affiliate.herosplay.bet Open in urlscan Pro
89.116.115.137 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://affiliate.herosplay.bet/
Submission: On August 13 via api (August 13th 2024, 7:59:25 pm UTC) from US — Scanned from CA

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 8 HTTP transactions. The main IP is 89.116.115.137, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is affiliate.herosplay.bet.
TLS certificate: Issued by WR1 on August 7th 2024. Valid for: 3 months.

This is the only time affiliate.herosplay.bet was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	89.116.115.137 89.116.115.137	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	34.199.195.55 34.199.195.55	14618 (AMAZON-AES) (AMAZON-AES)
1	162.247.243.39 162.247.243.39	54113 (FASTLY) (FASTLY)
2	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
8	4

4 89.116.115.137 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)

affiliate.herosplay.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.195.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-195-55.compute-1.amazonaws.com

content-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	herosplay.bet affiliate.herosplay.bet	112 KB
2	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 11782	1003 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1453	32 KB
1	content-cdn.com content-cdn.com — Cisco Umbrella Rank: 571126	183 B
8	4

	Domain	Requested by
4	affiliate.herosplay.bet	affiliate.herosplay.bet
2	bam.eu01.nr-data.net	affiliate.herosplay.bet
1	js-agent.newrelic.com	affiliate.herosplay.bet
1	content-cdn.com	affiliate.herosplay.bet
8	4

This site contains no links.

Subject Issuer	Validity	Valid
affiliate.herosplay.bet WR1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
content-cdn.com R10	`2024-06-14` - `2024-09-12`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://affiliate.herosplay.bet/
Frame ID: 5B9AEC7CB024A4F80AAD7AD75C9E808B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AFFILIATE

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

145 kB
Transfer

283 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
affiliate.herosplay.bet/ 70 KB
22 KB 499ms
153ms Document
text/html 89.116.115.137
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliate.herosplay.bet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.115.137 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d9f59559756d633b127441897506be4d11ddd6de163703d78802f44a66f558c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 22332
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Tue, 13 Aug 2024 19:59:20 GMT
etag: "11973-66b4045e-841e2ac183bd4ff;br"
last-modified: Wed, 07 Aug 2024 23:33:50 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 styles.css
affiliate.herosplay.bet/css/ 12 KB
3 KB 148ms
147ms Stylesheet
text/css 89.116.115.137
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliate.herosplay.bet/css/styles.css

Requested by

Host: affiliate.herosplay.bet
URL: https://affiliate.herosplay.bet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.115.137 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

eebc2fefe0c5f8dc4cd8b6681927219f83fdcc906467116184f841ecd8a44397

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://affiliate.herosplay.bet/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:59:20 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 07 Aug 2024 23:26:07 GMT
server: LiteSpeed
etag: "2ea7-66b4028f-491cefccec974235;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2606
expires: Tue, 20 Aug 2024 19:59:20 GMT

GET
H2 200 logo.png
affiliate.herosplay.bet/images/ 86 KB
86 KB 148ms
148ms Image
image/png 89.116.115.137
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://affiliate.herosplay.bet/images/logo.png

Requested by

Host: affiliate.herosplay.bet
URL: https://affiliate.herosplay.bet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.115.137 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

70bac426efebcfddf67bae039226497e5d8c950f319a0404529747cc939fda72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://affiliate.herosplay.bet/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:59:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 07 Aug 2024 21:58:55 GMT
server: LiteSpeed
etag: "15742-66b3ee1f-4d530465d633f742;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 87874
expires: Tue, 20 Aug 2024 19:59:20 GMT

GET
H2 200 dWdnY2Y6Ly9uc3N2eXZuZ3IudXJlYmZjeW5sLm9yZy8=.gif
content-cdn.com/1404/ 42 B
183 B 190ms
47ms Image
image/gif 34.199.195.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-cdn.com/1404/dWdnY2Y6Ly9uc3N2eXZuZ3IudXJlYmZjeW5sLm9yZy8=.gif

Requested by

Host: affiliate.herosplay.bet
URL: https://affiliate.herosplay.bet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.199.195.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-195-55.compute-1.amazonaws.com

Software

envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://affiliate.herosplay.bet/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:59:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 1
server: envoy
content-length: 42
vary: Origin
content-type: image/gif

GET
H2 200 nr-spa-1.263.0.min.js Show response
js-agent.newrelic.com/ 109 KB
32 KB 78ms
22ms Script
application/javascript 162.247.243.39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.263.0.min.js

Requested by

Host: affiliate.herosplay.bet
URL: https://affiliate.herosplay.bet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.247.243.39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a974fe46929964e7412266b8e9875d6bde9a2ea653f4575545816411ebbf1d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://affiliate.herosplay.bet/
Origin: https://affiliate.herosplay.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: oLb1otsUXa7Z.za6PGrVFedM1_vPvjuZ
content-encoding: br
via: 1.1 varnish
date: Tue, 13 Aug 2024 19:59:21 GMT
strict-transport-security: max-age=300
x-amz-request-id: 7T8Y9D0DJ47NSWJQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 31897
x-amz-id-2: h3XOGzxbTXnZpd5knaagaseUjITi7Rga6kYF2/FLf4pXGXWel33biq1KGkaJa4RvdjhNV9kPsIw=
x-served-by: cache-yyz4544-YYZ
last-modified: Thu, 25 Jul 2024 23:28:25 GMT
server: AmazonS3
etag: "251fca68c40d5bfc49721a4b1d3a8b47"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 28318

GET
H2 200 favicon.ico
affiliate.herosplay.bet/ 5 KB
1 KB 596ms
596ms Other
image/x-icon 89.116.115.137
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliate.herosplay.bet/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.115.137 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

73bd05c4dd7b03c13d4733ebc3c4778f2db80d4feeff65a9f06fbdefd88099ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://affiliate.herosplay.bet/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:59:21 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 07 Aug 2024 21:53:53 GMT
server: LiteSpeed
etag: "1536-66b3ecf1-c6ccdca054eb04b0;br"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1305
expires: Tue, 20 Aug 2024 19:59:21 GMT

POST
H/1.1 200 861aab7cb5 Show response
bam.eu01.nr-data.net/1/ 150 B
661 B 335ms
260ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/861aab7cb5?a=443934944&v=1.263.0&to=MhBSZQoZC0tRB0dfVwtacVIMEQpWHxNWVBcJGldYFlUMVlQBSw%3D%3D&rst=1309&ck=0&s=17ac857e7ae7918c&ref=https://affiliate.herosplay.bet/&ptid=46c8bb1464256f29&af=err,spa,xhr,stn,ins&ap=51&be=499&fe=655&dc=369&at=HldRE0IDGEU%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1723579160187,%22n%22:0,%22f%22:0,%22dn%22:29,%22dne%22:29,%22c%22:29,%22s%22:188,%22ce%22:347,%22rq%22:347,%22rp%22:500,%22rpe%22:659,%22di%22:860,%22ds%22:860,%22de%22:868,%22dc%22:1150,%22l%22:1150,%22le%22:1154%7D,%22navigation%22:%7B%7D%7D&fp=872&fcp=872
Requested by: Host: affiliate.herosplay.bet
URL: https://affiliate.herosplay.bet/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 5d67470d27ded28d41f7f63c02633091d1c8ddfff2a7d367205180d2ff3fd000

Request headers

Referer: https://affiliate.herosplay.bet/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:59:21 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://affiliate.herosplay.bet
access-control-expose-headers: Date
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://affiliate.herosplay.bet
Content-Length: 150
x-served-by: cache-yyz4543-YYZ

POST
H/1.1 200 861aab7cb5 Show response
bam.eu01.nr-data.net/events/1/ 24 B
342 B 232ms
232ms XHR
image/gif 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/events/1/861aab7cb5?a=443934944&v=1.263.0&to=MhBSZQoZC0tRB0dfVwtacVIMEQpWHxNWVBcJGldYFlUMVlQBSw%3D%3D&rst=1657&ck=0&s=17ac857e7ae7918c&ref=https://affiliate.herosplay.bet/&ptid=46c8bb1464256f29
Requested by: Host: affiliate.herosplay.bet
URL: https://affiliate.herosplay.bet/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://affiliate.herosplay.bet/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:59:21 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://affiliate.herosplay.bet
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-yyz4525-YYZ

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| webpackChunk:NRBA-1.263.0.PROD object| newrelic function| getCookie

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://affiliate.herosplay.bet/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliate.herosplay.bet
bam.eu01.nr-data.net
content-cdn.com
js-agent.newrelic.com
162.247.243.39
185.221.87.23
34.199.195.55
89.116.115.137
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
5d67470d27ded28d41f7f63c02633091d1c8ddfff2a7d367205180d2ff3fd000
70bac426efebcfddf67bae039226497e5d8c950f319a0404529747cc939fda72
73bd05c4dd7b03c13d4733ebc3c4778f2db80d4feeff65a9f06fbdefd88099ae
a974fe46929964e7412266b8e9875d6bde9a2ea653f4575545816411ebbf1d3c
d9f59559756d633b127441897506be4d11ddd6de163703d78802f44a66f558c3
eebc2fefe0c5f8dc4cd8b6681927219f83fdcc906467116184f841ecd8a44397
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

affiliate.herosplay.bet Open in urlscan Pro 89.116.115.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

145 kBTransfer

283 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

affiliate.herosplay.bet Open in urlscan Pro
89.116.115.137 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

145 kB
Transfer

283 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions