dealspecial.click Open in urlscan Pro
2600:9000:2449:1400:10:159a:b580:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lecteurstreaming.site/
Effective URL:
https://dealspecial.click/redirect?target=BASE64aHR0cHM6Ly9nby5ydGhibmRqa29kc2xkLmZ1bi8_dXRtX21lZGl1bT00YWRhYTg4NTA4NmNmMz...
Submission: On May 20 via manual (May 20th 2024, 9:25:13 am UTC) from FR — Scanned from NL

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 7 HTTP transactions. The main IP is 2600:9000:2449:1400:10:159a:b580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is dealspecial.click.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 8th 2024. Valid for: a year.

This is the only time dealspecial.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.28.77.104 52.28.77.104	16509 (AMAZON-02) (AMAZON-02)
1 1	143.198.167.92 143.198.167.92	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	2600:9000:261... 2600:9000:2611:be00:a:3c4c:1f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:244... 2600:9000:2449:1400:10:159a:b580:93a1	16509 (AMAZON-02) (AMAZON-02)
7	4

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

lecteurstreaming.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.77.104 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-77-104.eu-central-1.compute.amazonaws.com

kirujh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.167.92 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 901815.cloudwaysapps.com

newsweepsland.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2611:be00:a:3c4c:1f00:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

987623ghrkfodv80c.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2449:1400:10:159a:b580:93a1 (United States)

ASN16509 (AMAZON-02, US)

dealspecial.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	987623ghrkfodv80c.click 1 redirects 987623ghrkfodv80c.click	3 KB
2	lecteurstreaming.site lecteurstreaming.site	1 KB
1	dealspecial.click dealspecial.click	921 B
1	newsweepsland.shop 1 redirects newsweepsland.shop	700 B
1	kirujh.com 1 redirects kirujh.com	769 B
0	rthbndjkodsld.fun Failed go.rthbndjkodsld.fun Failed
7	6

	Domain	Requested by
2	987623ghrkfodv80c.click	1 redirects
2	lecteurstreaming.site
1	dealspecial.click	987623ghrkfodv80c.click
1	newsweepsland.shop	1 redirects
1	kirujh.com	1 redirects
0	go.rthbndjkodsld.fun Failed	dealspecial.click
7	6

This site contains no links.

Subject Issuer	Validity	Valid
lecteurstreaming.site GTS CA 1P5	`2024-05-16` - `2024-08-14`	3 months	crt.sh
987623ghrkfodv80c.click Amazon RSA 2048 M03	`2024-04-08` - `2025-05-07`	a year	crt.sh
dealspecial.click Amazon RSA 2048 M02	`2024-04-08` - `2025-05-07`	a year	crt.sh

This page contains 1 frames:

Frame: https://go.rthbndjkodsld.fun/?utm_medium=4adaa885086cf34d990659205ffd5b9cac7b35e4&utm_campaign=May6&cid=wpv71damf5lcn1e13tpgvgju
Frame ID: 7D6C219DCF5F757933097A8D684165F9
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

go.rthbndjkodsld.fun

Page URL History Show full URLs

https://lecteurstreaming.site/ Page URL
https://kirujh.com/pl?o=e6987d5bd10174d94449739fc434c059:19ac8947beaade0155050b19c00c6ba7 HTTP 302
https://newsweepsland.shop/kwdcjkdu/12345676/index.php?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5... HTTP 302
https://987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d?v1=150632&v3=PRODUCT_NAME&cid=82d10680-... HTTP 307
https://987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d/2?v1=150632&v3=PRODUCT_NAME&cid=82d1068... Page URL
https://dealspecial.click/redirect?target=BASE64aHR0cHM6Ly9nby5ydGhibmRqa29kc2xkLmZ1bi8_dXRtX21lZGl1bT... Page URL

Page Statistics

7
Requests

57 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

241 kB
Transfer

247 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lecteurstreaming.site/ Page URL
https://kirujh.com/pl?o=e6987d5bd10174d94449739fc434c059:19ac8947beaade0155050b19c00c6ba7 HTTP 302
https://newsweepsland.shop/kwdcjkdu/12345676/index.php?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db5-b39b-869a6732e80d&ap=2&src=150632&payload=d5521f4ae99e0a5f52e3a0a2f143527e:3ac0bcdf6371479c863b41a8b7bf2921ce93eff3d3c770b238d79963a187fc25c2ba1c16130bbf393ba405fee42af6b4f0166e3001f0ca80ffa6f90ff2837500bdfeb554bcb46f0eb927e5b14fb635354f2637201a11d91c8744c1aed401794bbca0c474e1493e3dc66cec3158caca43318e5ce6bffa0240fca509f3a3990a230dce307c7ea1fbb91b8798a566e2c6a5d1d8cb4b42c49b0c483b7434bc779ce8eebc28fc98b0097477ccc673d18f2d0baaf8caf163d6de8cfc9c9ba0cba5984110945f6c74129d4b9a47b3203e644031992d7d267d7bbe16f90ce5f81b88ad2ad7c68b633cf5d5d582bcc47ae4391a166ba192a3074a5d7f12b2a0a42d77d4df4148308aa1409b2849a7e1066a958710eaccb25ca1292197f5fa61e264324ed2&hash=d11a08e9e2005b13c8ce05e097334a29 HTTP 302
https://987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db5-b39b-869a6732e80d&ap=2&src=150632&payload=d5521f4ae99e0a5f52e3a0a2f143527e:3ac0bcdf6371479c863b41a8b7bf2921ce93eff3d3c770b238d79963a187fc25c2ba1c16130bbf393ba405fee42af6b4f0166e3001f0ca80ffa6f90ff2837500bdfeb554bcb46f0eb927e5b14fb635354f2637201a11d91c8744c1aed401794bbca0c474e1493e3dc66cec3158caca43318e5ce6bffa0240fca509f3a3990a230dce307c7ea1fbb91b8798a566e2c6a5d1d8cb4b42c49b0c483b7434bc779ce8eebc28fc98b0097477ccc673d18f2d0baaf8caf163d6de8cfc9c9ba0cba5984110945f6c74129d4b9a47b3203e644031992d7d267d7bbe16f90ce5f81b88ad2ad7c68b633cf5d5d582bcc47ae4391a166ba192a3074a5d7f12b2a0a42d77d4df4148308aa1409b2849a7e1066a958710eaccb25ca1292197f5fa61e264324ed2&hash=d11a08e9e2005b13c8ce05e097334a29 HTTP 307
https://987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d/2?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db5-b39b-869a6732e80d&ap=2&src=150632&payload=d5521f4ae99e0a5f52e3a0a2f143527e:3ac0bcdf6371479c863b41a8b7bf2921ce93eff3d3c770b238d79963a187fc25c2ba1c16130bbf393ba405fee42af6b4f0166e3001f0ca80ffa6f90ff2837500bdfeb554bcb46f0eb927e5b14fb635354f2637201a11d91c8744c1aed401794bbca0c474e1493e3dc66cec3158caca43318e5ce6bffa0240fca509f3a3990a230dce307c7ea1fbb91b8798a566e2c6a5d1d8cb4b42c49b0c483b7434bc779ce8eebc28fc98b0097477ccc673d18f2d0baaf8caf163d6de8cfc9c9ba0cba5984110945f6c74129d4b9a47b3203e644031992d7d267d7bbe16f90ce5f81b88ad2ad7c68b633cf5d5d582bcc47ae4391a166ba192a3074a5d7f12b2a0a42d77d4df4148308aa1409b2849a7e1066a958710eaccb25ca1292197f5fa61e264324ed2&hash=d11a08e9e2005b13c8ce05e097334a29 Page URL
