costco-j1.getmemynewdeal.cloud Open in urlscan Pro
76.76.21.22 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gb90t4trk.com/2C4RDC/51GJL6/?sub1=959&sub2=0475dd0dda764dbfbf05b2178c56b4d5&sub3=
Effective URL:
https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
Submission: On July 08 via manual (July 8th 2023, 7:08:36 pm UTC) from US — Scanned from DE

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 31 HTTP transactions. The main IP is 76.76.21.22, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is costco-j1.getmemynewdeal.cloud.
TLS certificate: Issued by R3 on July 4th 2023. Valid for: 3 months.

This is the only time costco-j1.getmemynewdeal.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.117.228.72 34.117.228.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
23	76.76.21.22 76.76.21.22	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:e400:a:3d5:af40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:303... 2606:4700:3036::6815:23e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.185.227.156 64.185.227.156	18450 (WEBNX) (WEBNX)
1	2606:4700:440... 2606:4700:4400::6812:20bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	6

1 34.117.228.72 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.228.117.34.bc.googleusercontent.com

www.gb90t4trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 76.76.21.22 (Walnut, United States)

ASN16509 (AMAZON-02, US)

costco-j1.getmemynewdeal.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e400:a:3d5:af40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.3dsintegrator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::6815:23e6 (United States)

ASN13335 (CLOUDFLARENET, US)

zoom-sf.genderseparator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.227.156 (Los Angeles, United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-156.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:20bf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.subscribefunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	getmemynewdeal.cloud costco-j1.getmemynewdeal.cloud	652 KB
4	genderseparator.com zoom-sf.genderseparator.com	90 KB
1	subscribefunnels.com cdn.subscribefunnels.com	1 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2382	222 B
1	3dsintegrator.com cdn.3dsintegrator.com — Cisco Umbrella Rank: 203502	7 KB
1	gb90t4trk.com 1 redirects www.gb90t4trk.com	487 B
0	chooseandwinpronto.com Failed development.chooseandwinpronto.com Failed
31	7

	Domain	Requested by
23	costco-j1.getmemynewdeal.cloud	costco-j1.getmemynewdeal.cloud
4	zoom-sf.genderseparator.com	costco-j1.getmemynewdeal.cloud
1	cdn.subscribefunnels.com	costco-j1.getmemynewdeal.cloud
1	api.ipify.org	costco-j1.getmemynewdeal.cloud
1	cdn.3dsintegrator.com	costco-j1.getmemynewdeal.cloud
1	www.gb90t4trk.com	1 redirects
0	development.chooseandwinpronto.com Failed	costco-j1.getmemynewdeal.cloud
31	7

This site contains no links.

Subject Issuer	Validity	Valid
*.getmemynewdeal.cloud R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.3dsintegrator.com Amazon RSA 2048 M01	`2023-02-01` - `2024-02-29`	a year	crt.sh
genderseparator.com GTS CA 1P5	`2023-05-30` - `2023-08-28`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
subscribefunnels.com Cloudflare Inc ECC CA-3	`2023-05-27` - `2023-08-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
Frame ID: 43D26981623B1E829D653F7E185AFC00
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

$1000 COSTCO GIFT CARD

Page URL History Show full URLs

https://www.gb90t4trk.com/2C4RDC/51GJL6/?sub1=959&sub2=0475dd0dda764dbfbf05b2178c56b4d5&sub3= HTTP 302
https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Page Statistics

31
Requests

97 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

6
IPs

1
Countries

750 kB
Transfer

1906 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gb90t4trk.com/2C4RDC/51GJL6/?sub1=959&sub2=0475dd0dda764dbfbf05b2178c56b4d5&sub3= HTTP 302
https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
costco-j1.getmemynewdeal.cloud/
Redirect Chain

https://www.gb90t4trk.com/2C4RDC/51GJL6/?sub1=959&sub2=0475dd0dda764dbfbf05b2178c56b4d5&sub3=
https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

