click.rzltrk.com
Open in
urlscan Pro
5.39.219.146
Public Scan
Effective URL: http://click.rzltrk.com/normandie/a.php
Submission: On May 17 via manual from FR — Scanned from NL
Summary
This is the only time click.rzltrk.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 5.39.219.146 5.39.219.146 | 57043 (HOSTKEY-AS) (HOSTKEY-AS) | |
2 | 151.101.112.193 151.101.112.193 | 54113 (FASTLY) (FASTLY) | |
1 1 | 104.171.127.123 104.171.127.123 | 31863 (DACEN-2) (DACEN-2) | |
2 2 | 2a06:98c1:312... 2a06:98c1:3120::a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2a06:98c1:312... 2a06:98c1:3121::a | () () | |
1 1 | 52.58.114.47 52.58.114.47 | () () | |
1 2 | 44.235.215.24 44.235.215.24 | () () | |
5 | 3 |
ASN57043 (HOSTKEY-AS, NL)
PTR: srv.tims-rewards.com
normandie.super-prizes.win | |
click.rzltrk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
grandprizewinners.com
1 redirects
go.grandprizewinners.com |
3 KB |
2 |
link-locked.com
2 redirects
link-locked.com |
1 KB |
2 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 5319 |
250 KB |
1 |
applewes.com
1 redirects
bbcc-glo.applewes.com |
531 B |
1 |
slytrk06.com
1 redirects
so.slytrk06.com |
1 KB |
1 |
trkwebs.com
1 redirects
trkwebs.com |
598 B |
1 |
rzltrk.com
click.rzltrk.com |
594 B |
1 |
super-prizes.win
normandie.super-prizes.win |
652 B |
5 | 8 |
Domain | Requested by | |
---|---|---|
2 | go.grandprizewinners.com | 1 redirects |
2 | link-locked.com | 2 redirects |
2 | i.imgur.com |
normandie.super-prizes.win
click.rzltrk.com |
1 | bbcc-glo.applewes.com | 1 redirects |
1 | so.slytrk06.com | 1 redirects |
1 | trkwebs.com | 1 redirects |
1 | click.rzltrk.com | |
1 | normandie.super-prizes.win | |
5 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
normandie.super-prizes.win R3 |
2022-05-11 - 2022-08-09 |
3 months | crt.sh |
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-03-16 |
a year | crt.sh |
This page contains 1 frames:
Frame:
http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Flg-glo.gloytrk1.com%2Ft%2Fclk%3Fid%3DqQ5uk1pUvNyOFMgVXS0%26s2%3DqMzntD8GSl-6283920e6cc58304d712f5e2%26
Frame ID: 0F23B19949EAB2F0C59B35049622C740
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://normandie.super-prizes.win/redirect.html Page URL
- http://click.rzltrk.com/normandie/a.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://normandie.super-prizes.win/redirect.html Page URL
- http://click.rzltrk.com/normandie/a.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://trkwebs.com/click.php?camp=5422&pubid=282& HTTP 302
- http://link-locked.com/click.php?camp=220&pubid=282&sid=&sid2=&sid3=&sid4= HTTP 301
- https://link-locked.com/click.php?camp=220&pubid=282&sid=&sid2=&sid3=&sid4= HTTP 302
- https://so.slytrk06.com/t/clk?id=rm2HA45fROEU6qL9SJ&s2=INM45c47c2f984e9f2&s1=282 HTTP 302
- https://bbcc-glo.applewes.com/t/clk?id=QkM6f6J5fQ5vNIAkyMHo&s1=282&s2=INM45c47c2f984e9f2&rl=4oRXn&redirect-from=rm2HA45fROEU6qL9SJ&rcode=R01&rseq=R01 HTTP 302
- http://go.grandprizewinners.com/click/rNJ9BhQ8Xx?c1=b54b52ce-0ef4-4665-a2a3-5b30fa074ba3&c2=4333&c7=30001 HTTP 302
- http://go.grandprizewinners.com/main/d.php?s=1&link=https%3A%2F%2Flg-glo.gloytrk1.com%2Ft%2Fclk%3Fid%3DqQ5uk1pUvNyOFMgVXS0%26s2%3DqMzntD8GSl-6283920e6cc58304d712f5e2%26
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
redirect.html
normandie.super-prizes.win/ |
455 B 652 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hTnbZux.gif
i.imgur.com/ |
125 KB 125 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
a.php
click.rzltrk.com/normandie/ |
451 B 594 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hTnbZux.gif
i.imgur.com/ |
125 KB 125 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d.php
go.grandprizewinners.com/main/ Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
trkwebs.com/ | Name: PHPSESSID Value: n2n5aqr13tj5b67rtk5ifvjhq3 |
|
link-locked.com/ | Name: PHPSESSID Value: gn9ebbs5i2g2ehj7skncqpboj5 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bbcc-glo.applewes.com
click.rzltrk.com
go.grandprizewinners.com
i.imgur.com
link-locked.com
normandie.super-prizes.win
so.slytrk06.com
trkwebs.com
104.171.127.123
151.101.112.193
2a06:98c1:3120::a
2a06:98c1:3121::a
44.235.215.24
5.39.219.146
52.58.114.47
7a22f2424f98fa426ab749a559fea77f2bb976ae293de1feeef1a6daf5acb3cb
9db71216095778ea531344c7621ed029e8b97891190bdf865c9f92f1fcb4f9dc
eaa81a78d6ab29a12b5b86e349f7d77abe19946f0d597e1b5191ad1845c4effd