urlscan.io logo urlscan.io
SecurityTrails logo

www.popbounty.com Open in urlscan Pro
2606:4700:3030::ac43:c1ca  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.popbounty.com/go/?p=34574&z=85183
Submission: On February 07 via manual from ID — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 2606:4700:3030::ac43:c1ca, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.popbounty.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 17th 2022. Valid for: a year.
This is the only time www.popbounty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.197.239 9002 (RETN-AS)
2 2
Apex Domain
Subdomains		 Transfer
2 popbounty.com
www.popbounty.com
2 KB
1 forlumineontor.com
forlumineontor.com
424 B
2 2
Domain Requested by
2 www.popbounty.com 1 redirects
1 forlumineontor.com www.popbounty.com
2 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-17 -
2023-03-17		 a year crt.sh
forlumineontor.com
R3		 2022-12-29 -
2023-03-29		 3 months crt.sh

This page contains 1 frames:

Frame: https://forlumineontor.com/afu.php?zoneid=3745485&var=POBTDL_85183_16757491380&ymid=16757491380_dl
Frame ID: F3BB8102E5B02F8D27D90E9294B09226
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.popbounty.com/go/go.php?h=3a28b86b4bc77681a326540238aff80bfcd90d63e25d87570d975462ad1f2ac6&ti=1675749138&p=34574&z=85183&t=0&u=0&subid=&j=1&fr=0&pu=1&r=&i=f592431e8d8cd3b1e12264a762917b7b HTTP 302
  • https://forlumineontor.com/afu.php?zoneid=3745485&var=POBTDL_85183_16757491380&ymid=16757491380_dl

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.popbounty.com/go/ 		827 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.popbounty.com/go/?p=34574&z=85183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c1ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
iphone 11
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7959dbd27e100c99-EWR
content-encoding
br
content-type
text/html
date
Tue, 07 Feb 2023 05:52:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRrL2p%2BV%2B6N47CrB0cIrOY%2BukNPCOUBpjnNreozBoCvHyCAXydplLivNyQxcJqwr8jt94gJ5gHuBPy7BTJRhz7VTmvyos4SOtm3ZQeETjvii%2Fzxmjr6WXKN4LfUxJbcF%2FMAIQktKWdTNdcuizh4Ktw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
afu.php
forlumineontor.com/
Redirect Chain
  • https://www.popbounty.com/go/go.php?h=3a28b86b4bc77681a326540238aff80bfcd90d63e25d87570d975462ad1f2ac6&ti=1675749138&p=34574&z=85183&t=0&u=0&subid=&j=1&fr=0&pu=1&r=&i=f592431e8d8cd3b1e12264a762917b7b
  • https://forlumineontor.com/afu.php?zoneid=3745485&var=POBTDL_85183_16757491380&ymid=16757491380_dl
0
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://forlumineontor.com/afu.php?zoneid=3745485&var=POBTDL_85183_16757491380&ymid=16757491380_dl
Requested by
Host: www.popbounty.com
URL: https://www.popbounty.com/go/?p=34574&z=85183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.popbounty.com/go/?p=34574&z=85183
Upgrade-Insecure-Requests
1
User-Agent
iphone 11
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 07 Feb 2023 05:52:19 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7959dbd4ff5e0c99-EWR
content-type
text/html
date
Tue, 07 Feb 2023 05:52:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://forlumineontor.com/afu.php?zoneid=3745485&var=POBTDL_85183_16757491380&ymid=16757491380_dl
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqNp0ydW%2FbdsHrU6qJqYw9fYutbX2OlNgZ51RBK8FxK%2B5SInPsGjAfdh17jm3BdWlq1LKvItvpuIyNRFSsSJGDBmvO9Lo95WDXXqqkc1LqmiwXkNFw6l1mT8ZY8VUe7%2Ba6YblLioiOVNtgT9h%2BNbcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

4 Cookies

Domain/Path Name / Value
www.popbounty.com/ Name: PHPSESSID
Value: f9lj3vau96prkbku6fss15le51
.popbounty.com/ Name: pbhash
Value: 3a28b86b4bc77681a326540238aff80bfcd90d63e25d87570d975462ad1f2ac6
.popbounty.com/ Name: pbclckid2
Value: 1675749138
.popbounty.com/ Name: pbhits
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

forlumineontor.com
www.popbounty.com
139.45.197.239
2606:4700:3030::ac43:c1ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855