urlscan.io logo urlscan.io
SecurityTrails logo

am.deal-warriors.com Open in urlscan Pro
2606:4700:3033::6815:3b0c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vsdqe.com/98Ob6B
Effective URL: https://am.deal-warriors.com/lp24/?v1=1d496526-cf9a-495d-9cc7-c0b7ad2b9ef0_142759&clickid=wbsgvd0g4b1mt8jh26539g1u
Submission: On July 14 via manual from GB — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 14 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3033::6815:3b0c, located in United States and belongs to CLOUDFLARENET, US. The main domain is am.deal-warriors.com. The Cisco Umbrella rank of the primary domain is 602886.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 18th 2022. Valid for: a year.
This is the only time am.deal-warriors.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 206.188.196.110 399629 (BLNWX)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 3.215.158.190 14618 (AMAZON-AES)
1 1 34.117.79.165 396982 (GOOGLE-CL...)
1 1 52.28.201.141 16509 (AMAZON-02)
1 1 161.35.86.176 14061 (DIGITALOC...)
2 18.193.209.105 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 52.216.81.51 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
9 6
1    206.188.196.110 (Amsterdam, Netherlands)

ASN399629 (BLNWX, US)
vsdqe.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
t.fun2shop.online
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
livraisongrouper.com
1    3.215.158.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-158-190.compute-1.amazonaws.com
armalecom-squessels.icu
1    34.117.79.165 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.79.117.34.bc.googleusercontent.com
www.hb6trk.com
1    52.28.201.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-201-141.eu-central-1.compute.amazonaws.com
ryzvxm.com
1    161.35.86.176 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
last-burner.com
2    18.193.209.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com
exit-back.com
retrackz.com
2    2606:4700:3033::6815:3b0c (United States)

ASN13335 (CLOUDFLARENET, US)
am.deal-warriors.com
1    2a02:26f0:3500:11::215:14d5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
pushtoast-a.akamaihd.net
1    52.216.81.51 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2606:4700::6812:1f97 (United States)

ASN13335 (CLOUDFLARENET, US)
signals.aimtell.com
2    2606:4700:10::6816:47e7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aimtell.io
Apex Domain
Subdomains		 Transfer
2 aimtell.io
cdn.aimtell.io — Cisco Umbrella Rank: 7528
1 KB
2 deal-warriors.com
am.deal-warriors.com — Cisco Umbrella Rank: 602886
36 KB
1 aimtell.com
signals.aimtell.com — Cisco Umbrella Rank: 5171
434 B
1 amazonaws.com
s3.amazonaws.com
13 KB
1 akamaihd.net
pushtoast-a.akamaihd.net — Cisco Umbrella Rank: 79727
36 KB
1 retrackz.com
retrackz.com — Cisco Umbrella Rank: 179843
488 B
1 exit-back.com
exit-back.com
1 KB
1 last-burner.com
last-burner.com
443 B
1 ryzvxm.com
ryzvxm.com
329 B
1 hb6trk.com
www.hb6trk.com
434 B
1 armalecom-squessels.icu
armalecom-squessels.icu
560 B
1 livraisongrouper.com
livraisongrouper.com
1 KB
1 fun2shop.online
t.fun2shop.online
2 KB
1 vsdqe.com
vsdqe.com
183 B
9 14
Domain Requested by
2 cdn.aimtell.io s3.amazonaws.com
2 am.deal-warriors.com am.deal-warriors.com
1 signals.aimtell.com s3.amazonaws.com
1 s3.amazonaws.com pushtoast-a.akamaihd.net
1 pushtoast-a.akamaihd.net am.deal-warriors.com
1 retrackz.com
1 exit-back.com
1 last-burner.com 1 redirects
1 ryzvxm.com 1 redirects
1 www.hb6trk.com 1 redirects
1 armalecom-squessels.icu 1 redirects
1 livraisongrouper.com 1 redirects
1 t.fun2shop.online 1 redirects
1 vsdqe.com 1 redirects
9 14

This site contains no links.

Subject Issuer Validity Valid
exit-back.com
R3		 2022-06-10 -
2022-09-08		 3 months crt.sh
retrackz.com
R3		 2022-06-10 -
2022-09-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-18 -
2023-04-17		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
aimtell.com
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://am.deal-warriors.com/lp24/?v1=1d496526-cf9a-495d-9cc7-c0b7ad2b9ef0_142759&clickid=wbsgvd0g4b1mt8jh26539g1u
Frame ID: E7A4A45E9EF6F2C8AF78BCA9FB8DEFED
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://vsdqe.com/98Ob6B HTTP 302
    https://t.fun2shop.online/aff_c?offer_id=2619&aff_id=1&aff_sub=UK50.A.2 HTTP 302
    https://livraisongrouper.com/c/FEWaVsO?s1=102f93cfe8c979f32da4c1c3c85af5&s2=1&s3=UK50.A.2&offer_id=2619 HTTP 301
    https://armalecom-squessels.icu/a4c17330-f063-4439-b420-925dd70fc107?external_id=2df83ea6-8b7f-4956-ab44-407... HTTP 302
    https://www.hb6trk.com/cmp/2KLL51/2WKDNZ/?sub1=wvpcv862i52668jhiu57n676 HTTP 302
    https://ryzvxm.com/pl?o=f2a4c5e5dea92998e21e01f5c08ffdd4:a14ee90b567e6821a6d6f9d8d04f1e16&sub_i... HTTP 302
    https://last-burner.com/dsrgxtr/swpstks/index.php?clickid=4773e23c-721f-477a-b1bc-b085d8d45222&v1=14... HTTP 302
    https://exit-back.com/d96a3ed9-10a1-41de-ad44-f73572d6087f?clickid=4773e23c-721f-477a-b1bc-b085d8d... Page URL
  2. https://retrackz.com/redirect?target=BASE64aHR0cHM6Ly9hbS5kZWFsLXdhcnJpb3JzLmNvbS9scDI0Lz92MT0xZD... Page URL
  3. https://am.deal-warriors.com/lp24/?v1=1d496526-cf9a-495d-9cc7-c0b7ad2b9ef0_142759&clickid=wbsgvd0g4b1mt8j... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.aimtell\.\w+/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

