trz.trztrk.us - urlscan.io

Summary

This website contacted 2 IPs in 3 countries across 7 domains to perform 2 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is trz.trztrk.us.
TLS certificate: Issued by WE1 on July 26th 2024. Valid for: 3 months.

This is the only time trz.trztrk.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.163.112 172.67.163.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	162.213.255.57 162.213.255.57	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2600:9000:21a... 2600:9000:21a1:ac00:12:1573:1600:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	18.159.13.173 18.159.13.173	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.194.218 34.111.194.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2

1 172.67.163.112 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

private-date9.girlinyourarea.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.213.255.57 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server149-1.web-hosting.com

stracksecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

trz.trztrk.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hello.hooksexy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21a1:ac00:12:1573:1600:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

v.opentraffics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.13.173 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-13-173.eu-central-1.compute.amazonaws.com

nicking-unding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.194.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.194.111.34.bc.googleusercontent.com

www.trkvrn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	trkvrn.com 1 redirects www.trkvrn.com	637 B
2	nicking-unding.com 2 redirects nicking-unding.com	1 KB
2	opentraffics.com 2 redirects v.opentraffics.com	1 KB
1	hooksexy.com 1 redirects hello.hooksexy.com	1 KB
1	trztrk.us trz.trztrk.us	808 B
1	stracksecure.com 1 redirects stracksecure.com	806 B
1	girlinyourarea.site 1 redirects private-date9.girlinyourarea.site	570 B
2	7

	Domain	Requested by
2	www.trkvrn.com	1 redirects trz.trztrk.us
2	nicking-unding.com	2 redirects
2	v.opentraffics.com	2 redirects
1	hello.hooksexy.com	1 redirects
1	trz.trztrk.us
1	stracksecure.com	1 redirects
1	private-date9.girlinyourarea.site	1 redirects
2	7

This site contains no links.

Subject Issuer	Validity	Valid
trztrk.us WE1	`2024-07-26` - `2024-10-24`	3 months	crt.sh
vrn4skf.com Starfield Secure Certificate Authority - G2	`2024-07-15` - `2024-12-27`	5 months	crt.sh

This page contains 1 frames:

Frame: https://www.trkvrn.com/2HT145K/2GT2L5F/?__ptid=f787d2e61706414aa45b04b49537cb9f&sub1=53057&sub2=wat2heku4rf67u4336mg8d90&sub3=&sub4=&sub5=&source_id=
Frame ID: F4AA35C5392EB2CCB2004052D10363CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://private-date9.girlinyourarea.site/ HTTP 302
https://stracksecure.com/tracking202/redirect/rtr.php?t202id=2136&c1=IVAN&t202kw=IVAN HTTP 302
https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN&source=IVAN Page URL

Page Statistics

2
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

2
IPs

3
Countries

1 kB
Transfer

1 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://private-date9.girlinyourarea.site/ HTTP 302
https://stracksecure.com/tracking202/redirect/rtr.php?t202id=2136&c1=IVAN&t202kw=IVAN HTTP 302
https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN&source=IVAN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://hello.hooksexy.com/11cb91c1-d956-4a05-8194-3d9f86e18c47?pub_id=10&campaign=2&referer=&source=IVAN&sub_source=&p1=IVAN&p2=&revenue={revenue}&clickid=66ab97611bbd7203413a9797 HTTP 302
https://v.opentraffics.com/1adac89b-33e0-4396-bca9-9e69b57d482b?t1=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&t2=IVAN&tag=w49s6vbr07c3au43jfvj1vvo HTTP 307
https://v.opentraffics.com/1adac89b-33e0-4396-bca9-9e69b57d482b/2?t1=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&t2=IVAN&tag=w49s6vbr07c3au43jfvj1vvo HTTP 302
https://nicking-unding.com/32a1bbba-cad2-495d-9018-e4523717a6d1?s1=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&s2=IVAN&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3057&cost=&tag=wat2heku4rf67u43jqfnihdi HTTP 307
https://nicking-unding.com/32a1bbba-cad2-495d-9018-e4523717a6d1/2?s1=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&s2=IVAN&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3057&cost=&tag=wat2heku4rf67u43jqfnihdi HTTP 302
https://www.trkvrn.com/2HT145K/3LM6TWL/?uid=2862&sub1=53057&sub2=wat2heku4rf67u4336mg8d90 HTTP 302
https://www.trkvrn.com/2HT145K/2GT2L5F/?__ptid=f787d2e61706414aa45b04b49537cb9f&sub1=53057&sub2=wat2heku4rf67u4336mg8d90&sub3=&sub4=&sub5=&source_id=

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request click Show response trz.trztrk.us/ Redirect Chain https://private-date9.girlinyourarea.site/ https://stracksecure.com/tracking202/redirect/rtr.php?t202id=2136&c1=IVAN&t202kw=IVAN https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN&source=IVAN	582 B 808 B	237ms 162ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN&source=IVAN Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e55d5b9fb024cc81fdafb319f6f77c53469d92b9c868083ddae6797c1f7770d6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Model alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8ac669be8fdc9f57-FRA content-encoding br content-type text/html date Thu, 01 Aug 2024 14:10:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGtG%2B3VMNCCT5t2HSMfgFXSUWGPpkA1vXCdGtVnqvfwXcMvDzU95RU4CMY9eBXB3pQigq2EwPZc0Y6hfQDGXO3NZ6fve8srTiWvywfL8H7LbpjnkmSBel%2Fm0RlTzlGee"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-rt 63 Redirect headers cache-control no-cache, no-store, must-revalidate, max-age=0 content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Aug 2024 14:10:40 GMT location https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN&source=IVAN server LiteSpeed x-powered-by PHP/7.4.33 x-turbo-charged-by LiteSpeed
GET H2	204	/ www.trkvrn.com/2HT145K/2GT2L5F/ Redirect Chain https://hello.hooksexy.com/11cb91c1-d956-4a05-8194-3d9f86e18c47?pub_id=10&campaign=2&referer=&source=IVAN&sub_source=&p1=IVAN&p2=&revenue={revenue}&clickid=66ab97611bbd7203413a9797 https://v.opentraffics.com/1adac89b-33e0-4396-bca9-9e69b57d482b?t1=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&t2=IVAN&tag=w49s6vbr07c3au43jfvj1vvo https://v.opentraffics.com/1adac89b-33e0-4396-bca9-9e69b57d482b/2?t1=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&t2=IVAN&tag=w49s6vbr07c3au43jfvj1vvo https://nicking-unding.com/32a1bbba-cad2-495d-9018-e4523717a6d1?s1=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&s2=IVAN&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3057&cost=&tag=wat2heku4rf67u43jqfnihdi https://nicking-unding.com/32a1bbba-cad2-495d-9018-e4523717a6d1/2?s1=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&s2=IVAN&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3057&cost=&tag=wat2heku4rf67u43jqfnihdi https://www.trkvrn.com/2HT145K/3LM6TWL/?uid=2862&sub1=53057&sub2=wat2heku4rf67u4336mg8d90 https://www.trkvrn.com/2HT145K/2GT2L5F/?__ptid=f787d2e61706414aa45b04b49537cb9f&sub1=53057&sub2=wat2heku4rf67u4336mg8d90&sub3=&sub4=&sub5=&source_id=	0 0	160ms 158ms	Document text/plain	34.111.194.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www.trkvrn.com/2HT145K/2GT2L5F/?__ptid=f787d2e61706414aa45b04b49537cb9f&sub1=53057&sub2=wat2heku4rf67u4336mg8d90&sub3=&sub4=&sub5=&source_id= Requested by Host: trz.trztrk.us URL: https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN&source=IVAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.194.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.194.111.34.bc.googleusercontent.com Software nginx / Resource Hash Request headers Referer https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN&source=IVAN Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ch Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 01 Aug 2024 14:10:42 GMT server nginx vary Origin via 1.1 google x-eflow-request-id ae0f8c3e-2a7b-4872-a7d6-dc29bdc00dd2 Redirect headers accept-ch Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 196 content-type text/html; charset=utf-8 date Thu, 01 Aug 2024 14:10:42 GMT location https://www.trkvrn.com/2HT145K/2GT2L5F/?__ptid=f787d2e61706414aa45b04b49537cb9f&sub1=53057&sub2=wat2heku4rf67u4336mg8d90&sub3=&sub4=&sub5=&source_id= server nginx vary Origin via 1.1 google x-eflow-request-id 949685c3-182e-4da9-97ba-ff8fd824c9eb

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.stracksecure.com/	1970-01-20 23:11:53	Name: tracking202subid-legacy Value: 588287
.stracksecure.com/	1970-01-20 23:11:53	Name: tracking202subid_a_3-legacy Value: 588287
.stracksecure.com/	1970-01-20 23:11:53	Name: tracking202subid Value: 588287
.stracksecure.com/	1970-01-20 23:11:53	Name: tracking202subid_a_3 Value: 588287
trz.trztrk.us/	1970-01-20 22:38:46	Name: sess_632b3f53ce20465fc2535e37 Value: 632b358e3c0d3a3ae24fb4db
.hello.hooksexy.com/	1970-01-20 22:30:07	Name: 11cb91c1-d956-4a05-8194-3d9f86e18c47-v4 Value: eRXfWkM2NTHjEDtJ3_dlsx-K9DJ2Cv83VXM7VegY_XE
.hello.hooksexy.com/	1970-01-21 07:14:17	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22w49s6vbr07c3au43jfvj1vvo%22%2C%22caid%22%3A%2211cb91c1-d956-4a05-8194-3d9f86e18c47%22%7D
.v.opentraffics.com/	1970-01-20 22:30:07	Name: 1adac89b-33e0-4396-bca9-9e69b57d482b-v4 Value: 3UWJOhNyZ7UQjkUMPIy566uM8QSPaRzeE1EP0BUjLqU
.v.opentraffics.com/	1970-01-21 07:14:17	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22wat2heku4rf67u43jqfnihdi%22%2C%22caid%22%3A%221adac89b-33e0-4396-bca9-9e69b57d482b%22%7D
.nicking-unding.com/	1970-01-20 22:30:07	Name: 32a1bbba-cad2-495d-9018-e4523717a6d1-v4 Value: neF106CqkImLXUYptyx5MlR0QoHKxJ-zDkel1rkbbPg
.nicking-unding.com/	1970-01-21 07:14:17	Name: cc-v4 Value: yXaJqPi16J%2F4cnGQ1PCDnQbEDLMSAOXB5n0MzdFQ19dgQ4ssZxEgIo0bTx7ywKkyh47bPTeFBo3VwiswuAftEf45oQXws6uZme4hZjN5s39PT6688pFm7W8P5UkBryyen%2BgibTnnzyPn0eHoCFh%2FCg%3D%3D
www.trkvrn.com/	1970-01-20 22:30:07	Name: uniqueClick_3LM6TWL Value: 4c69d760-2263-4f2d-af57-2b198fab99a8:1722521442

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hello.hooksexy.com
nicking-unding.com
private-date9.girlinyourarea.site
stracksecure.com
trz.trztrk.us
v.opentraffics.com
www.trkvrn.com
162.213.255.57
172.67.163.112
18.159.13.173
188.114.97.3
2600:9000:21a1:ac00:12:1573:1600:93a1
2a06:98c1:3120::3
34.111.194.218
e55d5b9fb024cc81fdafb319f6f77c53469d92b9c868083ddae6797c1f7770d6

trz.trztrk.us Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

100 %HTTPS

29 %IPv6

7 Domains

7 Subdomains

2 IPs

3 Countries

1 kBTransfer

1 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

12 Cookies

Indicators

trz.trztrk.us Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

2
IPs

3
Countries

1 kB
Transfer

1 kB
Size

12
Cookies

2 HTTP transactions
0 data transactions