t.topdeal2u.com - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 7 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3033::6815:5d55, located in and belongs to . The main domain is t.topdeal2u.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 27th 2022. Valid for: a year.

This is the only time t.topdeal2u.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	18.195.174.160 18.195.174.160	16509 (AMAZON-02) (AMAZON-02)
3 3	18.158.86.121 18.158.86.121	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.96.211 3.123.96.211	16509 (AMAZON-02) (AMAZON-02)
1 2	35.160.241.19 35.160.241.19	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3033::6815:5d55	() ()
4	3

2 18.195.174.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com

devinging-develing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trackingngozone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.158.86.121 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-86-121.eu-central-1.compute.amazonaws.com

tl-glo.gftcardsho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bbtl-glo.mainstreamgallery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.96.211 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-96-211.eu-central-1.compute.amazonaws.com

so-glo.yoptv33.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.160.241.19 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-241-19.us-west-2.compute.amazonaws.com

go.grandprizewinners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5d55 (None, )

ASN- ()

t.topdeal2u.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	grandprizewinners.com 1 redirects go.grandprizewinners.com	4 KB
2	gftcardsho.com 2 redirects tl-glo.gftcardsho.com	959 B
1	topdeal2u.com t.topdeal2u.com	759 B
1	mainstreamgallery.com 1 redirects bbtl-glo.mainstreamgallery.com	535 B
1	yoptv33.com 1 redirects so-glo.yoptv33.com	437 B
1	trackingngozone.com trackingngozone.com	501 B
1	devinging-develing.com devinging-develing.com	1 KB
4	7

	Domain	Requested by
2	go.grandprizewinners.com	1 redirects
2	tl-glo.gftcardsho.com	2 redirects
1	t.topdeal2u.com
1	bbtl-glo.mainstreamgallery.com	1 redirects
1	so-glo.yoptv33.com	1 redirects
1	trackingngozone.com
1	devinging-develing.com
4	7

This site contains no links.

Subject Issuer	Validity	Valid
devinging-develing.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh
trackingngozone.com R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-27` - `2023-01-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://t.topdeal2u.com/aff_c?offer_id=164&aff_id=1007&aff_sub2=a2dcee26-9a4c-4893-b2c9-51d9134f3ce3&aff_sub=13705&
Frame ID: AF749CFCA782FCE0276019A3A93DB604
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://devinging-develing.com/c321f736-7c4c-4221-b1db-7eee6ff850bc Page URL
https://trackingngozone.com/redirect?target=BASE64aHR0cHM6Ly90bC1nbG8uZ2Z0Y2FyZHNoby5jb20vdC9jbGs_aWQ9UW... Page URL
https://tl-glo.gftcardsho.com/t/clk?id=Qk22IlRJCQvZMUA159io&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd7... HTTP 302
https://so-glo.yoptv33.com/t/clk?id=WQPTX4NSo0YcwNjGt6&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd707... HTTP 302
https://bbtl-glo.mainstreamgallery.com/t/clk?id=K8DLsM1ZInrk0TVpYRuZ&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd7... HTTP 302
http://go.grandprizewinners.com/click/rNJ9BhQ8Xx?c1=6745aa44-c3c2-499e-b235-5657ba845380&c2=14574&c7=704047 HTTP 302
http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Ftl-glo.gftcardsho.com%2Ft%2Fclk%3Fid%3DDq2... Page URL
https://tl-glo.gftcardsho.com/t/clk?id=Dq22fJoRUBBlYFY5wLil&s2=qMzntD8GSl-62168d649bfb6a3009663c9f& HTTP 302
https://t.topdeal2u.com/aff_c?offer_id=164&aff_id=1007&aff_sub2=a2dcee26-9a4c-4893-b2c9-51d9134f3ce3... Page URL

Page Statistics

4
Requests

75 %
HTTPS

20 %
IPv6

7
Domains

7
Subdomains

3
IPs

2
Countries

3 kB
Transfer

1 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://devinging-develing.com/c321f736-7c4c-4221-b1db-7eee6ff850bc Page URL
https://trackingngozone.com/redirect?target=BASE64aHR0cHM6Ly90bC1nbG8uZ2Z0Y2FyZHNoby5jb20vdC9jbGs_aWQ9UWsyMklsUkpDUXZaTVVBMTU5aW8mczE9YzMyMWY3MzYtN2M0Yy00MjIxLWIxZGItN2VlZTZmZjg1MGJjJnMyPXdkNzA3ZnZnc25mZTJqOWUyaTZ2a3E5cw&ts=1645645152816&hash=-6xncN6jN-p6aMbdTKycEha_MBqjoTuAK7lNXwgZIZw&rm=D Page URL
https://tl-glo.gftcardsho.com/t/clk?id=Qk22IlRJCQvZMUA159io&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd707fvgsnfe2j9e2i6vkq9s HTTP 302
https://so-glo.yoptv33.com/t/clk?id=WQPTX4NSo0YcwNjGt6&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd707fvgsnfe2j9e2i6vkq9s&rl=GJL2Q&redirect-from=Qk22IlRJCQvZMUA159io&rcode=R01&rseq=R01 HTTP 302
https://bbtl-glo.mainstreamgallery.com/t/clk?id=K8DLsM1ZInrk0TVpYRuZ&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd707fvgsnfe2j9e2i6vkq9s&rl=mmKnMTB1pr&redirect-from=Qk22IlRJCQvZMUA159io&rcode=R01&rseq=R01,R01 HTTP 302
http://go.grandprizewinners.com/click/rNJ9BhQ8Xx?c1=6745aa44-c3c2-499e-b235-5657ba845380&c2=14574&c7=704047 HTTP 302
http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Ftl-glo.gftcardsho.com%2Ft%2Fclk%3Fid%3DDq22fJoRUBBlYFY5wLil%26s2%3DqMzntD8GSl-62168d649bfb6a3009663c9f%26 Page URL
https://tl-glo.gftcardsho.com/t/clk?id=Dq22fJoRUBBlYFY5wLil&s2=qMzntD8GSl-62168d649bfb6a3009663c9f& HTTP 302
https://t.topdeal2u.com/aff_c?offer_id=164&aff_id=1007&aff_sub2=a2dcee26-9a4c-4893-b2c9-51d9134f3ce3&aff_sub=13705& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://tl-glo.gftcardsho.com/t/clk?id=Qk22IlRJCQvZMUA159io&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd707fvgsnfe2j9e2i6vkq9s HTTP 302
https://so-glo.yoptv33.com/t/clk?id=WQPTX4NSo0YcwNjGt6&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd707fvgsnfe2j9e2i6vkq9s&rl=GJL2Q&redirect-from=Qk22IlRJCQvZMUA159io&rcode=R01&rseq=R01 HTTP 302
https://bbtl-glo.mainstreamgallery.com/t/clk?id=K8DLsM1ZInrk0TVpYRuZ&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd707fvgsnfe2j9e2i6vkq9s&rl=mmKnMTB1pr&redirect-from=Qk22IlRJCQvZMUA159io&rcode=R01&rseq=R01,R01 HTTP 302
http://go.grandprizewinners.com/click/rNJ9BhQ8Xx?c1=6745aa44-c3c2-499e-b235-5657ba845380&c2=14574&c7=704047 HTTP 302
http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Ftl-glo.gftcardsho.com%2Ft%2Fclk%3Fid%3DDq22fJoRUBBlYFY5wLil%26s2%3DqMzntD8GSl-62168d649bfb6a3009663c9f%26

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	c321f736-7c4c-4221-b1db-7eee6ff850bc Show response devinging-develing.com/	507 B 1 KB	168ms 135ms	Document text/html	18.195.174.160 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://devinging-develing.com/c321f736-7c4c-4221-b1db-7eee6ff850bc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-174-160.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash `f989f8f45709c58cd464b3df57e1d550af42ceb959101c70bc96d6c7c7ff4850` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Wed, 23 Feb 2022 19:39:12 GMT content-type text/html;charset=UTF-8 content-length 507 cache-control no-store, no-cache, pre-check=0, post-check=0 expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache
GET H2	200	redirect Show response trackingngozone.com/	339 B 501 B	64ms 16ms	Document text/html	18.195.174.160 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trackingngozone.com/redirect?target=BASE64aHR0cHM6Ly90bC1nbG8uZ2Z0Y2FyZHNoby5jb20vdC9jbGs_aWQ9UWsyMklsUkpDUXZaTVVBMTU5aW8mczE9YzMyMWY3MzYtN2M0Yy00MjIxLWIxZGItN2VlZTZmZjg1MGJjJnMyPXdkNzA3ZnZnc25mZTJqOWUyaTZ2a3E5cw&ts=1645645152816&hash=-6xncN6jN-p6aMbdTKycEha_MBqjoTuAK7lNXwgZIZw&rm=D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-174-160.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash `c93e96bae12022b40830ce1b70783a7446e4cd22e0fe400d3e4d1d964b3e2a43` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://devinging-develing.com/ Response headers server nginx date Wed, 23 Feb 2022 19:39:12 GMT content-type text/html;charset=UTF-8 content-length 339 cache-control no-store, no-cache, pre-check=0, post-check=0 expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache
GET H/1.1	200 OK	d.php go.grandprizewinners.com/main/ Redirect Chain https://tl-glo.gftcardsho.com/t/clk?id=Qk22IlRJCQvZMUA159io&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd707fvgsnfe2j9e2i6vkq9s https://so-glo.yoptv33.com/t/clk?id=WQPTX4NSo0YcwNjGt6&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd707fvgsnfe2j9e2i6vkq9s&rl=GJL2Q&redirect-from=Qk22IlRJCQvZMUA159io&rcode=R01&rseq=R01 https://bbtl-glo.mainstreamgallery.com/t/clk?id=K8DLsM1ZInrk0TVpYRuZ&s1=c321f736-7c4c-4221-b1db-7eee6ff850bc&s2=wd707fvgsnfe2j9e2i6vkq9s&rl=mmKnMTB1pr&redirect-from=Qk22IlRJCQvZMUA159io&rcode=R01&r... http://go.grandprizewinners.com/click/rNJ9BhQ8Xx?c1=6745aa44-c3c2-499e-b235-5657ba845380&c2=14574&c7=704047 http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Ftl-glo.gftcardsho.com%2Ft%2Fclk%3Fid%3DDq22fJoRUBBlYFY5wLil%26s2%3DqMzntD8GSl-62168d649bfb6a3009663c9f%26	179 B 784 B	176ms 176ms	Document text/html	35.160.241.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Ftl-glo.gftcardsho.com%2Ft%2Fclk%3Fid%3DDq22fJoRUBBlYFY5wLil%26s2%3DqMzntD8GSl-62168d649bfb6a3009663c9f%26 Protocol HTTP/1.1 Server 35.160.241.19 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-160-241-19.us-west-2.compute.amazonaws.com Software nginx/1.11.6 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://trackingngozone.com/redirect?target=BASE64aHR0cHM6Ly90bC1nbG8uZ2Z0Y2FyZHNoby5jb20vdC9jbGs_aWQ9UWsyMklsUkpDUXZaTVVBMTU5aW8mczE9YzMyMWY3MzYtN2M0Yy00MjIxLWIxZGItN2VlZTZmZjg1MGJjJnMyPXdkNzA3ZnZnc25mZTJqOWUyaTZ2a3E5cw&ts=1645645152816&hash=-6xncN6jN-p6aMbdTKycEha_MBqjoTuAK7lNXwgZIZw&rm=D Response headers Date Wed, 23 Feb 2022 19:39:16 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Server nginx/1.11.6 Content-Encoding gzip Redirect headers Date Wed, 23 Feb 2022 19:39:16 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Server nginx/1.11.6 Cache-Control no-cache, private Location /main/d.php?s=1&link=https%3A%2F%2Ftl-glo.gftcardsho.com%2Ft%2Fclk%3Fid%3DDq22fJoRUBBlYFY5wLil%26s2%3DqMzntD8GSl-62168d649bfb6a3009663c9f%26
GET H2	404	Primary Request aff_c Show response t.topdeal2u.com/ Redirect Chain https://tl-glo.gftcardsho.com/t/clk?id=Dq22fJoRUBBlYFY5wLil&s2=qMzntD8GSl-62168d649bfb6a3009663c9f& https://t.topdeal2u.com/aff_c?offer_id=164&aff_id=1007&aff_sub2=a2dcee26-9a4c-4893-b2c9-51d9134f3ce3&aff_sub=13705&	196 B 759 B	230ms 164ms	Document text/html	2606:4700:3033::6815:5d55
General Check archive.org Show headers Download Go to Full URL https://t.topdeal2u.com/aff_c?offer_id=164&aff_id=1007&aff_sub2=a2dcee26-9a4c-4893-b2c9-51d9134f3ce3&aff_sub=13705& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:5d55 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Ftl-glo.gftcardsho.com%2Ft%2Fclk%3Fid%3DDq22fJoRUBBlYFY5wLil%26s2%3DqMzntD8GSl-62168d649bfb6a3009663c9f%26 Response headers date Wed, 23 Feb 2022 19:39:16 GMT content-type text/html; charset=iso-8859-1 cache-control no-cache, no-store, must-revalidate expires Sat, 26 Jul 1997 05:00:00 GMT pragma no-cache cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcoVHXRJoJT%2BeiqA5ZsvMCy4ejQnNMlKaa7dCVwG6RbwHb09EuPjddjfHo2WogKANpQtpGUMN%2BSGKbRZB%2FKxDo96NV7bjgD3KWN41Xp3coVLIdym12pFMkfsvgjouQVWTzoxeRxRKpd2QFMu7RQ%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6e22eb561d37924f-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers date Wed, 23 Feb 2022 19:39:16 GMT content-type text/html; charset=utf-8 content-length 0 location https://t.topdeal2u.com/aff_c?offer_id=164&aff_id=1007&aff_sub2=a2dcee26-9a4c-4893-b2c9-51d9134f3ce3&aff_sub=13705&#rafl server nginx/1.12.2 cache-control no-transform x-frame-options SAMEORIGIN vary Cookie, Origin

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.devinging-develing.com/	1970-01-20 01:08:51	Name: c321f736-7c4c-4221-b1db-7eee6ff850bc-v4 Value: UhAZxKYY1rWzbFOuFe5hfYTkp0xb3QOC5qm3DBnar50
.devinging-develing.com/	1970-01-20 09:53:01	Name: cc-v4 Value: cN0FD6LpDXml5rBT5wlo4gALE8EZclKE1RhvX9xPHCpqnh8Lv5GgJo10lnh4HaMQlM93SgaOYsZuketn8IBYzEvBBIghDRq%2Bml%2BPwQbo3CbhcA9v1BfQ3k9S2qtNhlHFZaAuKqr8IHlWCq402Rniyw%3D%3D
so-glo.yoptv33.com/	1970-01-20 01:50:40	Name: ydt_69a756d9a2a44370a5365f82fbdfa6e5 Value: "[]:1nMxTm:gC8gSKyLkHpYLqfDkpBv7V8ywZw"
bbtl-glo.mainstreamgallery.com/	1970-01-20 01:50:37	Name: uip Value: "[\"s1Su4uqmL\"\054 {\"Dgzdj\": \"141M0Bz\"}]:1nMxTn:Cwwh9ovo-SUrQ5hw4hEcExbHVn4"
bbtl-glo.mainstreamgallery.com/	1970-01-20 01:50:40	Name: ydt_dcd665d8e96a45b1aecb566882c78ccb Value: "[\"6745aa44-c3c2-499e-b235-5657ba845380\"]:1nMxTn:eKOQoB-KL8nZUdqF_024Yp54iK0"
go.grandprizewinners.com/	1970-01-20 01:07:32	Name: XSRF-TOKEN Value: eyJpdiI6InM5bkoyKzVGVFFxU1hmRzFTY2RRVEE9PSIsInZhbHVlIjoiRnpUSGorTWNnTDdVWjVZU3l4Q29QQ0RzTTVBTXJUeklacE0xdU0wVk9jMWREQ1BDRWU2anFIU29FdlhwNDc3ZjhEMGZndmRnUTE2M0RURzVJNkdVQkE9PSIsIm1hYyI6IjM1N2EzODdlYWZiNWQyMWNmYjhhYzE2OWVhZDRlODgzZTEzMGUzOGUzNDNjZDZjYzRkNWJjNjM3YjgxMGE0MGQifQ%3D%3D
go.grandprizewinners.com/	1970-01-20 01:07:32	Name: session Value: eyJpdiI6ImkxNzlVb3RiTmQzcXRPam9FZTdXcHc9PSIsInZhbHVlIjoiR3pkbXlOTE52Rm42Wk9cLzlTYm1jWjJ1eXc3RDFBd3haNDlGWXUwd1lJTDlVTHU2WEVqem9EWEdOOXRuTlNrYWgrTU9lbkYwMSt0WTkwY1F3dnp5ZW13PT0iLCJtYWMiOiIwMWY0NmNkZjBkMWYyMTMzNGE0ZjVlM2ZmZTE2ZDA5MjhmOWFhYTI0NDVlMTdiNGZmNzNiZDZlOGI0Mzg5ZjQ2In0%3D
go.grandprizewinners.com/	1970-01-20 01:08:51	Name: ept2 Value: eyJpdiI6IjhqV01jMWJaTVRXcVV6VUoxMXJKWXc9PSIsInZhbHVlIjoidFlBRm9LckRtd29CNndXXC9LS0ZXdVdaMXJHUnhWR2VuOW1mY1pWVzdzRk9BMWJIYTdtc2tCZTFTQWxaY2ZiWFFzNUZrN29GU3k3YkFVWGxWTVR1aUo1b0NzUHdrbDlrNVZjZEVcL3hyZWNCUTA0Zm1RZTlKWksySGtSWVUzN0NmTzU1czExeDdtUFBkOTRnWjJ4a1IxVUVOU3VMRVJzK1ZjTkNuVkU0SkpYK1kxa2lvbGV2Y3dPbGtFZzhWZEt5VFkiLCJtYWMiOiI5OTJlZGM4MzA3MTY0YzBjMzRkNGQ2OGJiMWNmOTdjNmQ3MmU4Zjg0Y2NjNDczMWRkODVjMWRiMjRhYzQ5M2Y4In0%3D
go.grandprizewinners.com/	1970-01-20 01:07:32	Name: ClE1h3eyS1dfuuhXnmkH3h5JkRRpb5oMh3YoKfyC Value: eyJpdiI6InU4TitzTU11NzJ0WVwvbzVwcit5QjN3PT0iLCJ2YWx1ZSI6IkRLS3hVMWxuUlwvdnVabngxZVEwMVU3SllaOVk3Rkw2MVQrTmpNMEhDeU9UQWNvM3MrXC95THVHbmxQWGtqNjg5ZTF3NGZaamY2SzZnZUdIdDE2TVgwMWhvNmFaYkhhUTdNYkhoaldQQ2pmSXMrWXM3MUlYU2Iwd1p6YVZwREs2MWw1dStabThUdFpQMzlJdDdOZlhlcDR6YU50cEtQVzYxSjVVSzRKdG1lejBqQTZ4aEJwUkFnMmpPZWFoZmV5NDd0dStwMWRcL3o2UFhsb2JJQzYrVHBkVGJTMVFSRG0zWTNzTW94d1V1SlRSaEVMZlBKNU5LY24zd2hER2ltY3VZelRFTlByV3Jrd2ZVamM2dmgyOUZHOFcwb3dBaDBcLyszMTYrQys4KzNhaW83YWIwXC96OEhRQ1ZRdnNvdGFhVlNrUGQ0NkNhRmNwQVRXa0hnejd2TW96S2YybmRscHYxZ0NSVzhVWk96N28yMklNYkdDSEJWVmZzaFpRbUFOWk1yZjZ2V1F1ZDEzMVh3cEZSd2hBc1UyV2lqOGFQMHlyNktremlzRzBwRjRJMzZSR1hOTG5hQkhcL0o5c1orRnVyYnI4alRoSHBWQkI3WTR4alczRjVJajNaUTFQRWI2UTF0bk12eXZ5K0R6eHRlS3k0MnRDczZrM0dpUExsSEVpSXVHbzJWUzVDY2Z2RCtybDNlckhYelRLc0RuTWplMkpXb2p1SXVna0pwaWxYRkxseUFSdHB3czVcL3hUMHJ2c3doRENvWFBHU3hHY0pzR1M0emN5R0hyVGZWTG5NcG5hc1ZMZlNUQTNsSUpHOFRneFFnOFQxcXVubjhJejFQdG0xQUVTXC9EXC8iLCJtYWMiOiIyYjI5NjM1NTU1YWQzNzAxNjRiYzhhZWIzZWZhNTFlMGNjMDI2NjFlMzk1NDhlNTQzZjc1MjgxNjRmNDYzZTI4In0%3D
go.grandprizewinners.com/	1970-01-20 01:17:29	Name: AWSALB Value: miMjBcI/SFjEpBPKAWmh+2VMnGQScbMbli9BHyMvKvKKLAQJjYwl4pGHU69TQtXKbglNSk8AN6lBch5bo1MgFkzHZ/VkLZMolGcUfcLu27Uvg51kQitJPgoOvuoP
tl-glo.gftcardsho.com/	1970-01-20 01:50:37	Name: uip Value: "[\"Pb5lHk\"\054 {\"PBzO8\": \"O8q1m7w\"}]:1nMxTo:zjrjR09ncbrBLtrB5qQq_UVcSRY"
tl-glo.gftcardsho.com/	1970-01-20 01:50:40	Name: ydt_65c1a6749c2f469580ffa9e83e5f9956 Value: "[\"a2dcee26-9a4c-4893-b2c9-51d9134f3ce3\"]:1nMxTo:B9s5sYsL4Co2zZOjiKzmaCh8cZQ"

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.topdeal2u.com/aff_c?offer_id=164&aff_id=1007&aff_sub2=a2dcee26-9a4c-4893-b2c9-51d9134f3ce3&aff_sub=13705&#rafl Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbtl-glo.mainstreamgallery.com
devinging-develing.com
go.grandprizewinners.com
so-glo.yoptv33.com
t.topdeal2u.com
tl-glo.gftcardsho.com
trackingngozone.com
18.158.86.121
18.195.174.160
2606:4700:3033::6815:5d55
3.123.96.211
35.160.241.19
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
c93e96bae12022b40830ce1b70783a7446e4cd22e0fe400d3e4d1d964b3e2a43
f989f8f45709c58cd464b3df57e1d550af42ceb959101c70bc96d6c7c7ff4850

t.topdeal2u.com Open in urlscan Pro 2606:4700:3033::6815:5d55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

4 Requests

75 %HTTPS

20 %IPv6

7 Domains

7 Subdomains

3 IPs

2 Countries

3 kBTransfer

1 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

12 Cookies

1 Console Messages

Indicators

t.topdeal2u.com Open in urlscan Pro
2606:4700:3033::6815:5d55 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

20 %
IPv6

7
Domains

7
Subdomains

3
IPs

2
Countries

3 kB
Transfer

1 kB
Size

12
Cookies

4 HTTP transactions
0 data transactions