promotreasure.com - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 5 HTTP transactions. The main IP is 172.67.215.180, located in United States and belongs to CLOUDFLARENET, US. The main domain is promotreasure.com.

This is the only time promotreasure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.250.204.14 142.250.204.14	15169 (GOOGLE) (GOOGLE)
1 1	142.250.204.4 142.250.204.4	15169 (GOOGLE) (GOOGLE)
1 1	135.148.101.182 135.148.101.182	16276 (OVH) (OVH)
1 1	199.119.202.55 199.119.202.55	40676 (AS40676) (AS40676)
1	172.67.215.180 172.67.215.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.4.108 104.21.4.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.158.224.59 192.158.224.59	397423 (TIER-NET) (TIER-NET)
5	4

1 142.250.204.14 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.4 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.148.101.182 (United States) 1 redirects

ASN16276 (OVH, FR)
PTR: ip182.ip-135-148-101.us

ip182.ip-135-148-101.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.119.202.55 (Los Angeles, United States) 1 redirects

ASN40676 (AS40676, US)
PTR: unassigned.psychz.net

www.bqiurr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.215.180 (United States)

ASN13335 (CLOUDFLARENET, US)

promotreasure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.4.108 (None, )

ASN13335 (CLOUDFLARENET, US)

www.ipqscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.158.224.59 (Charlotte, United States)

ASN397423 (TIER-NET, US)
PTR: intimeclick.com

fn.us.ipqscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ipqscdn.com www.ipqscdn.com — Cisco Umbrella Rank: 68065 fn.us.ipqscdn.com — Cisco Umbrella Rank: 68083	69 KB
2	google.com 2 redirects google.com — Cisco Umbrella Rank: 1 www.google.com — Cisco Umbrella Rank: 6	2 KB
1	promotreasure.com promotreasure.com	1 KB
1	bqiurr.com 1 redirects www.bqiurr.com	608 B
1	ip-135-148-101.us 1 redirects ip182.ip-135-148-101.us	365 B
0	Failed function sub() { [native code] }. Failed
5	6

	Domain	Requested by
2	fn.us.ipqscdn.com	promotreasure.com
1	www.ipqscdn.com	promotreasure.com
1	promotreasure.com
1	www.bqiurr.com	1 redirects
1	ip182.ip-135-148-101.us	1 redirects
1	www.google.com	1 redirects
1	google.com	1 redirects
0	127.0.0.1 Failed	promotreasure.com
5	8

This site contains no links.

Subject Issuer	Validity	Valid
ipqscdn.com GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
fn.us.ipqscdn.com R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh

This page contains 1 frames:

Frame: http://127.0.0.1/
Frame ID: 827DD8EFE567B3C6DEE0B7FA1A0508A1
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://google.com/amp/ip182.ip-135-148-101.us/UXdhMkhJSUs0Nm94dGhleHFlTFp4QTVnSWtUc2c0OXNCMTYz... HTTP 301
https://www.google.com/amp/ip182.ip-135-148-101.us/UXdhMkhJSUs0Nm94dGhleHFlTFp4QTVnSWtUc2c0OXNCMTYz... HTTP 302
http://ip182.ip-135-148-101.us/UXdhMkhJSUs0Nm94dGhleHFlTFp4QTVnSWtUc2c0OXNCMTYzOEdRa3FTQm1FVGpzRTRHaFRkRG5H... HTTP 302
https://www.bqiurr.com/2FQQ5WDW1/HJX16BQ/?sub1=105&sub2=39991_2&sub3=0_0_13035_5227664_md HTTP 302
http://promotreasure.com/aff_c?offer_id=437&aff_id=1189&aff_sub=ttuppack&aff_sub2=fb22040c0a0f4d7eaf6... Page URL

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

4
IPs

2
Countries

70 kB
Transfer

140 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://google.com/amp/ip182.ip-135-148-101.us/UXdhMkhJSUs0Nm94dGhleHFlTFp4QTVnSWtUc2c0OXNCMTYzOEdRa3FTQm1FVGpzRTRHaFRkRG5HeEhrQ0pFQWp4QkFDTGZQMDRpNUFodUZ1ME4wTkE9PQ__ HTTP 301
https://www.google.com/amp/ip182.ip-135-148-101.us/UXdhMkhJSUs0Nm94dGhleHFlTFp4QTVnSWtUc2c0OXNCMTYzOEdRa3FTQm1FVGpzRTRHaFRkRG5HeEhrQ0pFQWp4QkFDTGZQMDRpNUFodUZ1ME4wTkE9PQ__ HTTP 302
http://ip182.ip-135-148-101.us/UXdhMkhJSUs0Nm94dGhleHFlTFp4QTVnSWtUc2c0OXNCMTYzOEdRa3FTQm1FVGpzRTRHaFRkRG5HeEhrQ0pFQWp4QkFDTGZQMDRpNUFodUZ1ME4wTkE9PQ__ HTTP 302
https://www.bqiurr.com/2FQQ5WDW1/HJX16BQ/?sub1=105&sub2=39991_2&sub3=0_0_13035_5227664_md HTTP 302
http://promotreasure.com/aff_c?offer_id=437&aff_id=1189&aff_sub=ttuppack&aff_sub2=fb22040c0a0f4d7eaf65ab0d9503a00f&aff_sub3=704172&aff_sub4=105 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://promotreasure.com/aff_c?offer_id=437&aff_id=1189&aff_sub=ttuppack&aff_sub2=fb22040c0a0f4d7eaf65ab0d9503a00f&aff_sub3=704172&aff_sub4=105&tsrc=JwzzrZ1FaO|c2311e3ebb40d2233999698a7ff18dee3451da05712bf09922cbfaa2f9fb9671|100 HTTP 302
http://127.0.0.1/

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request aff_c Show response promotreasure.com/ Redirect Chain https://google.com/amp/ip182.ip-135-148-101.us/UXdhMkhJSUs0Nm94dGhleHFlTFp4QTVnSWtUc2c0OXNCMTYzOEdRa3FTQm1FVGpzRTRHaFRkRG5HeEhrQ0pFQWp4QkFDTGZQMDRpNUFodUZ1ME4wTkE9PQ__ https://www.google.com/amp/ip182.ip-135-148-101.us/UXdhMkhJSUs0Nm94dGhleHFlTFp4QTVnSWtUc2c0OXNCMTYzOEdRa3FTQm1FVGpzRTRHaFRkRG5HeEhrQ0pFQWp4QkFDTGZQMDRpNUFodUZ1ME4wTkE9PQ__ http://ip182.ip-135-148-101.us/UXdhMkhJSUs0Nm94dGhleHFlTFp4QTVnSWtUc2c0OXNCMTYzOEdRa3FTQm1FVGpzRTRHaFRkRG5HeEhrQ0pFQWp4QkFDTGZQMDRpNUFodUZ1ME4wTkE9PQ__ https://www.bqiurr.com/2FQQ5WDW1/HJX16BQ/?sub1=105&sub2=39991_2&sub3=0_0_13035_5227664_md http://promotreasure.com/aff_c?offer_id=437&aff_id=1189&aff_sub=ttuppack&aff_sub2=fb22040c0a0f4d7eaf65ab0d9503a00f&aff_sub3=704172&aff_sub4=105	1 KB 1 KB	928ms 778ms	Document text/html	172.67.215.180 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://promotreasure.com/aff_c?offer_id=437&aff_id=1189&aff_sub=ttuppack&aff_sub2=fb22040c0a0f4d7eaf65ab0d9503a00f&aff_sub3=704172&aff_sub4=105 Protocol HTTP/1.1 Server 172.67.215.180 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `51df605198fbd21f68ede088e51f68f97aed1e937fc21385c82ef8ca100011bf` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 84073129be25a7f0-SYD Connection keep-alive Content-Encoding gzip Content-Type text/html Date Thu, 04 Jan 2024 23:16:56 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aGyfrXbOYtasZ57AAUIUsRpEqZO%2F22CUS1JmHIYeVdvMph%2FW2x6GUsS4ISXrfdKkTJOEgeI4dwDKncXI5C8D11jcjV7d1oKzk4duZNjvjRGki96QnKT6kr0cQ07Z%2B1I3zPlfQ%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400 Redirect headers Accept-Ch Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model Connection keep-alive Content-Length 186 Content-Type text/html; charset=utf-8 Date Thu, 04 Jan 2024 23:16:55 GMT Location http://promotreasure.com/aff_c?offer_id=437&aff_id=1189&aff_sub=ttuppack&aff_sub2=fb22040c0a0f4d7eaf65ab0d9503a00f&aff_sub3=704172&aff_sub4=105 Server nginx/1.18.0 (Ubuntu) Vary Origin X-Eflow-Request-Id bebd12be-7bcd-484f-b846-880557474768
GET H2	200	learn.js Show response www.ipqscdn.com/api/*/iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmntorP...	138 KB 68 KB	34ms 19ms	Script application/javascript	104.21.4.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqscdn.com/api//iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmntorPiAKQ7wXitUZfARTr7jQGA0tJPo5CnlfkYpfY6NMdsoQxLTRzYRqOMbEFn0tkqtIFAnMPPFeX3nhSH9U5C/learn.js Requested by* Host: promotreasure.com URL: http://promotreasure.com/aff_c?offer_id=437&aff_id=1189&aff_sub=ttuppack&aff_sub2=fb22040c0a0f4d7eaf65ab0d9503a00f&aff_sub3=704172&aff_sub4=105 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.4.108 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d6f3d7d5baf59ad92ef44b928736ff67d7ae9071bfc3e83b26f7dcd712c4ba50` Request headers Referer http://promotreasure.com/ Origin http://promotreasure.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Thu, 04 Jan 2024 23:16:56 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 82459 alt-svc h3=":443"; ma=86400 pragma cache last-modified Thu, 04 Jan 2024 00:22:37 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8ZGcG5Rhk6hL7FLgx7%2FLzngP2G4Zka2YdTBy4ZXFN0VgSI%2BwHQjF9cZBC%2BzrdQRYvuBSWWh9is9%2Fcw3fPw%2Fw3iO%2BsSncqG8z6Du3kigBz8Tg0HwEIxDQot60cwqRFr7L3U%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-robots-tag noindex cf-ray 8407312edf645d31-SYD expires Thu, 04 Jan 2024 19:22:37 GMT
GET H/1.1	200 OK	udid.json Show response fn.us.ipqscdn.com/udid/	28 B 306 B	631ms 208ms	XHR application/json	192.158.224.59 TIER-NET
General Check archive.org Show headers Download Go to Full URL https://fn.us.ipqscdn.com/udid/udid.json Requested by Host: promotreasure.com URL: http://promotreasure.com/aff_c?offer_id=437&aff_id=1189&aff_sub=ttuppack&aff_sub2=fb22040c0a0f4d7eaf65ab0d9503a00f&aff_sub3=704172&aff_sub4=105 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US), Reverse DNS intimeclick.com Software / Resource Hash `5e4b398e99d23b5ff2682104a9658d911051ffd3243afa2dbd576d3231af0ffa` Request headers accept-language en-AU,en;q=0.9 Referer http://promotreasure.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Thu, 04 Jan 2024 23:16:57 GMT Last-Modified Thu, 04 Jan 2024 23:16:57 GMT Content-Type application/json Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection close Content-Length 28 Expires Sat, 04 Jan 2025 23:16:57 GMT
POST H/1.1	200 OK	fetch fn.us.ipqscdn.com/api/*/iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmnto...	1 KB 1 KB	1201ms 483ms	XHR application/json	192.158.224.59 TIER-NET
General Check archive.org Show headers Download Go to Full URL https://fn.us.ipqscdn.com/api//iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmntorPiAKQ7wXitUZfARTr7jQGA0tJPo5CnlfkYpfY6NMdsoQxLTRzYRqOMbEFn0tkqtIFAnMPPFeX3nhSH9U5C/learn/fetch Requested by* Host: promotreasure.com URL: http://promotreasure.com/aff_c?offer_id=437&aff_id=1189&aff_sub=ttuppack&aff_sub2=fb22040c0a0f4d7eaf65ab0d9503a00f&aff_sub3=704172&aff_sub4=105 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US), Reverse DNS intimeclick.com Software nginx / Resource Hash Request headers Referer http://promotreasure.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Access-Control-Allow-Origin * Date Thu, 04 Jan 2024 23:17:00 GMT Server nginx Connection close X-Robots-Tag noindex Transfer-Encoding chunked Content-Type application/json; charset=UTF-8
GET		/ 127.0.0.1/ Redirect Chain https://promotreasure.com/aff_c?offer_id=437&aff_id=1189&aff_sub=ttuppack&aff_sub2=fb22040c0a0f4d7eaf65ab0d9503a00f&aff_sub3=704172&aff_sub4=105&tsrc=JwzzrZ1FaO\|c2311e3ebb40d2233999698a7ff18dee3451... http://127.0.0.1/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 127.0.0.1
URL: http://127.0.0.1/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 18:10:02	Name: 1P_JAR Value: 2024-01-04-23
.google.com/	1970-01-20 21:50:21	Name: NID Value: 511=S8oFyP71r55p5Ri7jH7bP4oD2KJWsJwkJY4UgK5GD8cGMAjiaDTLOu3i9bnZwwLuoMkHfqWDitlqNcvrOJOsNjUzbTMFsgSMkU8fpMnychRICy0Ha_PAAps73B3L-a9vE0o_44IwBC79718aXXRowXukHZ78lOofsbXpFHfoQo4
www.bqiurr.com/	1970-01-20 18:10:02	Name: uniqueClick_HJX16BQ Value: d87c16ac-214a-4669-a8b7-e9bd9d91e2ae:1704410215
promotreasure.com/	1970-01-21 02:12:26	Name: ipqsd Value: 270086689488120900
.promotreasure.com/	1970-01-21 03:02:50	Name: device_id_1704410220 Value: JwzzrZ1FaO-1704410220
promotreasure.com/	1970-01-20 17:28:16	Name: fe9ecf68-6582-48ba-8fd6-8415647123fe-v4 Value: aCHrBvz2es4irPTIhAqKCnMHi3yTQkMgm8o84q_dtG4
promotreasure.com/	1970-01-21 02:12:26	Name: cc-v4 Value: cYvtf%2Brhj7xKgVVGjCj2V%2F0APZOwjdRYw20ys%2BbnpqyBGHe9rpuZ4wqjDjckrZ22qyMW73Em%2B30vFtNdETUmG58t7%2BtMcY49U97jwLC5gfjOTL4ga0kZzsq8nfmSn4tw24slWzDckELvbNNj0Veh9A%3D%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

127.0.0.1
fn.us.ipqscdn.com
google.com
ip182.ip-135-148-101.us
promotreasure.com
www.bqiurr.com
www.google.com
www.ipqscdn.com
127.0.0.1
104.21.4.108
135.148.101.182
142.250.204.14
142.250.204.4
172.67.215.180
192.158.224.59
199.119.202.55
51df605198fbd21f68ede088e51f68f97aed1e937fc21385c82ef8ca100011bf
5e4b398e99d23b5ff2682104a9658d911051ffd3243afa2dbd576d3231af0ffa
d6f3d7d5baf59ad92ef44b928736ff67d7ae9071bfc3e83b26f7dcd712c4ba50

promotreasure.com Open in urlscan Pro 172.67.215.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

5 Requests

60 %HTTPS

0 %IPv6

6 Domains

8 Subdomains

4 IPs

2 Countries

70 kBTransfer

140 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

7 Cookies

2 Console Messages

Indicators

promotreasure.com Open in urlscan Pro
172.67.215.180 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

4
IPs

2
Countries

70 kB
Transfer

140 kB
Size

7
Cookies

5 HTTP transactions
0 data transactions