urlscan.io logo urlscan.io
SecurityTrails logo

clik.global-trk.com Open in urlscan Pro
34.242.181.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://onlyfriend.xyz/
Effective URL: https://clik.global-trk.com/aff_c?offer_id=7007&aff_unique4=4044:23531&aff_id=3913&aff_sub=31-387-&aff_sub3=&aff_sub5=CR_Jn:...
Submission: On June 10 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 3 HTTP transactions. The main IP is 34.242.181.14, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is clik.global-trk.com.
TLS certificate: Issued by Amazon on February 10th 2020. Valid for: a year.
This is the only time clik.global-trk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.64.119.237 22612 (NAMECHEAP...)
2 2 34.212.251.254 16509 (AMAZON-02)
1 116.202.17.203 24940 (HETZNER-AS)
1 88.198.44.131 24940 (HETZNER-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.242.181.14 16509 (AMAZON-02)
3 3
1    192.64.119.237 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
onlyfriend.xyz
2    34.212.251.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-251-254.us-west-2.compute.amazonaws.com
track.iwanttomeet.xyz
1    116.202.17.203 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.203.17.202.116.clients.your-server.de
track-paidaffs.intuad.com
1    88.198.44.131 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-44-131.clients.your-server.de
88.198.44.131
1    2606:4700:3031::ac43:cd2a (United States)

ASN13335 (CLOUDFLARENET, US)
ezofferz.com
1    34.242.181.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-181-14.eu-west-1.compute.amazonaws.com
clik.global-trk.com
Apex Domain
Subdomains		 Transfer
2 iwanttomeet.xyz
track.iwanttomeet.xyz
547 B
1 global-trk.com
clik.global-trk.com
474 B
1 ezofferz.com
ezofferz.com
853 B
1 intuad.com
track-paidaffs.intuad.com
2 KB
1 onlyfriend.xyz
onlyfriend.xyz
243 B
3 5
Domain Requested by
2 track.iwanttomeet.xyz 2 redirects
1 clik.global-trk.com track-paidaffs.intuad.com
1 ezofferz.com 1 redirects
1 track-paidaffs.intuad.com
1 onlyfriend.xyz 1 redirects
3 5

This site contains no links.

Subject Issuer Validity Valid
clik.global-trk.com
Amazon		 2020-02-10 -
2021-03-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://clik.global-trk.com/aff_c?offer_id=7007&aff_unique4=4044:23531&aff_id=3913&aff_sub=31-387-&aff_sub3=&aff_sub5=CR_Jn:2060917277
Frame ID: 254B47E0241FC6ACE0765494CED00ABE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://onlyfriend.xyz/ HTTP 302
    https://track.iwanttomeet.xyz/SH47736 HTTP 302
    https://track.iwanttomeet.xyz/track_c?affiliate_id=2754&offer_id=387 HTTP 302
    http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387 Page URL
  2. http://ezofferz.com/cr.php?cid=3204&aff_id=3913&doland&aff_sub=31-387-&aff_sub3=&aff_sub5=CR_CRPX HTTP 302
    https://clik.global-trk.com/aff_c?offer_id=7007&aff_unique4=4044:23531&aff_id=3913&aff_sub=31-387-&aff_s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

33 %
HTTPS

17 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

3 kB
Transfer

4 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://onlyfriend.xyz/ HTTP 302
    https://track.iwanttomeet.xyz/SH47736 HTTP 302
    https://track.iwanttomeet.xyz/track_c?affiliate_id=2754&offer_id=387 HTTP 302
    http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387 Page URL
  2. http://ezofferz.com/cr.php?cid=3204&aff_id=3913&doland&aff_sub=31-387-&aff_sub3=&aff_sub5=CR_CRPX HTTP 302
    https://clik.global-trk.com/aff_c?offer_id=7007&aff_unique4=4044:23531&aff_id=3913&aff_sub=31-387-&aff_sub3=&aff_sub5=CR_Jn:2060917277 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://onlyfriend.xyz/ HTTP 302
  • https://track.iwanttomeet.xyz/SH47736 HTTP 302
  • https://track.iwanttomeet.xyz/track_c?affiliate_id=2754&offer_id=387 HTTP 302
  • http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set go.php
track-paidaffs.intuad.com/
Redirect Chain
  • http://onlyfriend.xyz/
  • https://track.iwanttomeet.xyz/SH47736
  • https://track.iwanttomeet.xyz/track_c?affiliate_id=2754&offer_id=387
  • http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387
Protocol
HTTP/1.1
Server
116.202.17.203 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.17.202.116.clients.your-server.de
Software
nginx centminmod / centminmod
Resource Hash
830c5679c79c15743a74672d494edea410b8327588fd752dbc91f570e7d5fb2b

Request headers

Host
track-paidaffs.intuad.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Jun 2020 04:47:57 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding
Set-Cookie
PHPSESSID=0c4jijmm6qo4fo61ea3cnerks4; path=/ numhits=1; expires=Tue, 21-Jul-2020 20:47:57 GMT; Max-Age=3600000
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Server
nginx centminmod
X-Powered-By
centminmod
Content-Encoding
gzip

Redirect headers

Date
Wed, 10 Jun 2020 04:47:56 GMT
Location
http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387
Server
nginx/1.14.0 (Ubuntu)
Set-Cookie
AdsGraphyTrack_lead=2754_d25358893814ec6f74e9d1a869702b1d; Max-Age=9999999; Expires=Sat, 03-Oct-2020 22:34:35 GMT; Path=/
Content-Length
0
Connection
keep-alive
majax.php
88.198.44.131/ 		12 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://88.198.44.131/majax.php?p=YT0wJmI9MCZjPTE2MDAmZD0xMjAwJmU9MTYwMCZmPTEyMDAmZz0xJmg9KzAyOjAwJmk9MCZqPWVuLVVTJms9MCZsPW51bGwmbT01LjAlMjAoTWFjaW50b3NoJTNCJTIwSW50ZWwlMjBNYWMlMjBPUyUyMFglMjAxMF8xNF81KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjgzLjAuNDEwMy42MSUyMFNhZmFyaSUyRjUzNy4zNiZuPUxpbnV4IHg4Nl82NCZvPTImcD0xNTkxNzY0NDc3XzE3XzExXzJfN2M4ZTA4N2Y2MWE2X2xjMSZyPTAmcz1lbi1VUyZ0PW51bGwmdT0xJnY9aHR0cCUzQSUyRiUyRmV6b2ZmZXJ6LmNvbSUyRmNyLnBocCUzRmNpZCUzRDMyMDQlMjZhZmZfaWQlM0QzOTEzJTI2ZG9sYW5kJTI2YWZmX3N1YiUzRDMxLTM4Ny0lMjZhZmZfc3ViMyUzRCUyNmFmZl9zdWI1JTNEQ1JfQ1JQWCZ3PTE1OTE3NjQ0Nzc=
Requested by
Host: track-paidaffs.intuad.com
URL: http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387
Protocol
HTTP/1.1
Server
88.198.44.131 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-44-131.clients.your-server.de
Software
nginx centminmod / centminmod
Resource Hash
e1091542c16a670c849ebc29c474a22b73f9c4b00416bd43b0874e1e224ddd7b

Request headers

Referer
http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jun 2020 04:47:57 GMT
Content-Encoding
gzip
Server
nginx centminmod
X-Powered-By
centminmod
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://track-paidaffs.intuad.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Primary Request aff_c
clik.global-trk.com/
Redirect Chain
  • http://ezofferz.com/cr.php?cid=3204&aff_id=3913&doland&aff_sub=31-387-&aff_sub3=&aff_sub5=CR_CRPX
  • https://clik.global-trk.com/aff_c?offer_id=7007&aff_unique4=4044:23531&aff_id=3913&aff_sub=31-387-&aff_sub3=&aff_sub5=CR_Jn:2060917277
196 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clik.global-trk.com/aff_c?offer_id=7007&aff_unique4=4044:23531&aff_id=3913&aff_sub=31-387-&aff_sub3=&aff_sub5=CR_Jn:2060917277
Requested by
Host: track-paidaffs.intuad.com
URL: http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.181.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-181-14.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Host
clik.global-trk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387

Response headers

Server
nginx
Date
Wed, 10 Jun 2020 04:47:58 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
196
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate

Redirect headers

Date
Wed, 10 Jun 2020 04:47:58 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d6ed344ac9f947e3d0faeacbe9b90ab9e1591764477; expires=Fri, 10-Jul-20 04:47:57 GMT; path=/; domain=.ezofferz.com; HttpOnly; SameSite=Lax hskp=Jn%3A2060917277%2C; expires=Wed, 24-Jun-2020 04:47:57 GMT; Max-Age=1209600
Location
https://clik.global-trk.com/aff_c?offer_id=7007&aff_unique4=4044:23531&aff_id=3913&aff_sub=31-387-&aff_sub3=&aff_sub5=CR_Jn:2060917277
CF-Cache-Status
DYNAMIC
set-cookie
skip=-1591764477%2C31306; expires=Wed, 10-Jun-2020 04:57:57 GMT; Max-Age=600 3204_31306_0=1591764477; expires=Thu, 11-Jun-2020 04:47:57 GMT; Max-Age=86400
cf-request-id
033e277f640000dfef4a8e5200000001
Server
cloudflare
CF-RAY
5a1075123963dfef-FRA

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: http://track-paidaffs.intuad.com/go.php?p=11x2&lid=2&sub2=31-387(Line 106)
Message:
REQUEST FIRED