urlscan.io logo urlscan.io
SecurityTrails logo

livtopup.us.com Open in urlscan Pro
172.67.220.207  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://is.gd/T8wGUc#c52975lBEnh50BScz9962kMi35623UrUp3178
Effective URL: https://livtopup.us.com/rd/c52975lBEnh50BScz9962kMi35623UrUp3178
Submission: On October 26 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 7 HTTP transactions. The main IP is 172.67.220.207, located in United States and belongs to CLOUDFLARENET, US. The main domain is livtopup.us.com.
TLS certificate: Issued by GTS CA 1P5 on October 17th 2023. Valid for: 3 months.
This is the only time livtopup.us.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.25.234.53 13335 (CLOUDFLAR...)
1 52.216.51.113 16509 (AMAZON-02)
1 4 172.67.220.207 13335 (CLOUDFLAR...)
1 1 185.141.164.14 61317 (ASDETUK w...)
1 34.117.79.165 396982 (GOOGLE-CL...)
1 104.21.85.210 13335 (CLOUDFLAR...)
1 5.101.109.44 14061 (DIGITALOC...)
7 6
1    104.25.234.53 (None, )

ASN13335 (CLOUDFLARENET, US)
is.gd
1    52.216.51.113 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
dsgdfhsrtt.s3.amazonaws.com
4    172.67.220.207 (United States)

ASN13335 (CLOUDFLARENET, US)
livtopup.us.com
1    185.141.164.14 (Frankfurt am Main, Germany)

ASN61317 (ASDETUK www.heficed.com, US)
www.makeingmes.com
1    34.117.79.165 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.79.117.34.bc.googleusercontent.com
www.lpredirect.com
1    104.21.85.210 (None, )

ASN13335 (CLOUDFLARENET, US)
smartarget.online
1    5.101.109.44 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: fra1.digitaloceanspaces.com
smartarget-sp-cache.fra1.digitaloceanspaces.com
Apex Domain
Subdomains		 Transfer
4 us.com
livtopup.us.com
6 KB
1 digitaloceanspaces.com
smartarget-sp-cache.fra1.digitaloceanspaces.com — Cisco Umbrella Rank: 166068
502 B
1 smartarget.online
smartarget.online — Cisco Umbrella Rank: 148506
10 KB
1 lpredirect.com
www.lpredirect.com
1 makeingmes.com
www.makeingmes.com
620 B
1 amazonaws.com
dsgdfhsrtt.s3.amazonaws.com
666 B
1 is.gd
is.gd — Cisco Umbrella Rank: 123141
159 B
7 7
Domain Requested by
4 livtopup.us.com 1 redirects dsgdfhsrtt.s3.amazonaws.com
livtopup.us.com
1 smartarget-sp-cache.fra1.digitaloceanspaces.com smartarget.online
1 smartarget.online livtopup.us.com
1 www.lpredirect.com livtopup.us.com
1 www.makeingmes.com 1 redirects
1 dsgdfhsrtt.s3.amazonaws.com
1 is.gd 1 redirects
7 7

This site contains no links.

Subject Issuer Validity Valid
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
livtopup.us.com
GTS CA 1P5		 2023-10-17 -
2024-01-15		 3 months crt.sh
hb6trk.com
Starfield Secure Certificate Authority - G2		 2023-09-27 -
2024-05-23		 8 months crt.sh
smartarget.online
E1		 2023-10-19 -
2024-01-17		 3 months crt.sh
*.fra1.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-04-27		 a year crt.sh

This page contains 1 frames:

Frame: https://www.lpredirect.com/24QSBG/KNKKXP5/?source_id=3757&sub1=997828b0a2984160b19a608ae878c306
Frame ID: 0229293AD726840D772D715C56FFCBF8
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://is.gd/T8wGUc HTTP 301
    https://dsgdfhsrtt.s3.amazonaws.com/sqldklqslkdaqepodsmlqd.html Page URL
  2. https://livtopup.us.com/rd/c52975lBEnh50BScz9962kMi35623UrUp3178 Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

17 kB
Transfer

36 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://is.gd/T8wGUc HTTP 301
    https://dsgdfhsrtt.s3.amazonaws.com/sqldklqslkdaqepodsmlqd.html Page URL
  2. https://livtopup.us.com/rd/c52975lBEnh50BScz9962kMi35623UrUp3178 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://is.gd/T8wGUc HTTP 301
  • https://dsgdfhsrtt.s3.amazonaws.com/sqldklqslkdaqepodsmlqd.html
Request Chain 3
  • https://livtopup.us.com/track/c52975lBEnh50BScz9962kMi35623UrUp3178 HTTP 302
  • https://www.makeingmes.com/73JT5ZW/23DQDZJ3/?sub1=12&sub2=3178-52975&sub3=50-9962-35623 HTTP 302
  • https://www.lpredirect.com/24QSBG/KNKKXP5/?source_id=3757&sub1=997828b0a2984160b19a608ae878c306

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
sqldklqslkdaqepodsmlqd.html
dsgdfhsrtt.s3.amazonaws.com/
Redirect Chain
  • https://is.gd/T8wGUc
  • https://dsgdfhsrtt.s3.amazonaws.com/sqldklqslkdaqepodsmlqd.html
272 B
666 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsgdfhsrtt.s3.amazonaws.com/sqldklqslkdaqepodsmlqd.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.51.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
272
Content-Type
text/html
Date
Thu, 26 Oct 2023 17:55:57 GMT
ETag
"0ead5c91b795458fe74dbdd1a2bf6ecd"
Last-Modified
Tue, 24 Oct 2023 18:06:25 GMT
Server
AmazonS3
x-amz-id-2
l2VJN57MX5CXJZt+Wf9R0bHRCvd7PybMPvP4RP9tNMFzh4JjTwj3vrBmUSgtr3B5e788SfatjfU=
x-amz-request-id
4CQ7QVYVHGS18G7W
x-amz-server-side-encryption
AES256

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
81c492b2bb168c65-EWR
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 17:55:55 GMT
location
https://dsgdfhsrtt.s3.amazonaws.com/sqldklqslkdaqepodsmlqd.html
server
cloudflare
Primary Request c52975lBEnh50BScz9962kMi35623UrUp3178
livtopup.us.com/rd/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://livtopup.us.com/rd/c52975lBEnh50BScz9962kMi35623UrUp3178
Requested by
Host: dsgdfhsrtt.s3.amazonaws.com
URL: https://dsgdfhsrtt.s3.amazonaws.com/sqldklqslkdaqepodsmlqd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f00bdee92f8464b59c13a29361554456dd431f4293a1fedcc7dbc40b46695c06
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dsgdfhsrtt.s3.amazonaws.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81c492b4b9035944-IAD
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 26 Oct 2023 17:55:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GF8ZtADzECj2lHRKMRS4848kYWaq7XqXUAdqGkgnVWQz6McIVDS1GbxGVhq91lTVE0Yzzq%2FcrsV8Wuiez4AaJriQLYxk5Uh7gJzj%2Bs%2Fsjwsf7lNrDgmnfnXbHEyJ40m4XOk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
sLqlWvx5CcaBQp8s3uwgWrQ0qjA.js
livtopup.us.com/cdn-cgi/apps/head/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livtopup.us.com/cdn-cgi/apps/head/sLqlWvx5CcaBQp8s3uwgWrQ0qjA.js
Requested by
Host: livtopup.us.com
URL: https://livtopup.us.com/rd/c52975lBEnh50BScz9962kMi35623UrUp3178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2331326cdc11227a51b66ef274e6030639444380874ea69ce58ea29dac557e7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://livtopup.us.com/rd/c52975lBEnh50BScz9962kMi35623UrUp3178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:55:56 GMT
x-amz-version-id
rtDCrh2d8tgxzRi1Yh6TwaTXy5sylFB4
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains; preload
x-amz-request-id
3W2B6HMSQVWSJE15
age
165477
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
RIVZiehnzSuAW9dzMQqHdhN3LpYW7ziaTlaWDWLJfNZ2KRKTnfS+XRd1dtrmgAnbnHDQgfKR438=
last-modified
Mon, 02 Oct 2023 13:00:59 GMT
server
cloudflare
etag
W/"e2e86bf183288c7c7b433a494bb7746d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgXQgJ4bCp3EUVpjc3DZPKf%2FFC6aWT3JLLwOS61LgW3szYQ7exTYbw%2FkD6fGbRxRA3DyRSe4SPx3XTrQV0COKiqZurb2hyFmS%2FExqmYl1L86HaeUzK9BOY%2BHqgvpmZxR%2BeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
81c492b83c575944-IAD
RUDH6NldJxErFm-vj341RyzRH_o.js
livtopup.us.com/cdn-cgi/apps/body/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livtopup.us.com/cdn-cgi/apps/body/RUDH6NldJxErFm-vj341RyzRH_o.js
Requested by
Host: livtopup.us.com
URL: https://livtopup.us.com/cdn-cgi/apps/head/sLqlWvx5CcaBQp8s3uwgWrQ0qjA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541a7e5aca86112db0a599de650a52cebf660fdfe48ee4d9d3f468b336c0d7a0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://livtopup.us.com/rd/c52975lBEnh50BScz9962kMi35623UrUp3178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:55:56 GMT
x-amz-version-id
gcPnuU_l4oaElVfxnjnyGYSD6dMRJeqK
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains; preload
x-amz-request-id
8P4V7XTC0J0MPYTC
age
165476
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2rCg6k/no1u07q0TY3zffVgv1x53JowMIkNwQxOgiyz3KDfrYvfops/rZCHAYGhQn8zDY59exkQ=
last-modified
Mon, 02 Oct 2023 13:00:59 GMT
server
cloudflare
etag
W/"24f274bf153c71936edf377205668153"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiQwhYsRmlDLn376BmsaKLdgkbaPNiSrq8sMGzmQ6dnSHVGriepCti%2BroGMwff4IcDqOIGn7nT4Y5W6B4K%2FRsr9nNZebnBAniPOEIBvsr3haJZs5Oh5QQoxUPq3R6OdMxro%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
81c492b89c975944-IAD
/
www.lpredirect.com/24QSBG/KNKKXP5/
Redirect Chain
  • https://livtopup.us.com/track/c52975lBEnh50BScz9962kMi35623UrUp3178
  • https://www.makeingmes.com/73JT5ZW/23DQDZJ3/?sub1=12&sub2=3178-52975&sub3=50-9962-35623
  • https://www.lpredirect.com/24QSBG/KNKKXP5/?source_id=3757&sub1=997828b0a2984160b19a608ae878c306
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lpredirect.com/24QSBG/KNKKXP5/?source_id=3757&sub1=997828b0a2984160b19a608ae878c306
Requested by
Host: livtopup.us.com
URL: https://livtopup.us.com/rd/c52975lBEnh50BScz9962kMi35623UrUp3178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.79.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.79.117.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://livtopup.us.com/rd/c52975lBEnh50BScz9962kMi35623UrUp3178
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-Ch-Ua-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Oct 2023 17:55:57 GMT
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
f3aaf8c6-b2e8-4692-ad2e-cc1f97ad262d

Redirect headers

Accept-Ch
Sec-Ch-Ua-Platform-Version
Content-Length
122
Content-Type
text/html; charset=utf-8
Date
Thu, 26 Oct 2023 17:55:57 GMT
Location
https://www.lpredirect.com/24QSBG/KNKKXP5/?source_id=3757&sub1=997828b0a2984160b19a608ae878c306
Server
nginx
Vary
Origin
X-Eflow-Request-Id
21312eae-81f7-444a-8722-53307983778e
loader.js
smartarget.online/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smartarget.online/loader.js?ver=9321871&u=76e9f5eb422932078e36bf28bce5b95f325db72d&forceLocation=https%3A%2F%2Flivtopup.us.com%2Frd%2Fc52975lBEnh50BScz9962kMi35623UrUp3178&source=cloudflare_smartarget
Requested by
Host: livtopup.us.com
URL: https://livtopup.us.com/cdn-cgi/apps/body/RUDH6NldJxErFm-vj341RyzRH_o.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.85.210 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b1d04271914cadb4d0f803e7bd91707b8d96dbcf8cf24e7d02eed1e4b993f99

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://livtopup.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:55:57 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NERWGDE7dfYz5vv9kj9yzowNikj1otKJXs9IC1%2BksgRg9di6PTpwkxkkTm%2Bw%2FBqMTF640%2FXq%2BR3fGnY20hOcOLoi9%2Fha1Nz9o14telExJEwuec3w1sAAx5Ukj6p28fO9%2FXnlXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
81c492b96f6d59eb-IAD
alt-svc
h3=":443"; ma=86400
expires
Thu, 1 Jan 1970 00:00:00 GMT
truncated
/ 		1 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df5732d07e9e1a7a027d929226c140f81e2bef356031c49966728da1a9002438

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
f1bca6095fbe74af3364b640b705e5acb9f59d9b.json
smartarget-sp-cache.fra1.digitaloceanspaces.com/settings/ 		115 B
502 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://smartarget-sp-cache.fra1.digitaloceanspaces.com/settings/f1bca6095fbe74af3364b640b705e5acb9f59d9b.json
Requested by
Host: smartarget.online
URL: https://smartarget.online/loader.js?ver=9321871&u=76e9f5eb422932078e36bf28bce5b95f325db72d&forceLocation=https%3A%2F%2Flivtopup.us.com%2Frd%2Fc52975lBEnh50BScz9962kMi35623UrUp3178&source=cloudflare_smartarget
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
fra1.digitaloceanspaces.com
Software
/
Resource Hash
8cbc5fac2acde1ad81f9c7deeb29676a504be6b72e72ee1e0ecce29db0370de2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://livtopup.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:55:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Thu, 26 Oct 2023 17:22:40 GMT
x-amz-request-id
tx0000079e4ff94eafce558-00653aa82d-bc9d9db8-fra1b
etag
"a2298294d0225c9fc147d39704f1850c"
x-envoy-upstream-healthchecked-cluster
vary
Origin,Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://livtopup.us.com
x-rgw-object-type
Normal
access-control-max-age
5
accept-ranges
bytes
content-length
115

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| CloudflareApps undefined| tarcking_param object| Smartarget

0 Cookies