2 KB
945 B

82ms
25ms

Document
text/html

76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0291171d1efdbf2967b6de21c2b80ecc3d724d8fd853caad2ac9e534d5e18593

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1767
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 08 Jul 2023 19:08:31 GMT
etag: W/"3b3900e7488004cfab84668b7d717f45"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /
x-vercel-cache: HIT
x-vercel-id: fra1::b4d5f-1688843311724-3a8d66889edb

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
content-type: text/html; charset=utf-8
date: Sat, 08 Jul 2023 19:08:31 GMT
location: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: a916531a-42d1-479a-9409-c62c677d6492

GET
H2 200 008ce3c4a115c213.css
costco-j1.getmemynewdeal.cloud/_next/static/css/ 29 KB
7 KB 12ms
11ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/css/008ce3c4a115c213.css

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f10934861f53ca8f5fb3a56454f058f9abb15fbcfe7161540505b5d07244a51f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::fl7nq-1688843311752-0b258eea7b27
age: 61698
x-matched-path: /_next/static/css/008ce3c4a115c213.css
etag: W/"3a9a15e6fea632ed221ca40d7d3e6285"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="008ce3c4a115c213.css"

GET
H2 200 webpack-eeb1e4a6befe36e1.js Show response
costco-j1.getmemynewdeal.cloud/_next/static/chunks/ 2 KB
1 KB 13ms
13ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/webpack-eeb1e4a6befe36e1.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

33d3d92899f53d43444c3a63e8839ac834150865d925725ea9424e8f0bd37c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::k5jbd-1688843311752-9cc6764453d8
age: 60866
x-matched-path: /_next/static/chunks/webpack-eeb1e4a6befe36e1.js
etag: W/"48c02c66201cdb15f2ef68b9b462f3b1"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-eeb1e4a6befe36e1.js"

GET
H2 200 framework-4556c45dd113b893.js Show response
costco-j1.getmemynewdeal.cloud/_next/static/chunks/ 138 KB
46 KB 14ms
12ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/framework-4556c45dd113b893.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f9dba7111aa9e260faaf5c755245a0ff6ad491d2e69d266b60d02024f63235c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::r5k5h-1688843311755-49b770738410
age: 61698
x-matched-path: /_next/static/chunks/framework-4556c45dd113b893.js
etag: W/"4af7a03f4bbda417f4968b58d996107d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-4556c45dd113b893.js"

GET
H2 200 main-77f242bcb709711e.js Show response
costco-j1.getmemynewdeal.cloud/_next/static/chunks/ 104 KB
32 KB 28ms
26ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/main-77f242bcb709711e.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2302516d7e6f94a04369674b586f621ce1b21a625f03d90ef7f9b065cdba81a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::m4c69-1688843311756-a24304025e20
age: 61698
x-matched-path: /_next/static/chunks/main-77f242bcb709711e.js
etag: W/"94f02a17c094bc232df4263870b4ca42"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-77f242bcb709711e.js"

GET
H2 200 _app-7012d55c46a869f3.js Show response
costco-j1.getmemynewdeal.cloud/_next/static/chunks/pages/ 486 KB
161 KB 14ms
12ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/pages/_app-7012d55c46a869f3.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bd6822206c51133ab569cc9764746dacca8f01787aceb70d4df41546e5d0ba68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::8f6h7-1688843311756-45ca6c8b0086
age: 61698
x-matched-path: /_next/static/chunks/pages/_app-7012d55c46a869f3.js
etag: W/"ca0eb16bf2a9e550e51dbd7728b24223"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-7012d55c46a869f3.js"

