mbr.bestoflena.com Open in urlscan Pro
185.52.189.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lenanitroclub.com/
Effective URL:
https://mbr.bestoflena.com/warning
Submission Tags: phishingrod
Submission: On January 24 via api (January 24th 2023, 11:21:38 pm UTC) from DE — Scanned from DE

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 185.52.189.103, located in Austria and belongs to XIDRAS, AT. The main domain is mbr.bestoflena.com.
TLS certificate: Issued by R3 on January 16th 2023. Valid for: 3 months.

This is the only time mbr.bestoflena.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	185.52.189.239 185.52.189.239	42557 (XIDRAS) (XIDRAS)
1 18	185.52.189.103 185.52.189.103	42557 (XIDRAS) (XIDRAS)
1	193.239.248.248 193.239.248.248	42557 (XIDRAS) (XIDRAS)
18	2

2 185.52.189.239 (Austria) 2 redirects

ASN42557 (XIDRAS, AT)

lenanitroclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bestoflena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.52.189.103 (Austria) 1 redirects

ASN42557 (XIDRAS, AT)
PTR: smb-03.xidrasservice.com

mbr.bestoflena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.248.248 (Austria)

ASN42557 (XIDRAS, AT)
PTR: www.digitalpayment.net

secure.digitalpayment.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	bestoflena.com 2 redirects bestoflena.com mbr.bestoflena.com	273 KB
1	digitalpayment.net secure.digitalpayment.net	473 B
1	lenanitroclub.com 1 redirects lenanitroclub.com	181 B
18	3

	Domain	Requested by
18	mbr.bestoflena.com	1 redirects mbr.bestoflena.com
1	secure.digitalpayment.net
1	bestoflena.com	1 redirects
1	lenanitroclub.com	1 redirects
18	4

This site contains links to these domains. Also see Links.

Domain
www.disney.com

Subject Issuer	Validity	Valid
bestoflena.com R3	`2023-01-16` - `2023-04-16`	3 months	crt.sh
digitalpayment.net DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mbr.bestoflena.com/warning
Frame ID: 1A6F0D9C21EC9F5D5B2F612312F5AA2A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Warnung | Best of Lena

Page URL History Show full URLs

https://lenanitroclub.com/ HTTP 301
https://bestoflena.com/ HTTP 302
https://mbr.bestoflena.com/ HTTP 302
https://mbr.bestoflena.com/warning Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

273 kB
Transfer

495 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.disney.com/
Title: Nein

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lenanitroclub.com/ HTTP 301
https://bestoflena.com/ HTTP 302
https://mbr.bestoflena.com/ HTTP 302
https://mbr.bestoflena.com/warning Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request warning Show response
mbr.bestoflena.com/
Redirect Chain

https://lenanitroclub.com/
https://bestoflena.com/
https://mbr.bestoflena.com/
https://mbr.bestoflena.com/warning

15 KB
4 KB

24ms
23ms

Document
text/html

185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to

Full URL

https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

760b5b9338e338c80102f84c7ebaf0370cdf9f1846ff2167722c625164f1a7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=5
content-encoding: gzip
content-language: de
content-length: 4060
content-type: text/html; charset=utf-8
date: Tue, 24 Jan 2023 23:21:32 GMT
etag: HAEyM+DA1KoAXqvaeHuve6xVEhU=
expires: Tue, 24 Jan 2023 23:26:46 GMT
last-modified: Tue, 24 Jan 2023 22:26:46 GMT
request-id: 144bb1e6-81d2-49f7-88f0-66fca62365f2
server: nginx/1.17.10
strict-transport-security: max-age=15724800; includeSubDomains

Redirect headers

date: Tue, 24 Jan 2023 23:21:32 GMT
location: /warning
request-id: f0c607bd-90b0-4a01-8a3d-8bfd04ab9e0e
server: nginx/1.17.10
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 main.css
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/css/ 144 KB
28 KB 39ms
37ms Stylesheet
text/css 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/css/main.css

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

d70fdda7b4d9426b2d2dd8457c85ce79bf013f710743f19c7c65dfe92e706202

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 22:21:35 GMT
server: nginx/1.17.10
etag: SW4D3gFErCIqYPAIdTK9VnPqRug=
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: must-revalidate, max-age=3600
request-id: 7362a578-7f9e-4fb4-9728-6b61f43cfb53
content-length: 28465
expires: Tue, 24 Jan 2023 23:21:35 GMT

GET
H2 200 lg_1.jpg
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/thumbs/ 49 KB
49 KB 21ms
20ms Image
image/jpeg 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/thumbs/lg_1.jpg

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

d40c306a12442d1fa11127555eae83120ce9118ed9744e3a3955cc4f1fd7e77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 22:21:35 GMT
server: nginx/1.17.10
etag: JxDMDErvIqtUf2Q1Z5C+l7AcaT0=
content-type: image/jpeg
cache-control: must-revalidate, max-age=3600
request-id: fbfe88fa-d6f8-4664-9832-672f01e1d2a7
content-length: 50109
expires: Tue, 24 Jan 2023 23:21:35 GMT

GET
H2 200 md_1.jpg
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/thumbs/ 22 KB
22 KB 21ms
20ms Image
image/jpeg 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/thumbs/md_1.jpg

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

4eba555aeb122d543de932d50349e4ed8f6a5e008d40866283a9cee6da76dae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 22:21:36 GMT
server: nginx/1.17.10
etag: hJKvnLnpN0XTe4g7k8PnClfGqgc=
content-type: image/jpeg
cache-control: must-revalidate, max-age=3600
request-id: 838695c8-178a-4271-af6f-481fe2a1ed8e
content-length: 22044
expires: Tue, 24 Jan 2023 23:21:36 GMT

GET
H2 200 md_2.jpg
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/thumbs/ 14 KB
14 KB 55ms
55ms Image
image/jpeg 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/thumbs/md_2.jpg

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

85845d5418232c306049eb0e9b6302557ac2e771abc1c00ca0e9228b1fe08fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 23:21:32 GMT
server: nginx/1.17.10
etag: MmWBcAmA3qT9LRa1tJ/Lhxy7URk=
content-type: image/jpeg
cache-control: must-revalidate, max-age=3600
request-id: 0f93fa17-c059-4e94-8dff-8c501ae2e738
content-length: 13940
expires: Wed, 25 Jan 2023 00:21:32 GMT

GET
H2 200 md_3.jpg
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/thumbs/ 22 KB
22 KB 33ms
32ms Image
image/jpeg 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/thumbs/md_3.jpg

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

f64a6262a2bbec4b37cdd06a21e9789ce87e590b4a4ad2b20fe2386ed92ca37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 23:21:32 GMT
server: nginx/1.17.10
etag: 9ElZvYIxPyjrXX25a5irtVUhRUM=
content-type: image/jpeg
cache-control: must-revalidate, max-age=3600
request-id: 6c4c1666-565a-46ad-9219-65143c0a5031
content-length: 22377
expires: Wed, 25 Jan 2023 00:21:32 GMT

GET
H2 200 md_4.jpg
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/thumbs/ 16 KB
17 KB 32ms
31ms Image
image/jpeg 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/thumbs/md_4.jpg

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

5d251af04e4bee3de84632d2f628a3033c21c9cc7c7164c0036bee9c78e25103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 23:21:32 GMT
server: nginx/1.17.10
etag: /Pnjf6nac+xIUVh0m0V/gggqGX0=
content-type: image/jpeg
cache-control: must-revalidate, max-age=3600
request-id: d2cfaf6d-030e-43db-b62f-1f9c0acf0dce
content-length: 16816
expires: Wed, 25 Jan 2023 00:21:32 GMT

GET
H2 200 lib.js Show response
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/js/ 118 KB
39 KB 22ms
21ms Script
application/javascript 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/js/lib.js

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

85f682e765724179e4e38f05c5da25686f68f6b90918559bd58f714978ed4802

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 22:21:36 GMT
server: nginx/1.17.10
etag: VbSlhXYVD7ex57VC3vQJ3tdwtxw=
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: must-revalidate, max-age=3600
request-id: 2cf4fec4-3f3c-4a6f-841d-dc9612eb1282
content-length: 39894
expires: Tue, 24 Jan 2023 23:21:36 GMT

GET
H2 200 main.js Show response
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/js/ 8 KB
3 KB 20ms
20ms Script
application/javascript 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/js/main.js

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

17385fb4394e064f014c3f5e17fa9d08b24a48c3761a987b56613766cd6dceb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 22:21:36 GMT
server: nginx/1.17.10
etag: 1VSgqpk9vZLDFiJZhm0y40NEEhw=
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: must-revalidate, max-age=3600
request-id: 81b08e2c-ae3e-4c3d-9db4-21d8a2a72b53
content-length: 2935
expires: Tue, 24 Jan 2023 23:21:36 GMT

GET
H2 200 bg_body.png
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/ 1 KB
2 KB 24ms
24ms Image
image/png 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/img/bg_body.png

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/css/main.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

26842903903b49782f44a4f3e17cbb232993c20da6d2890400c7ddaa7ca7270c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 22:21:37 GMT
server: nginx/1.17.10
etag: rG+8xqRW++9pBbzeRe3EFXGuBmE=
content-type: image/png
cache-control: must-revalidate, max-age=3600
request-id: e73c70cc-d7f0-461b-a5fa-259a471a49ec
content-length: 1279
expires: Tue, 24 Jan 2023 23:21:37 GMT

GET
H2 200 main.png
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/sprites/ 4 KB
5 KB 25ms
24ms Image
image/png 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/sprites/main.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

63a0eb1c35aa21c3ba93b6542ed150baa2692d252b4dfe0cd71394e4bc8c9b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 22:21:37 GMT
server: nginx/1.17.10
etag: UDkTZkalS98nrLimCNNO7mkPOcY=
content-type: image/png
cache-control: must-revalidate, max-age=3600
request-id: 2ec5bc62-242d-4b25-8d40-c1639a8f994a
content-length: 4394
expires: Tue, 24 Jan 2023 23:21:37 GMT

GET
H2 200 fontawesome-webfont.woff2
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/misc/bower_components/font-awesome/fonts/ 55 KB
56 KB 24ms
24ms Font
font/woff2 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/misc/bower_components/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/css/main.css
Origin: https://mbr.bestoflena.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 22:26:48 GMT
server: nginx/1.17.10
etag: EHUjFlD1eZVZBbsvZScUio4rSxY=
content-type: font/woff2
cache-control: must-revalidate, max-age=3600
request-id: dd38aedc-fb64-4e0b-9034-c06fd29b044e
content-length: 56792
expires: Tue, 24 Jan 2023 23:26:48 GMT

GET
H2 200 productmeta.js Show response
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/js/ 3 KB
1 KB 20ms
20ms Script
application/javascript 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/js/productmeta.js

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

6ec634865d150038a78895045f3e6c8e424ff1941e2ca8133d0329cd7b59dfc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 22:21:37 GMT
server: nginx/1.17.10
etag: avglDHHpzJEGhidV7lJjWxLF1dE=
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: must-revalidate, max-age=3600
request-id: 0ac7df54-0e25-4d3d-aa73-400e85a45b97
content-length: 1105
expires: Tue, 24 Jan 2023 23:21:37 GMT

GET
H2 200 cookieconsent.js Show response
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/js/ 11 KB
4 KB 24ms
24ms Script
application/javascript 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/js/cookieconsent.js

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

6db6427616bea940d8c3fb6ce335e7bf199efcfb62487442cabde8df51f6c9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 22:21:37 GMT
server: nginx/1.17.10
etag: HElivo2NAHMA6YhjVywLzvJ+R3Q=
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: must-revalidate, max-age=3600
request-id: 2aa0a02d-8a81-4548-a5a0-3205a6787c97
content-length: 3751
expires: Tue, 24 Jan 2023 23:21:37 GMT

GET
H2 200 pinxtalytics.js Show response
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/js/ 9 KB
4 KB 19ms
19ms Script
application/javascript 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/js/pinxtalytics.js

Requested by

Host: mbr.bestoflena.com
URL: https://mbr.bestoflena.com/warning

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

8e8e41f693575174030c4f5ac87902e7d10a79b5f9cc34a10b1f49dcabf4ba6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 24 Jan 2023 22:21:37 GMT
server: nginx/1.17.10
etag: PuJfPdZOVH2RHr1/HFX2GNEFmeQ=
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: must-revalidate, max-age=3600
request-id: 1652f27a-5dbd-4b84-8ed3-487189130fa5
content-length: 3532
expires: Tue, 24 Jan 2023 23:21:37 GMT

GET
H2 200 meta Show response
mbr.bestoflena.com/ 321 B
556 B 21ms
21ms XHR
application/json 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to

