urlscan.io logo urlscan.io
SecurityTrails logo

news.premium-mail.info Open in urlscan Pro
2.58.55.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://news.premium-mail.info/ga/webviews/4-80734159-32-4459-4474-7636-mb647ca10b
Submission: On September 12 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 4 HTTP transactions. The main IP is 2.58.55.1, located in Germany and belongs to CEBE, DE. The main domain is news.premium-mail.info.
TLS certificate: Issued by R3 on August 6th 2022. Valid for: 3 months.
This is the only time news.premium-mail.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2.58.55.1 207732 (CEBE)
1 52.218.80.57 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.156.204.124 16509 (AMAZON-02)
4 4
Apex Domain
Subdomains		 Transfer
1 trustedshops.com
www.trustedshops.com — Cisco Umbrella Rank: 119036
11 KB
1 bannerflow.com
lottoland-lottoland.bannerflow.com — Cisco Umbrella Rank: 428427
70 KB
1 amazonaws.com
llcrm.s3.amazonaws.com — Cisco Umbrella Rank: 637472
9 KB
1 premium-mail.info
news.premium-mail.info
13 KB
4 4
Domain Requested by
1 www.trustedshops.com news.premium-mail.info
1 lottoland-lottoland.bannerflow.com news.premium-mail.info
1 llcrm.s3.amazonaws.com news.premium-mail.info
1 news.premium-mail.info
4 4

This site contains links to these domains. Also see Links.

Domain
www.lottoland.com
Subject Issuer Validity Valid
news.premium-mail.info
R3		 2022-08-06 -
2022-11-04		 3 months crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-09 -
2023-09-08		 a year crt.sh
trustedshops.com
Amazon		 2022-08-16 -
2023-09-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://news.premium-mail.info/ga/webviews/4-80734159-32-4459-4474-7636-mb647ca10b
Frame ID: 564F2AAABC126D89A0387A841E3485FE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

12 Tippfelder LOTTO 6aus49 für nur 1 Euro. Exklusives Angebot für Neukunden. Online Lotto spielen und die größten Jackpots der Welt knacken.

Page Statistics

4
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

102 kB
Transfer

101 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 4-80734159-32-4459-4474-7636-mb647ca10b
news.premium-mail.info/ga/webviews/ 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.premium-mail.info/ga/webviews/4-80734159-32-4459-4474-7636-mb647ca10b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.58.55.1 , Germany, ASN207732 (CEBE, DE),
Reverse DNS
smtp-a-1.pro-marketing-email.de
Software
Apache/2.4.52 (Unix) OpenSSL/1.1.1n PHP/7.3.33 / Phusion Passenger(R) 6.0.12
Resource Hash
75d9cf8fc685ccb1a593535a4f6d09ca33fa39aeca3a062d289a1fc1838a4cfd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Sep 2022 00:11:01 GMT
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.52 (Unix) OpenSSL/1.1.1n PHP/7.3.33
Status
200 OK
Transfer-Encoding
chunked
X-Powered-By
Phusion Passenger(R) 6.0.12
X-Rack-Cache
miss
X-Request-Id
d0b786959c2bf8112eabe01050a4bf42
X-Runtime
0.155946
X-UA-Compatible
IE=Edge,chrome=1
ll_logo_2x.png
llcrm.s3.amazonaws.com/html/Thanos/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://llcrm.s3.amazonaws.com/html/Thanos/ll_logo_2x.png
Requested by
Host: news.premium-mail.info
URL: https://news.premium-mail.info/ga/webviews/4-80734159-32-4459-4474-7636-mb647ca10b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.80.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
129cbf8d5af7d6e1a2243bb1b16b2fdeaf272c9dd6409a8f552ed285d5c87de7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.premium-mail.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 00:11:02 GMT
Last-Modified
Fri, 20 Mar 2020 15:18:15 GMT
Server
AmazonS3
x-amz-request-id
KY8YQ0WT9E8PNYCV
ETag
"8ce01c1d4633740ae52d96833694b17a"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
8509
x-amz-id-2
zEw/S7sh2hKe3vgwwykD/sSepxbkuVNskHwHgnWkrUcvwFW/+rXPVTbCvmaeoyOUoDHzs6CpVN8=
5eb93b435f987b4250be3183.OqqXGCOq95H1.jpg
lottoland-lottoland.bannerflow.com/bf-images/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lottoland-lottoland.bannerflow.com/bf-images/5eb93b435f987b4250be3183.OqqXGCOq95H1.jpg
Requested by
Host: news.premium-mail.info
URL: https://news.premium-mail.info/ga/webviews/4-80734159-32-4459-4474-7636-mb647ca10b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8980d869ce2bc184c8370c4c0ae081414e10d899198e45fb1f95f8bd1f4cb114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.premium-mail.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Sep 2022 00:11:01 GMT
cf-cache-status
HIT
content-md5
LDi8ulmqi/fsZt1MM8dGkQ==
age
297
cf-polished
origFmt=jpeg, origSize=149200
content-disposition
inline; filename="5eb93b435f987b4250be3183.webp"
content-length
71070
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Sat, 10 Sep 2022 18:04:37 GMT
server
cloudflare
etag
"0x8DA9356EC89CE90"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
2cadfc36-601e-0075-297c-c5792e000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
74946c68e9f09b7d-FRA
cf-bgj
imgq:100,h2pri
X6DA5B2DCED3217D31688A89110B23EBF.gif
www.trustedshops.com/bewertung/widget/widgets/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.trustedshops.com/bewertung/widget/widgets/X6DA5B2DCED3217D31688A89110B23EBF.gif
Requested by
Host: news.premium-mail.info
URL: https://news.premium-mail.info/ga/webviews/4-80734159-32-4459-4474-7636-mb647ca10b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.204.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-204-124.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7e3e4cae429911221aa5c58ca22c07a4024cbf145622c41ebd9a0015b3498201

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.premium-mail.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 00:11:01 GMT
last-modified
Sun, 11 Sep 2022 05:09:18 GMT
server
Apache
content-type
image/gif
cache-control
max-age=25096
accept-ranges
bytes
content-length
10919
expires
Mon, 12 Sep 2022 07:09:18 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies