urlscan.io logo urlscan.io
SecurityTrails logo

click.trlxcf04.com Open in urlscan Pro
2606:4700:3037::6815:61d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://inboxblue1.work/t?v=1fp5840rd34971fx9750bx2pnb8cdbcddbb7709836eadd4ef28bdb1c8
Effective URL: https://click.trlxcf04.com/click/ko9sA44uAMEU4MnjsM?affid=102193&c1=18431-689944581&c3=9187
Submission: On January 24 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 3 countries across 3 domains to perform 1 HTTP transactions. The main IP is 2606:4700:3037::6815:61d, located in United States and belongs to CLOUDFLARENET, US. The main domain is click.trlxcf04.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 20th 2021. Valid for: a year.
This is the only time click.trlxcf04.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 95.138.193.34 29278 (DENINET-H...)
1 1 54.77.247.22 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1
Apex Domain
Subdomains		 Transfer
1 trlxcf04.com
click.trlxcf04.com
2 KB
1 iacheap.com
iacheap.com
743 B
1 inboxblue1.work
inboxblue1.work
536 B
1 3
Domain Requested by
1 click.trlxcf04.com
1 iacheap.com 1 redirects
1 inboxblue1.work 1 redirects
1 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-20 -
2022-06-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://click.trlxcf04.com/click/ko9sA44uAMEU4MnjsM?affid=102193&c1=18431-689944581&c3=9187
Frame ID: 2D54B5C3F9B005E1C547BEA24FE4122C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://inboxblue1.work/t?v=1fp5840rd34971fx9750bx2pnb8cdbcddbb7709836eadd4ef28bdb1c8 HTTP 301
    http://iacheap.com/?a=9187&c=18737&s1=&s2=57&s3=34971 HTTP 302
    https://click.trlxcf04.com/click/ko9sA44uAMEU4MnjsM?affid=102193&c1=18431-689944581&c3=9187 Page URL

Page Statistics

1
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

3
Countries

2 kB
Transfer

0 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://inboxblue1.work/t?v=1fp5840rd34971fx9750bx2pnb8cdbcddbb7709836eadd4ef28bdb1c8 HTTP 301
    http://iacheap.com/?a=9187&c=18737&s1=&s2=57&s3=34971 HTTP 302
    https://click.trlxcf04.com/click/ko9sA44uAMEU4MnjsM?affid=102193&c1=18431-689944581&c3=9187 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ko9sA44uAMEU4MnjsM
click.trlxcf04.com/click/
Redirect Chain
  • http://inboxblue1.work/t?v=1fp5840rd34971fx9750bx2pnb8cdbcddbb7709836eadd4ef28bdb1c8
  • http://iacheap.com/?a=9187&c=18737&s1=&s2=57&s3=34971
  • https://click.trlxcf04.com/click/ko9sA44uAMEU4MnjsM?affid=102193&c1=18431-689944581&c3=9187
24 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://click.trlxcf04.com/click/ko9sA44uAMEU4MnjsM?affid=102193&c1=18431-689944581&c3=9187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:61d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37b6f5753f324cba2796bfa3efdb1b0b0f20d97596abb201e281af57858235f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 24 Jan 2022 12:26:17 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BxOuSjBIeEQVi1XqDCZ6JYmdqIGy6zQ4Y06dJjVCwLOmk2EdueATH4p1cCckD2gqvpk5fOYJBZv2f3ZnRymC7G%2BWG6ybXVMF%2Fn7g5PWnHFF2SQnqBbcjKDvvEIBAd%2Fdb3TA4Pt642P1tfePzXni6rs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d293fd2efa63bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 24 Jan 2022 12:26:17 GMT
content-type
text/html; charset=utf-8
content-length
216
cache-control
private
location
https://click.trlxcf04.com/click/ko9sA44uAMEU4MnjsM?affid=102193&c1=18431-689944581&c3=9187
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Domain/Path Name / Value
inboxblue1.work/ Name: PHPSESSID
Value: 4aj75i0ncnam8ha7bu6e9ms792
.iacheap.com/ Name: sid
Value: sCxHGqKi5IkVp33avZqicjjuG75/o5S/azeZMLPVflT3DxXnzdRAZw==
.iacheap.com/ Name: trk
Value: owALEtXhOeEmza5T3/nOnTjuG75/o5S/azeZMLPVflT3DxXnzdRAZw==
.iacheap.com/ Name: c18431
Value: sCxHGqKi5Ik5ruTN6PVSkH6A29X8L1+gFrNkun+Zde/kwypBzLoyjg==
click.trlxcf04.com/ Name: AWSALB
Value: YV2eTBy6jXdIAHsQ0tms5Kn2xVs+9cyZxmXNqiktlgt0oaoGvqYCR14eJtv3DpObYtaRdShcmuowrfMhESybs0sl7pTCGsnnmpvF6sM8/7TYnqu+NRhQaA95pgdg
click.trlxcf04.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InN5bXlIN3UwY3ZaSVBxWFB0elZFOGc9PSIsInZhbHVlIjoiZjROWnNQTXNad3ZHQkY1N1BOMERPZlFEWmlVSDNaRWtnK2puWTRxMnRtZkNIb0xWK0tyeFJzWUJ6Mk5CY1VIbmtRVnBXRjBSRkx1K0cySEF4TWZaekE9PSIsIm1hYyI6ImE4MzJlY2M3OTNhYTQ0NjU2NmExNzAwZWEzYWZhYmVmODk1ZGI2MmU2YmY3ZDg0ODI5YzZiOGNiNjZkMWFiZTMifQ%3D%3D
click.trlxcf04.com/ Name: session
Value: eyJpdiI6IlBKTENUeGZMRW9GazZwYnE0NWgyRmc9PSIsInZhbHVlIjoiUGtnYnBGQjVjRDJWWmVWTUNTZFI3YkRsdE5MZjRWa1UrRXdyQ1pjMk9LTjFDUTRsR3dUeXhYVUxpN2E4NWNqaWJ1UGxiZmxNVVwvTTN1VzNHNGJhbUdnPT0iLCJtYWMiOiI5ZmMyODk5NDA1YmIyNDFmYzFhZThhNzM3MTg0ZjRhNmFlMjgwNGI1ODdiMGM2ODRkYmNmNTEwZTM5YTM4YWIxIn0%3D
click.trlxcf04.com/ Name: uNrIqtSFyWxoKJyrYwvErMO8UphzWTVMRnEzjwCd
Value: eyJpdiI6Ik9BVzBNckRaTDJySGdKWnY0SXVQdnc9PSIsInZhbHVlIjoiS29JcVwvNXJBSjlzS1d2RXh6a1htaHN5NjVMWFgrWStJSnBzT3U0ZEpQYzAxZTZmeWNXbTA1VDMzZGhBQ1AxaU5SbmVsUkpwTGF2OFlCdDhBcHdJWFwvamxjWHlpUXh6cUtxOEhOQVN4RTZVUWMwTGJJbWRiTTJIWGZGbStlUHQ1TjJRSjhDR3lCOWxoc1RkUXl6bUQrY3JhV3h5UzZnM1JpaHk1M3ZKcFlyalRaMkR3QXg2ZUNXWmE1ck9MZnpEYnNiV2MwQjZuYjkwMXNHQjF2N0MrQ1BYTXE0djVPTFFtTG9reXJUNldvKzNLVU55WDBHWm1vaDZRK2ZwNXBuSkhCY2VGRlVSUm9UTGFFRml3S3hrM2ZSZVpyeUxzT3IyWXVBNnNQTHdRVW9VR0ljS1NOMGwwZ0lsdDJGeEJqcDNSeFRiWkhrWjZIZ0wzSldwWlF5VUsybzliUjVobXNkQ3A2UE5NRUZSZWM0VTFrRUIrZlhwU203ckNkTG96aWZ2dDczTWRFY2RDNUpKQ3krdVpmNTdMVFFcL3lWNHJDTkMyazVFUHhUXC9NSmVHdkk9IiwibWFjIjoiYWRmN2ZkMzUyNTYxMmUyZjI4YjQwNDc3MGNkM2M5YTE5OGQxN2RjMDU5MmZiMDhkM2FlMGFhN2U5ODg5NzVlOSJ9

1 Console Messages

Source Level URL
Text
network error URL: https://click.trlxcf04.com/click/ko9sA44uAMEU4MnjsM?affid=102193&c1=18431-689944581&c3=9187
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.trlxcf04.com
iacheap.com
inboxblue1.work
2606:4700:3037::6815:61d
54.77.247.22
95.138.193.34
e37b6f5753f324cba2796bfa3efdb1b0b0f20d97596abb201e281af57858235f