GET
H2 200 5-d56e68a334911d00.js Show response
costco-j1.getmemynewdeal.cloud/_next/static/chunks/ 12 KB
4 KB 15ms
12ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/5-d56e68a334911d00.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

cb9e38b2064cf1be58ab82ba02a3cdea2f020e5fb5ff61cb7536c78b59e3ec49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::6sz76-1688843311756-7af9564e4ace
age: 60721
x-matched-path: /_next/static/chunks/5-d56e68a334911d00.js
etag: W/"2516f7dc53099cb9c8631dcd67e26a05"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5-d56e68a334911d00.js"

GET
H2 200 623-a31fbfb8d621a66d.js Show response
costco-j1.getmemynewdeal.cloud/_next/static/chunks/ 315 KB
91 KB 16ms
14ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/623-a31fbfb8d621a66d.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a2d1cb97f183785493fc5f3910db0fd06876f99a87984dd02261901cd506be62

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::rj4rf-1688843311756-b9597280a163
age: 61698
x-matched-path: /_next/static/chunks/623-a31fbfb8d621a66d.js
etag: W/"83db12552735c85f6d8cd0911111d03b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="623-a31fbfb8d621a66d.js"

GET
H2 200 701-5675db1929adea3d.js Show response
costco-j1.getmemynewdeal.cloud/_next/static/chunks/ 71 KB
26 KB 37ms
35ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/701-5675db1929adea3d.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f37ded039197fb8176a7b1fe195e9185f198bdbbec27c9ab8ff49f3515b4a776

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::p6d7c-1688843311756-e7269caf6f43
age: 61698
x-matched-path: /_next/static/chunks/701-5675db1929adea3d.js
etag: W/"96477d3a65356ceeca07ba4106742389"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="701-5675db1929adea3d.js"

GET
H2 200 354-c53d45fea022f3e4.js Show response
costco-j1.getmemynewdeal.cloud/_next/static/chunks/ 78 KB
28 KB 30ms
29ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/354-c53d45fea022f3e4.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

17e2306ef4cac287166d0853151ab9ecec2564f7538e41636a8e18ea2a8a24b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::g229c-1688843311757-cedbcfc01642
age: 61698
x-matched-path: /_next/static/chunks/354-c53d45fea022f3e4.js
etag: W/"001dbba9dd50d18fd5e009599960cba6"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="354-c53d45fea022f3e4.js"

GET
H2 200 index-af3af32863bde739.js Show response
costco-j1.getmemynewdeal.cloud/_next/static/chunks/pages/ 17 KB
6 KB 26ms
25ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/pages/index-af3af32863bde739.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ff247be175be766672d4da9fa21fcbf97d20f2531228bb33353c6f38512e5be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::l69wv-1688843311756-ae9fbc7862fd
age: 61698
x-matched-path: /_next/static/chunks/pages/index-af3af32863bde739.js
etag: W/"c040bdaf6725d6a5499ca8649b2e94b5"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="index-af3af32863bde739.js"

GET
H2 200 _buildManifest.js Show response
costco-j1.getmemynewdeal.cloud/_next/static/fkSxqJzSHupra7KyZYQEG/ 817 B
995 B 11ms
10ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/fkSxqJzSHupra7KyZYQEG/_buildManifest.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a18a57598ef6c2440c07eddd199eec16c97861884335c4a0d6c826f524079a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::fl7nq-1688843311757-eeec34b6c919
age: 61698
x-matched-path: /_next/static/fkSxqJzSHupra7KyZYQEG/_buildManifest.js
etag: "c06f209dcffb1c2bd8c5aa3431825789"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"
accept-ranges: bytes
content-length: 817

GET
H2 200 _ssgManifest.js Show response
costco-j1.getmemynewdeal.cloud/_next/static/fkSxqJzSHupra7KyZYQEG/ 77 B
247 B 25ms
24ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/_next/static/fkSxqJzSHupra7KyZYQEG/_ssgManifest.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:31 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::f94km-1688843311757-de6c27830a89
age: 61698
x-matched-path: /_next/static/fkSxqJzSHupra7KyZYQEG/_ssgManifest.js
etag: "b6652df95db52feb4daf4eca35380933"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
accept-ranges: bytes
content-length: 77

GET
H2 200 threeds.2.1.0.20220901.min.js Show response
cdn.3dsintegrator.com/ 31 KB
7 KB 69ms
7ms Script
application/javascript 2600:9000:2057:e400:a:3d5:af40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.3dsintegrator.com/threeds.2.1.0.20220901.min.js

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e400:a:3d5:af40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

PAAY CDN /

Resource Hash

c47e1a4ad8d39486e026635c5972abfa0c0b22db6f534330fee5d0030a80f983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: neTLV4ZIRDI7g6bxb2UiMk2e0CYykhZm
content-encoding: br
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
date: Sat, 08 Jul 2023 18:09:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
age: 23649
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Sep 2022 14:42:52 GMT
server: PAAY CDN
etag: W/"90df46f26dc2cf5707f0959d1d80856c"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=604800, immutable
x-amz-cf-id: sxfIQBELGgwhtjMfKBGhyN6S02STPD-EOjbUUGQrScGMwNpyLXvisg==

GET
H2 200 bootstrap.min.css
costco-j1.getmemynewdeal.cloud/home_files/ 190 KB
28 KB 94ms
92ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/home_files/bootstrap.min.css

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/main-77f242bcb709711e.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d19d6a9921ee8fae4a5ac06ed392c789c76ac56b8aca4d2c1b8967f07d904dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::5rg66-1688843312018-4f1f4f0c9559
age: 61698
x-matched-path: /home_files/bootstrap.min.css
etag: W/"e0a054bc89ba06e074bef3ec5f806431"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="bootstrap.min.css"

GET
H2 200 stylesheet.css
costco-j1.getmemynewdeal.cloud/home_files/ 25 KB
6 KB 17ms
14ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/home_files/stylesheet.css

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/main-77f242bcb709711e.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3bae49637bfed98cd6f1f2d86fb356247511516ac3916074227643f52c5dbc9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::5gjn2-1688843312019-86121760681d
age: 61698
x-matched-path: /home_files/stylesheet.css
etag: W/"4e54bd3c2c93e7623ec522a74ad45ca3"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="stylesheet.css"

GET
H2 200 animate.css
costco-j1.getmemynewdeal.cloud/home_files/ 75 KB
5 KB 105ms
102ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/home_files/animate.css

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/main-77f242bcb709711e.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3374dc9f5e06ce96de195a85853092703467fec489146684f7c7ec1d7d414d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::5rg66-1688843312021-431d7a3394b4
age: 61698
x-matched-path: /home_files/animate.css
etag: W/"9bf61f05ed28023343517af2a3a74d81"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="animate.css"

GET
H2 200 index.css
costco-j1.getmemynewdeal.cloud/home_files/ 2 KB
1 KB 93ms
91ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/home_files/index.css

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/main-77f242bcb709711e.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1ed18aafde2ae4ba5b8168c7268ee6871e938be3dca9c935d5103c8cfdf70b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::9llp2-1688843312019-5aa0586fe619
age: 61698
x-matched-path: /home_files/index.css
etag: W/"864ac391f02f82ab0d59113b7d663663"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="index.css"

GET
H2 200 small-popup.css
costco-j1.getmemynewdeal.cloud/home_files/ 1 KB
711 B 13ms
11ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/home_files/small-popup.css

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/main-77f242bcb709711e.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

dfd0a5362fc2cc8403f122dc2edf41b0183f776d7afbb33bd243b7fcbb810973

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::mk87r-1688843312019-0dfc116a76f4
age: 61698
x-matched-path: /home_files/small-popup.css
etag: W/"ccfa905a70f97899cce713654c33b6f5"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="small-popup.css"

GET
H2 200 tosPop.css
costco-j1.getmemynewdeal.cloud/home_files/ 4 KB
1 KB 12ms
10ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://costco-j1.getmemynewdeal.cloud/home_files/tosPop.css

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/main-77f242bcb709711e.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7c31be0c3d6a9ed486c34e3092f2d591acfa259ec24bffbd4dfd8ae426f17897

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::b4d5f-1688843312019-2e9b59d2df78
age: 61698
x-matched-path: /home_files/tosPop.css
etag: W/"294e731f37645bf08a14c3b43cd4bf66"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="tosPop.css"

GET
H2 200 background-banner-red.png
costco-j1.getmemynewdeal.cloud/ 54 KB
54 KB 13ms
11ms Image
image/png 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://costco-j1.getmemynewdeal.cloud/background-banner-red.png

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7038e3210df3c916949cecc6faecb7a84a6c6874ba64bd67c907bf6d4d0470b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::b4d5f-1688843312023-390a1d5bd3a0
age: 61698
x-matched-path: /background-banner-red.png
etag: "268b23470dea0dcec1caf98fd299b3f1"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="background-banner-red.png"
accept-ranges: bytes
content-length: 55471

GET
H2 200 gradient-banner-red.png
costco-j1.getmemynewdeal.cloud/ 4 KB
4 KB 13ms
9ms Image
image/png 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://costco-j1.getmemynewdeal.cloud/gradient-banner-red.png

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

18908c9e70164ae9a1328cc7f7c7aada5bb13f9e443133aaaa2019ab7eb4174c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::mk87r-1688843312024-d2c4a8795a3b
age: 61698
x-matched-path: /gradient-banner-red.png
etag: "99e4ad2b811f43366e692097eb438549"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="gradient-banner-red.png"
accept-ranges: bytes
content-length: 4274

GET
H2 200 costco.png
costco-j1.getmemynewdeal.cloud/ 123 KB
123 KB 38ms
34ms Image
image/png 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://costco-j1.getmemynewdeal.cloud/costco.png

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

76b75838a749565b242f9694eb3f9d226b632f7d1ba3726a34792bbdfa41fad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::nhgcf-1688843312024-614033bf805d
age: 61698
x-matched-path: /costco.png
etag: "8e5a84e1060f8e367e6279ab266a4392"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="costco.png"
accept-ranges: bytes
content-length: 125905

GET
H2 200 logo2.jpg
costco-j1.getmemynewdeal.cloud/ 24 KB
24 KB 27ms
26ms Image
image/jpeg 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://costco-j1.getmemynewdeal.cloud/logo2.jpg

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d55800889536fcc94026ec6c72b8b797fe0f69e8ba6c9cf061da11b979e129c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::fl7nq-1688843312024-c9642dd20d79
age: 61698
x-matched-path: /logo2.jpg
etag: "82b973f38e5a4f591a1cfe7d8c42a57e"
x-vercel-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="logo2.jpg"
accept-ranges: bytes
content-length: 24784

GET select.png
development.chooseandwinpronto.com/mac/v1/ 0
0

OPTIONS
H2 204 display-details-v3
zoom-sf.genderseparator.com/api/projects/ 0
0 255ms
209ms Preflight 2606:4700:3036::6815:23e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zoom-sf.genderseparator.com/api/projects/display-details-v3?projectKey=DopTUOYaGZPmcQKVvEqPFeSo3R4jGjt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:23e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sdk-ver
Access-Control-Request-Method: POST
Origin: https://costco-j1.getmemynewdeal.cloud
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,Origin,Accept,X-Sdk-Ver
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: https://costco-j1.getmemynewdeal.cloud
access-control-max-age: 31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e3a9dcc9cd72bdc-FRA
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date: Sat, 08 Jul 2023 19:08:32 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2RppAACUFZjzO5sSAImwixVVARPpYMlSsnfuWR3hSpUsa3kC7wvjNtHALaPMLPmjRE4nB1hWnA2a0Sn6CgPMEVln6R14tT1pc7Bby3Qhqgq7CMBSliiC500a1Vctcjw%2B5BUQYDTDU%2Bd2JydHsGBCQvj2xlvGQo1VAU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none

POST
H2 200 display-details-v3 Show response
zoom-sf.genderseparator.com/api/projects/ 118 KB
89 KB 160ms
159ms XHR
text/plain 2606:4700:3036::6815:23e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zoom-sf.genderseparator.com/api/projects/display-details-v3?projectKey=DopTUOYaGZPmcQKVvEqPFeSo3R4jGjt

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/pages/_app-7012d55c46a869f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:23e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

627ff36c15a73155cba236b6531517b54ee7508f8865885d34bda617a1e59233

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://costco-j1.getmemynewdeal.cloud/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Sdk-Ver: 3010
Content-Type: application/json

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer
server: cloudflare
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://costco-j1.getmemynewdeal.cloud
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAuFKiRqvOC73Fv0ruKnZUXn%2Bl2ByZb3dDH4gmwavkWZNYhnUeOSTLIj%2BoHvBS2BQ99IF29UqQTUEoRzfUUUei9JdIxSd65N%2FbUKdmcYiBCxZX9odhwKQ1hGa1zeaAX0k%2FGRIzT2Qs73q4NGy5sJU4AAbbg2R5EDK20%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin
access-control-allow-credentials: true
cf-ray: 7e3a9dcdeec32bdc-FRA

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
222 B 285ms
89ms XHR
application/json 64.185.227.156
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/pages/_app-7012d55c46a869f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.156 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-227-156.static.webnx.com
Software: nginx/1.25.1 /
Resource Hash: 3a2a77692a4198b12b824bbd2a2152ede29002c75815c60a5e5d508ceb4345df

Request headers

Accept: application/json, text/plain, */*
Referer: https://costco-j1.getmemynewdeal.cloud/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 08 Jul 2023 19:08:32 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 22
Vary: Origin
Content-Type: application/json

GET
H2 200 SFProDisplay-Regular.woff
cdn.subscribefunnels.com/ab1ae428-a48a-46dc-8afe-426fbd445cb6/fonts/ 353 B
1 KB 43ms
13ms Font
application/xml 2606:4700:4400::6812:20bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.subscribefunnels.com/ab1ae428-a48a-46dc-8afe-426fbd445cb6/fonts/SFProDisplay-Regular.woff
Requested by: Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/home_files/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:20bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c321222cf241ccf3afad2685e362357d3661589660704105825ee6df3ecf2be5

Request headers

Referer: https://costco-j1.getmemynewdeal.cloud/
Origin: https://costco-j1.getmemynewdeal.cloud
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:08:32 GMT
x-amz-version-id: khXUhWhOMJVYj4uTNMcGtGSdsZZtZQET
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
age: 60875
x-cache: Miss from cloudfront
service-worker-allowed: /~cdn
last-modified: Fri, 20 May 2022 17:52:59 GMT
server: cloudflare
etag: W/"a0f25f8802b8fd3e43e1462fc9dea064"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e3a9dcc882303dc-FRA
x-amz-cf-id: v5D3-fzupXR_jG-a1SwO3sLKIOLnqVwitMnnbWthx3g6zd4QodNwEw==
expires: Sun, 07 Jul 2024 19:08:32 GMT

OPTIONS
H3 204 import-clicks
zoom-sf.genderseparator.com/api/plugins/konnektive/ 0
0 210ms
208ms Preflight 2606:4700:3036::6815:23e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zoom-sf.genderseparator.com/api/plugins/konnektive/import-clicks?projectKey=DopTUOYaGZPmcQKVvEqPFeSo3R4jGjt

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:23e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sdk-ver
Access-Control-Request-Method: POST
Origin: https://costco-j1.getmemynewdeal.cloud
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,Origin,Accept,X-Sdk-Ver
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: https://costco-j1.getmemynewdeal.cloud
access-control-max-age: 31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e3a9dd16c87699f-FRA
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date: Sat, 08 Jul 2023 19:08:33 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrESQ0kmnhqnh8RlS7ZqWix6DB59Mor9jSjCHK37vJsyJ7ph1jd7xZP8Uu%2BuGyg1QbrZRFLHcn1KUYuxY9M5onjzx%2FGbsHCpFoRC2sdwDV20VYFfCakwl6Apz4ScKzDOZspWcgkGYrAz6LEGZsZdGCW5IZx9jtZ3wWc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none

POST
H3 200 import-clicks Show response
zoom-sf.genderseparator.com/api/plugins/konnektive/ 492 B
1 KB 704ms
703ms XHR
text/plain 2606:4700:3036::6815:23e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zoom-sf.genderseparator.com/api/plugins/konnektive/import-clicks?projectKey=DopTUOYaGZPmcQKVvEqPFeSo3R4jGjt

Requested by

Host: costco-j1.getmemynewdeal.cloud
URL: https://costco-j1.getmemynewdeal.cloud/_next/static/chunks/pages/_app-7012d55c46a869f3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:23e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

10e3d3169d900992275d7193484179ef06b01d432244171d3e46c3783161320e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://costco-j1.getmemynewdeal.cloud/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Sdk-Ver: 3010
Content-Type: application/json

Response headers

date: Sat, 08 Jul 2023 19:08:33 GMT
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer
server: cloudflare
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://costco-j1.getmemynewdeal.cloud
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70j6VSmHCLZ9CSEM46aPv%2BEmW9i%2BmSWZi8qbAydv3B4%2FwuudZ1501Rm9lRII%2F7BZNykzhICJKJlJJG3CzqLWpagBRxTO7a556NH9U4mevLXSamh2MIve5c7zB2mzmzXiebV2RpFt3%2FJSh1SDyZBz5tkk41d10MTvux4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin
access-control-allow-credentials: true
cf-ray: 7e3a9dd2be8c699f-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: development.chooseandwinpronto.com
URL: https://development.chooseandwinpronto.com/mac/v1/select.png

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on July 8th 2023, 7:09:49 pm UTC — From United States

Threats: Malware Brand Impersonation Spearphishing
Brands: Costco US
Comment: RUSSIAN MALWARE used in constant PHISH campaigns is hosted behind https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=969b7176d4094fac9f95706fe5a3f3e0

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.gb90t4trk.com/	1970-01-20 13:07:26	Name: uniqueClick_51GJL6 Value: 35238b1c-1a2e-4c22-b46d-946f5cd48eed:1688843311
			www.gb90t4trk.com/	1970-01-20 15:16:59	Name: transaction_id Value: 3963687a74a847e9b01c3bca2ab6a0d9

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://development.chooseandwinpronto.com/mac/v1/select.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9 Message: Failed to decode downloaded font: https://cdn.subscribefunnels.com/ab1ae428-a48a-46dc-8afe-426fbd445cb6/fonts/SFProDisplay-Regular.woff
other	warning	URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9 Message: OTS parsing error: invalid sfntVersion: 1010792557
other	warning	URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9 Message: Failed to decode downloaded font: https://cdn.subscribefunnels.com/ab1ae428-a48a-46dc-8afe-426fbd445cb6/fonts/SFProDisplay-Regular.woff
other	warning	URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9 Message: OTS parsing error: invalid sfntVersion: 1010792557
other	warning	URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9 Message: Failed to decode downloaded font: https://cdn.subscribefunnels.com/ab1ae428-a48a-46dc-8afe-426fbd445cb6/fonts/SFProDisplay-Regular.woff
other	warning	URL: https://costco-j1.getmemynewdeal.cloud/?affId=30&c1=959&c2=0475dd0dda764dbfbf05b2178c56b4d5&c3=3963687a74a847e9b01c3bca2ab6a0d9 Message: OTS parsing error: invalid sfntVersion: 1010792557

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cdn.3dsintegrator.com
cdn.subscribefunnels.com
costco-j1.getmemynewdeal.cloud
development.chooseandwinpronto.com
www.gb90t4trk.com
zoom-sf.genderseparator.com
development.chooseandwinpronto.com
2600:9000:2057:e400:a:3d5:af40:93a1
2606:4700:3036::6815:23e6
2606:4700:4400::6812:20bf
34.117.228.72
64.185.227.156
76.76.21.22
0291171d1efdbf2967b6de21c2b80ecc3d724d8fd853caad2ac9e534d5e18593
10e3d3169d900992275d7193484179ef06b01d432244171d3e46c3783161320e
17e2306ef4cac287166d0853151ab9ecec2564f7538e41636a8e18ea2a8a24b5
18908c9e70164ae9a1328cc7f7c7aada5bb13f9e443133aaaa2019ab7eb4174c
1ed18aafde2ae4ba5b8168c7268ee6871e938be3dca9c935d5103c8cfdf70b57
2302516d7e6f94a04369674b586f621ce1b21a625f03d90ef7f9b065cdba81a4
33d3d92899f53d43444c3a63e8839ac834150865d925725ea9424e8f0bd37c6e
3a2a77692a4198b12b824bbd2a2152ede29002c75815c60a5e5d508ceb4345df
3bae49637bfed98cd6f1f2d86fb356247511516ac3916074227643f52c5dbc9a
627ff36c15a73155cba236b6531517b54ee7508f8865885d34bda617a1e59233
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7038e3210df3c916949cecc6faecb7a84a6c6874ba64bd67c907bf6d4d0470b5
76b75838a749565b242f9694eb3f9d226b632f7d1ba3726a34792bbdfa41fad9
7c31be0c3d6a9ed486c34e3092f2d591acfa259ec24bffbd4dfd8ae426f17897
a18a57598ef6c2440c07eddd199eec16c97861884335c4a0d6c826f524079a40
a2d1cb97f183785493fc5f3910db0fd06876f99a87984dd02261901cd506be62
bd6822206c51133ab569cc9764746dacca8f01787aceb70d4df41546e5d0ba68
c321222cf241ccf3afad2685e362357d3661589660704105825ee6df3ecf2be5
c47e1a4ad8d39486e026635c5972abfa0c0b22db6f534330fee5d0030a80f983
cb9e38b2064cf1be58ab82ba02a3cdea2f020e5fb5ff61cb7536c78b59e3ec49
d19d6a9921ee8fae4a5ac06ed392c789c76ac56b8aca4d2c1b8967f07d904dcb
d55800889536fcc94026ec6c72b8b797fe0f69e8ba6c9cf061da11b979e129c2
dfd0a5362fc2cc8403f122dc2edf41b0183f776d7afbb33bd243b7fcbb810973
e3374dc9f5e06ce96de195a85853092703467fec489146684f7c7ec1d7d414d5
f10934861f53ca8f5fb3a56454f058f9abb15fbcfe7161540505b5d07244a51f
f37ded039197fb8176a7b1fe195e9185f198bdbbec27c9ab8ff49f3515b4a776
f9dba7111aa9e260faaf5c755245a0ff6ad491d2e69d266b60d02024f63235c3
ff247be175be766672d4da9fa21fcbf97d20f2531228bb33353c6f38512e5be4

costco-j1.getmemynewdeal.cloud Open in urlscan Pro 76.76.21.22 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

50 %IPv6

7 Domains

7 Subdomains

6 IPs

1 Countries

750 kBTransfer

1906 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

costco-j1.getmemynewdeal.cloud Open in urlscan Pro
76.76.21.22 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

6
IPs

1
Countries

750 kB
Transfer

1906 kB
Size

2
Cookies

31 HTTP transactions
0 data transactions

Malicious page.url
Submitted on July 8th 2023, 7:09:49 pm UTC — From United States

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!