urlscan.io logo urlscan.io
SecurityTrails logo

promo1club.com Open in urlscan Pro
2606:4700:3036::681b:8b9e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://promo1club.com/
Effective URL: https://promo1club.com/
Submission: On November 13 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3036::681b:8b9e, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo1club.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2020. Valid for: a year.
This is the only time promo1club.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
11 45.61.139.178 40676 (AS40676)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
24 5
Domain Requested by
11 digitalinvest.news promo1club.com
digitalinvest.news
6 fonts.gstatic.com fonts.googleapis.com
2 promo1club.com 1 redirects
1 fonts.googleapis.com promo1club.com
24 4

This site contains links to these domains. Also see Links.

Domain
digitalinvest.news
themeforest.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-22 -
2021-07-22		 a year crt.sh
www.digitalinvest.news
Let's Encrypt Authority X3		 2020-10-05 -
2021-01-03		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://promo1club.com/
Frame ID: CD09CFAFA02F3B9443F74D10BDC9BD6F
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://promo1club.com/ HTTP 301
    https://promo1club.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

79 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

326 kB
Transfer

1783 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://promo1club.com/ HTTP 301
    https://promo1club.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
promo1club.com/
Redirect Chain
  • http://promo1club.com/
  • https://promo1club.com/
294 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo1club.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:8b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
919fc4e32bb21a879a9391bb9ca39f494f4b810e9d38bbc3b77c13b53d76c4ed

Request headers

:method
GET
:authority
promo1club.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 01:52:50 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d8f842aa597df87aab5108b5a3096e91b1605232368; expires=Sun, 13-Dec-20 01:52:48 GMT; path=/; domain=.promo1club.com; HttpOnly; SameSite=Lax; Secure
link
<https://digitalinvest.news/index.php?rest_route=/>; rel="https://api.w.org/" <https://digitalinvest.news/index.php?rest_route=/wp/v2/pages/548>; rel="alternate"; type="application/json" <https://digitalinvest.news/>; rel=shortlink
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0660e731fd0000bf00cb8ad000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Oqk2aySy4P%2FxWb8U9%2Fck%2FKzoT1ow7L4V1lFAjmJj2DwIIQf8Au55XnfkBv6z44aJP%2Bl6om%2B8E791F3dxn5NSNXQQpT4%2BvOcunFzNC%2BYzTgXd6QKrsbuUPR4YpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f14dafccb99bf00-FRA
content-encoding
br

Redirect headers

Date
Fri, 13 Nov 2020 01:52:48 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 13 Nov 2020 02:52:48 GMT
Location
https://promo1club.com/
cf-request-id
0660e731d60000dfdb91340000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P0eKKkI4DdKlrBPRpg6b%2BCfH0Ii6B9fHyHAVLFp3O6R7n4W87JKSkF8myQ17QslJBc15UBwnUuxbA7gjkvjH85c%2BVUGst4ciNePuOCGbF6QhjtOzV6MVfG6Ybg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5f14dafc8f74dfdb-FRA
style.min.css
digitalinvest.news/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digitalinvest.news/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.139.178 Cheyenne, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 01:52:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 18:00:38 GMT
Server
Apache/2.4.38 (Debian)
ETag
"d293-5addfb6b23d80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7907
style.css
digitalinvest.news/wp-content/plugins/td-composer/td-multi-purpose/ 		68 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digitalinvest.news/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=a658a28d2ec596dae36323688c6c3eb8
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.139.178 Cheyenne, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
72b4bc698d80481f8afd66930489c95d85e50f7a28a540483e485b82cc718f54

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 01:52:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Nov 2020 13:40:27 GMT
Server
Apache/2.4.38 (Debian)
ETag
"10e72-5b3e90dfffa1a-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9128
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb6541c5d1285f137866c3c6bec72d5f9b9b9b85d9a2290d97e284198f76a5a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Nov 2020 01:52:50 GMT
server
ESF
date
Fri, 13 Nov 2020 01:52:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Nov 2020 01:52:50 GMT
style.css
digitalinvest.news/wp-content/themes/Newspaper/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digitalinvest.news/wp-content/themes/Newspaper/style.css?ver=10.3.7
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.139.178 Cheyenne, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
13523c5e994e1fb1f64885b7eda4757ae4b411a0eb051d0b04b702246146e560

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 01:52:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Oct 2020 11:50:56 GMT
Server
Apache/2.4.38 (Debian)
ETag
"26150-5b1b442c52800-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
26072
td_legacy_main.css
digitalinvest.news/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		243 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digitalinvest.news/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=a658a28d2ec596dae36323688c6c3eb8
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.139.178 Cheyenne, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
a2084a8fa521cd4b3a47663c807ea609d5b9ebe8d50e50e74d34a43210937c34

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 01:52:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Nov 2020 13:40:26 GMT
Server
Apache/2.4.38 (Debian)
ETag
"3cd77-5b3e90df1c168-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
34097
td_standard_pack_main.css
digitalinvest.news/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 		621 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digitalinvest.news/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=403b2dc7f9eb8aa26884edcb2afa1fce
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.139.178 Cheyenne, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
86ab4c2b16af92602679b9ddf7aaf92e0d9ddc5111b8d869690474a7c453aefd

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 01:52:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Nov 2020 13:40:56 GMT
Server
Apache/2.4.38 (Debian)
ETag
"9b2fc-5b3e90fc51c57-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
51675
tdb_less_front.css
digitalinvest.news/wp-content/plugins/td-cloud-library/assets/css/ 		106 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digitalinvest.news/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=53f7b7675c3127e69efacf5620821cc8
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.139.178 Cheyenne, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
da339c22328444c7d161437a5ef830dfe671fbf9ffcc8de33af22269baf44d5f

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 01:52:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Nov 2020 13:40:37 GMT
Server
Apache/2.4.38 (Debian)
ETag
"1a91e-5b3e90e9b313e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
13393
jquery.js
digitalinvest.news/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digitalinvest.news/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.139.178 Cheyenne, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 01:52:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 May 2019 04:25:54 GMT
Server
Apache/2.4.38 (Debian)
ETag
"17a69-5890dc7401880-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
33776
wp-emoji-release.min.js
digitalinvest.news/wp-includes/js/ 		0
0
np10blue-white-retina.png
digitalinvest.news/wp-content/uploads/2020/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalinvest.news/wp-content/uploads/2020/11/np10blue-white-retina.png
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.139.178 Cheyenne, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
ce556b1ca65bf3835b47a54eda72698bf68c74e2d923083e564e3622273d6830

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 01:52:50 GMT
Last-Modified
Thu, 12 Nov 2020 14:19:22 GMT
Server
Apache/2.4.38 (Debian)
ETag
"2a24-5b3e999362bf0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
10788
np10blue.png
digitalinvest.news/wp-content/uploads/2020/11/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalinvest.news/wp-content/uploads/2020/11/np10blue.png
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.139.178 Cheyenne, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
54725262774c9182a23a9f830a26c2aa2aab71b0a4610054c3a1e3b5d5f969fd

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 01:52:50 GMT
Last-Modified
Thu, 12 Nov 2020 14:19:22 GMT
Server
Apache/2.4.38 (Debian)
ETag
"11ed-5b3e99931886b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4589
newspaper-rec728.jpg
digitalinvest.news/wp-content/uploads/2020/11/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalinvest.news/wp-content/uploads/2020/11/newspaper-rec728.jpg
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.139.178 Cheyenne, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
5434111368de51f72e18610aae2cc12714e055fb40d06b958f91921343b26409

