go.grandprizewinners.com

Summary

This website contacted 3 IPs in 3 countries across 8 domains to perform 4 HTTP transactions. The main IP is 35.82.115.30, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is go.grandprizewinners.com.

This is the only time go.grandprizewinners.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.247.228.48 34.247.228.48	16509 (AMAZON-02) (AMAZON-02)
2 2	52.212.76.176 52.212.76.176	16509 (AMAZON-02) (AMAZON-02)
1	34.245.243.150 34.245.243.150	16509 (AMAZON-02) (AMAZON-02)
2 4	35.82.115.30 35.82.115.30	16509 (AMAZON-02) (AMAZON-02)
2 2	52.58.87.33 52.58.87.33	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3031::ac43:9554	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.57.153.168 52.57.153.168	16509 (AMAZON-02) (AMAZON-02)
4	3

1 34.247.228.48 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-228-48.eu-west-1.compute.amazonaws.com

a.flamingololo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.76.176 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-76-176.eu-west-1.compute.amazonaws.com

tracking.flamingololo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.245.243.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-243-150.eu-west-1.compute.amazonaws.com

beastrackers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.82.115.30 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-115-30.us-west-2.compute.amazonaws.com

tr.premtraffic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.grandprizewinners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.87.33 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-87-33.eu-central-1.compute.amazonaws.com

tl-eu.adtrackoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bbtl-glo.mainstreamgallery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:9554 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

so.slytrk06.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.153.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-153-168.eu-central-1.compute.amazonaws.com

bbtl-glo.talkdialog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	flamingololo.com 3 redirects a.flamingololo.com tracking.flamingololo.com	1 KB
2	grandprizewinners.com 1 redirects go.grandprizewinners.com	4 KB
2	premtraffic.com 1 redirects tr.premtraffic.com	3 KB
1	talkdialog.com bbtl-glo.talkdialog.com	272 B
1	mainstreamgallery.com 1 redirects bbtl-glo.mainstreamgallery.com	532 B
1	slytrk06.com 1 redirects so.slytrk06.com	1 KB
1	adtrackoptimize.com 1 redirects tl-eu.adtrackoptimize.com	328 B
1	beastrackers.com beastrackers.com	342 B
4	8

	Domain	Requested by
2	go.grandprizewinners.com	1 redirects
2	tr.premtraffic.com	1 redirects beastrackers.com
2	tracking.flamingololo.com	2 redirects
1	bbtl-glo.talkdialog.com
1	bbtl-glo.mainstreamgallery.com	1 redirects
1	so.slytrk06.com	1 redirects
1	tl-eu.adtrackoptimize.com	1 redirects
1	beastrackers.com
1	a.flamingololo.com	1 redirects
4	9

This site contains no links.

Subject Issuer	Validity	Valid
*.orgsig.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
*.activeportalus.com Amazon	`2020-09-29` - `2021-10-29`	a year	crt.sh

This page contains 1 frames:

Frame: https://bbtl-glo.talkdialog.com/t/clk?id=27YTZVNU08pjSn7DlHj&s2=qMzntD8GSl-61059bf06b4c647f2135e444&
Frame ID: 20C1B5E57F308DEEC6D7F5233E011ECC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://a.flamingololo.com/click.php/e74013/HYWZ0ZXJfcmVnMjEwNzMxLDEzNzcxLGh0dHA6Ly90cmFja2luZy5mbGFtaW... HTTP 302
http://tracking.flamingololo.com/track/tag?to=http%3A%2F%2Ftracking.flamingololo.com%2Ftrack%2Fredirect%3Fmid... HTTP 302
http://tracking.flamingololo.com/track/redirect?mid=qNwExG-JS3e1&to=http%3A%2F%2Fbeastrackers.com%3Fr%3Dhttps... HTTP 302
http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F Page URL
https://tr.premtraffic.com/click/nNzjGS7XdN HTTP 302
https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3... Page URL
https://tl-eu.adtrackoptimize.com/t/clk?id=J8XBS8oyCyv1Bc2rVOCo&ept2=44ed0fa6-1675-4c45-98b3-bfa9ba6a51c4 HTTP 302
https://so.slytrk06.com/t/clk?id=E0qfWjnHqjziGv8RiM&rl=68N19&redirect-from=J8XBS8oyCyv1Bc2rVOCo&rcod... HTTP 302
https://bbtl-glo.mainstreamgallery.com/t/clk?id=gp0nslJNsKxJ0T4G0GuR&rl=gJEo2iOPpP&redirect-from=J8XBS8oyCyv1Bc2rVO... HTTP 302
http://go.grandprizewinners.com/click/rNJ9BhQ8Xx?c1=dafdc6b4-e51a-4bf0-b4cd-eab710bfa0cb&c2=4937&c7=692669 HTTP 302
http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Fbbtl-glo.talkdialog.com%2Ft%2Fclk%3Fid%3D2... Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

50 %
HTTPS

14 %
IPv6

8
Domains

9
Subdomains

3
IPs

3
Countries

2 kB
Transfer

0 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://a.flamingololo.com/click.php/e74013/HYWZ0ZXJfcmVnMjEwNzMxLDEzNzcxLGh0dHA6Ly90cmFja2luZy5mbGFtaW5nb2xvbG8uY29tL3RyYWNrL3RhZw/qP3RvPWh0dHAlM0ElMkYlMkZ0cmFja2luZy5mbGFtaW5nb2xvbG8uY29tJTJGdHJhY2slMkZyZWRpcmVjdCUzRm1pZCUzRHFOd0V4Ry1KUzNlMSUyNnRvJTNEaHR0cCUyNTNBJTI1MkYlMjUyRmJlYXN0cmFja2Vycy5jb20lMjUzRnIlMjUzRGh0dHBzJTI1MjUzQSUyNTI1MkYlMjUyNTJGdHIucHJlbXRyYWZmaWMuY29tJTI1MjUyRmNsaWNrJTI1MjUyRm5OempHUzdYZE4lMjUyNTNGJm1pZD1xTndFeEctSlMzZTEmdj14SFRiMkttbmgwT1JaVEVlRm1EREF3JTNEJTNEJmE9YWRkIA/s0613038c64 HTTP 302
http://tracking.flamingololo.com/track/tag?to=http%3A%2F%2Ftracking.flamingololo.com%2Ftrack%2Fredirect%3Fmid%3DqNwExG-JS3e1%26to%3Dhttp%253A%252F%252Fbeastrackers.com%253Fr%253Dhttps%25253A%25252F%25252Ftr.premtraffic.com%25252Fclick%25252FnNzjGS7XdN%25253F&mid=qNwExG-JS3e1&v=xHTb2Kmnh0ORZTEeFmDDAw%3D%3D&a=add%20 HTTP 302
http://tracking.flamingololo.com/track/redirect?mid=qNwExG-JS3e1&to=http%3A%2F%2Fbeastrackers.com%3Fr%3Dhttps%253A%252F%252Ftr.premtraffic.com%252Fclick%252FnNzjGS7XdN%253F HTTP 302
http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F Page URL
https://tr.premtraffic.com/click/nNzjGS7XdN HTTP 302
https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D44ed0fa6-1675-4c45-98b3-bfa9ba6a51c4 Page URL
https://tl-eu.adtrackoptimize.com/t/clk?id=J8XBS8oyCyv1Bc2rVOCo&ept2=44ed0fa6-1675-4c45-98b3-bfa9ba6a51c4 HTTP 302
https://so.slytrk06.com/t/clk?id=E0qfWjnHqjziGv8RiM&rl=68N19&redirect-from=J8XBS8oyCyv1Bc2rVOCo&rcode=R05&rseq=R05,R99,R98 HTTP 302
https://bbtl-glo.mainstreamgallery.com/t/clk?id=gp0nslJNsKxJ0T4G0GuR&rl=gJEo2iOPpP&redirect-from=J8XBS8oyCyv1Bc2rVOCo&rcode=R05&rseq=R05,R99,R98,R01 HTTP 302
http://go.grandprizewinners.com/click/rNJ9BhQ8Xx?c1=dafdc6b4-e51a-4bf0-b4cd-eab710bfa0cb&c2=4937&c7=692669 HTTP 302
http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Fbbtl-glo.talkdialog.com%2Ft%2Fclk%3Fid%3D27YTZVNU08pjSn7DlHj%26s2%3DqMzntD8GSl-61059bf06b4c647f2135e444%26 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://a.flamingololo.com/click.php/e74013/HYWZ0ZXJfcmVnMjEwNzMxLDEzNzcxLGh0dHA6Ly90cmFja2luZy5mbGFtaW5nb2xvbG8uY29tL3RyYWNrL3RhZw/qP3RvPWh0dHAlM0ElMkYlMkZ0cmFja2luZy5mbGFtaW5nb2xvbG8uY29tJTJGdHJhY2slMkZyZWRpcmVjdCUzRm1pZCUzRHFOd0V4Ry1KUzNlMSUyNnRvJTNEaHR0cCUyNTNBJTI1MkYlMjUyRmJlYXN0cmFja2Vycy5jb20lMjUzRnIlMjUzRGh0dHBzJTI1MjUzQSUyNTI1MkYlMjUyNTJGdHIucHJlbXRyYWZmaWMuY29tJTI1MjUyRmNsaWNrJTI1MjUyRm5OempHUzdYZE4lMjUyNTNGJm1pZD1xTndFeEctSlMzZTEmdj14SFRiMkttbmgwT1JaVEVlRm1EREF3JTNEJTNEJmE9YWRkIA/s0613038c64 HTTP 302
http://tracking.flamingololo.com/track/tag?to=http%3A%2F%2Ftracking.flamingololo.com%2Ftrack%2Fredirect%3Fmid%3DqNwExG-JS3e1%26to%3Dhttp%253A%252F%252Fbeastrackers.com%253Fr%253Dhttps%25253A%25252F%25252Ftr.premtraffic.com%25252Fclick%25252FnNzjGS7XdN%25253F&mid=qNwExG-JS3e1&v=xHTb2Kmnh0ORZTEeFmDDAw%3D%3D&a=add%20 HTTP 302
http://tracking.flamingololo.com/track/redirect?mid=qNwExG-JS3e1&to=http%3A%2F%2Fbeastrackers.com%3Fr%3Dhttps%253A%252F%252Ftr.premtraffic.com%252Fclick%252FnNzjGS7XdN%253F HTTP 302
http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F

Request Chain 1

https://tr.premtraffic.com/click/nNzjGS7XdN HTTP 302
https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D44ed0fa6-1675-4c45-98b3-bfa9ba6a51c4

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
beastrackers.com/
Redirect Chain

http://a.flamingololo.com/click.php/e74013/HYWZ0ZXJfcmVnMjEwNzMxLDEzNzcxLGh0dHA6Ly90cmFja2luZy5mbGFtaW5nb2xvbG8uY29tL3RyYWNrL3RhZw/qP3RvPWh0dHAlM0ElMkYlMkZ0cmFja2luZy5mbGFtaW5nb2xvbG8uY29tJTJGdHJhY...
http://tracking.flamingololo.com/track/tag?to=http%3A%2F%2Ftracking.flamingololo.com%2Ftrack%2Fredirect%3Fmid%3DqNwExG-JS3e1%26to%3Dhttp%253A%252F%252Fbeastrackers.com%253Fr%253Dhttps%25253A%25252F...
http://tracking.flamingololo.com/track/redirect?mid=qNwExG-JS3e1&to=http%3A%2F%2Fbeastrackers.com%3Fr%3Dhttps%253A%252F%252Ftr.premtraffic.com%252Fclick%252FnNzjGS7XdN%253F
http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F

126 B
342 B

81ms
50ms

Document
text/html

34.245.243.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F
Protocol: HTTP/1.1
Server: 34.245.243.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-245-243-150.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2090666efd0580ac5c184bced263a010a80b1259ea8950d2091d4b7729bda11d

Request headers

Host: beastrackers.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 31 Jul 2021 18:52:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

Redirect headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 31 Jul 2021 18:52:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://beastrackers.com?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F

GET
H2

200

d.php Show response
tr.premtraffic.com/main/
Redirect Chain

https://tr.premtraffic.com/click/nNzjGS7XdN?
https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D44ed0fa6-1675-4c45-98b3-bfa9ba6a51c4

185 B
606 B

159ms
159ms

Document
text/html

35.82.115.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D44ed0fa6-1675-4c45-98b3-bfa9ba6a51c4
Requested by: Host: beastrackers.com
URL: http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.82.115.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-82-115-30.us-west-2.compute.amazonaws.com
Software: nginx/1.11.6 /
Resource Hash: 7d7c028818e3377c2b999265da69b2b7bc2d953c436304820759cac316648db4

Request headers

:method: GET
:authority: tr.premtraffic.com
:scheme: https
:path: /main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D44ed0fa6-1675-4c45-98b3-bfa9ba6a51c4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://beastrackers.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AWSALB=jhxIiKMo9babH3kFSrQnGioxr6Ps8pwBVsGeF3aspJx9gK9y1T7c/Ueh2blYv85xFCtjd3BuSd139m+ba34WDAjv9VmXhOkhnrbPX2S8wQJr1bkiincVUXMYixuK; AWSALBCORS=jhxIiKMo9babH3kFSrQnGioxr6Ps8pwBVsGeF3aspJx9gK9y1T7c/Ueh2blYv85xFCtjd3BuSd139m+ba34WDAjv9VmXhOkhnrbPX2S8wQJr1bkiincVUXMYixuK; XSRF-TOKEN=eyJpdiI6IjNtQk51Q09RZ0xVeFYxNXByblpobWc9PSIsInZhbHVlIjoicFpQcExRcVJUc2JPSEZmNVFYeGg5NXNoOHlidGlOYWlybnRjcHhRcnA5SUthVW55Z1Y1VWU3aFY5UWxSOEdtWjl5aHh3Y2I3aG5cL0k4akdlSStFSUxBPT0iLCJtYWMiOiIxMGZmMmRlMWFmMzA2YzFjMmY5ZWE1NWIxNTg5ZGRmZjJiMWViYTBkYjliN2JjMjMxZDM0NjkxMWVkYmQxMTUxIn0%3D; session=eyJpdiI6IkREYnpcLzJ4Vml5TFFHcEFOVFdNK1VRPT0iLCJ2YWx1ZSI6Ijg1ZklrTUhRdXNhTENicHJqam85dnN5QUZ0dkJSZEszY1ZZWk80dE44ZFRzcUFmdmVva01sMXZQTmJnRjNKQTU2V1c1OGU2dDhwSzhVSGk1cXNQRERBPT0iLCJtYWMiOiI3MzUyZTljMjQ1Y2E1OTQxNjZkOWFhMzUzNDU5YmM1M2U0OGViMjFlMjI1MDg3ZTNlMDkyNjYxZmVmMGIyMTMxIn0%3D; ept2=eyJpdiI6ImhLMElLTmxVUWFwcGdzWExxZlwvMXpBPT0iLCJ2YWx1ZSI6Im0wckdNUDZPVnRqODRsQ3M4K2tCamVpaDVMZmhqU2VycTZ0SkIwS1paeERKeFRQRHNuY21LZnhUK2VjcDEzY2dDVFwvYUdDSmUrMHdDcWdOVjdDY1RSWmxxZGtsYmdmVFwvR09QT0s5TkZpdHowenlENzVlMmpMRWptTytXREJNaks5WGttZng5RHdpTEQ0cElaWXhzT1g3bmVqNFNUY3RWMnFXK1k4TlZRZEJLNm5JXC9zZ0pKckJpb2hwZWU1Wjk2biIsIm1hYyI6ImU0OTQxNGYwMWE5NjQ5NGI1M2RkNWFjMDYzZTU3YTA2Y2RiNzgyNjBiMWQ3OTM1MGE0OWU1MjgwNWM3YjJhNjAifQ%3D%3D; YwGAQFnLsq3rvKGGfn47smo5HNq6Qo15yEFPBslI=eyJpdiI6IlNTVk4zcUN1ajkyakU3YUw1cFdkMXc9PSIsInZhbHVlIjoiMDBMZW56dUp4UWZmWmVwRGNXNUFDSzZaZWpudWl3V1V1SWdLd3hmTUFoOWZjZnh5WDlOMTlYWWsrUUE5bHlPSFR6WkZsVHp6bGxsTVpTTUdrSHBJMml3XC9ZK3Q5V1VKcGhUK3hmekdTbStNYmFpcitPN2c1ZmlWV1Q1YmlSVlZzcWY0MTM3NForZTBiQU5maWFLWldTR0I4MnZUQ2hVMkVETTRnZWw3aHBoUkFGdFNab1JLY1wvd0l5eHE5Y0sydGJndE50ODlLV01rdU5hZkxWdjF6aGljdVhQY09VUGpJWkRiSjdEMTF6TXRqTFJhVnFhVzN2MzFGVGtqaTE2RFlmRlhGaVwvRXRya0lSUlMrSFwvcVM3cEpabUdLR3BkN09SYUxYanV2eSttYk9McElWOGZhcUVhTWM1NUtLSTBSQ1JYUUZVS2FhQldRaXBrbU15aWs2ZFBYc0F4blMwQXVENTdUZ3g2TWVjYlduVXZUTG9heXNUdUhyaGRneStvXC9SYnVLaEtTQmhIbWt4YkFlT0JuTUNFRmxYNGtkWExQMFBCTlpiUk9jZW9DditsM2tPZ1pVUTRsNVwvNDdzcFRvdVhuc292N3JEdklmMkltb3lSYTg3YXV5S2xvbmRDaGpCb1pCV2hUQnNFMmNseE1aaU9ld0VIK0xWdlwvaE1BZFwvTk0xNmtId3FSSXVtdGtQMjUxa1FaRU00XC9ReUpuZjNleHlGOVBnY3plcW96QUVNPSIsIm1hYyI6ImM4NGNiMjU1YzU5N2UxOGU5NWVlZDAyYWRjMzBkMTA3YTJhYmJiZTUyNDE1ZTQ2YzExODE2ZmFhOGI3OTczYjAifQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F

Response headers

date: Sat, 31 Jul 2021 18:52:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=HWtAwgBqQLHEHabRHmhE57vJ3l5Cn7QVdf4LLcyd9a38a7BsMaiO9fBr9s7fsmaizPPNlDcrPQTGfdpEvNxH8kNCRo7BQQidZe2CCgVckSNc+sEjyu7zxJUAZTwc; Expires=Sat, 07 Aug 2021 18:52:28 GMT; Path=/ AWSALBCORS=HWtAwgBqQLHEHabRHmhE57vJ3l5Cn7QVdf4LLcyd9a38a7BsMaiO9fBr9s7fsmaizPPNlDcrPQTGfdpEvNxH8kNCRo7BQQidZe2CCgVckSNc+sEjyu7zxJUAZTwc; Expires=Sat, 07 Aug 2021 18:52:28 GMT; Path=/; SameSite=None; Secure
server: nginx/1.11.6
content-encoding: gzip

Redirect headers

date: Sat, 31 Jul 2021 18:52:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=jhxIiKMo9babH3kFSrQnGioxr6Ps8pwBVsGeF3aspJx9gK9y1T7c/Ueh2blYv85xFCtjd3BuSd139m+ba34WDAjv9VmXhOkhnrbPX2S8wQJr1bkiincVUXMYixuK; Expires=Sat, 07 Aug 2021 18:52:28 GMT; Path=/ AWSALBCORS=jhxIiKMo9babH3kFSrQnGioxr6Ps8pwBVsGeF3aspJx9gK9y1T7c/Ueh2blYv85xFCtjd3BuSd139m+ba34WDAjv9VmXhOkhnrbPX2S8wQJr1bkiincVUXMYixuK; Expires=Sat, 07 Aug 2021 18:52:28 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=eyJpdiI6IjNtQk51Q09RZ0xVeFYxNXByblpobWc9PSIsInZhbHVlIjoicFpQcExRcVJUc2JPSEZmNVFYeGg5NXNoOHlidGlOYWlybnRjcHhRcnA5SUthVW55Z1Y1VWU3aFY5UWxSOEdtWjl5aHh3Y2I3aG5cL0k4akdlSStFSUxBPT0iLCJtYWMiOiIxMGZmMmRlMWFmMzA2YzFjMmY5ZWE1NWIxNTg5ZGRmZjJiMWViYTBkYjliN2JjMjMxZDM0NjkxMWVkYmQxMTUxIn0%3D; expires=Sat, 31-Jul-2021 20:52:28 GMT; Max-Age=7200; path=/ session=eyJpdiI6IkREYnpcLzJ4Vml5TFFHcEFOVFdNK1VRPT0iLCJ2YWx1ZSI6Ijg1ZklrTUhRdXNhTENicHJqam85dnN5QUZ0dkJSZEszY1ZZWk80dE44ZFRzcUFmdmVva01sMXZQTmJnRjNKQTU2V1c1OGU2dDhwSzhVSGk1cXNQRERBPT0iLCJtYWMiOiI3MzUyZTljMjQ1Y2E1OTQxNjZkOWFhMzUzNDU5YmM1M2U0OGViMjFlMjI1MDg3ZTNlMDkyNjYxZmVmMGIyMTMxIn0%3D; expires=Sat, 31-Jul-2021 20:52:28 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6ImhLMElLTmxVUWFwcGdzWExxZlwvMXpBPT0iLCJ2YWx1ZSI6Im0wckdNUDZPVnRqODRsQ3M4K2tCamVpaDVMZmhqU2VycTZ0SkIwS1paeERKeFRQRHNuY21LZnhUK2VjcDEzY2dDVFwvYUdDSmUrMHdDcWdOVjdDY1RSWmxxZGtsYmdmVFwvR09QT0s5TkZpdHowenlENzVlMmpMRWptTytXREJNaks5WGttZng5RHdpTEQ0cElaWXhzT1g3bmVqNFNUY3RWMnFXK1k4TlZRZEJLNm5JXC9zZ0pKckJpb2hwZWU1Wjk2biIsIm1hYyI6ImU0OTQxNGYwMWE5NjQ5NGI1M2RkNWFjMDYzZTU3YTA2Y2RiNzgyNjBiMWQ3OTM1MGE0OWU1MjgwNWM3YjJhNjAifQ%3D%3D; expires=Sun, 01-Aug-2021 18:52:28 GMT; Max-Age=86400; path=/; HttpOnly YwGAQFnLsq3rvKGGfn47smo5HNq6Qo15yEFPBslI=eyJpdiI6IlNTVk4zcUN1ajkyakU3YUw1cFdkMXc9PSIsInZhbHVlIjoiMDBMZW56dUp4UWZmWmVwRGNXNUFDSzZaZWpudWl3V1V1SWdLd3hmTUFoOWZjZnh5WDlOMTlYWWsrUUE5bHlPSFR6WkZsVHp6bGxsTVpTTUdrSHBJMml3XC9ZK3Q5V1VKcGhUK3hmekdTbStNYmFpcitPN2c1ZmlWV1Q1YmlSVlZzcWY0MTM3NForZTBiQU5maWFLWldTR0I4MnZUQ2hVMkVETTRnZWw3aHBoUkFGdFNab1JLY1wvd0l5eHE5Y0sydGJndE50ODlLV01rdU5hZkxWdjF6aGljdVhQY09VUGpJWkRiSjdEMTF6TXRqTFJhVnFhVzN2MzFGVGtqaTE2RFlmRlhGaVwvRXRya0lSUlMrSFwvcVM3cEpabUdLR3BkN09SYUxYanV2eSttYk9McElWOGZhcUVhTWM1NUtLSTBSQ1JYUUZVS2FhQldRaXBrbU15aWs2ZFBYc0F4blMwQXVENTdUZ3g2TWVjYlduVXZUTG9heXNUdUhyaGRneStvXC9SYnVLaEtTQmhIbWt4YkFlT0JuTUNFRmxYNGtkWExQMFBCTlpiUk9jZW9DditsM2tPZ1pVUTRsNVwvNDdzcFRvdVhuc292N3JEdklmMkltb3lSYTg3YXV5S2xvbmRDaGpCb1pCV2hUQnNFMmNseE1aaU9ld0VIK0xWdlwvaE1BZFwvTk0xNmtId3FSSXVtdGtQMjUxa1FaRU00XC9ReUpuZjNleHlGOVBnY3plcW96QUVNPSIsIm1hYyI6ImM4NGNiMjU1YzU5N2UxOGU5NWVlZDAyYWRjMzBkMTA3YTJhYmJiZTUyNDE1ZTQ2YzExODE2ZmFhOGI3OTczYjAifQ%3D%3D; expires=Sat, 31-Jul-2021 20:52:28 GMT; Max-Age=7200; path=/; HttpOnly
server: nginx/1.11.6
cache-control: no-cache, private
location: /main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D44ed0fa6-1675-4c45-98b3-bfa9ba6a51c4

GET
H/1.1

200
OK

Primary Request

Cookie set d.php
go.grandprizewinners.com/main/
Redirect Chain

https://tl-eu.adtrackoptimize.com/t/clk?id=J8XBS8oyCyv1Bc2rVOCo&ept2=44ed0fa6-1675-4c45-98b3-bfa9ba6a51c4
https://so.slytrk06.com/t/clk?id=E0qfWjnHqjziGv8RiM&rl=68N19&redirect-from=J8XBS8oyCyv1Bc2rVOCo&rcode=R05&rseq=R05,R99,R98
https://bbtl-glo.mainstreamgallery.com/t/clk?id=gp0nslJNsKxJ0T4G0GuR&rl=gJEo2iOPpP&redirect-from=J8XBS8oyCyv1Bc2rVOCo&rcode=R05&rseq=R05,R99,R98,R01
http://go.grandprizewinners.com/click/rNJ9BhQ8Xx?c1=dafdc6b4-e51a-4bf0-b4cd-eab710bfa0cb&c2=4937&c7=692669
http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Fbbtl-glo.talkdialog.com%2Ft%2Fclk%3Fid%3D27YTZVNU08pjSn7DlHj%26s2%3DqMzntD8GSl-61059bf06b4c647f2135e444%26

180 B
784 B

160ms
160ms

Document
text/html

35.82.115.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Fbbtl-glo.talkdialog.com%2Ft%2Fclk%3Fid%3D27YTZVNU08pjSn7DlHj%26s2%3DqMzntD8GSl-61059bf06b4c647f2135e444%26
Protocol: HTTP/1.1
Server: 35.82.115.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-82-115-30.us-west-2.compute.amazonaws.com
Software: nginx/1.11.6 /
Resource Hash

Request headers

Host: go.grandprizewinners.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: AWSALB=Kpl11orZrydAuneuFhepYJk5SCJPei7VkpBTPLUZcQsNp8Myn5DnsfaejUfN7Lg0WB3DpO7kXRHF8HptIZs44te6lmrI0UHmpTw1e8XV1TWGOOLqIQq6i+I4+Rkp; XSRF-TOKEN=eyJpdiI6IlNydFpOK2YyeDZoOUlFTG9LbFArcEE9PSIsInZhbHVlIjoiSG5GZGhPRHJQMW5mUlFqZEQwUXFqMndmK2NGNXpnTDhWRHVvK2J2YUVzV1wvNXZxdUZyZWhnczloS0dVYzVOSEFNVCtoZ3gwSzA0Q0JqZWRndFZ1em53PT0iLCJtYWMiOiJmYmZlZmIwODNhNGVmMWYxOWIwZmNmNWU3NzAwOGVjMmVlYzExODM1MjFiMjczYTNmZWU0YzY2ZDRlYjY5OGU4In0%3D; session=eyJpdiI6IkdnanFsTng0U1JUWEViZXdFOEs4NHc9PSIsInZhbHVlIjoiWkxhcVc1bmRGQlhSVER5SGo4aXowUzlyU0hLS1RNcVBNaHBcLzY2TlRiUHlsSUh2QVJlWitlbHNPS1wvOFQ3bjlmZ3BlYnM1TkV6ZG5sWE00bHVOV3dkUT09IiwibWFjIjoiM2VhNzEyMGRiZmJiOTcxZmE4ZTM5MGY0ZGVkZTRmYjNmNzdjZjE3ZmRlOTQ2MDhkYzIxNDU4OTExMGNkNTE1OCJ9; ept2=eyJpdiI6ImgycjRYcFZ5VlNRUXltMG9UcUlCcmc9PSIsInZhbHVlIjoiVG1WSkxMSDhSKzFKeHVtcWdiZUtabUpOXC9VeE1cL2N6dExXOGRwSzBNcXdERDJGeUZJaVVWRHp6QktZajVKMWFpNURROTBqbnhUSENKR1hpNzl6M1JGZEtnZFp4cnp4Q2VycXNrQWs5azZqTFk0eDBaN2ZWTVpyd1B1bFRRZUFTYzVWbElwV3JXaDBFV0FPeEp3TVFmN3p0T3lla2o3RlU5NDJBU0FpcWVYOWUxYmlMa0ZIbkxpZkttNVpPVXE4NlMiLCJtYWMiOiI5ODIzY2VkZmMwNWI2MmM0MDJlN2I5OTg4MzVhYWUzMjc2ZWRhZDNmOTgxNWYxMWJhOTRjNjBjY2UxMWM1ZDU2In0%3D; EEKVwaV1V23P6lRZoVBuMTxVxpKXnpWiTCjZg7mg=eyJpdiI6IldJT3lOeWY2QXF1bFpoK0s0WEZMZ1E9PSIsInZhbHVlIjoiS0J5clZ5MXphM25ZN3g2eWl6b1IrSlZicGxMMnVMcmRQV2tJMTBvQnE0VFwvUHEwMGhrNHRYWkJOTFFqazlFallrOHlIN21Qc24yMmc4Q3VVZkdRclRrV2lZT0V6eDlNdnFmdFZaYnBUdHVUUER5NVhlb05mRlJyK3BKY0J2bGE1azIzdEhyOUlFemIrZzBtdERIb1hEb1BtSHQzMnBCc1EreWhLbVwvSm9SR1hHUlBjZmI5TEV4V1VjOHNod3ZKaUoyTDExWHBsdmlcL2p1cWt5MktNYXUwMjVTTFhON2h1Z1lxUnNGVUViZXhZTkxhQVVMaTR5K2hPRGd2c0R0RGw2NlVmTGdLNmpGb09FRlJUZVwvZkdjaVo5d2VhaVhTZ2ZGVVk0MXBRTXk2RFVHaWtuXC8wSlFoaFQxQWNzZllvNmdIU1FaSElVTGtRVFBlazg2dGo5MklJRUQxQ0FvcEFralNONlc2Z3k4dktsdmY1V3BCbnUxSFJPMlQ0cDBYN3U2TkJONzlZRlFYRGRwYnk0NnhGSktaNmpOK2JLYjVKMkh5ang5QzhkYU9cL1JYemhlaWdVVFp2VStXMUR4UjFjWUgraktjNnNrXC90TVlNMk1Bbm93RFVxTERidTh1UEhHb1RJVmptT1F0bjZKeEN3c3FhQll0Y0VaSGJwSGQ2SlREeEZuWno0bDczUmR6dmFlNU9kcmdBS0ZWSEtLb1FJa0wzaUdkeDF5QjVNUlZkTFBhMmNHKzlVQ1EzZU5vR2ZBcURpbFQ3dlZDdElrWXZ2K0pNQ2FCNTNRTHlrQWJRSlRcL2pRdVllaFJOZGpBXC9NQ3lqa0xMb2tiQTNRdFwvSytSTmFUNnQiLCJtYWMiOiIzMGU1ZjBhYTk5NmNhOWMxMjNiYTk2NDFhOWQyNGFmOWJlOTE3MjI3ZDFhMGQ5MTZlYTRiNTk1MzE3OWVhNTcwIn0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D44ed0fa6-1675-4c45-98b3-bfa9ba6a51c4

Response headers

Date: Sat, 31 Jul 2021 18:52:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=x61T93V+rJTNJ5Kxp6wCqkMDo2+CG0OARhLR6UoplfDBfHngmfSEQHjjle3+2ipc95PzSO2w9rpsWeT8Cu3xNT/JvZ4iNTkO2I+LGDqlR8S1m49vhSQExDdMGckO; Expires=Sat, 07 Aug 2021 18:52:32 GMT; Path=/ AWSALBCORS=x61T93V+rJTNJ5Kxp6wCqkMDo2+CG0OARhLR6UoplfDBfHngmfSEQHjjle3+2ipc95PzSO2w9rpsWeT8Cu3xNT/JvZ4iNTkO2I+LGDqlR8S1m49vhSQExDdMGckO; Expires=Sat, 07 Aug 2021 18:52:32 GMT; Path=/; SameSite=None
Server: nginx/1.11.6
Content-Encoding: gzip

Redirect headers

Date: Sat, 31 Jul 2021 18:52:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=Kpl11orZrydAuneuFhepYJk5SCJPei7VkpBTPLUZcQsNp8Myn5DnsfaejUfN7Lg0WB3DpO7kXRHF8HptIZs44te6lmrI0UHmpTw1e8XV1TWGOOLqIQq6i+I4+Rkp; Expires=Sat, 07 Aug 2021 18:52:32 GMT; Path=/ AWSALBCORS=Kpl11orZrydAuneuFhepYJk5SCJPei7VkpBTPLUZcQsNp8Myn5DnsfaejUfN7Lg0WB3DpO7kXRHF8HptIZs44te6lmrI0UHmpTw1e8XV1TWGOOLqIQq6i+I4+Rkp; Expires=Sat, 07 Aug 2021 18:52:32 GMT; Path=/; SameSite=None XSRF-TOKEN=eyJpdiI6IlNydFpOK2YyeDZoOUlFTG9LbFArcEE9PSIsInZhbHVlIjoiSG5GZGhPRHJQMW5mUlFqZEQwUXFqMndmK2NGNXpnTDhWRHVvK2J2YUVzV1wvNXZxdUZyZWhnczloS0dVYzVOSEFNVCtoZ3gwSzA0Q0JqZWRndFZ1em53PT0iLCJtYWMiOiJmYmZlZmIwODNhNGVmMWYxOWIwZmNmNWU3NzAwOGVjMmVlYzExODM1MjFiMjczYTNmZWU0YzY2ZDRlYjY5OGU4In0%3D; expires=Sat, 31-Jul-2021 20:52:32 GMT; Max-Age=7200; path=/ session=eyJpdiI6IkdnanFsTng0U1JUWEViZXdFOEs4NHc9PSIsInZhbHVlIjoiWkxhcVc1bmRGQlhSVER5SGo4aXowUzlyU0hLS1RNcVBNaHBcLzY2TlRiUHlsSUh2QVJlWitlbHNPS1wvOFQ3bjlmZ3BlYnM1TkV6ZG5sWE00bHVOV3dkUT09IiwibWFjIjoiM2VhNzEyMGRiZmJiOTcxZmE4ZTM5MGY0ZGVkZTRmYjNmNzdjZjE3ZmRlOTQ2MDhkYzIxNDU4OTExMGNkNTE1OCJ9; expires=Sat, 31-Jul-2021 20:52:32 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6ImgycjRYcFZ5VlNRUXltMG9UcUlCcmc9PSIsInZhbHVlIjoiVG1WSkxMSDhSKzFKeHVtcWdiZUtabUpOXC9VeE1cL2N6dExXOGRwSzBNcXdERDJGeUZJaVVWRHp6QktZajVKMWFpNURROTBqbnhUSENKR1hpNzl6M1JGZEtnZFp4cnp4Q2VycXNrQWs5azZqTFk0eDBaN2ZWTVpyd1B1bFRRZUFTYzVWbElwV3JXaDBFV0FPeEp3TVFmN3p0T3lla2o3RlU5NDJBU0FpcWVYOWUxYmlMa0ZIbkxpZkttNVpPVXE4NlMiLCJtYWMiOiI5ODIzY2VkZmMwNWI2MmM0MDJlN2I5OTg4MzVhYWUzMjc2ZWRhZDNmOTgxNWYxMWJhOTRjNjBjY2UxMWM1ZDU2In0%3D; expires=Sun, 01-Aug-2021 18:52:32 GMT; Max-Age=86400; path=/; HttpOnly EEKVwaV1V23P6lRZoVBuMTxVxpKXnpWiTCjZg7mg=eyJpdiI6IldJT3lOeWY2QXF1bFpoK0s0WEZMZ1E9PSIsInZhbHVlIjoiS0J5clZ5MXphM25ZN3g2eWl6b1IrSlZicGxMMnVMcmRQV2tJMTBvQnE0VFwvUHEwMGhrNHRYWkJOTFFqazlFallrOHlIN21Qc24yMmc4Q3VVZkdRclRrV2lZT0V6eDlNdnFmdFZaYnBUdHVUUER5NVhlb05mRlJyK3BKY0J2bGE1azIzdEhyOUlFemIrZzBtdERIb1hEb1BtSHQzMnBCc1EreWhLbVwvSm9SR1hHUlBjZmI5TEV4V1VjOHNod3ZKaUoyTDExWHBsdmlcL2p1cWt5MktNYXUwMjVTTFhON2h1Z1lxUnNGVUViZXhZTkxhQVVMaTR5K2hPRGd2c0R0RGw2NlVmTGdLNmpGb09FRlJUZVwvZkdjaVo5d2VhaVhTZ2ZGVVk0MXBRTXk2RFVHaWtuXC8wSlFoaFQxQWNzZllvNmdIU1FaSElVTGtRVFBlazg2dGo5MklJRUQxQ0FvcEFralNONlc2Z3k4dktsdmY1V3BCbnUxSFJPMlQ0cDBYN3U2TkJONzlZRlFYRGRwYnk0NnhGSktaNmpOK2JLYjVKMkh5ang5QzhkYU9cL1JYemhlaWdVVFp2VStXMUR4UjFjWUgraktjNnNrXC90TVlNMk1Bbm93RFVxTERidTh1UEhHb1RJVmptT1F0bjZKeEN3c3FhQll0Y0VaSGJwSGQ2SlREeEZuWno0bDczUmR6dmFlNU9kcmdBS0ZWSEtLb1FJa0wzaUdkeDF5QjVNUlZkTFBhMmNHKzlVQ1EzZU5vR2ZBcURpbFQ3dlZDdElrWXZ2K0pNQ2FCNTNRTHlrQWJRSlRcL2pRdVllaFJOZGpBXC9NQ3lqa0xMb2tiQTNRdFwvSytSTmFUNnQiLCJtYWMiOiIzMGU1ZjBhYTk5NmNhOWMxMjNiYTk2NDFhOWQyNGFmOWJlOTE3MjI3ZDFhMGQ5MTZlYTRiNTk1MzE3OWVhNTcwIn0%3D; expires=Sat, 31-Jul-2021 20:52:32 GMT; Max-Age=7200; path=/; HttpOnly
Server: nginx/1.11.6
Cache-Control: no-cache, private
Location: /main/d.php?s=1&link=https%3A%2F%2Fbbtl-glo.talkdialog.com%2Ft%2Fclk%3Fid%3D27YTZVNU08pjSn7DlHj%26s2%3DqMzntD8GSl-61059bf06b4c647f2135e444%26

GET
H2 404 clk Show response
bbtl-glo.talkdialog.com/t/ 0
272 B 1630ms
1592ms Document
text/html 52.57.153.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbtl-glo.talkdialog.com/t/clk?id=27YTZVNU08pjSn7DlHj&s2=qMzntD8GSl-61059bf06b4c647f2135e444&

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.153.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-153-168.eu-central-1.compute.amazonaws.com

Software

nginx/1.12.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: bbtl-glo.talkdialog.com
:scheme: https
:path: /t/clk?id=27YTZVNU08pjSn7DlHj&s2=qMzntD8GSl-61059bf06b4c647f2135e444&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 18:52:34 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.12.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Cookie, Origin
set-cookie: ydt_18d179d401234f5f82fce62edd7d3767="[]:1m9u66:6zEZa4uZUGiyrUeEIUS9go4W2yc"; expires=Mon, 30 Aug 2021 20:52:34 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bbtl-glo.talkdialog.com/	1970-01-19 20:52:36	Name: ydt_18d179d401234f5f82fce62edd7d3767 Value: "[]:1m9u66:6zEZa4uZUGiyrUeEIUS9go4W2yc"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.flamingololo.com
bbtl-glo.mainstreamgallery.com
bbtl-glo.talkdialog.com
beastrackers.com
go.grandprizewinners.com
so.slytrk06.com
tl-eu.adtrackoptimize.com
tr.premtraffic.com
tracking.flamingololo.com
2606:4700:3031::ac43:9554
34.245.243.150
34.247.228.48
35.82.115.30
52.212.76.176
52.57.153.168
52.58.87.33
2090666efd0580ac5c184bced263a010a80b1259ea8950d2091d4b7729bda11d
7d7c028818e3377c2b999265da69b2b7bc2d953c436304820759cac316648db4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

go.grandprizewinners.com Open in urlscan Pro 35.82.115.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

50 %HTTPS

14 %IPv6

8 Domains

9 Subdomains

3 IPs

3 Countries

2 kBTransfer

0 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

1 Cookies

Indicators

go.grandprizewinners.com Open in urlscan Pro
35.82.115.30 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

50 %
HTTPS

14 %
IPv6

8
Domains

9
Subdomains

3
IPs

3
Countries

2 kB
Transfer

0 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions