flownotifsolutions.click
Open in
urlscan Pro
5.45.87.12
Public Scan
Submitted URL: https://c0me-get-s0me.net/clk/zOhWiYTVUwLOPb1tKiXz0MQIPZWAbEOI6YIa-bfYwJIDYpgwF_dZGlNdv7zMR1_aROoYkbla54vVFVj-9gtWWadby5l5...
Effective URL: https://flownotifsolutions.click/w11/?clickid=d597a16y98wxo9c0&lpkey=1607939457bd440a33&uclick=16y98wxo&uclickhash=16y98wxo-16y98...
Submission: On September 01 via api from US — Scanned from DE
Effective URL: https://flownotifsolutions.click/w11/?clickid=d597a16y98wxo9c0&lpkey=1607939457bd440a33&uclick=16y98wxo&uclickhash=16y98wxo-16y98...
Submission: On September 01 via api from US — Scanned from DE
Summary
This website contacted 3 IPs
in 2 countries
across 5 domains to perform 6 HTTP transactions.
The main IP is 5.45.87.12, located in
Meppel, Netherlands and
belongs to SCALAXY-AS, LV.
The main domain is flownotifsolutions.click.
TLS certificate: Issued by R3 on August 4th 2023. Valid for: 3 months.
This is the only time flownotifsolutions.click was scanned on urlscan.io!
TLS certificate: Issued by R3 on August 4th 2023. Valid for: 3 months.
This is the only time flownotifsolutions.click was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 136.243.249.75 136.243.249.75 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 1 | 213.239.195.120 213.239.195.120 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 5 | 5.45.87.12 5.45.87.12 | 58061 (SCALAXY-AS) (SCALAXY-AS) | |
| 1 | 142.132.255.57 142.132.255.57 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 6 | 3 |
1
136.243.249.75
(Vechelde, Germany)
ASN24940 (HETZNER-AS, DE)
PTR: dracula-bak.1push.io
ASN24940 (HETZNER-AS, DE)
PTR: dracula-bak.1push.io
| c0me-get-s0me.net |
1
213.239.195.120
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.213.239.195.120.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.213.239.195.120.clients.your-server.de
| trackingchan.com |
1
142.132.255.57
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.57.255.132.142.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.57.255.132.142.clients.your-server.de
| pushtorm.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
flownotifsolutions.click
1 redirects
flownotifsolutions.click |
343 KB |
| 1 |
pushtorm.net
pushtorm.net — Cisco Umbrella Rank: 44133 |
4 KB |
| 1 |
trackingchan.com
1 redirects
trackingchan.com |
668 B |
| 1 |
c0me-get-s0me.net
1 redirects
c0me-get-s0me.net |
387 B |
| 0 |
Failed
function sub() { [native code] }. Failed |
|
| 6 | 5 |
| Domain | Requested by | |
|---|---|---|
| 5 | flownotifsolutions.click |
1 redirects
flownotifsolutions.click
|
| 1 | pushtorm.net |
flownotifsolutions.click
|
| 1 | trackingchan.com | 1 redirects |
| 1 | c0me-get-s0me.net | 1 redirects |
| 0 | click.php Failed |
flownotifsolutions.click
|
| 6 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| shakeyourtrc.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| flownotifsolutions.click R3 |
2023-08-04 - 2023-11-02 |
3 months | crt.sh |
| pushtorm.net R3 |
2023-08-14 - 2023-11-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://flownotifsolutions.click/w11/?clickid=d597a16y98wxo9c0&lpkey=1607939457bd440a33&uclick=16y98wxo&uclickhash=16y98wxo-16y98wxo-16d5-0-g5xi-522tfe-52a93y-355d02
Frame ID: 642F1C981BF439672AEC36E61C952198
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Turn On Antivirus ProtectionPage URL History Show full URLs
-
https://c0me-get-s0me.net/clk/zOhWiYTVUwLOPb1tKiXz0MQIPZWAbEOI6YIa-bfYwJIDYpgwF_dZGlNdv7zMR1_aROoYkbla...
HTTP 302
https://trackingchan.com/click.php?key=ipjp4m8kg9hycdi6q2vm&clickId=GFo4oBNooMogcI7_WegBxq86gALJ8KCiu... HTTP 302
https://flownotifsolutions.click/w11?clickid=d597a16y98wxo9c0&lpkey=1607939457bd440a33&uclick=16y98wxo&uclick... HTTP 301
https://flownotifsolutions.click/w11/?clickid=d597a16y98wxo9c0&lpkey=1607939457bd440a33&uclick=16y98wxo&uclic... Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://shakeyourtrc.com/click.php?lp=1
Title: Stay Protected
Title: Stay Protected
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://c0me-get-s0me.net/clk/zOhWiYTVUwLOPb1tKiXz0MQIPZWAbEOI6YIa-bfYwJIDYpgwF_dZGlNdv7zMR1_aROoYkbla54vVFVj-9gtWWadby5l5KkZyR39DI9CmsdXHK6kOmpQfka7_rMy8-AXMEXojHSdzClgPkPdUQ8aT0J_EGO-u2Es63a-NTG9WjXLg0ShQEQ-Lh8upSlUzgBnozDHaW3KJEY-8eWJai_gMTfdi9mfbYMRhndds32t16AmV_Qwuv7p9x2mNR0myCzz636zuoL6knKU_Lcot263PbBx6NEZKQDJ-jabe8Bwnq9RIieUoeAolT27TQiTKClBb2tXDKdF1IDfOEhradTlBirEdB_TBrqwboeoI-WSUbxwQeLGGi1Vydvel0_JVqrfPGFWexPJtPSmUcCMtOdSoiTq0TJdJvhEtiUUXpKPEf45Sp2OxPKGtHUMkCiunL1G_fQJrB7VckID3nW3OUfxrVM8n3po0pti9V4p5ek0WcPm4dZKHFyJtts_VIqkmZ08ghZRTT7u7-oF6QuAgI9_K94pPwK9K2N4R5I1kTf9ag2PVDXwYvzXPIiW8zFYLjbdDNiVPwO6RxfCLJm6Lp8g4LBeqrlD7eLGC4lZo-NgpBVPKTv-QhB5L9xFmvT3Dqlu73vtxKcBJpkSMkIbP0vyaRMcYykO5ouRHYlaMZW-OMoa7F888fJCu-c0q8TlPlHzhoVsGdzg9AjlElogeSJYpAJEIjfSTkO7AlcuDm8ZOVKA_5hDyicPUxASob0k2g_VEUj_jnpZOq0qmKah1jQsG9rZ0Kgj2KuVX
HTTP 302
https://trackingchan.com/click.php?key=ipjp4m8kg9hycdi6q2vm&clickId=GFo4oBNooMogcI7_WegBxq86gALJ8KCiuaHgfw&cost=0.1769&zoneId=956358&feedid=90&campaignId=533792&ageGroup=AGE_0_3&creativeid=1474446 HTTP 302
https://flownotifsolutions.click/w11?clickid=d597a16y98wxo9c0&lpkey=1607939457bd440a33&uclick=16y98wxo&uclickhash=16y98wxo-16y98wxo-16d5-0-g5xi-522tfe-52a93y-355d02 HTTP 301
https://flownotifsolutions.click/w11/?clickid=d597a16y98wxo9c0&lpkey=1607939457bd440a33&uclick=16y98wxo&uclickhash=16y98wxo-16y98wxo-16d5-0-g5xi-522tfe-52a93y-355d02 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
flownotifsolutions.click/w11/ Redirect Chain
|
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
flownotifsolutions.click/w11/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.svg
flownotifsolutions.click/w11/ |
1 KB 996 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
box.png
flownotifsolutions.click/w11/ |
307 KB 307 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
click.php/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
subscription.js
pushtorm.net/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- click.php
- URL
- https://click.php/?event10=1
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery object| _0x32b6 function| _0x1f05 function| getURLParameter string| thjp object| pp function| exit_offer object| pushService2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| trackingchan.com/ | Name: uclick Value: 16y98wxo |
|
| trackingchan.com/ | Name: uclickhash Value: 16y98wxo-16y98wxo-16d5-0-g5xi-522tfe-52a93y-355d02 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c0me-get-s0me.net
click.php
flownotifsolutions.click
pushtorm.net
trackingchan.com
click.php
136.243.249.75
142.132.255.57
213.239.195.120
5.45.87.12
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
49970818ac9e72e7c2c3e0d029bcb7a20ccf64ddbc9b1dc62f5518c0ba7afd6e
95e9f23cb3d441d97d2631610706ab50a681a6017b565328beb712091762d6bb
a5b3c75b566aa0feca6d70c6822a7dace2f7e478ac9bf07cdc8b9fed895c619b
e4aef0aba15680c1b745414a7c7bc39cdbeda17f1de0c7bf57bf90378b6a5d26