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 01:52:50 GMT
Last-Modified
Thu, 12 Nov 2020 14:19:26 GMT
Server
Apache/2.4.38 (Debian)
ETag
"37da-5b3e9996d97b5"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14298
mobile-bg.jpg
digitalinvest.news/wp-content/uploads/2020/11/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalinvest.news/wp-content/uploads/2020/11/mobile-bg.jpg
Requested by
Host: promo1club.com
URL: https://promo1club.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.139.178 Cheyenne, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a

Request headers

Referer
https://promo1club.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 01:52:50 GMT
Last-Modified
Thu, 12 Nov 2020 14:19:23 GMT
Server
Apache/2.4.38 (Debian)
ETag
"ab47-5b3e99939e515"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
43847
newspaper.woff
digitalinvest.news/wp-content/themes/Newspaper/images/icons/ 		0
0
newspaper-icons.woff
digitalinvest.news/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 		0
0
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo1club.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 11:20:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
570735
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Sat, 06 Nov 2021 11:20:35 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo1club.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 11:20:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
397935
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Mon, 08 Nov 2021 11:20:35 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo1club.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 20:01:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
539501
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Sat, 06 Nov 2021 20:01:09 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo1club.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 11:20:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
397933
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Mon, 08 Nov 2021 11:20:37 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo1club.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 11:20:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
397933
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Mon, 08 Nov 2021 11:20:37 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo1club.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=10.3.7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 11:20:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
397935
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Mon, 08 Nov 2021 11:20:35 GMT
newspaper.ttf
digitalinvest.news/wp-content/themes/Newspaper/images/icons/ 		0
0
newspaper-icons.ttf
digitalinvest.news/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
digitalinvest.news
URL
http://digitalinvest.news/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Domain
digitalinvest.news
URL
https://digitalinvest.news/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Domain
digitalinvest.news
URL
https://digitalinvest.news/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Domain
digitalinvest.news
URL
https://digitalinvest.news/wp-content/themes/Newspaper/images/icons/newspaper.ttf?19
Domain
digitalinvest.news
URL
https://digitalinvest.news/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.ttf?1

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| _wpemojiSettings undefined| $ function| jQuery object| tdb_globals object| tdwGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tds_general_modal_image string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target string| tdb_login_sing_in_shortcode object| block_tdi_58_fdf object| block_tdi_64_1fb object| block_tdi_65_1f5 object| block_tdi_69_da5 object| block_tdi_81_15f object| block_tdi_87_5ff object| block_tdi_88_d61 object| block_tdi_92_6f7

1 Cookies

Domain/Path Name / Value
.promo1club.com/ Name: __cfduid
Value: d8f842aa597df87aab5108b5a3096e91b1605232368

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

digitalinvest.news
fonts.googleapis.com
fonts.gstatic.com
promo1club.com
digitalinvest.news
2606:4700:3036::681b:8b9e
2a00:1450:4001:81c::2003
2a00:1450:4001:820::200a
45.61.139.178
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
13523c5e994e1fb1f64885b7eda4757ae4b411a0eb051d0b04b702246146e560
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
5434111368de51f72e18610aae2cc12714e055fb40d06b958f91921343b26409
54725262774c9182a23a9f830a26c2aa2aab71b0a4610054c3a1e3b5d5f969fd
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
72b4bc698d80481f8afd66930489c95d85e50f7a28a540483e485b82cc718f54
86ab4c2b16af92602679b9ddf7aaf92e0d9ddc5111b8d869690474a7c453aefd
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
919fc4e32bb21a879a9391bb9ca39f494f4b810e9d38bbc3b77c13b53d76c4ed
a2084a8fa521cd4b3a47663c807ea609d5b9ebe8d50e50e74d34a43210937c34
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a
ce556b1ca65bf3835b47a54eda72698bf68c74e2d923083e564e3622273d6830
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
da339c22328444c7d161437a5ef830dfe671fbf9ffcc8de33af22269baf44d5f
fb6541c5d1285f137866c3c6bec72d5f9b9b9b85d9a2290d97e284198f76a5a3