https://dealspecial.click/redirect?target=BASE64aHR0cHM6Ly9nby5ydGhibmRqa29kc2xkLmZ1bi8_dXRtX21lZGl1bT00YWRhYTg4NTA4NmNmMzRkOTkwNjU5MjA1ZmZkNWI5Y2FjN2IzNWU0JnV0bV9jYW1wYWlnbj1NYXk2JmNpZD13cHY3MWRhbWY1bGNuMWUxM3RwZ3ZnanU&ts=1716197108422&hash=d10Nt9HLGOYs68G_Foz7TrI7Hz9IXZplk5eii16NUjE&rm=DJ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://kirujh.com/pl?o=e6987d5bd10174d94449739fc434c059:19ac8947beaade0155050b19c00c6ba7 HTTP 302
https://newsweepsland.shop/kwdcjkdu/12345676/index.php?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db5-b39b-869a6732e80d&ap=2&src=150632&payload=d5521f4ae99e0a5f52e3a0a2f143527e:3ac0bcdf6371479c863b41a8b7bf2921ce93eff3d3c770b238d79963a187fc25c2ba1c16130bbf393ba405fee42af6b4f0166e3001f0ca80ffa6f90ff2837500bdfeb554bcb46f0eb927e5b14fb635354f2637201a11d91c8744c1aed401794bbca0c474e1493e3dc66cec3158caca43318e5ce6bffa0240fca509f3a3990a230dce307c7ea1fbb91b8798a566e2c6a5d1d8cb4b42c49b0c483b7434bc779ce8eebc28fc98b0097477ccc673d18f2d0baaf8caf163d6de8cfc9c9ba0cba5984110945f6c74129d4b9a47b3203e644031992d7d267d7bbe16f90ce5f81b88ad2ad7c68b633cf5d5d582bcc47ae4391a166ba192a3074a5d7f12b2a0a42d77d4df4148308aa1409b2849a7e1066a958710eaccb25ca1292197f5fa61e264324ed2&hash=d11a08e9e2005b13c8ce05e097334a29 HTTP 302
https://987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db5-b39b-869a6732e80d&ap=2&src=150632&payload=d5521f4ae99e0a5f52e3a0a2f143527e:3ac0bcdf6371479c863b41a8b7bf2921ce93eff3d3c770b238d79963a187fc25c2ba1c16130bbf393ba405fee42af6b4f0166e3001f0ca80ffa6f90ff2837500bdfeb554bcb46f0eb927e5b14fb635354f2637201a11d91c8744c1aed401794bbca0c474e1493e3dc66cec3158caca43318e5ce6bffa0240fca509f3a3990a230dce307c7ea1fbb91b8798a566e2c6a5d1d8cb4b42c49b0c483b7434bc779ce8eebc28fc98b0097477ccc673d18f2d0baaf8caf163d6de8cfc9c9ba0cba5984110945f6c74129d4b9a47b3203e644031992d7d267d7bbe16f90ce5f81b88ad2ad7c68b633cf5d5d582bcc47ae4391a166ba192a3074a5d7f12b2a0a42d77d4df4148308aa1409b2849a7e1066a958710eaccb25ca1292197f5fa61e264324ed2&hash=d11a08e9e2005b13c8ce05e097334a29 HTTP 307
https://987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d/2?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db5-b39b-869a6732e80d&ap=2&src=150632&payload=d5521f4ae99e0a5f52e3a0a2f143527e:3ac0bcdf6371479c863b41a8b7bf2921ce93eff3d3c770b238d79963a187fc25c2ba1c16130bbf393ba405fee42af6b4f0166e3001f0ca80ffa6f90ff2837500bdfeb554bcb46f0eb927e5b14fb635354f2637201a11d91c8744c1aed401794bbca0c474e1493e3dc66cec3158caca43318e5ce6bffa0240fca509f3a3990a230dce307c7ea1fbb91b8798a566e2c6a5d1d8cb4b42c49b0c483b7434bc779ce8eebc28fc98b0097477ccc673d18f2d0baaf8caf163d6de8cfc9c9ba0cba5984110945f6c74129d4b9a47b3203e644031992d7d267d7bbe16f90ce5f81b88ad2ad7c68b633cf5d5d582bcc47ae4391a166ba192a3074a5d7f12b2a0a42d77d4df4148308aa1409b2849a7e1066a958710eaccb25ca1292197f5fa61e264324ed2&hash=d11a08e9e2005b13c8ce05e097334a29