46 %
IPv6

14
Domains

14
Subdomains

6
IPs

3
Countries

88 kB
Transfer

260 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vsdqe.com/98Ob6B HTTP 302
    https://t.fun2shop.online/aff_c?offer_id=2619&aff_id=1&aff_sub=UK50.A.2 HTTP 302
    https://livraisongrouper.com/c/FEWaVsO?s1=102f93cfe8c979f32da4c1c3c85af5&s2=1&s3=UK50.A.2&offer_id=2619 HTTP 301
    https://armalecom-squessels.icu/a4c17330-f063-4439-b420-925dd70fc107?external_id=2df83ea6-8b7f-4956-ab44-407bacc59232 HTTP 302
    https://www.hb6trk.com/cmp/2KLL51/2WKDNZ/?sub1=wvpcv862i52668jhiu57n676 HTTP 302
    https://ryzvxm.com/pl?o=f2a4c5e5dea92998e21e01f5c08ffdd4:a14ee90b567e6821a6d6f9d8d04f1e16&sub_id=64&cid=3ad81ce38700420597bf7b47244e3599 HTTP 302
    https://last-burner.com/dsrgxtr/swpstks/index.php?clickid=4773e23c-721f-477a-b1bc-b085d8d45222&v1=142759&v2=%7Bsubid%7D&offer_id=37598&campaign_id=1003689&lid=4773e23c-721f-477a-b1bc-b085d8d45222&ap=2&src=142759&hash=465186b543a63d9357dc753e99a60037 HTTP 302
    https://exit-back.com/d96a3ed9-10a1-41de-ad44-f73572d6087f?clickid=4773e23c-721f-477a-b1bc-b085d8d45222&v1=142759&v2=%7Bsubid%7D&offer_id=37598&campaign_id=1003689&lid=4773e23c-721f-477a-b1bc-b085d8d45222&ap=2&src=142759&hash=465186b543a63d9357dc753e99a60037 Page URL
  2. https://retrackz.com/redirect?target=BASE64aHR0cHM6Ly9hbS5kZWFsLXdhcnJpb3JzLmNvbS9scDI0Lz92MT0xZDQ5NjUyNi1jZjlhLTQ5NWQtOWNjNy1jMGI3YWQyYjllZjBfMTQyNzU5JmNsaWNraWQ9d2JzZ3ZkMGc0YjFtdDhqaDI2NTM5ZzF1&ts=1657814760869&hash=sR5TXlyZRmjIyOSqyJ1dt5EyIGt5IMJ2tdIAeKhlGXo&rm=D Page URL
  3. https://am.deal-warriors.com/lp24/?v1=1d496526-cf9a-495d-9cc7-c0b7ad2b9ef0_142759&clickid=wbsgvd0g4b1mt8jh26539g1u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://vsdqe.com/98Ob6B HTTP 302
  • https://t.fun2shop.online/aff_c?offer_id=2619&aff_id=1&aff_sub=UK50.A.2 HTTP 302
  • https://livraisongrouper.com/c/FEWaVsO?s1=102f93cfe8c979f32da4c1c3c85af5&s2=1&s3=UK50.A.2&offer_id=2619 HTTP 301
  • https://armalecom-squessels.icu/a4c17330-f063-4439-b420-925dd70fc107?external_id=2df83ea6-8b7f-4956-ab44-407bacc59232 HTTP 302
  • https://www.hb6trk.com/cmp/2KLL51/2WKDNZ/?sub1=wvpcv862i52668jhiu57n676 HTTP 302
  • https://ryzvxm.com/pl?o=f2a4c5e5dea92998e21e01f5c08ffdd4:a14ee90b567e6821a6d6f9d8d04f1e16&sub_id=64&cid=3ad81ce38700420597bf7b47244e3599 HTTP 302
  • https://last-burner.com/dsrgxtr/swpstks/index.php?clickid=4773e23c-721f-477a-b1bc-b085d8d45222&v1=142759&v2=%7Bsubid%7D&offer_id=37598&campaign_id=1003689&lid=4773e23c-721f-477a-b1bc-b085d8d45222&ap=2&src=142759&hash=465186b543a63d9357dc753e99a60037 HTTP 302
  • https://exit-back.com/d96a3ed9-10a1-41de-ad44-f73572d6087f?clickid=4773e23c-721f-477a-b1bc-b085d8d45222&v1=142759&v2=%7Bsubid%7D&offer_id=37598&campaign_id=1003689&lid=4773e23c-721f-477a-b1bc-b085d8d45222&ap=2&src=142759&hash=465186b543a63d9357dc753e99a60037

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
d96a3ed9-10a1-41de-ad44-f73572d6087f
exit-back.com/
Redirect Chain
  • http://vsdqe.com/98Ob6B
  • https://t.fun2shop.online/aff_c?offer_id=2619&aff_id=1&aff_sub=UK50.A.2
  • https://livraisongrouper.com/c/FEWaVsO?s1=102f93cfe8c979f32da4c1c3c85af5&s2=1&s3=UK50.A.2&offer_id=2619
  • https://armalecom-squessels.icu/a4c17330-f063-4439-b420-925dd70fc107?external_id=2df83ea6-8b7f-4956-ab44-407bacc59232
  • https://www.hb6trk.com/cmp/2KLL51/2WKDNZ/?sub1=wvpcv862i52668jhiu57n676
  • https://ryzvxm.com/pl?o=f2a4c5e5dea92998e21e01f5c08ffdd4:a14ee90b567e6821a6d6f9d8d04f1e16&sub_id=64&cid=3ad81ce38700420597bf7b47244e3599
  • https://last-burner.com/dsrgxtr/swpstks/index.php?clickid=4773e23c-721f-477a-b1bc-b085d8d45222&v1=142759&v2=%7Bsubid%7D&offer_id=37598&campaign_id=1003689&lid=4773e23c-721f-477a-b1bc-b085d8d45222&a...
  • https://exit-back.com/d96a3ed9-10a1-41de-ad44-f73572d6087f?clickid=4773e23c-721f-477a-b1bc-b085d8d45222&v1=142759&v2=%7Bsubid%7D&offer_id=37598&campaign_id=1003689&lid=4773e23c-721f-477a-b1bc-b085d...
482 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exit-back.com/d96a3ed9-10a1-41de-ad44-f73572d6087f?clickid=4773e23c-721f-477a-b1bc-b085d8d45222&v1=142759&v2=%7Bsubid%7D&offer_id=37598&campaign_id=1003689&lid=4773e23c-721f-477a-b1bc-b085d8d45222&ap=2&src=142759&hash=465186b543a63d9357dc753e99a60037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.209.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-209-105.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
90c7defbfc4bc13b961de9fe375c7de764d62d09d7965e6b2f36becfdf576260

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
482
content-type
text/html;charset=UTF-8
date
Thu, 14 Jul 2022 16:06:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Jul 2022 16:06:00 GMT
Location
https://exit-back.com/d96a3ed9-10a1-41de-ad44-f73572d6087f?clickid=4773e23c-721f-477a-b1bc-b085d8d45222&v1=142759&v2=%7Bsubid%7D&offer_id=37598&campaign_id=1003689&lid=4773e23c-721f-477a-b1bc-b085d8d45222&ap=2&src=142759&hash=465186b543a63d9357dc753e99a60037
Server
nginx/1.14.2
Transfer-Encoding
chunked
redirect
retrackz.com/ 		326 B
488 B 		Document
General
Check archive.org
Download Go to
Full URL
https://retrackz.com/redirect?target=BASE64aHR0cHM6Ly9hbS5kZWFsLXdhcnJpb3JzLmNvbS9scDI0Lz92MT0xZDQ5NjUyNi1jZjlhLTQ5NWQtOWNjNy1jMGI3YWQyYjllZjBfMTQyNzU5JmNsaWNraWQ9d2JzZ3ZkMGc0YjFtdDhqaDI2NTM5ZzF1&ts=1657814760869&hash=sR5TXlyZRmjIyOSqyJ1dt5EyIGt5IMJ2tdIAeKhlGXo&rm=D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.209.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-209-105.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://exit-back.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
326
content-type
text/html;charset=UTF-8
date
Thu, 14 Jul 2022 16:06:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
Primary Request /
am.deal-warriors.com/lp24/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am.deal-warriors.com/lp24/?v1=1d496526-cf9a-495d-9cc7-c0b7ad2b9ef0_142759&clickid=wbsgvd0g4b1mt8jh26539g1u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d97e29429040c07d113b52788b2a215c21ad94b6af7bc4d57927882544f95a

Request headers

Referer
https://retrackz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72ab80d0fe63b772-AMS
content-encoding
br
content-type
text/html
date
Thu, 14 Jul 2022 16:06:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 23 Jun 2022 16:31:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huEppQ9cPXFWaJqrtoLE5OTjP33TooAc0%2Fp3LW%2BtYPTV49WhbM4z0RRrBq3GUYQTd25l0pi0%2FdzmdLIgQ3OLyWI1j3xVor9zT3rMmT%2BXFkhyg1kH5QNW5w1D7qGLpnp3f056uhyStBdG6DDOWXERs5hETA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery-3.6.0.min.js
am.deal-warriors.com/lp24/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://am.deal-warriors.com/lp24/jquery-3.6.0.min.js
Requested by
Host: am.deal-warriors.com
URL: https://am.deal-warriors.com/lp24/?v1=1d496526-cf9a-495d-9cc7-c0b7ad2b9ef0_142759&clickid=wbsgvd0g4b1mt8jh26539g1u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://am.deal-warriors.com/lp24/?v1=1d496526-cf9a-495d-9cc7-c0b7ad2b9ef0_142759&clickid=wbsgvd0g4b1mt8jh26539g1u
Origin
https://am.deal-warriors.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 16:06:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Jun 2022 15:03:01 GMT
server
cloudflare
age
3141873
etag
W/"629a22a5-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wis%2BZMFJTAlYyeCuayPl12uj3mp4K739nQRq5%2BblfhS2MWKYmfc81mh8aFSmtlPJrSOOo2CpaaR0ytsIcov6BfCrksxOxli4IvAJMBkTOtIFeE%2FjVVwh%2BCLM7dA9EuOzxL5duTuLw1zNP3wcb5eTClz4Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72ab80d248c6b772-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sw.register.js
pushtoast-a.akamaihd.net/2.0/ 		113 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pushtoast-a.akamaihd.net/2.0/sw.register.js
Requested by
Host: am.deal-warriors.com
URL: https://am.deal-warriors.com/lp24/?v1=1d496526-cf9a-495d-9cc7-c0b7ad2b9ef0_142759&clickid=wbsgvd0g4b1mt8jh26539g1u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cd0b6c0a4d42e4fac032e04525dfd8dc8dc2ca0a198ce178d197f0bbdc7afc1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://am.deal-warriors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
b3yedJDRaxIEfkCp5GacXxX6.JPoI0jb
Content-Encoding
gzip
ETag
"0e0fe7a3447c0f6320f62f3173136dd8"
x-amz-request-id
Q9Q2F4N0EC4AV2YS
Connection
keep-alive
Content-Length
36333
x-amz-id-2
1ai2HkLdgNWKHJhG3gNmQYN+YX6qav1EHfICujUg169dTHjrGCpQA25fiFw9wTZmfEcaJQG12tY=
Pragma
no-cache
Last-Modified
Mon, 31 Jan 2022 21:23:51 GMT
Server
AmazonS3
Date
Thu, 14 Jul 2022 16:06:01 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Expires
Thu, 14 Jul 2022 16:06:01 GMT
trackpush.min.js
s3.amazonaws.com/cdn.aimtell.com/trackpush/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Requested by
Host: pushtoast-a.akamaihd.net
URL: https://pushtoast-a.akamaihd.net/2.0/sw.register.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.81.51 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
84539a57764fd40a7604197b8a0efe82113dc5d755f147a8ab6bd769417ff2ae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://am.deal-warriors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 14 Jul 2022 16:06:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jun 2022 15:52:31 GMT
Server
AmazonS3
x-amz-request-id
HMFK8VZXB0K8A8S6
ETag
"7f1f0c2240af490b88a7cf1bc3834e44"
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
13310
x-amz-id-2
xbHHkQIvj5k4I37dlE5vf+UMtXsjbuI5dfU9edpbZNjLy9jnrhyuQDfnR0TIgbYjZPMfG5NwZHg=
pageview
signals.aimtell.com/ 		43 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://signals.aimtell.com/pageview?id_site=25746&v=3.972&support=1&state=default&wl=1
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://am.deal-warriors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 16:06:02 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
aimtell-hash-exists
0
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
aimtell-traverse
0
content-type
image/gif
access-control-allow-origin
https://am.deal-warriors.com
access-control-expose-headers
Aimtell-Hash-Exists, Aimtell-Traverse
access-control-allow-credentials
true
cf-ray
72ab80d9c9bdb93e-AMS
access-control-allow-headers
Content-Type, *
content-length
43
25746-590b33a75232.json
cdn.aimtell.io/config/optin/ 		481 B
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.aimtell.io/config/optin/25746-590b33a75232.json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac28028368c7c55ddffe96f7eb1c9aa80b0d3e7df27a1dc8c9c363bbaef1fe3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://am.deal-warriors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 16:06:02 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
DYNAMIC
x-amz-cf-pop
TXL50-P1
x-cache
RefreshHit from cloudfront
content-length
371
access-control-allow-origin
*
last-modified
Tue, 05 Jul 2022 15:49:48 GMT
server
cloudflare
etag
"baf4ec6ae3baaf1cde822c60b3532594"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
72ab80d9d8b39171-FRA
x-amz-cf-id
ILEGo0cgY84yOapJLkieRid1-3I1UKQDVIEQzo3fNuTidDKjruHX6Q==
25746-590b33a75232.json
cdn.aimtell.io/config/ 		95 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.aimtell.io/config/25746-590b33a75232.json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39bd848448ddf14c0601670bced03afca2cd2ca1954f62b691a4684d72a9cfd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://am.deal-warriors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 16:06:04 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
DYNAMIC
x-amz-cf-pop
TXL50-P1
x-cache
RefreshHit from cloudfront
content-length
104
access-control-allow-origin
*
last-modified
Tue, 05 Jul 2022 15:50:57 GMT
server
cloudflare
etag
"2e9a47727caf9c4def7ceb9e72845ea1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 cc4ec7b00e99f66f65c59b638212180e.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
72ab80e44d7f9171-FRA
x-amz-cf-id
frUUcL1J4JvJBcr2QLhTTRJOfBLLtV80_t38h7uxVB3GwLt_jnu2_A==

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| _SWP object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _aimtellPermissionGranted function| _aimtellPermissionDenied function| _aimtellReady object| _at undefined| _aimtellPushToken boolean| _aimtellRanScript string| _aimtellSubscriberID undefined| _aimtellRefreshResult object| trackData object| _aimtellTrackData undefined| _aimtellDebug undefined| aimtellDebugBox string| _aimtellAPI boolean| _aimtellSWInitiated boolean| _aimtellNewSubscriberID number| _aimtellVersion object| _aimtellDebugQueue number| _aimtellDebugQueueActive boolean| _aimtellPrompted string| _aimtellUserDefinedWorker object| _aimtellWebsiteConfiguration object| _aimtellFunnelPixel string| _aimtellUpdateViaCache string| _aimtellWorkerScope object| _aimtellPreSubscriberTrackData object| _aimtellServiceWorker object| _aimtellPageLoadAttributes function| _aimtellDeferred function| _aimtellGetUrlVars function| _aimtellGetDeviceType function| _aimtellGetPageDetails function| _aimtellLoadBeacon function| _aimtellCrossDomainSubscriberID function| _aimtellCrossDomainSuppression function| _aimtellGetReferrer function| _aimtellGetLanguage function| _aimtellAbandonedFunnel function| _aimtellAbandonPage function| _aimtellGetResolution function| _aimtellGetBrowserInfo function| _aimtellGetSystemInfo function| _aimtellDebugger function| _aimtellDebugQueueProcess function| _aimtellLogDebug function| _aimtellInitialize function| _aimtellEnablePageDelayPrompt function| _aimtellEnableScrollDelayPrompt function| _aimtellEnableSecondsDelayPrompt function| _aimtellGetSiteConfig function| _aimtellGetPercentageScrolled function| _aimtellLoadPrompt function| _aimtellPromptApprove function| _aimtellPromptDeny function| _aimtellPromptCancel function| _aimtellGetSubscriberID function| _aimtellIsNewData function| _aimtellTrack function| _aimtellAppendManifestHeader function| _aimtellGetManifestLocation function| _aimtellGetWebsiteConfiguration function| _aimtellGetGCMID function| _aimtellLogError function| _aimtellGetSubscriberIDFromToken function| _aimtellGetSubscriberAttributes function| _aimtellGenerateID function| _aimtellGetCookie function| _aimtellSetCookie function| _aimtellDeleteCookie function| _aimtellHashString function| _aimtellTrackAttributes function| _aimtellForcePrompt function| _aimtellPrompt function| _aimtellAlias function| _aimtellTrackEvent function| _aimtellAbandonedCart function| _aimtellTc undefined| logid undefined| subscriber_uid undefined| webURL function| _aimtellGetPushToken function| _aimtellSupportsPush function| _aimtellCheckHTTPS function| _aimtellListener function| _webpushCheckPermissions function| _webpushSupportsPush function| _webpushPrompt function| _webpushRunNative function| _webpushGetSubscriberIDFromToken function| _webpushTrackAttributes function| _webpushGetToken function| _webpushTrackEvent function| _webpushGetSubscriberID function| _aimtellCheckPermissions function| _aimtellRunNative function| _aimtellSafariRun function| _aimtellDelWidgetNotification function| _aimtellDelAllWidgetNotification function| _aimtellCheckNotificationRemaining function| _aimtellClickedNotification function| _aimtellShowNotificationCenter function| _aimtellHideNotificationCenter function| _aimtellAppendNotification function| _aimtellShowNoNotifications function| _aimtellShowNotSubscribed function| _aimtellLaunchNotificationCenter function| _aimtellGetWidgetNotifications function| _aimtellFillNotifications function| _aimtellWidgetPermissionGrantedCallback function| _aimtellPermissionDeniedCallbacks function| _aimtellPermissionIgnoredCallbacks function| _aimtellWebhook function| _aimtellPermissionGrantedCallbacks function| _aimtellSubscribe function| _aimtellUrlBase64ToUint8Array function| _aimtellExtractSubscriptionId function| _aimtellSendSubscriptionToServer function| _aimtellAmplifySubscriberWorkerData function| _aimtellRegisterWorker function| _aimtellValidateWorker function| _aimtellSendWorkerMessage function| _aimtellLoadIntegrations function| _aimtellLoad function| _aimtellProcessQueue function| _aimtellCheckConflictWorker function| _aimtellSignal function| _aimtellInitWorker function| _aimtellForceRefreshSW

12 Cookies

Domain/Path Name / Value
t.fun2shop.online/ Name: enc_aff_session_2619
Value: ENC03c068e42a058b13ea576563e15799e657035a03acd0a0220ad496c42e31d610231d52b66d645e7eec5ad503c123a0e9557cbd11a3e4e28b85ec48b1f9471174e13c3c6a7f0a28e7f3e966d15bc623eb32096e01512f4445a115c610251b72413caacd964762b21dc20930feaaf81f15d0801a8c1bcd8769be555e8b3e8f46ba9616b8f4b9
t.fun2shop.online/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDMiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6Im5sLU5MLG5sO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
livraisongrouper.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjhLS0dxWmtoQjFrSzNXS0hrb0hnZ2c9PSIsInZhbHVlIjoiaEVNays5OTNqYVl0ZjlhTG5UUW52WDlqV0xoOHhrWFIwM21PZXE5ODlsMG9yYWdiZWZXUWFMWWxOWnRvMWhyZHlIbEU3MlBLelpOeVpBSXMwNWtnbW1Sc3ZyY1ZqS0VZVXQrRnZlV0xab252dFB4M3ZiZldINTBUc29HUnVoTXMiLCJtYWMiOiJkNzMyMmNjNGI0YzQ3NmZiY2U0ODlmMzcyZDk4MWUwNjE2YWMxNzc3ZDMzZmE0NGRhMTJmNjQ5MGM1MmI0NGY4IiwidGFnIjoiIn0%3D
livraisongrouper.com/ Name: SESSION_ID
Value: Bh98qbmM5RGEeX6gA33dop65r62nwL6jyOluHhPK
.armalecom-squessels.icu/ Name: a4c17330-f063-4439-b420-925dd70fc107-v4
Value: UcUxFDVNAdbWUd1Q_dHOpGDPoR7aM5hHKzalSSC0mXM
.armalecom-squessels.icu/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22wvpcv862i52668jhiu57n676%22%2C%22caid%22%3A%22a4c17330-f063-4439-b420-925dd70fc107%22%7D
www.hb6trk.com/ Name: uniqueClick_2WKDNZ
Value: 5e773cd2-a2d7-4d17-bddf-b81b58c94cde:1657814759
www.hb6trk.com/ Name: transaction_id
Value: 3ad81ce38700420597bf7b47244e3599
ryzvxm.com/ Name: uv
Value: false
.exit-back.com/ Name: d96a3ed9-10a1-41de-ad44-f73572d6087f-v4
Value: OjtFJRsbfbVW8y6UMOYm0VQ9nv9VqwaRiewO3U4U9ZM
.exit-back.com/ Name: cc-v4
Value: zD9rH3B89MFfNwEWwRARhuOlAyMafxaXcem%2FcqBIZ76qaA7EksYf5dEfBoDw7H9bHqaZDH6nY5%2FyviNU2uMxEw8YHp9s5uT6WvjTeBL9eIh6irJwQD4e2Ia6F1wn87ak1p1esnm2KLghl0aMbfk2VQ%3D%3D
am.deal-warriors.com/ Name: _aimtellSubscriberID
Value: 3c8c7ca3-3a6b-16ff-2648-e70089deccc4