www.grabnfuck.net Open in urlscan Pro
2a05:d018:244:5200::ab Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://track.zukaisen.com/43aab253-0dbb-4bd9-8c16-c847a6668a27?source=ZQ&batch=911b
Effective URL:
https://www.grabnfuck.net/c/4c8a669b83e6c2d3?&click_id=lwuex5e791bdac7767729377397&s1=54669&s2=1013893&s3=backuser&s5=&lp=...
Submission: On March 23 via manual (March 23rd 2020, 8:28:23 pm UTC) from GB

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 14 domains to perform 32 HTTP transactions. The main IP is 2a05:d018:244:5200::ab, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.grabnfuck.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 13th 2020. Valid for: 3 months.

This is the only time www.grabnfuck.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.195.174.160 18.195.174.160	16509 (AMAZON-02) (AMAZON-02)
1	18.184.38.55 18.184.38.55	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3036::681c:e21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	99.198.108.198 99.198.108.198	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	18.184.175.15 18.184.175.15	16509 (AMAZON-02) (AMAZON-02)
2	88.208.60.53 88.208.60.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9274:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	138.68.123.185 138.68.123.185	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	35.157.195.214 35.157.195.214	16509 (AMAZON-02) (AMAZON-02)
1 1	212.32.252.92 212.32.252.92	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2a05:d018:244... 2a05:d018:244:5200::ab	16509 (AMAZON-02) (AMAZON-02)
19	23.55.110.48 23.55.110.48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:1f18:454... 2600:1f18:454c:f520:590b:bcca:8c37:8e30	14618 (AMAZON-AES) (AMAZON-AES)
32	9

1 18.195.174.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com

track.zukaisen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com

track.kikenzo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::681c:e21 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

so.slytrk03.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.198.108.198 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

go.domainxchange.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.175.15 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-175-15.eu-central-1.compute.amazonaws.com

atlas.kintura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.208.60.53 (Heemstede, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

rpket.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9274:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

nativesp.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.68.123.185 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

alktr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.195.214 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-195-214.eu-central-1.compute.amazonaws.com

eardepth-prisists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.252.92 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

clickidnetwork.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:244:5200::ab (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

mjwwl.ladiestofuck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.grabnfuck.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.55.110.48 (United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-55-110-48.deploy.static.akamaitechnologies.com

cdn-aimi.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:454c:f520:590b:bcca:8c37:8e30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ads.traffichunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	akamaized.net cdn-aimi.akamaized.net	2 MB
3	traffichunt.com ads.traffichunt.com	582 B
3	domainxchange.xyz 1 redirects go.domainxchange.xyz	5 KB
2	rpket.pro rpket.pro	22 KB
1	grabnfuck.net www.grabnfuck.net	4 KB
1	ladiestofuck.com 1 redirects mjwwl.ladiestofuck.com	935 B
1	g2afse.com 1 redirects clickidnetwork.g2afse.com	238 B
1	eardepth-prisists.com 1 redirects eardepth-prisists.com	876 B
1	alktr.com 1 redirects alktr.com	309 B
1	nativesp.pro nativesp.pro	72 B
1	kintura.io 1 redirects atlas.kintura.io	2 KB
1	slytrk03.com so.slytrk03.com Failed	1 KB
1	kikenzo.com track.kikenzo.com Failed	742 B
1	zukaisen.com track.zukaisen.com	1 KB
32	14

	Domain	Requested by
19	cdn-aimi.akamaized.net	www.grabnfuck.net cdn-aimi.akamaized.net
3	ads.traffichunt.com	www.grabnfuck.net
3	go.domainxchange.xyz	1 redirects track.kikenzo.com go.domainxchange.xyz
2	rpket.pro	go.domainxchange.xyz rpket.pro
1	www.grabnfuck.net	rpket.pro
1	mjwwl.ladiestofuck.com	1 redirects
1	clickidnetwork.g2afse.com	1 redirects
1	eardepth-prisists.com	1 redirects
1	alktr.com	1 redirects
1	nativesp.pro	rpket.pro
1	atlas.kintura.io	1 redirects
1	so.slytrk03.com
1	track.kikenzo.com	track.zukaisen.com
1	track.zukaisen.com
32	14

This site contains no links.

Subject Issuer	Validity	Valid
go.domainxchange.xyz Let's Encrypt Authority X3	`2020-01-31` - `2020-04-30`	3 months	crt.sh
rpket.pro Let's Encrypt Authority X3	`2020-02-19` - `2020-05-19`	3 months	crt.sh
nativesp.pro Sectigo RSA Domain Validation Secure Server CA	`2019-07-17` - `2020-07-16`	a year	crt.sh
*.grabnfuck.net Let's Encrypt Authority X3	`2020-03-13` - `2020-06-11`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh
*.traffichunt.com Sectigo RSA Domain Validation Secure Server CA	`2019-08-09` - `2020-08-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.grabnfuck.net/c/4c8a669b83e6c2d3?&click_id=lwuex5e791bdac7767729377397&s1=54669&s2=1013893&s3=backuser&s5=&lp=MJ&j1=1&j2=&j3=1&j4=&j5=&j6=
Frame ID: B48BDAABC14526CA6042249FBB0F0C95
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://track.zukaisen.com/43aab253-0dbb-4bd9-8c16-c847a6668a27?source=ZQ&batch=911b Page URL
http://track.kikenzo.com/redirect?target=BASE64aHR0cHM6Ly9zby5zbHl0cmswMy5jb20vdC9jbGs_aWQ9ejc2Q21aZ3... Page URL
https://so.slytrk03.com/t/clk?id=z76CmZgsNy8fxmjAsY&s2=wjos4u9usn35v4rt1j1ece20 HTTP 302
https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream... Page URL
https://go.domainxchange.xyz/?utm_term=6807502926290879195&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://go.domainxchange.xyz/proc.php?66b0f9610acf7329bf9340524eac5418a40d98a6 HTTP 302
https://atlas.kintura.io/in/hBPAzxOmy1Rtp1mXFTvZ?cost=0&extid=6807502926290879195&partnid=797&placid=... HTTP 302
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MTU3Niwic3JjIjoyfQ==eyJ&... Page URL
https://alktr.com/tb?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MTU3Niwic3JjIjoyfQ==eyJ&cl... HTTP 302
https://eardepth-prisists.com/6340d1d7-0f9a-48a5-ac30-859e51d97270?PartnerID=1032494&externalid=sK9P10eKzf... HTTP 302
https://clickidnetwork.g2afse.com/click?pid=98&offer_id=82&sub1=wakk7h5ulglg74rt162disac&sub2=1032494 HTTP 302
https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5e791bda74042b000117d8... HTTP 302
https://www.grabnfuck.net/c/4c8a669b83e6c2d3?&click_id=lwuex5e791bdac7767729377397&s1=54669&s2=1013893... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

32
Requests

88 %
HTTPS

31 %
IPv6

14
Domains

14
Subdomains

9
IPs

4
Countries

2049 kB
Transfer

2236 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://track.zukaisen.com/43aab253-0dbb-4bd9-8c16-c847a6668a27?source=ZQ&batch=911b Page URL
http://track.kikenzo.com/redirect?target=BASE64aHR0cHM6Ly9zby5zbHl0cmswMy5jb20vdC9jbGs_aWQ9ejc2Q21aZ3NOeThmeG1qQXNZJnMyPXdqb3M0dTl1c24zNXY0cnQxajFlY2UyMA&ts=1584995287468&hash=Yq58U2XN1ynRtvP_WPjzcz7c4_1XG4YaWdYXlweg2tc&rm=DJ Page URL
https://so.slytrk03.com/t/clk?id=z76CmZgsNy8fxmjAsY&s2=wjos4u9usn35v4rt1j1ece20 HTTP 302
https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=11238&cid=ab70d541-bd2d-489e-97a3-cd2eb8f22678 Page URL
https://go.domainxchange.xyz/?utm_term=6807502926290879195&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e Page URL
https://go.domainxchange.xyz/proc.php?66b0f9610acf7329bf9340524eac5418a40d98a6 HTTP 302
https://atlas.kintura.io/in/hBPAzxOmy1Rtp1mXFTvZ?cost=0&extid=6807502926290879195&partnid=797&placid=797-becca727 HTTP 302
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MTU3Niwic3JjIjoyfQ==eyJ&clickid=acsDDsl6e4BxPKteB2RBc7j Page URL
https://alktr.com/tb?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MTU3Niwic3JjIjoyfQ==eyJ&clickid=acsDDsl6e4BxPKteB2RBc7j HTTP 302
https://eardepth-prisists.com/6340d1d7-0f9a-48a5-ac30-859e51d97270?PartnerID=1032494&externalid=sK9P10eKzfOu3tJW HTTP 302
https://clickidnetwork.g2afse.com/click?pid=98&offer_id=82&sub1=wakk7h5ulglg74rt162disac&sub2=1032494 HTTP 302
https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5e791bda74042b000117d818&j1=1&j3=1 HTTP 302
https://www.grabnfuck.net/c/4c8a669b83e6c2d3?&click_id=lwuex5e791bdac7767729377397&s1=54669&s2=1013893&s3=backuser&s5=&lp=MJ&j1=1&j2=&j3=1&j4=&j5=&j6= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://so.slytrk03.com/t/clk?id=z76CmZgsNy8fxmjAsY&s2=wjos4u9usn35v4rt1j1ece20 HTTP 302
https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=11238&cid=ab70d541-bd2d-489e-97a3-cd2eb8f22678

Request Chain 6

https://go.domainxchange.xyz/proc.php?66b0f9610acf7329bf9340524eac5418a40d98a6 HTTP 302
https://atlas.kintura.io/in/hBPAzxOmy1Rtp1mXFTvZ?cost=0&extid=6807502926290879195&partnid=797&placid=797-becca727 HTTP 302
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MTU3Niwic3JjIjoyfQ==eyJ&clickid=acsDDsl6e4BxPKteB2RBc7j

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Cookie set 43aab253-0dbb-4bd9-8c16-c847a6668a27 Show response
track.zukaisen.com/ 748 B
1 KB 85ms
11ms Document
text/html 18.195.174.160
AMAZON-02

General

Domain/Path	Expires	Name / Value
www.grabnfuck.net/	1970-01-19 08:59:47	Name: scriptHash Value: 411736_54669_1013893
www.grabnfuck.net/	1970-01-19 08:18:01	Name: unique_id Value: 5e5240853af04187753300
www.grabnfuck.net/	1970-01-19 08:18:01	Name: unique_2771357 Value: unique_2771357

www.grabnfuck.net Open in urlscan Pro 2a05:d018:244:5200::ab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

88 %HTTPS

31 %IPv6

14 Domains

14 Subdomains

9 IPs

4 Countries

2049 kBTransfer

2236 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.grabnfuck.net Open in urlscan Pro
2a05:d018:244:5200::ab Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

88 %
HTTPS

31 %
IPv6

14
Domains

14
Subdomains

9
IPs

4
Countries

2049 kB
Transfer

2236 kB
Size

3
Cookies

32 HTTP transactions
0 data transactions