prmsbw2.com Open in urlscan Pro
185.212.131.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://45674.newbhor.trade/lottery
Effective URL:
https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61...
Submission: On July 19 via api (July 19th 2020, 10:25:46 am UTC) from CH

Summary HTTP 9 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 4 countries across 4 domains to perform 9 HTTP transactions. The main IP is 185.212.131.106, located in Netherlands and belongs to INTERNET-IT, NL. The main domain is prmsbw2.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 28th 2020. Valid for: 3 months.

This is the only time prmsbw2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.122.138.8 45.122.138.8	132742 (GGL-AS-AP...) (GGL-AS-AP Guochao Group limited)
1 1	3.120.165.141 3.120.165.141	16509 (AMAZON-02) (AMAZON-02)
1	185.212.131.106 185.212.131.106	200313 (INTERNET-IT) (INTERNET-IT)
8	2606:4700:303... 2606:4700:3035::681c:f71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2

1 45.122.138.8 (Hong Kong) 1 redirects

ASN132742 (GGL-AS-AP Guochao Group limited, HK)

45674.newbhor.trade	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.165.141 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-165-141.eu-central-1.compute.amazonaws.com

cpafood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.212.131.106 (Netherlands)

ASN200313 (INTERNET-IT, NL)
PTR: hello.world

prmsbw2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3035::681c:f71 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-service.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cdn-service.com cdn-service.com	609 KB
1	prmsbw2.com prmsbw2.com	2 KB
1	cpafood.com 1 redirects cpafood.com	314 B
1	newbhor.trade 1 redirects 45674.newbhor.trade	588 B
9	4

	Domain	Requested by
8	cdn-service.com	prmsbw2.com
1	prmsbw2.com
1	cpafood.com	1 redirects
1	45674.newbhor.trade	1 redirects
9	4

This site contains links to these domains. Also see Links.

Domain
sxmjhj.best
betwinner.com

Subject Issuer	Validity	Valid
prmsbw2.com Let's Encrypt Authority X3	`2020-05-28` - `2020-08-26`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-10` - `2020-10-09`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/
Frame ID: ADF7879B26E30052A6EFBFD0693FC083
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://45674.newbhor.trade/lottery HTTP 301
https://cpafood.com/GKVXs7Y HTTP 302
https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

4
Countries

611 kB
Transfer

1163 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://sxmjhj.best/11PR?btag=d_2034m_245387c_bw_6BWZtNBhvJF6wybCDcmLTk&mid=e74edcd6-3a56-4635-9886-dbe3aa5da221&ml=&h=4YUVig8kN2xYSxOTLnYCrPiaRFM%3D&ref=&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&p=%2Fuser%2Fregistration%2F
Title: Get Bonus

Search URL Search Domain Scan URL

URL: https://betwinner.com/bonus/rules/1st/
Title: Terms and Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://45674.newbhor.trade/lottery HTTP 301
https://cpafood.com/GKVXs7Y HTTP 302
https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
prmsbw2.com/bonus-100-01/
Redirect Chain

http://45674.newbhor.trade/lottery
https://cpafood.com/GKVXs7Y
https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/

7 KB
2 KB

141ms
98ms

Document
text/html

185.212.131.106
INTERNET-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.212.131.106 , Netherlands, ASN200313 (INTERNET-IT, NL),

Reverse DNS

hello.world

Software

nginx /

Resource Hash

4d644614cf2d74bbd85d53061b5e16728baa9762f929ecd9d49067377948ad31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: prmsbw2.com
:scheme: https
:path: /bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Sun, 19 Jul 2020 10:26:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
set-cookie: land-uniq=1; Domain=landings.bwacloud.pw; Path=/; Expires=Mon, 20 Jul 2020 10:25:27 GMT; HttpOnly
etag: W/"1c42-NMcEWCFUkGCcsgDY8wzhSHX3/MQ"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains

Redirect headers

Server: nginx/1.17.1
Date: Sun, 19 Jul 2020 10:25:27 GMT
Content-Length: 0
Connection: keep-alive
Location: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/
Access-Control-Allow-Origin: *

GET
H2 200 bundle.9a56f98a1152b47a0b822b97b2ef126a.css
cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/ 9 KB
3 KB 76ms
22ms Stylesheet
text/css 2606:4700:3035::681c:f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/bundle.9a56f98a1152b47a0b822b97b2ef126a.css

Requested by

Host: prmsbw2.com
URL: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:f71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ebb5734e2f55ecd94fbf823772cffa031efdabb9f29be61416209082730dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 10:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5162013
cf-polished: origSize=14349
status: 200
vary: Accept-Encoding
cf-request-id: 0408347faa00001786071b8200000001
cf-bgj: minify
server: cloudflare
etag: W/"380d-t3hrx9QoXFszRHFHzXYF5b8XfHw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5b53bd12aefc1786-FRA
expires: Thu, 20 May 2021 16:31:54 GMT

GET
H2 200 bundle.7da5418c8036c131e9f6.js Show response
cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/ 127 KB
38 KB 80ms
26ms Script
application/javascript 2606:4700:3035::681c:f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/bundle.7da5418c8036c131e9f6.js

Requested by

Host: prmsbw2.com
URL: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:f71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36c4581980c7977560470b2fc095fad36a7c34bb50f5eb91e708a579db06c496

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 10:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2642937
cf-polished: origSize=129650
status: 200
vary: Accept-Encoding
cf-request-id: 0408347fab00001786071b9200000001
cf-bgj: minify
server: cloudflare
etag: W/"1fa72-ejXGkumgLl6xteHfwh/qTPHr7pU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5b53bd12af011786-FRA
expires: Fri, 18 Jun 2021 20:16:30 GMT

GET
H2 200 223fc8abd03a8e136754985a5b76b373.jpg
cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/ 206 KB
207 KB 21ms
21ms Image
image/jpeg 2606:4700:3035::681c:f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/223fc8abd03a8e136754985a5b76b373.jpg

Requested by

Host: prmsbw2.com
URL: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:f71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea05607e5a7675ff5f957f6e1297c173a0c82e9a941d0089b6fd053cdf1ee56

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/bundle.9a56f98a1152b47a0b822b97b2ef126a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 10:25:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 88666
status: 200
vary: Accept-Encoding
content-length: 211099
cf-request-id: 0408347fe300001786071c6200000001
server: cloudflare
etag: W/"3389b-+/l5+jpnNJ7jgeyFF59iQhvvRIA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5b53bd130fcd1786-FRA
expires: Sun, 18 Jul 2021 09:47:41 GMT

GET
H2 200 3595cc349a441e5b7b03eacfa8d41999.svg
cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/ 2 KB
1005 B 28ms
27ms Image
image/svg+xml 2606:4700:3035::681c:f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/3595cc349a441e5b7b03eacfa8d41999.svg

Requested by

Host: prmsbw2.com
URL: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:f71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a0aa730db38b93a3648d99dab5ac6838cb17a442f0b1ec915c393feb05be690

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/bundle.9a56f98a1152b47a0b822b97b2ef126a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 10:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5162013
status: 200
vary: Accept-Encoding
cf-request-id: 0408347fe400001786071c7200000001
server: cloudflare
etag: W/"6ec-BcPpKZqIa0taDgFM/X1tvkMmlN0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5b53bd130fd11786-FRA
expires: Thu, 20 May 2021 16:31:54 GMT

GET
H2 200 cbd4e701269338259ee0b39a0b768167.ttf
cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/ 165 KB
83 KB 129ms
110ms Font
font/ttf 2606:4700:3035::681c:f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/cbd4e701269338259ee0b39a0b768167.ttf

Requested by

Host: prmsbw2.com
URL: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:f71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/bundle.9a56f98a1152b47a0b822b97b2ef126a.css
Origin: https://prmsbw2.com

Response headers

date: Sun, 19 Jul 2020 10:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
cf-request-id: 0408347ff80000c2d109321200000001
server: cloudflare
etag: W/"29588-lyianXRIFk5G6osxB6JKwYB/bA4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5b53bd132f97c2d1-FRA
expires: Mon, 19 Jul 2021 10:25:27 GMT

GET
H2 200 19ba7aa52a78c3896558ac1c0a5fb4c7.ttf
cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/ 239 KB
96 KB 135ms
115ms Font
font/ttf 2606:4700:3035::681c:f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/19ba7aa52a78c3896558ac1c0a5fb4c7.ttf

Requested by

Host: prmsbw2.com
URL: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:f71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e41d252cfde874e1c4680fa68d35b66c44881b15d0b3fe31775e9e3646f1837

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/bundle.9a56f98a1152b47a0b822b97b2ef126a.css
Origin: https://prmsbw2.com

Response headers

date: Sun, 19 Jul 2020 10:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
cf-request-id: 0408347ff80000c2d109323200000001
server: cloudflare
etag: W/"3bc84-S1wn3PWd8WVgbvokcZDAv6PAL/A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5b53bd132f9cc2d1-FRA
expires: Mon, 19 Jul 2021 10:25:27 GMT

GET
H2 200 11eabca2251325cfc5589c9c6fb57b46.ttf
cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/ 167 KB
83 KB 125ms
106ms Font
font/ttf 2606:4700:3035::681c:f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/11eabca2251325cfc5589c9c6fb57b46.ttf

Requested by

Host: prmsbw2.com
URL: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:f71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/bundle.9a56f98a1152b47a0b822b97b2ef126a.css
Origin: https://prmsbw2.com

Response headers

date: Sun, 19 Jul 2020 10:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
cf-request-id: 0408347ff80000c2d109324200000001
server: cloudflare
etag: W/"29d08-CWySRbahktFAOoKEjhBKZfV4qOw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5b53bd132f9ec2d1-FRA
expires: Mon, 19 Jul 2021 10:25:27 GMT

GET
H2 200 ee6539921d713482b8ccd4d0d23961bb.ttf
cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/ 240 KB
97 KB 95ms
94ms Font
font/ttf 2606:4700:3035::681c:f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/ee6539921d713482b8ccd4d0d23961bb.ttf

Requested by

Host: prmsbw2.com
URL: https://prmsbw2.com/bonus-100-01/?id=11PR&s1=c46bebfd-4912-4665-ab8a-0f1d0abd0bae&extid=b26fbab8-01a5-403f-b0b4-2d61925ffe69&p=/user/registration/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:f71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cdn-service.com/landing/static/449d476d-d1cb-42ec-9515-4e158915bd45/bundle.9a56f98a1152b47a0b822b97b2ef126a.css
Origin: https://prmsbw2.com

Response headers

date: Sun, 19 Jul 2020 10:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
cf-request-id: 0408347ff80000c2d109322200000001
server: cloudflare
etag: W/"3bfcc-0ls1JC3rHG/4iLgWLKKqzDVtOJk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5b53bd132f98c2d1-FRA
expires: Mon, 19 Jul 2021 10:25:27 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| serverData function| setImmediate function| clearImmediate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

45674.newbhor.trade
cdn-service.com
cpafood.com
prmsbw2.com
185.212.131.106
2606:4700:3035::681c:f71
3.120.165.141
45.122.138.8
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
1ea05607e5a7675ff5f957f6e1297c173a0c82e9a941d0089b6fd053cdf1ee56
36c4581980c7977560470b2fc095fad36a7c34bb50f5eb91e708a579db06c496
4d644614cf2d74bbd85d53061b5e16728baa9762f929ecd9d49067377948ad31
6e41d252cfde874e1c4680fa68d35b66c44881b15d0b3fe31775e9e3646f1837
7a0aa730db38b93a3648d99dab5ac6838cb17a442f0b1ec915c393feb05be690
93ebb5734e2f55ecd94fbf823772cffa031efdabb9f29be61416209082730dff
d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d

prmsbw2.com Open in urlscan Pro 185.212.131.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

2 IPs

4 Countries

611 kBTransfer

1163 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

prmsbw2.com Open in urlscan Pro
185.212.131.106 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

4
Countries

611 kB
Transfer

1163 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions