urlscan.io logo urlscan.io
SecurityTrails logo

top.premiumz.co Open in urlscan Pro
184.154.47.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gadjet-magazin.ru/campaigns/hz658myyha0c4/track-url/nn751lbyn404f/4c8b445d6622b747a672ba474d0ca81f33ac00dc
Effective URL: http://top.premiumz.co/?utm_term=6776640468122862001&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb888...
Submission: On December 31 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 8 domains to perform 5 HTTP transactions. The main IP is 184.154.47.14, located in Chicago, United States and belongs to SINGLEHOP-LLC - SingleHop LLC, US. The main domain is top.premiumz.co.
This is the only time top.premiumz.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.127.25.241 204490 (ASKONTEL)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 4 54.187.46.16 16509 (AMAZON-02)
2 2 139.59.199.9 14061 (DIGITALOC...)
2 184.154.47.14 32475 (SINGLEHOP...)
5 3
1    185.127.25.241 (Russian Federation)

ASN204490 (ASKONTEL, RU)
PTR: gadjet-magazin.ru
gadjet-magazin.ru
1    2606:4700:10::6814:db2a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tinyurl.com
1    2606:4700:30::681b:9c50 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
a.tr-k.site
4    54.187.46.16 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-187-46-16.us-west-2.compute.amazonaws.com
tracking.premierflows.com
right.tracksz.co
2    139.59.199.9 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
win-shoppingvouchers-de.com
2    184.154.47.14 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
top.premiumz.co
Apex Domain
Subdomains		 Transfer
2 premiumz.co
top.premiumz.co
5 KB
2 tracksz.co
right.tracksz.co
3 KB
2 win-shoppingvouchers-de.com
win-shoppingvouchers-de.com
915 B
2 premierflows.com
tracking.premierflows.com
3 KB
1 tr-k.site
a.tr-k.site
425 B
1 tinyurl.com
tinyurl.com
541 B
1 gadjet-magazin.ru
gadjet-magazin.ru
553 B
0 tracking.blue Failed
tracking.blue Failed
5 8
Domain Requested by
2 top.premiumz.co top.premiumz.co
2 right.tracksz.co 1 redirects
2 win-shoppingvouchers-de.com 2 redirects
2 tracking.premierflows.com 1 redirects
1 a.tr-k.site 1 redirects
1 tinyurl.com 1 redirects
1 gadjet-magazin.ru 1 redirects
0 tracking.blue Failed top.premiumz.co
5 8

This site contains no links.

Subject Issuer Validity Valid
*.trackrevenue.com
Amazon		 2019-06-26 -
2020-07-26		 a year crt.sh

This page contains 1 frames:

Frame: https://tracking.blue/a8bc6ab9-b9ab-4262-99aa-2874b7715d9f?partner_id=1163&pid=1163-540e058z&clickid=6776640468122862001
Frame ID: 3BFA9B5A2354006941464ACC23B06960
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://gadjet-magazin.ru/campaigns/hz658myyha0c4/track-url/nn751lbyn404f/4c8b445d6622b747a672ba474d0c... HTTP 301
    https://tinyurl.com/wfbb4t8 HTTP 301
    https://a.tr-k.site/click?pid=127930&offer_id=3758 HTTP 302
    https://tracking.premierflows.com/click/WoOsMo6ULDaSGlMZhg?affid=101833&c1=5e0b7698be82b6000171ad09&c3=127930 HTTP 302
    https://tracking.premierflows.com/main/d.php?s=1&link=https%3A%2F%2Fwin-shoppingvouchers-de.com%2Fde_de%2Ftr_c... Page URL
  2. https://win-shoppingvouchers-de.com/de_de/tr_credticarddenopre?clickid=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&netwo... HTTP 302
    https://win-shoppingvouchers-de.com/exit-url/redirect?externalId=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&type=geo HTTP 302
    https://right.tracksz.co/click/3N9zJTKyPM?c3=101833&c4=127930&c5=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&... HTTP 302
    https://right.tracksz.co/main/d.php?s=1&link=http%3A%2F%2Ftop.premiumz.co%2F%3Futm_medium%3D933b8a3a7... Page URL
  3. http://top.premiumz.co/?utm_medium=933b8a3a735b2ce5b19a0ff1885d4563b3840547&utm_campaign=404new&3=1... Page URL
  4. http://top.premiumz.co/?utm_term=6776640468122862001&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

40 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

3
IPs

3
Countries

5 kB
Transfer

10 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gadjet-magazin.ru/campaigns/hz658myyha0c4/track-url/nn751lbyn404f/4c8b445d6622b747a672ba474d0ca81f33ac00dc HTTP 301
    https://tinyurl.com/wfbb4t8 HTTP 301
    https://a.tr-k.site/click?pid=127930&offer_id=3758 HTTP 302
    https://tracking.premierflows.com/click/WoOsMo6ULDaSGlMZhg?affid=101833&c1=5e0b7698be82b6000171ad09&c3=127930 HTTP 302
    https://tracking.premierflows.com/main/d.php?s=1&link=https%3A%2F%2Fwin-shoppingvouchers-de.com%2Fde_de%2Ftr_credticarddenopre%3Fclickid%3DxQ0MUnR3IE-5e0b76983022ec68a110bcf5%26networkid%3D101833%26publisher%3D127930%26ept2%3D7a0f4941-ebb0-4eed-ad12-69b9a19d791b Page URL
  2. https://win-shoppingvouchers-de.com/de_de/tr_credticarddenopre?clickid=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&networkid=101833&publisher=127930&ept2=7a0f4941-ebb0-4eed-ad12-69b9a19d791b HTTP 302
    https://win-shoppingvouchers-de.com/exit-url/redirect?externalId=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&type=geo HTTP 302
    https://right.tracksz.co/click/3N9zJTKyPM?c3=101833&c4=127930&c5=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&c8=tr_credticarddenopre HTTP 302
    https://right.tracksz.co/main/d.php?s=1&link=http%3A%2F%2Ftop.premiumz.co%2F%3Futm_medium%3D933b8a3a735b2ce5b19a0ff1885d4563b3840547%26utm_campaign%3D404new%263%3D101833%264%3D127930%26cid%3DPK1yfjvC5x-5e0b7699689f625e72595582%26 Page URL
  3. http://top.premiumz.co/?utm_medium=933b8a3a735b2ce5b19a0ff1885d4563b3840547&utm_campaign=404new&3=101833&4=127930&cid=PK1yfjvC5x-5e0b7699689f625e72595582& Page URL
  4. http://top.premiumz.co/?utm_term=6776640468122862001&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://gadjet-magazin.ru/campaigns/hz658myyha0c4/track-url/nn751lbyn404f/4c8b445d6622b747a672ba474d0ca81f33ac00dc HTTP 301
  • https://tinyurl.com/wfbb4t8 HTTP 301
  • https://a.tr-k.site/click?pid=127930&offer_id=3758 HTTP 302
  • https://tracking.premierflows.com/click/WoOsMo6ULDaSGlMZhg?affid=101833&c1=5e0b7698be82b6000171ad09&c3=127930 HTTP 302
  • https://tracking.premierflows.com/main/d.php?s=1&link=https%3A%2F%2Fwin-shoppingvouchers-de.com%2Fde_de%2Ftr_credticarddenopre%3Fclickid%3DxQ0MUnR3IE-5e0b76983022ec68a110bcf5%26networkid%3D101833%26publisher%3D127930%26ept2%3D7a0f4941-ebb0-4eed-ad12-69b9a19d791b
Request Chain 1
  • https://win-shoppingvouchers-de.com/de_de/tr_credticarddenopre?clickid=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&networkid=101833&publisher=127930&ept2=7a0f4941-ebb0-4eed-ad12-69b9a19d791b HTTP 302
  • https://win-shoppingvouchers-de.com/exit-url/redirect?externalId=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&type=geo HTTP 302
  • https://right.tracksz.co/click/3N9zJTKyPM?c3=101833&c4=127930&c5=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&c8=tr_credticarddenopre HTTP 302
  • https://right.tracksz.co/main/d.php?s=1&link=http%3A%2F%2Ftop.premiumz.co%2F%3Futm_medium%3D933b8a3a735b2ce5b19a0ff1885d4563b3840547%26utm_campaign%3D404new%263%3D101833%264%3D127930%26cid%3DPK1yfjvC5x-5e0b7699689f625e72595582%26
Request Chain 3
  • http://top.premiumz.co/proc.php?0891ab5096b2c95c9fc44b87882fc83cbb32c3a9 HTTP 302
  • https://tracking.blue/a8bc6ab9-b9ab-4262-99aa-2874b7715d9f?partner_id=1163&pid=1163-540e058z&clickid=6776640468122862001

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
d.php
tracking.premierflows.com/main/
Redirect Chain
  • http://gadjet-magazin.ru/campaigns/hz658myyha0c4/track-url/nn751lbyn404f/4c8b445d6622b747a672ba474d0ca81f33ac00dc
  • https://tinyurl.com/wfbb4t8
  • https://a.tr-k.site/click?pid=127930&offer_id=3758
  • https://tracking.premierflows.com/click/WoOsMo6ULDaSGlMZhg?affid=101833&c1=5e0b7698be82b6000171ad09&c3=127930
  • https://tracking.premierflows.com/main/d.php?s=1&link=https%3A%2F%2Fwin-shoppingvouchers-de.com%2Fde_de%2Ftr_credticarddenopre%3Fclickid%3DxQ0MUnR3IE-5e0b76983022ec68a110bcf5%26networkid%3D101833%2...
262 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking.premierflows.com/main/d.php?s=1&link=https%3A%2F%2Fwin-shoppingvouchers-de.com%2Fde_de%2Ftr_credticarddenopre%3Fclickid%3DxQ0MUnR3IE-5e0b76983022ec68a110bcf5%26networkid%3D101833%26publisher%3D127930%26ept2%3D7a0f4941-ebb0-4eed-ad12-69b9a19d791b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.46.16 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-187-46-16.us-west-2.compute.amazonaws.com
Software
nginx/1.11.6 /
Resource Hash

Request headers

:method
GET
:authority
tracking.premierflows.com
:scheme
https
:path
/main/d.php?s=1&link=https%3A%2F%2Fwin-shoppingvouchers-de.com%2Fde_de%2Ftr_credticarddenopre%3Fclickid%3DxQ0MUnR3IE-5e0b76983022ec68a110bcf5%26networkid%3D101833%26publisher%3D127930%26ept2%3D7a0f4941-ebb0-4eed-ad12-69b9a19d791b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
AWSALB=fWdX3jF00oGe76iWdP0NHA7shKtJ5xVOlNj/Xj6gofLRR1r593kegXREgAk1UeXWoaFSf2bzj9yV4NKjcj0XdHyw92FRsQITkmRRbmIeiXZKRcJGBR9rDp5ldOkF; XSRF-TOKEN=eyJpdiI6ImRYdGIzaXhSUE9NaElQbXBMZklFUnc9PSIsInZhbHVlIjoiS2lSdG1uQld0K3djRkpBd2piZGpXeUxkZ0Z6Rmc2bithM3hDZUdob1J1ZWFmdGtzdkd6d1llTXJRdDY5M01kZGVzVzMrNXNyTmw2ZDhcL1lhZTNKV3JnPT0iLCJtYWMiOiIzMmZjODRkNzEzMThmMzY4YTliMjJlNGE0MzM0ZmE5YzkyMzc1NzgzNTk2ZmY1ZjRkODIzZTJhMzlkZGFhZDQ0In0%3D; session=eyJpdiI6InQ3RmRlSDNvT3lrRzNMbnQzM1FQUkE9PSIsInZhbHVlIjoiTnh2djdEclpNN1ZyTm1HNTVIZlRaWis3TWpMcThEYUlESzJlaTRHczB3VGhIbTNPVmY2TnNpWEN3WkNoTUhjNHNIcHVPWTE5eW82MlptYjdPbEc2OGc9PSIsIm1hYyI6ImE0NDA5OTg2MGMwZjBiZmI0NDA3ZjUzZjlhY2YzZDU5ZWY4ZTBiN2VlMjEwNDlkNmEyZDg5YjlhNWFlMzY4MTgifQ%3D%3D; ept2=eyJpdiI6IlRTSHRmcm5IQW1zaWV1WlwvSjlaOGxnPT0iLCJ2YWx1ZSI6InRhVTVSSGJiOXF6cDJHTGdya2Z6dVJsd0JiMjZJOVpId0dTaXZzd05cLzM3Rnh5c2Z6RFpNNnZlR2xTSkpDV0hZWmtETmRid2Y5OGlkV1Mrbk5RY2VTdEEya3Y4VGVxY2dzcHJBUHZ3ekI4VkFBQnFkNmp3WXVDUlwvMW80MTNMN0NPWDc0YWoxRE1UUVhkeGxoWExvVDlzZWIybGxOdFBrZmlRR3FUbVVHZlpRc1ZlK1wvZ0xnekRudWRkclBUUGFxMCIsIm1hYyI6Ijk1YTFjMmU5ZWY1Y2Y3YWIwZWNjYWY5ODg5YTQwYTc0OGFlNzk1ZTYxOGE3Mzk1MzYyOWY2ZDhlMDdkMGNkNjQifQ%3D%3D; RwPpHbmia7LRpXHzqiz1KSxhy8XpMvORK3cDTk3w=eyJpdiI6ImJcL2UreGt0M2RXRGFMdk82aVJ4RWpRPT0iLCJ2YWx1ZSI6IlhNYUtwRzExWGlSUVZwNFhFc3M3S3NkYU1pelRFVkRUY29iQnplVlh6dTF5WVVzTm0yNEZnOFNra3Z1XC9uMkswWGtcL3RhdFlyVlIrTnA2cnJsU3JMa1ArUFE1WXZZU0orY2txbjI1dUt4WFhWQzhcLzNrNDRRanNPY3htcWg1YnU3RlhnYWR4ajVQNWo4OTd3ckJlbnhUZ0MwMTJtK1RxRndMK1g0YUNYSExqdFZ2OHFXTmNKRFRNRzloZzBDeDltcFdRWHQ4ZDlxUUc1Qzh5OVk4aXFPYUtJXC9YNEk3NTdRUlVZMmdcL291UjBNVlpYY1hZaDBkMFwvTHlmdk9rZ3NUUlRXMUxvbERvWk9CcVwvQ2F5OU9wT0M3c1FGaEE4SWJwcWVXRm5tNmRsUStBVXFuV0FrQkdkNFUzMWxLKzFWQUFUZzVrZ0pwNGtyVlBEYlRwc1lXc2RGOWNLZ1FiZk9HYnJEOG5UazZVZUtxelNpcE4zajZHN2FBVm9rckFQRFZKNk1vZXdRRENOdThFVm16TVR5d1BwXC9WV1g1R29uNVRvcjNlMlVRelBEdlVnbmlMbFljVjZiVEhkZ05GUU56dGhcLzQ1TkJLUGxXdE5QN2c5bXkyK0gyQXFDTkxQSlBXcURkQmNpdk5nRnBSSm1WNVwvSmdWbHFmTmdUbnlsOXZFK2xRblYrS3pQNFFXVG5uS2F5ZForY2JcL0tLMFp4ZE9PVGRCZXY3YVhwZVNUVStBWkRRZUpOZStLaDk4aDRIZmU3NFRIY0dLZGg3bTNHOFY5OWxqbGdmSGFQS09MUnR1VzRld210Sk5lUGtheFgwd1FzV1wvOVc0anVqYkFEMGk2MlVrNVdQYW83Q2NxNWN0RmJBdUNTazI2cmJnPT0iLCJtYWMiOiIzZmJiMjc2ZjQyODIwZmMwNzJhNWU1ZWNkN2UxMzg0NmYwYjFlY2JlMGI3N2YxYmI4YmRhN2NjNGI4NmQ3NGE4In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 31 Dec 2019 16:26:01 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=4qlZHnw3eHZERRK4hfleOu75AiieqHjzQnGe7I1ngHMhs0NlMtxs8wZUHUurntDnlECSK03YNju8GceHoIdB7mEZg20ZJP2FegGNb7EHjgJhCojO5oO+9pV46PI+; Expires=Tue, 07 Jan 2020 16:26:01 GMT; Path=/
server
nginx/1.11.6
content-encoding
gzip