Full URL

https://mbr.bestoflena.com/meta

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

f91c4e2f97c4c90488fb8c7a19a6e2041ff03e4b0732bc48940be56a13fb47cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 23:21:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: nginx/1.17.10
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
request-id: 89f49706-0034-4840-ab8e-3b1c1dab283c
content-length: 321
expires: 0

GET
H2 200 cookieconsent.css
mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/css/ 3 KB
1 KB 47ms
47ms Stylesheet
text/css 185.52.189.103
XIDRAS

General

Check archive.org

Show headers Download Go to

Full URL

https://mbr.bestoflena.com/assets/3cd0f6150fcaffce07c7b152838153298aa01aa965cfea8cc881c64ea5bca87b91678c51963508bf77d862a6c727a4e35c47ffd896d08bf58b988e782d37612a/css/cookieconsent.css?transition=300

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.52.189.103 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

smb-03.xidrasservice.com

Software

nginx/1.17.10 /

Resource Hash

ac1558908cf34c14d3417ec7c70531f2d60a5ea624ee97d200637518eb7ffdc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/warning
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:21:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 23:21:32 GMT
server: nginx/1.17.10
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: must-revalidate, max-age=3600
request-id: d823527b-7a05-4567-8c06-75a2dc8b083f
expires: Wed, 25 Jan 2023 00:21:32 GMT

GET
H/1.1 200
OK pixel
secure.digitalpayment.net/ 43 B
473 B 227ms
22ms Image
text/plain 193.239.248.248
XIDRAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.digitalpayment.net/pixel

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.239.248.248 , Austria, ASN42557 (XIDRAS, AT),

Reverse DNS

www.digitalpayment.net

Software

dp-express /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbr.bestoflena.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
Date: Tue, 24 Jan 2023 23:21:33 GMT
x-content-type-options: nosniff
Server: dp-express
cacheControl: must-revalidate, max-age=600
contentType: image/gif
Request-Id: 6835e58d-d350-444b-9684-81e0efa12ea8
contentLength: 43
Content-Length: 43
x-xss-protection: 1

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mbr.bestoflena.com/	1969-12-31 23:59:59	Name: lenanitroclub Value: 7411611a-5058-4972-b9c7-c583a40b21cd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bestoflena.com
lenanitroclub.com
mbr.bestoflena.com
secure.digitalpayment.net
185.52.189.103
185.52.189.239
193.239.248.248
17385fb4394e064f014c3f5e17fa9d08b24a48c3761a987b56613766cd6dceb4
26842903903b49782f44a4f3e17cbb232993c20da6d2890400c7ddaa7ca7270c
4eba555aeb122d543de932d50349e4ed8f6a5e008d40866283a9cee6da76dae6
5d251af04e4bee3de84632d2f628a3033c21c9cc7c7164c0036bee9c78e25103
63a0eb1c35aa21c3ba93b6542ed150baa2692d252b4dfe0cd71394e4bc8c9b9d
6db6427616bea940d8c3fb6ce335e7bf199efcfb62487442cabde8df51f6c9f6
6ec634865d150038a78895045f3e6c8e424ff1941e2ca8133d0329cd7b59dfc5
760b5b9338e338c80102f84c7ebaf0370cdf9f1846ff2167722c625164f1a7e3
85845d5418232c306049eb0e9b6302557ac2e771abc1c00ca0e9228b1fe08fe9
85f682e765724179e4e38f05c5da25686f68f6b90918559bd58f714978ed4802
8e8e41f693575174030c4f5ac87902e7d10a79b5f9cc34a10b1f49dcabf4ba6f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac1558908cf34c14d3417ec7c70531f2d60a5ea624ee97d200637518eb7ffdc5
d40c306a12442d1fa11127555eae83120ce9118ed9744e3a3955cc4f1fd7e77f
d70fdda7b4d9426b2d2dd8457c85ce79bf013f710743f19c7c65dfe92e706202
f64a6262a2bbec4b37cdd06a21e9789ce87e590b4a4ad2b20fe2386ed92ca37e
f91c4e2f97c4c90488fb8c7a19a6e2041ff03e4b0732bc48940be56a13fb47cb

mbr.bestoflena.com Open in urlscan Pro 185.52.189.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

2 IPs

1 Countries

273 kBTransfer

495 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

mbr.bestoflena.com Open in urlscan Pro
185.52.189.103 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

273 kB
Transfer

495 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions