urlscan.io logo urlscan.io
SecurityTrails logo

www.promosultan2.com Open in urlscan Pro
2606:4700:30::681b:a9fa  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/30pH94X
Effective URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Submission: On November 13 via manual from TR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2606:4700:30::681b:a9fa, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.promosultan2.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 24th 2019. Valid for: a year.
This is the only time www.promosultan2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 1 104.18.229.31 13335 (CLOUDFLAR...)
14 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
19 3
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD - Google LLC, US)
PTR: bit.ly
bit.ly
1    104.18.229.31 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
record.sultanbetaffiliates.com
14    2606:4700:30::681b:a9fa (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.promosultan2.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
4    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
14 www.promosultan2.com www.promosultan2.com
4 fonts.gstatic.com www.promosultan2.com
1 fonts.googleapis.com www.promosultan2.com
1 record.sultanbetaffiliates.com 1 redirects
1 bit.ly 1 redirects
19 5

This site contains links to these domains. Also see Links.

Domain
sulaffpromo.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-24 -
2020-10-09		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Frame ID: 160494E8F56ADAF283F91DC845D17FA7
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bit.ly/30pH94X HTTP 301
    https://record.sultanbetaffiliates.com/_aMOt-RH8u6PC2gTt_hQjAWNd7ZgqdRLk/5034/ HTTP 301
    https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

19
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

739 kB
Transfer

854 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/30pH94X HTTP 301
    https://record.sultanbetaffiliates.com/_aMOt-RH8u6PC2gTt_hQjAWNd7ZgqdRLk/5034/ HTTP 301
    https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.promosultan2.com/sports/
Redirect Chain
  • http://bit.ly/30pH94X
  • https://record.sultanbetaffiliates.com/_aMOt-RH8u6PC2gTt_hQjAWNd7ZgqdRLk/5034/
  • https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd020395fea721e72421851f63869a4f9941a6c07bc0435da31783733dd0e943

Request headers

:method
GET
:authority
www.promosultan2.com
:scheme
https
:path
/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 13 Nov 2019 19:42:21 GMT
content-type
text/html
set-cookie
__cfduid=dd16f071947225f7efb91df5dc031a7031573674141; expires=Thu, 12-Nov-20 19:42:21 GMT; path=/; domain=.promosultan2.com; HttpOnly
last-modified
Fri, 11 Oct 2019 14:12:46 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53533a778f4fcbb0-VIE
content-encoding
br

Redirect headers

status
301
date
Wed, 13 Nov 2019 19:42:21 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dcd7b6d6503ca67b391c4509b946512941573674141; expires=Thu, 12-Nov-20 19:42:21 GMT; path=/; domain=.record.sultanbetaffiliates.com; HttpOnly; Secure VID1=Jy0jKFgsMzhRLmBgYApgCg%3D%3D; expires=Fri, 13-Nov-2020 19:42:21 GMT; Max-Age=31622400; path=/; HttpOnly ZBan=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk; expires=Fri, 13-Nov-2020 19:42:21 GMT; Max-Age=31622400; path=/; domain=.sultanbetaffiliates.com
cache-control
private, no-cache, must-revalidate
expires
Sat, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
x-powered-by
ZBan
location
https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
cf-cache-status
BYPASS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
53533a768957c26d-FRA
css
fonts.googleapis.com/ 		11 KB
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0608865557e23bd2646c919730a845885b1dd65c27f6d55381f881364866538c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Nov 2019 19:42:21 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 13 Nov 2019 19:42:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 13 Nov 2019 19:42:21 GMT
SultanEUAffiliatesStyle.css
www.promosultan2.com/ 		48 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.promosultan2.com/SultanEUAffiliatesStyle.css?x=3
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d99bda04803f3d830899080276556527610a05aa36f8b20ef3b1e77744313515

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Oct 2019 12:59:16 GMT
server
cloudflare
age
5384
etag
W/"5daefd24-c1bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
private, max-age=14400
cf-ray
53533a786a13cbb0-VIE
Sports.png
www.promosultan2.com/images/sport/ 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosultan2.com/images/sport/Sports.png
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bbdd398d57db60271f098f6a74b6b5fe88d2a1b66d95e0f728aa4328451cf5f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 14:27:10 GMT
server
cloudflare
age
5384
etag
"5d8b793e-2bf0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
private, max-age=14400
accept-ranges
bytes
cf-ray
53533a786a1acbb0-VIE
content-length
179978
jquery-3.4.1.min.js
www.promosultan2.com/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.promosultan2.com/js/jquery-3.4.1.min.js
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Origin
https://www.promosultan2.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Sep 2019 06:50:40 GMT
server
cloudflare
age
1129
etag
W/"5d8c5fc0-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private, max-age=14400
cf-ray
53533a786a15cbb0-VIE
token.js
www.promosultan2.com/js/ 		2 KB
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.promosultan2.com/js/token.js
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
113ef94c2dd84e231c7a04d3113963a51b0c139e458813007aad86d3a3d8ad15

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 14:26:43 GMT
server
cloudflare
age
1129
etag
W/"5d8b7923-61c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private, max-age=14400
cf-ray
53533a786a17cbb0-VIE
logo.svg
www.promosultan2.com/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosultan2.com/images/logo.svg
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09f7a3e445b466f47c7c8be23d9f66dbd90b26fd5fc8e840451e9d393aab605

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/SultanEUAffiliatesStyle.css?x=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 14:26:56 GMT
server
cloudflare
age
5384
etag
W/"5d8b7930-c4d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
private, max-age=14400
cf-ray
53533a78ab0fcbb0-VIE
l-ine-g.svg
www.promosultan2.com/images/sport/ 		1 KB
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosultan2.com/images/sport/l-ine-g.svg
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4068d0227d383e4dee50cbc6f072817b12fc8700c2e5cbdb97e8062f431ed5d5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/SultanEUAffiliatesStyle.css?x=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 14:27:11 GMT
server
cloudflare
age
5384
etag
W/"5d8b793f-520"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
private, max-age=14400
cf-ray
53533a78ab14cbb0-VIE
line-w.svg
www.promosultan2.com/images/sport/ 		1 KB
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosultan2.com/images/sport/line-w.svg
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe488a974de6cfe170b0d1bf125e6991327d610353ceeda646bc2069b02431ba

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/SultanEUAffiliatesStyle.css?x=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 14:27:09 GMT
server
cloudflare
age
5384
etag
W/"5d8b793d-4ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
private, max-age=14400
cf-ray
53533a78ab16cbb0-VIE
-e-555.png
www.promosultan2.com/images/sport/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosultan2.com/images/sport/-e-555.png
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e616561e199555cf3313dc3fa47cd639ff8dd2de921980bb76cb1fce03e6079a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/SultanEUAffiliatesStyle.css?x=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 14:27:11 GMT
server
cloudflare
age
5384
etag
"5d8b793f-40b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
private, max-age=14400
accept-ranges
bytes
cf-ray
53533a78bb19cbb0-VIE
content-length
16562
-e-100.png
www.promosultan2.com/images/sport/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosultan2.com/images/sport/-e-100.png
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5772c000a3b987832d231f0fbd988dd86f4ece05fb4655494a5d70faba8d8f5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/SultanEUAffiliatesStyle.css?x=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 14:27:09 GMT
server
cloudflare
age
5384
etag
"5d8b793d-476d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
private, max-age=14400
accept-ranges
bytes
cf-ray
53533a78bb1bcbb0-VIE
content-length
18285
-e-Spor.png
www.promosultan2.com/images/sport/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosultan2.com/images/sport/-e-Spor.png
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d541ba471482022891115a64b2192e555c57b078d53822cbe93fbe177aa58a2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/SultanEUAffiliatesStyle.css?x=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 14:27:10 GMT
server
cloudflare
age
5384
etag
"5d8b793e-3a04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
private, max-age=14400
accept-ranges
bytes
cf-ray
53533a78bb1dcbb0-VIE
content-length
14852
-e-bonusu.png
www.promosultan2.com/images/sport/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosultan2.com/images/sport/-e-bonusu.png
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa8e679a9b80b33a7aef444998e8a76dde6bbd10220c739333d43c2c19563f45

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/SultanEUAffiliatesStyle.css?x=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 14:27:09 GMT
server
cloudflare
age
5384
etag
"5d8b793d-4452"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
private, max-age=14400
accept-ranges
bytes
cf-ray
53533a78bb1ecbb0-VIE
content-length
17490
player.png
www.promosultan2.com/images/sport/ 		313 KB
313 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosultan2.com/images/sport/player.png
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1693635029d5dd4e05dca09089795916c1f718ef554d4c004d92bb3b02b56e9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/SultanEUAffiliatesStyle.css?x=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 14:27:14 GMT
server
cloudflare
age
5384
etag
"5d8b7942-4e3ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
private, max-age=14400
accept-ranges
bytes
cf-ray
53533a78bb20cbb0-VIE
content-length
320494
pathern.png
www.promosultan2.com/images/sport/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosultan2.com/images/sport/pathern.png
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a9fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9604d532114afc31989f8d1537c7dd107c1464a85e4be905f8e1bca694722299

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.promosultan2.com/SultanEUAffiliatesStyle.css?x=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 19:42:21 GMT
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 14:27:09 GMT
server
cloudflare
age
5384
etag
"5d8b793d-195fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
private, max-age=14400
accept-ranges
bytes
cf-ray
53533a78bb21cbb0-VIE
content-length
103931
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Origin
https://www.promosultan2.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 18:43:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1126748
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11016
x-xss-protection
0
expires
Fri, 30 Oct 2020 18:43:13 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Origin
https://www.promosultan2.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 30 Oct 2019 14:33:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
1228107
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11056
x-xss-protection
0
expires
Thu, 29 Oct 2020 14:33:54 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Origin
https://www.promosultan2.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 17:54:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
1388868
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11020
x-xss-protection
0
expires
Tue, 27 Oct 2020 17:54:33 GMT
KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
Requested by
Host: www.promosultan2.com
URL: https://www.promosultan2.com/sports/?token=Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Origin
https://www.promosultan2.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 21:41:49 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
1029632
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7924
x-xss-protection
0
expires
Sat, 31 Oct 2020 21:41:49 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
www.promosultan2.com/ Name: SULTAN
Value: Eo9ezCH56ZsGvW-JB3hZTmNd7ZgqdRLk
.promosultan2.com/ Name: __cfduid
Value: dd16f071947225f7efb91df5dc031a7031573674141

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
fonts.googleapis.com
fonts.gstatic.com
record.sultanbetaffiliates.com
www.promosultan2.com
104.18.229.31
2606:4700:30::681b:a9fa
2a00:1450:4001:821::2003
2a00:1450:4001:824::200a
67.199.248.11
0608865557e23bd2646c919730a845885b1dd65c27f6d55381f881364866538c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
113ef94c2dd84e231c7a04d3113963a51b0c139e458813007aad86d3a3d8ad15
3bbdd398d57db60271f098f6a74b6b5fe88d2a1b66d95e0f728aa4328451cf5f
4068d0227d383e4dee50cbc6f072817b12fc8700c2e5cbdb97e8062f431ed5d5
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6d541ba471482022891115a64b2192e555c57b078d53822cbe93fbe177aa58a2
9604d532114afc31989f8d1537c7dd107c1464a85e4be905f8e1bca694722299
aa8e679a9b80b33a7aef444998e8a76dde6bbd10220c739333d43c2c19563f45
cd020395fea721e72421851f63869a4f9941a6c07bc0435da31783733dd0e943
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
d5772c000a3b987832d231f0fbd988dd86f4ece05fb4655494a5d70faba8d8f5
d99bda04803f3d830899080276556527610a05aa36f8b20ef3b1e77744313515
e09f7a3e445b466f47c7c8be23d9f66dbd90b26fd5fc8e840451e9d393aab605
e616561e199555cf3313dc3fa47cd639ff8dd2de921980bb76cb1fce03e6079a
f1693635029d5dd4e05dca09089795916c1f718ef554d4c004d92bb3b02b56e9
fe488a974de6cfe170b0d1bf125e6991327d610353ceeda646bc2069b02431ba