Redirect headers

status
302
date
Tue, 31 Dec 2019 16:26:00 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=fWdX3jF00oGe76iWdP0NHA7shKtJ5xVOlNj/Xj6gofLRR1r593kegXREgAk1UeXWoaFSf2bzj9yV4NKjcj0XdHyw92FRsQITkmRRbmIeiXZKRcJGBR9rDp5ldOkF; Expires=Tue, 07 Jan 2020 16:26:00 GMT; Path=/ XSRF-TOKEN=eyJpdiI6ImRYdGIzaXhSUE9NaElQbXBMZklFUnc9PSIsInZhbHVlIjoiS2lSdG1uQld0K3djRkpBd2piZGpXeUxkZ0Z6Rmc2bithM3hDZUdob1J1ZWFmdGtzdkd6d1llTXJRdDY5M01kZGVzVzMrNXNyTmw2ZDhcL1lhZTNKV3JnPT0iLCJtYWMiOiIzMmZjODRkNzEzMThmMzY4YTliMjJlNGE0MzM0ZmE5YzkyMzc1NzgzNTk2ZmY1ZjRkODIzZTJhMzlkZGFhZDQ0In0%3D; expires=Tue, 31-Dec-2019 18:26:00 GMT; Max-Age=7200; path=/ session=eyJpdiI6InQ3RmRlSDNvT3lrRzNMbnQzM1FQUkE9PSIsInZhbHVlIjoiTnh2djdEclpNN1ZyTm1HNTVIZlRaWis3TWpMcThEYUlESzJlaTRHczB3VGhIbTNPVmY2TnNpWEN3WkNoTUhjNHNIcHVPWTE5eW82MlptYjdPbEc2OGc9PSIsIm1hYyI6ImE0NDA5OTg2MGMwZjBiZmI0NDA3ZjUzZjlhY2YzZDU5ZWY4ZTBiN2VlMjEwNDlkNmEyZDg5YjlhNWFlMzY4MTgifQ%3D%3D; expires=Tue, 31-Dec-2019 18:26:00 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6IlRTSHRmcm5IQW1zaWV1WlwvSjlaOGxnPT0iLCJ2YWx1ZSI6InRhVTVSSGJiOXF6cDJHTGdya2Z6dVJsd0JiMjZJOVpId0dTaXZzd05cLzM3Rnh5c2Z6RFpNNnZlR2xTSkpDV0hZWmtETmRid2Y5OGlkV1Mrbk5RY2VTdEEya3Y4VGVxY2dzcHJBUHZ3ekI4VkFBQnFkNmp3WXVDUlwvMW80MTNMN0NPWDc0YWoxRE1UUVhkeGxoWExvVDlzZWIybGxOdFBrZmlRR3FUbVVHZlpRc1ZlK1wvZ0xnekRudWRkclBUUGFxMCIsIm1hYyI6Ijk1YTFjMmU5ZWY1Y2Y3YWIwZWNjYWY5ODg5YTQwYTc0OGFlNzk1ZTYxOGE3Mzk1MzYyOWY2ZDhlMDdkMGNkNjQifQ%3D%3D; expires=Wed, 01-Jan-2020 16:26:00 GMT; Max-Age=86400; path=/; HttpOnly RwPpHbmia7LRpXHzqiz1KSxhy8XpMvORK3cDTk3w=eyJpdiI6ImJcL2UreGt0M2RXRGFMdk82aVJ4RWpRPT0iLCJ2YWx1ZSI6IlhNYUtwRzExWGlSUVZwNFhFc3M3S3NkYU1pelRFVkRUY29iQnplVlh6dTF5WVVzTm0yNEZnOFNra3Z1XC9uMkswWGtcL3RhdFlyVlIrTnA2cnJsU3JMa1ArUFE1WXZZU0orY2txbjI1dUt4WFhWQzhcLzNrNDRRanNPY3htcWg1YnU3RlhnYWR4ajVQNWo4OTd3ckJlbnhUZ0MwMTJtK1RxRndMK1g0YUNYSExqdFZ2OHFXTmNKRFRNRzloZzBDeDltcFdRWHQ4ZDlxUUc1Qzh5OVk4aXFPYUtJXC9YNEk3NTdRUlVZMmdcL291UjBNVlpYY1hZaDBkMFwvTHlmdk9rZ3NUUlRXMUxvbERvWk9CcVwvQ2F5OU9wT0M3c1FGaEE4SWJwcWVXRm5tNmRsUStBVXFuV0FrQkdkNFUzMWxLKzFWQUFUZzVrZ0pwNGtyVlBEYlRwc1lXc2RGOWNLZ1FiZk9HYnJEOG5UazZVZUtxelNpcE4zajZHN2FBVm9rckFQRFZKNk1vZXdRRENOdThFVm16TVR5d1BwXC9WV1g1R29uNVRvcjNlMlVRelBEdlVnbmlMbFljVjZiVEhkZ05GUU56dGhcLzQ1TkJLUGxXdE5QN2c5bXkyK0gyQXFDTkxQSlBXcURkQmNpdk5nRnBSSm1WNVwvSmdWbHFmTmdUbnlsOXZFK2xRblYrS3pQNFFXVG5uS2F5ZForY2JcL0tLMFp4ZE9PVGRCZXY3YVhwZVNUVStBWkRRZUpOZStLaDk4aDRIZmU3NFRIY0dLZGg3bTNHOFY5OWxqbGdmSGFQS09MUnR1VzRld210Sk5lUGtheFgwd1FzV1wvOVc0anVqYkFEMGk2MlVrNVdQYW83Q2NxNWN0RmJBdUNTazI2cmJnPT0iLCJtYWMiOiIzZmJiMjc2ZjQyODIwZmMwNzJhNWU1ZWNkN2UxMzg0NmYwYjFlY2JlMGI3N2YxYmI4YmRhN2NjNGI4NmQ3NGE4In0%3D; expires=Tue, 31-Dec-2019 18:26:00 GMT; Max-Age=7200; path=/; HttpOnly
server
nginx/1.11.6
cache-control
no-cache, private
location
/main/d.php?s=1&link=https%3A%2F%2Fwin-shoppingvouchers-de.com%2Fde_de%2Ftr_credticarddenopre%3Fclickid%3DxQ0MUnR3IE-5e0b76983022ec68a110bcf5%26networkid%3D101833%26publisher%3D127930%26ept2%3D7a0f4941-ebb0-4eed-ad12-69b9a19d791b
d.php
right.tracksz.co/main/
Redirect Chain
  • https://win-shoppingvouchers-de.com/de_de/tr_credticarddenopre?clickid=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&networkid=101833&publisher=127930&ept2=7a0f4941-ebb0-4eed-ad12-69b9a19d791b
  • https://win-shoppingvouchers-de.com/exit-url/redirect?externalId=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&type=geo
  • https://right.tracksz.co/click/3N9zJTKyPM?c3=101833&c4=127930&c5=xQ0MUnR3IE-5e0b76983022ec68a110bcf5&c8=tr_credticarddenopre
  • https://right.tracksz.co/main/d.php?s=1&link=http%3A%2F%2Ftop.premiumz.co%2F%3Futm_medium%3D933b8a3a735b2ce5b19a0ff1885d4563b3840547%26utm_campaign%3D404new%263%3D101833%264%3D127930%26cid%3DPK1yfj...
234 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://right.tracksz.co/main/d.php?s=1&link=http%3A%2F%2Ftop.premiumz.co%2F%3Futm_medium%3D933b8a3a735b2ce5b19a0ff1885d4563b3840547%26utm_campaign%3D404new%263%3D101833%264%3D127930%26cid%3DPK1yfjvC5x-5e0b7699689f625e72595582%26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.46.16 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-187-46-16.us-west-2.compute.amazonaws.com
Software
nginx/1.11.6 /
Resource Hash
a18b869c60ef48918ee2680383508fdd126880687b72cd42649445060a9699c5

Request headers

:method
GET
:authority
right.tracksz.co
:scheme
https
:path
/main/d.php?s=1&link=http%3A%2F%2Ftop.premiumz.co%2F%3Futm_medium%3D933b8a3a735b2ce5b19a0ff1885d4563b3840547%26utm_campaign%3D404new%263%3D101833%264%3D127930%26cid%3DPK1yfjvC5x-5e0b7699689f625e72595582%26
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
AWSALB=eqI8DVOcvTOJLN+ydX043gyBQREhxXeymR0DE3z5HIKLRsuONnqo4sI5+NBL/f6qtOGLJfildLHIsJxl3uTiAgKdgN2fgC+6UQvIW4LEBghC5MAYoDMjqLh7L3lm; XSRF-TOKEN=eyJpdiI6IlJUd1g0ZkJEdXpXSVIxMGFCZklIemc9PSIsInZhbHVlIjoia2xwUng5K1ZjZnEyZGl4emxRVDBYNG1yQzY4amxOZCt5XC90M0lDM1pnWFBrazhmdmtyWkdSTzhiNWhjWStpbCtqcU53UUFpVjdxd2hBQUhCeTFpR3hRPT0iLCJtYWMiOiIyMjZhYTJlYThiMjYyYTZhNjI3NzBhMWE4YjQ0ZGY5ZjdiNjI5ZTY2OTY0ZGZiNjBiNmFmY2QyMzg4MTVhNzY2In0%3D; session=eyJpdiI6ImthTE40Rm9EM3J5ZWNmOEpBQzV4a1E9PSIsInZhbHVlIjoiZFVcL3VzcjZycTlwV2d5QUo1VmFNREoxdDk3RzFQZEZqcXVlWXBnUTZWK1E5ZEVWNmxBUW1ZazNrRVJlZDVuY2czYXAwUFJUZU80eENPdEF5cDd5QWZBPT0iLCJtYWMiOiJlMzExOWI4YjA2YTVmYzllZTdkYTkxZDUwMzQwYjlmYjI2NWVmMzBiMTBjZWNkZDU3M2Y1OTc0NGIwMWExMjM4In0%3D; ept2=eyJpdiI6IlpkR1dBUEhkcHRyYUM0RU5XWUZWdnc9PSIsInZhbHVlIjoiMG5JejhTOHlTSjJWNEJObXkxZjZaUnRWRllnNmttMEI0aURxXC90NUhZV1c2SGlYR1JHN2Y4M1RwNU5XYnJmemZhMmkwWkt1ZUt0T01nblBnWFppQWxQSFk2RiswTnZ5Ym1WZ0xHV3Exb1ZLKzYwbFlnUXVLUjdIRnhMK084aHJjYW9GQkh6MzVHM1ZoSnN5Z3pGaE4zNG5JXC8wXC9SQ0NrRnR6c1BLQVRqWXBnNFltNklDRW9QTmxVaUkyejBaTks2IiwibWFjIjoiOWI1NmIyZTAxYTczMjU2Y2ZhZjRlOWNjYTJlYjMwYzVlZGZjNjg2ZWY5ODExNmU1MWJhMWQyODQwNDRiYzFlMyJ9; 3sLHrckmV4Lc8hlVk4rxv7emCryTt5oJFUfX4ELQ=eyJpdiI6IjJLZjR3NHlqTHhhbWxSdlVmd1ZFb3c9PSIsInZhbHVlIjoiK21acTNyOW8xS3ZsUGpPdEI2RWhRWkU4SVwvRUUxWXJ6WnNKVm02WHNURkhXRXFza1ZsaUNQckM0K2xPclNXSnBVNVwveVliMElVdmVucDBab1czZXRaT05ZT1RaNzVIVFpHRUhTSVpZaXVDdUF0VDNYVVNZb3NiRUxYbm1CSHZCT0l5Uzlacm9zUFh5ZnhMQVp3d1Fhd2R2SHF4ZVFhbEZhYmNQT0Juem5OZXo0ZUxhek5sbHcycXZxWW9kXC9JNWpwS1krTWJWOXFjZ3duNHlvbzdRSlVuNGxINWxrZmlsNlZyZGlPcWZHalwvelZHSk5YcGdjTGhXeVVHVG84T09WNGltM0x2QTV4M1laSmYycnJNb050M1dsNnNDcTBrUmp3XC92anc4TVozdms4WUh6MmVcLzV0MFI4eXk4ck96MjV2RHJVUUZKWHR1aFJuNlVEV1I3MVVZV25GQWRcLzljRE91dVprTk84VWhWRXZ0YjhlOFhFUEVWMDhBNHBwcE5qaE43TFdZUWZQY21TM25xcG05NG5tM2JHWlRrV1BOUEd3NFR0N0wyZEdLOVdWTFNYVWhtclwvVnkyd2pBQmp2cFZ3cnhRd3FJQzJEOE8xXC9hODBKRkNpWHhoRlhKb2pRN2c0ODJtc2JxNktNTWVYVVA3ek00ek5xQlgxZFFjc09oRFZ3ODFcL1FUaEJpT0U4ZzBldG1KV2NBMU1aXC91OUppRVR1Z2daeDI5MjFaNzJnaXpSR0ZIRERxOGc1K0grbmZOTlJ2eWlvc0hOM0NCc0RZUWw1U25nQVY4b1QrSWZoY1wvUGpJMkNFaUZhMVVUcWhLdVJZWkczV2JCa3BxaEZcLzliK0tEcVAyUVVMNlpDT2VxRW5OZDdjTE9SbmRnPT0iLCJtYWMiOiIzM2FlMmMzNDM3NDc1NDA1MmI1NDhjODdlNjYzMjY2ZTE2MzRiNGFiZWY3ZjM1ZDcwZmQ0ODI5ZWNhMjg4NmViIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 31 Dec 2019 16:26:02 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=r1UD6y1VcoObI1IQSMIu+RcnL0Jc0GN2Abv1L+o8vCl2f8V5IN72BYjHs32vXB9lKkKl1LSdY/AcIpn8PNU/YJnE87zGI+KXH+EMxjBgJ/OuzM5UzOORQQJtOJAP; Expires=Tue, 07 Jan 2020 16:26:02 GMT; Path=/
server
nginx/1.11.6
content-encoding
gzip

Redirect headers

status
302
date
Tue, 31 Dec 2019 16:26:01 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=eqI8DVOcvTOJLN+ydX043gyBQREhxXeymR0DE3z5HIKLRsuONnqo4sI5+NBL/f6qtOGLJfildLHIsJxl3uTiAgKdgN2fgC+6UQvIW4LEBghC5MAYoDMjqLh7L3lm; Expires=Tue, 07 Jan 2020 16:26:01 GMT; Path=/ XSRF-TOKEN=eyJpdiI6IlJUd1g0ZkJEdXpXSVIxMGFCZklIemc9PSIsInZhbHVlIjoia2xwUng5K1ZjZnEyZGl4emxRVDBYNG1yQzY4amxOZCt5XC90M0lDM1pnWFBrazhmdmtyWkdSTzhiNWhjWStpbCtqcU53UUFpVjdxd2hBQUhCeTFpR3hRPT0iLCJtYWMiOiIyMjZhYTJlYThiMjYyYTZhNjI3NzBhMWE4YjQ0ZGY5ZjdiNjI5ZTY2OTY0ZGZiNjBiNmFmY2QyMzg4MTVhNzY2In0%3D; expires=Tue, 31-Dec-2019 18:26:01 GMT; Max-Age=7200; path=/ session=eyJpdiI6ImthTE40Rm9EM3J5ZWNmOEpBQzV4a1E9PSIsInZhbHVlIjoiZFVcL3VzcjZycTlwV2d5QUo1VmFNREoxdDk3RzFQZEZqcXVlWXBnUTZWK1E5ZEVWNmxBUW1ZazNrRVJlZDVuY2czYXAwUFJUZU80eENPdEF5cDd5QWZBPT0iLCJtYWMiOiJlMzExOWI4YjA2YTVmYzllZTdkYTkxZDUwMzQwYjlmYjI2NWVmMzBiMTBjZWNkZDU3M2Y1OTc0NGIwMWExMjM4In0%3D; expires=Tue, 31-Dec-2019 18:26:01 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6IlpkR1dBUEhkcHRyYUM0RU5XWUZWdnc9PSIsInZhbHVlIjoiMG5JejhTOHlTSjJWNEJObXkxZjZaUnRWRllnNmttMEI0aURxXC90NUhZV1c2SGlYR1JHN2Y4M1RwNU5XYnJmemZhMmkwWkt1ZUt0T01nblBnWFppQWxQSFk2RiswTnZ5Ym1WZ0xHV3Exb1ZLKzYwbFlnUXVLUjdIRnhMK084aHJjYW9GQkh6MzVHM1ZoSnN5Z3pGaE4zNG5JXC8wXC9SQ0NrRnR6c1BLQVRqWXBnNFltNklDRW9QTmxVaUkyejBaTks2IiwibWFjIjoiOWI1NmIyZTAxYTczMjU2Y2ZhZjRlOWNjYTJlYjMwYzVlZGZjNjg2ZWY5ODExNmU1MWJhMWQyODQwNDRiYzFlMyJ9; expires=Wed, 01-Jan-2020 16:26:01 GMT; Max-Age=86400; path=/; HttpOnly 3sLHrckmV4Lc8hlVk4rxv7emCryTt5oJFUfX4ELQ=eyJpdiI6IjJLZjR3NHlqTHhhbWxSdlVmd1ZFb3c9PSIsInZhbHVlIjoiK21acTNyOW8xS3ZsUGpPdEI2RWhRWkU4SVwvRUUxWXJ6WnNKVm02WHNURkhXRXFza1ZsaUNQckM0K2xPclNXSnBVNVwveVliMElVdmVucDBab1czZXRaT05ZT1RaNzVIVFpHRUhTSVpZaXVDdUF0VDNYVVNZb3NiRUxYbm1CSHZCT0l5Uzlacm9zUFh5ZnhMQVp3d1Fhd2R2SHF4ZVFhbEZhYmNQT0Juem5OZXo0ZUxhek5sbHcycXZxWW9kXC9JNWpwS1krTWJWOXFjZ3duNHlvbzdRSlVuNGxINWxrZmlsNlZyZGlPcWZHalwvelZHSk5YcGdjTGhXeVVHVG84T09WNGltM0x2QTV4M1laSmYycnJNb050M1dsNnNDcTBrUmp3XC92anc4TVozdms4WUh6MmVcLzV0MFI4eXk4ck96MjV2RHJVUUZKWHR1aFJuNlVEV1I3MVVZV25GQWRcLzljRE91dVprTk84VWhWRXZ0YjhlOFhFUEVWMDhBNHBwcE5qaE43TFdZUWZQY21TM25xcG05NG5tM2JHWlRrV1BOUEd3NFR0N0wyZEdLOVdWTFNYVWhtclwvVnkyd2pBQmp2cFZ3cnhRd3FJQzJEOE8xXC9hODBKRkNpWHhoRlhKb2pRN2c0ODJtc2JxNktNTWVYVVA3ek00ek5xQlgxZFFjc09oRFZ3ODFcL1FUaEJpT0U4ZzBldG1KV2NBMU1aXC91OUppRVR1Z2daeDI5MjFaNzJnaXpSR0ZIRERxOGc1K0grbmZOTlJ2eWlvc0hOM0NCc0RZUWw1U25nQVY4b1QrSWZoY1wvUGpJMkNFaUZhMVVUcWhLdVJZWkczV2JCa3BxaEZcLzliK0tEcVAyUVVMNlpDT2VxRW5OZDdjTE9SbmRnPT0iLCJtYWMiOiIzM2FlMmMzNDM3NDc1NDA1MmI1NDhjODdlNjYzMjY2ZTE2MzRiNGFiZWY3ZjM1ZDcwZmQ0ODI5ZWNhMjg4NmViIn0%3D; expires=Tue, 31-Dec-2019 18:26:01 GMT; Max-Age=7200; path=/; HttpOnly
server
nginx/1.11.6
cache-control
no-cache, private
location
/main/d.php?s=1&link=http%3A%2F%2Ftop.premiumz.co%2F%3Futm_medium%3D933b8a3a735b2ce5b19a0ff1885d4563b3840547%26utm_campaign%3D404new%263%3D101833%264%3D127930%26cid%3DPK1yfjvC5x-5e0b7699689f625e72595582%26
Cookie set /
top.premiumz.co/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://top.premiumz.co/?utm_medium=933b8a3a735b2ce5b19a0ff1885d4563b3840547&utm_campaign=404new&3=101833&4=127930&cid=PK1yfjvC5x-5e0b7699689f625e72595582&
Protocol
HTTP/1.1
Server
184.154.47.14 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
9be247e1f2e7d6577012fbf6dbabddfee13807068ca45ac5e4896f15192eed1a

Request headers

Host
top.premiumz.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Tue, 31 Dec 2019 16:26:02 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.4
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
u=a5f199c28b81ced475e394748ad3eec1; expires=Wed, 30-Dec-2020 16:26:02 GMT; Max-Age=31536000; path=/
Content-Encoding
gzip
Primary Request /
top.premiumz.co/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://top.premiumz.co/?utm_term=6776640468122862001&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Requested by
Host: top.premiumz.co
URL: http://top.premiumz.co/?utm_medium=933b8a3a735b2ce5b19a0ff1885d4563b3840547&utm_campaign=404new&3=101833&4=127930&cid=PK1yfjvC5x-5e0b7699689f625e72595582&
Protocol
HTTP/1.1
Server
184.154.47.14 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
34e2d0530d7a134da1370df0a4eaa397c1ebb9ef5ab43e6469a1a8deab255b49

Request headers

Host
top.premiumz.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://top.premiumz.co/?utm_medium=933b8a3a735b2ce5b19a0ff1885d4563b3840547&utm_campaign=404new&3=101833&4=127930&cid=PK1yfjvC5x-5e0b7699689f625e72595582&
Accept-Encoding
gzip, deflate
Cookie
u=a5f199c28b81ced475e394748ad3eec1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://top.premiumz.co/?utm_medium=933b8a3a735b2ce5b19a0ff1885d4563b3840547&utm_campaign=404new&3=101833&4=127930&cid=PK1yfjvC5x-5e0b7699689f625e72595582&

Response headers

Server
nginx
Date
Tue, 31 Dec 2019 16:26:02 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.4
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
a8bc6ab9-b9ab-4262-99aa-2874b7715d9f
tracking.blue/
Redirect Chain
  • http://top.premiumz.co/proc.php?0891ab5096b2c95c9fc44b87882fc83cbb32c3a9
  • https://tracking.blue/a8bc6ab9-b9ab-4262-99aa-2874b7715d9f?partner_id=1163&pid=1163-540e058z&clickid=6776640468122862001
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tracking.blue
URL
https://tracking.blue/a8bc6ab9-b9ab-4262-99aa-2874b7715d9f?partner_id=1163&pid=1163-540e058z&clickid=6776640468122862001

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies