6CnWxjrDfKwUCLHO5nIaWxuHWFA1W6qpKGIEEC3M81SBLNznS+bVoIX1DUbFeR2pVmZm9jpCQyA3n+mV1cWbXhxVXk7usBhdlYrEW/eCKu7BfdlOM58lVpZcEKtbGYZuihQEjIi2M+EZ5aijgSkeAb7BfsMj2eDfAgBJQLu/59oBqV5e317o5iA+EyZ8mBWHy09WaLqgGv13eCrN09Hxho4lIC0nTW8tGWsTDwQijwcC/SDsEWqBspqfmffXfDoBzA8LbEMT2mxVWsQjcN6HqdTh5W2NjsnFQjNqLkWi/XaYURKHIG+5eaRDv3ylYh7DmpopkuLvWmthnNZFoxLrB7Q8UkOBvvEBVkwjIlNUgqzQPeBeWRIvecgzKlEwXD5Ot4pUvrbEpk1ZmEzqIRnj5wy1e8Jq9+Pyrxo85TVosCyPs1nIab2Nbf34bJMH/816TZ2ynFM2chcV6/hBVxTLPJn5vXHA/dbz5HBQFky97vJJyp27Kp5UuM62v1zmGbWgMpUeYX6gkxmUZhhTvXvlAM7tbGPzZHOy9FB5b4gjE+jpHW9z4nGqL/98nAjRAzwHDYu2CuRi7RLEqs4wdF1UWtGk4KfRaKbbvBazlzw1zj6CctJ/JusybXe4ZMDMN9O0lgM8LMTF8AQGN5LRnnYok6H733+O2XcnryJU9UdMI4I1qhyL2q9K/fHUQGP4szQcuApLAAJYIl3fn79eJTqK6ZYO1yrhEWXrsk6GxjRUdwxqTX6N5Tmh+xdBFSmgZi1+0G0GHzXWqf+0QscHirb8NtEBHfM+vxsR2fbbMJ2j3XilFdbpTkgZTFo6uq/QHZYbs9EggKOwOuO
.cddtsecure.com/	1970-01-20 18:54:45	Name: gdm_click_adv_freq_v1_1_001 Value: 9aM1XGpWxsbm63MOQbJksAclPnTLxGX1lYWu26A9Gq9CLjjRGI5ghtSGWCu4twJi
.cddtsecure.com/	1970-01-20 18:54:45	Name: gdm_click_freq_v2_1_001 Value: 4fxtHJpkb8AQiYKRT1UBNo842qAOB0rmgpEGpPhI71cFxjOvLX26IxSCJB5c/jAs
.cddtsecure.com/	1970-01-20 18:54:45	Name: gdm_uid_v1_1_001 Value: 6qdqMJGSsDX0N3tuHpLRe1kS4xfaZws2Ez2PBbxXAcsAxQQWODuQa3ShB1W8IO+K
.cddtsecure.com/	1970-01-20 18:54:45	Name: gdm_click_adv_freq_v2_1_001 Value: 9aM1XGpWxsbm63MOQbJksAclPnTLxGX1lYWu26A9Gq9CLjjRGI5ghtSGWCu4twJi
.cddtsecure.com/	1970-01-20 18:54:45	Name: gdm_sid_v1_3_001 Value: vfPfqzyTtxO/Yka+n4K4pWHi92HT9kYexW3eAoRcHyuUP2hhn/EcWKO4AiAb+gnzTjZ5gNiBzoTKMX+EtvxD1z0CSw7WHnr1G8ZTU4SHxamxLdwVxnwjWbjplmJo1LtaPw1gWKVudC+M27qRzcnKY1+3j1VKmH7Pi5BHVZlbC83tNamAcbe+7gHL2jgNps9Kjec1ww4PmwBbg9e8AIHClXQ2joK+1EnbBQRWDChkF1nfxWwtc0znQppcrVZ9ohFdB0e1ArmyHZgdRZkuEqmOzkmSDUqCgAZoLWaekhgHYzJa7IvGx1y/g6CnWxjrDfKwUCLHO5nIaWxuHWFA1W6qpKGIEEC3M81SBLNznS+bVoIX1DUbFeR2pVmZm9jpCQyA3n+mV1cWbXhxVXk7usBhdlYrEW/eCKu7BfdlOM58lVpZcEKtbGYZuihQEjIi2M+EZ5aijgSkeAb7BfsMj2eDfAgBJQLu/59oBqV5e317o5iA+EyZ8mBWHy09WaLqgGv13eCrN09Hxho4lIC0nTW8tGWsTDwQijwcC/SDsEWqBspqfmffXfDoBzA8LbEMT2mxVWsQjcN6HqdTh5W2NjsnFQjNqLkWi/XaYURKHIG+5eaRDv3ylYh7DmpopkuLvWmthnNZFoxLrB7Q8UkOBvvEBVkwjIlNUgqzQPeBeWRIvecgzKlEwXD5Ot4pUvrbEpk1ZmEzqIRnj5wy1e8Jq9+Pyrxo85TVosCyPs1nIab2Nbf34bJMH/816TZ2ynFM2chcV6/hBVxTLPJn5vXHA/dbz5HBQFky97vJJyp27Kp5UuM62v1zmGbWgMpUeYX6gkxmUZhhTvXvlAM7tbGPzZHOy9FB5b4gjE+jpHW9z4nGqL/98nAjRAzwHDYu2CuRi7RLEqs4wdF1UWtGk4KfRaKbbvBazlzw1zj6CctJ/JusybXe4ZMDMN9O0lgM8LMTF8AQGN5LRnnYok6H733+O2XcnryJU9UdMI4I1qhyL2q9K/fHUQGP4szQcuApLAAJYIl3fn79eJTqK6ZYO1yrhEWXrsk6GxjRUdwxqTX6N5Tmh+xdBFSmgZi1+0G0GHzXWqf+0QscHirb8NtEBHfM+vxsR2fbbMJ2j3XilFdbpTkgZTFo6uq/QHZYbs9EggKOwOuO
.cddtsecure.com/	1970-01-20 18:54:45	Name: gdm_suid_v1_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/	1970-01-20 18:54:45	Name: gdm_uid_v2_1_001 Value: 6qdqMJGSsDX0N3tuHpLRe1kS4xfaZws2Ez2PBbxXAcsAxQQWODuQa3ShB1W8IO+K

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cddtsecure.com
now.thebestflowingtraff.co
twitchs-claims.com
u.cellreva.com
104.143.9.110
148.135.95.235
2a05:d018:e36:3910:4eca:3b31:3ec6:23d5
67.212.184.150
0af49e3e65552311638fb90718726435b4b8c92fc08f48a8825eb25eb23fce2b

now.thebestflowingtraff.co Open in urlscan Pro 67.212.184.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

1 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

1 IPs

2 Countries

1 kBTransfer

1 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

12 Cookies

Indicators

now.thebestflowingtraff.co Open in urlscan Pro
67.212.184.150 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

1
IPs

2
Countries

1 kB
Transfer

1 kB
Size

12
Cookies

1 HTTP transactions
0 data transactions