7 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response lecteurstreaming.site/	226 B 623 B	98ms 44ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lecteurstreaming.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `4c681d65f2377fbcc16c357f70e2467019dbac11cbb09ddba1e297090a00f1c3` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 886b470cca726703-AMS content-encoding br content-type text/html; charset=UTF-8 date Mon, 20 May 2024 09:25:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUFpPQxy7Y0X16rlrskpKES%2BY7daoYJJrTv2frdX6k6n5z1Kf1fGrbAEDjOoim4Gxlb06y9xQFwJrr6jd%2F6zuE%2FbyeiZZeZ9qikWlb2V5wPWjUwwTFn9hZpM%2B3cKeyR1zjrACRJOcMtsbIV7kKCYQQUR3%2F0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34
GET H2	200	2 987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d/ Redirect Chain https://kirujh.com/pl?o=e6987d5bd10174d94449739fc434c059:19ac8947beaade0155050b19c00c6ba7 https://newsweepsland.shop/kwdcjkdu/12345676/index.php?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db5-b39b-869a6732e... https://987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db5-... https://987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d/2?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db...	928 B 2 KB	57ms 57ms	Document text/html	2600:9000:2611:be00:a:3c4c:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d/2?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db5-b39b-869a6732e80d&ap=2&src=150632&payload=d5521f4ae99e0a5f52e3a0a2f143527e:3ac0bcdf6371479c863b41a8b7bf2921ce93eff3d3c770b238d79963a187fc25c2ba1c16130bbf393ba405fee42af6b4f0166e3001f0ca80ffa6f90ff2837500bdfeb554bcb46f0eb927e5b14fb635354f2637201a11d91c8744c1aed401794bbca0c474e1493e3dc66cec3158caca43318e5ce6bffa0240fca509f3a3990a230dce307c7ea1fbb91b8798a566e2c6a5d1d8cb4b42c49b0c483b7434bc779ce8eebc28fc98b0097477ccc673d18f2d0baaf8caf163d6de8cfc9c9ba0cba5984110945f6c74129d4b9a47b3203e644031992d7d267d7bbe16f90ce5f81b88ad2ad7c68b633cf5d5d582bcc47ae4391a166ba192a3074a5d7f12b2a0a42d77d4df4148308aa1409b2849a7e1066a958710eaccb25ca1292197f5fa61e264324ed2&hash=d11a08e9e2005b13c8ce05e097334a29 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2611:be00:a:3c4c:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://lecteurstreaming.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, pre-check=0, post-check=0 content-type text/html;charset=UTF-8 date Mon, 20 May 2024 09:25:08 GMT expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server nginx via 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront) x-amz-cf-id dxK1dPOnd-VxDpUmvQGjXSj60ibHrtDxAEbOQsUH_wiyOjBufit_PA== x-amz-cf-pop VIE50-P2 x-cache Miss from cloudfront Redirect headers accept-ch sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-full-version-list,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform cache-control no-store, no-cache, pre-check=0, post-check=0 content-length 0 date Mon, 20 May 2024 09:25:08 GMT expires Thu, 01 Jan 1970 00:00:00 GMT location https://987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d/2?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db5-b39b-869a6732e80d&ap=2&src=150632&payload=d5521f4ae99e0a5f52e3a0a2f143527e:3ac0bcdf6371479c863b41a8b7bf2921ce93eff3d3c770b238d79963a187fc25c2ba1c16130bbf393ba405fee42af6b4f0166e3001f0ca80ffa6f90ff2837500bdfeb554bcb46f0eb927e5b14fb635354f2637201a11d91c8744c1aed401794bbca0c474e1493e3dc66cec3158caca43318e5ce6bffa0240fca509f3a3990a230dce307c7ea1fbb91b8798a566e2c6a5d1d8cb4b42c49b0c483b7434bc779ce8eebc28fc98b0097477ccc673d18f2d0baaf8caf163d6de8cfc9c9ba0cba5984110945f6c74129d4b9a47b3203e644031992d7d267d7bbe16f90ce5f81b88ad2ad7c68b633cf5d5d582bcc47ae4391a166ba192a3074a5d7f12b2a0a42d77d4df4148308aa1409b2849a7e1066a958710eaccb25ca1292197f5fa61e264324ed2&hash=d11a08e9e2005b13c8ce05e097334a29 pragma no-cache server nginx via 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront) x-amz-cf-id VnbhmZOA9nhRtL6pf8tNx4lFkco7BiyAPjoFYc3dE1wQT9EcnD-ubA== x-amz-cf-pop VIE50-P2 x-cache Miss from cloudfront
GET H2	404	favicon.ico lecteurstreaming.site/	548 B 474 B	23ms 22ms	Other text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lecteurstreaming.site/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 09:25:06 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 174 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQ746E%2F9Ayu%2BaXuNrlwgaCZv%2FBqKSKUoxvhMXJ5HRTiV1Icvdshf8ruqvTpGBl11o5VVUTPzsO9cSZbDAQoo9Wb%2B%2B%2FyqwYAY07enO8gOaGQwXqhS3O6AbVhSggJ%2B%2Fw0Q66eJ%2FaOXF5kJ9SesMayAUDr0ksE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 886b470d8b356703-AMS alt-svc h3=":443"; ma=86400
GET H2	200	Primary Request redirect dealspecial.click/	594 B 921 B	161ms 27ms	Document text/html	2600:9000:2449:1400:10:159a:b580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dealspecial.click/redirect?target=BASE64aHR0cHM6Ly9nby5ydGhibmRqa29kc2xkLmZ1bi8_dXRtX21lZGl1bT00YWRhYTg4NTA4NmNmMzRkOTkwNjU5MjA1ZmZkNWI5Y2FjN2IzNWU0JnV0bV9jYW1wYWlnbj1NYXk2JmNpZD13cHY3MWRhbWY1bGNuMWUxM3RwZ3ZnanU&ts=1716197108422&hash=d10Nt9HLGOYs68G_Foz7TrI7Hz9IXZplk5eii16NUjE&rm=DJ Requested by Host: 987623ghrkfodv80c.click URL: https://987623ghrkfodv80c.click/6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d/2?v1=150632&v3=PRODUCT_NAME&cid=82d10680-feb4-4db5-b39b-869a6732e80d%20&offer_id=36303&campaign_id=1057244&lid=82d10680-feb4-4db5-b39b-869a6732e80d&ap=2&src=150632&payload=d5521f4ae99e0a5f52e3a0a2f143527e:3ac0bcdf6371479c863b41a8b7bf2921ce93eff3d3c770b238d79963a187fc25c2ba1c16130bbf393ba405fee42af6b4f0166e3001f0ca80ffa6f90ff2837500bdfeb554bcb46f0eb927e5b14fb635354f2637201a11d91c8744c1aed401794bbca0c474e1493e3dc66cec3158caca43318e5ce6bffa0240fca509f3a3990a230dce307c7ea1fbb91b8798a566e2c6a5d1d8cb4b42c49b0c483b7434bc779ce8eebc28fc98b0097477ccc673d18f2d0baaf8caf163d6de8cfc9c9ba0cba5984110945f6c74129d4b9a47b3203e644031992d7d267d7bbe16f90ce5f81b88ad2ad7c68b633cf5d5d582bcc47ae4391a166ba192a3074a5d7f12b2a0a42d77d4df4148308aa1409b2849a7e1066a958710eaccb25ca1292197f5fa61e264324ed2&hash=d11a08e9e2005b13c8ce05e097334a29 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2449:1400:10:159a:b580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, pre-check=0, post-check=0 content-type text/html;charset=UTF-8 date Mon, 20 May 2024 09:25:08 GMT expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server nginx via 1.1 668006c1cb101e4e3461ceae5f2ccbe2.cloudfront.net (CloudFront) x-amz-cf-id 9DhxEm8Ll9E4yDU84cgCdzqoFbq3I1juSglluWnMjnXwwWOPpnrVAA== x-amz-cf-pop AMS58-P6 x-cache Miss from cloudfront
GET		/ go.rthbndjkodsld.fun/	0 0

GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	155 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET		/ go.rthbndjkodsld.fun/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: go.rthbndjkodsld.fun
URL: https://go.rthbndjkodsld.fun/?utm_medium=4adaa885086cf34d990659205ffd5b9cac7b35e4&utm_campaign=May6&cid=wpv71damf5lcn1e13tpgvgju

Domain: go.rthbndjkodsld.fun
URL: https://go.rthbndjkodsld.fun/?utm_medium=4adaa885086cf34d990659205ffd5b9cac7b35e4&utm_campaign=May6&cid=wpv71damf5lcn1e13tpgvgju

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kirujh.com/	1970-01-20 20:44:43	Name: uv Value: false
.987623ghrkfodv80c.click/	1970-01-20 20:44:43	Name: 6f0d7e9f-6b3e-4e24-80bb-6be78ef2793d-v4 Value: r7fgtLkQ42T3Ncc8UeHeqClV98-2tbLgY2bbh3jYPmg
.987623ghrkfodv80c.click/	1970-01-21 05:28:53	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22wpv71damf5lcn1e13tpgvgju%22%2C%22caid%22%3A%226f0d7e9f-6b3e-4e24-80bb-6be78ef2793d%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lecteurstreaming.site/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

987623ghrkfodv80c.click
dealspecial.click
go.rthbndjkodsld.fun
kirujh.com
lecteurstreaming.site
newsweepsland.shop
go.rthbndjkodsld.fun
143.198.167.92
2600:9000:2449:1400:10:159a:b580:93a1
2600:9000:2611:be00:a:3c4c:1f00:93a1
2a06:98c1:3121::3
52.28.77.104
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
4c681d65f2377fbcc16c357f70e2467019dbac11cbb09ddba1e297090a00f1c3
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
96e880e21eb6236009be60065acd06ae1a7bf885e9e3be63ef3c85ba151ca8e1
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

dealspecial.click Open in urlscan Pro 2600:9000:2449:1400:10:159a:b580:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

57 %HTTPS

60 %IPv6

6 Domains

6 Subdomains

4 IPs

2 Countries

241 kBTransfer

247 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

dealspecial.click Open in urlscan Pro
2600:9000:2449:1400:10:159a:b580:93a1 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

57 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

241 kB
Transfer

247 kB
Size

3
Cookies

7 HTTP transactions
2 data transactions