t6.kerrycachota.com - urlscan.io

Summary

This website contacted 3 IPs in 4 countries across 5 domains to perform 3 HTTP transactions. The main IP is 2606:4700:3030::ac43:9348, located in United States and belongs to CLOUDFLARENET, US. The main domain is t6.kerrycachota.com.

This is the only time t6.kerrycachota.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:827::2013	15169 (GOOGLE) (GOOGLE)
1 1	14.1.20.175 14.1.20.175	7296 (ALCHEMYNET) (ALCHEMYNET)
2 3	50.115.170.115 50.115.170.115	32875 (VIRP) (VIRP)
1	147.135.167.138 147.135.167.138	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3030::ac43:9348	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3

1 2a00:1450:4001:827::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ee525.infusion-links.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 14.1.20.175 (Hong Kong) 1 redirects

ASN7296 (ALCHEMYNET, US)

c.benefits-ahr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.115.170.115 (Seattle, United States) 2 redirects

ASN32875 (VIRP, US)

travelerguidebuddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.167.138 (France)

ASN16276 (OVH, FR)
PTR: ip138.ip-147-135-167.eu

congony.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:9348 (United States)

ASN13335 (CLOUDFLARENET, US)

t6.kerrycachota.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	travelerguidebuddy.com 2 redirects travelerguidebuddy.com	2 KB
1	kerrycachota.com t6.kerrycachota.com	1 KB
1	congony.com congony.com	456 B
1	benefits-ahr.com 1 redirects c.benefits-ahr.com	324 B
1	infusion-links.com 1 redirects ee525.infusion-links.com	343 B
3	5

	Domain	Requested by
3	travelerguidebuddy.com	2 redirects
1	t6.kerrycachota.com	congony.com
1	congony.com	travelerguidebuddy.com
1	c.benefits-ahr.com	1 redirects
1	ee525.infusion-links.com	1 redirects
3	5

This site contains no links.

Subject Issuer	Validity	Valid
travelerguidebuddy.com R3	`2021-01-04` - `2021-04-04`	3 months	crt.sh
congony.com Go Daddy Secure Certificate Authority - G2	`2020-05-16` - `2021-07-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://t6.kerrycachota.com/aff_c?offer_id=437&aff_id=1506&source=email&aff_sub=directwall&aff_sub2=995379305&aff_sub3=77471024&aff_sub4=100
Frame ID: 1B31E5B5AA81F2369182A5D3A18C17BA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ee525.infusion-links.com/api/v1/click/5993098607460352/6621786793443328 HTTP 303
http://c.benefits-ahr.com/clk.ashx?cid=75485&provider_id=335&email=mcholste@gmail.com&first_name=Megan... HTTP 302
http://travelerguidebuddy.com/r/717bd8bd-e39d-492f-973a-fe726ffdf6bb/335/75485/297815821 HTTP 302
https://travelerguidebuddy.com/r/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821//?fctr=1 Page URL
https://travelerguidebuddy.com/r2/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821/56e3c024-adef-48... HTTP 302
https://congony.com/ff57bbde5f95fe1000/100/56e3c024-adef-48ee-8961-8dfb5f24d5f6/ Page URL
http://t6.kerrycachota.com/aff_c?offer_id=437&aff_id=1506&source=email&aff_sub=directwall&aff_sub2=9953... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

67 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

3
IPs

4
Countries

3 kB
Transfer

1 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ee525.infusion-links.com/api/v1/click/5993098607460352/6621786793443328 HTTP 303
http://c.benefits-ahr.com/clk.ashx?cid=75485&provider_id=335&email=mcholste@gmail.com&first_name=Megan&last_name=Cholste&cqs=idx&member_id=NnULyHel1YZ29N&own_home=False&gender=F&sub_id=&state=FL&benefit_token=&pid=335&record_id=297815821&inf_contact_key=45dac91b41cba7490817516d1d965fd2d541fa156d695290d97ea76838bc16b1 HTTP 302
http://travelerguidebuddy.com/r/717bd8bd-e39d-492f-973a-fe726ffdf6bb/335/75485/297815821 HTTP 302
https://travelerguidebuddy.com/r/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821//?fctr=1 Page URL
https://travelerguidebuddy.com/r2/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821/56e3c024-adef-48ee-8961-8dfb5f24d5f6/?fctr=1&fctr=1 HTTP 302
https://congony.com/ff57bbde5f95fe1000/100/56e3c024-adef-48ee-8961-8dfb5f24d5f6/ Page URL
http://t6.kerrycachota.com/aff_c?offer_id=437&aff_id=1506&source=email&aff_sub=directwall&aff_sub2=995379305&aff_sub3=77471024&aff_sub4=100 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ee525.infusion-links.com/api/v1/click/5993098607460352/6621786793443328 HTTP 303
http://c.benefits-ahr.com/clk.ashx?cid=75485&provider_id=335&email=mcholste@gmail.com&first_name=Megan&last_name=Cholste&cqs=idx&member_id=NnULyHel1YZ29N&own_home=False&gender=F&sub_id=&state=FL&benefit_token=&pid=335&record_id=297815821&inf_contact_key=45dac91b41cba7490817516d1d965fd2d541fa156d695290d97ea76838bc16b1 HTTP 302
http://travelerguidebuddy.com/r/717bd8bd-e39d-492f-973a-fe726ffdf6bb/335/75485/297815821 HTTP 302
https://travelerguidebuddy.com/r/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821//?fctr=1

Request Chain 1

https://travelerguidebuddy.com/r2/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821/56e3c024-adef-48ee-8961-8dfb5f24d5f6/?fctr=1&fctr=1 HTTP 302
https://congony.com/ff57bbde5f95fe1000/100/56e3c024-adef-48ee-8961-8dfb5f24d5f6/

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response travelerguidebuddy.com/r/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821// Redirect Chain https://ee525.infusion-links.com/api/v1/click/5993098607460352/6621786793443328 http://c.benefits-ahr.com/clk.ashx?cid=75485&provider_id=335&email=mcholste@gmail.com&first_name=Megan&last_name=Cholste&cqs=idx&member_id=NnULyHel1YZ29N&own_home=False&gender=F&sub_id=&state=FL&be... http://travelerguidebuddy.com/r/717bd8bd-e39d-492f-973a-fe726ffdf6bb/335/75485/297815821 https://travelerguidebuddy.com/r/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821//?fctr=1	712 B 887 B	567ms 202ms	Document text/html	50.115.170.115 VIRP
General Check archive.org Show headers Download Go to Full URL https://travelerguidebuddy.com/r/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821//?fctr=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 50.115.170.115 Seattle, United States, ASN32875 (VIRP, US), Reverse DNS Software nginx / Resource Hash `f295fae64af3ed7fab9bd942d52032fb14716fa229ea098e9b5c77356a11c5ba` Request headers Host travelerguidebuddy.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Thu, 28 Jan 2021 21:36:18 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive set-cookie d476d19d-186c-405a-b9bc-9d70efe7e269=56e3c024-adef-48ee-8961-8dfb5f24d5f6; Version=1; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; Domain=travelerguidebuddy.com; Path=/ d476d19d-186c-405a-b9bc-9d70efe7e269-check=56e3c024-adef-48ee-8961-8dfb5f24d5f6; Version=1; Expires=Thu, 28-Jan-2021 21:46:18 GMT; Max-Age=600; Domain=travelerguidebuddy.com; Path=/ Cache-Control no-cache Expires Thu, 28 Jan 2021 21:36:18 GMT Content-Encoding gzip Redirect headers Server nginx Date Thu, 28 Jan 2021 21:36:17 GMT Content-Length 121 Connection keep-alive Location https://travelerguidebuddy.com/r/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821//?fctr=1 Cache-Control no-cache Expires Thu, 28 Jan 2021 21:36:17 GMT
GET H/1.1	200 OK	Cookie set / Show response congony.com/ff57bbde5f95fe1000/100/56e3c024-adef-48ee-8961-8dfb5f24d5f6/ Redirect Chain https://travelerguidebuddy.com/r2/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821/56e3c024-adef-48ee-8961-8dfb5f24d5f6/?fctr=1&fctr=1 https://congony.com/ff57bbde5f95fe1000/100/56e3c024-adef-48ee-8961-8dfb5f24d5f6/	202 B 456 B	481ms 370ms	Document text/html	147.135.167.138 OVH
General Check archive.org Show headers Download Go to Full URL https://congony.com/ff57bbde5f95fe1000/100/56e3c024-adef-48ee-8961-8dfb5f24d5f6/ Requested by Host: travelerguidebuddy.com URL: https://travelerguidebuddy.com/r/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821//?fctr=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.135.167.138 , France, ASN16276 (OVH, FR), Reverse DNS ip138.ip-147-135-167.eu Software Apache / Resource Hash `b4921414f267255df04a1ceca57ba71ed88d804f1ce834d42e68fbfcc04305fc` Request headers Host congony.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://travelerguidebuddy.com/r/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821//?fctr=1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://travelerguidebuddy.com/r/2b02a857-1530-4883-aaa1-9f5c0c56e5c5/335/75485/297815821//?fctr=1 Response headers Date Thu, 28 Jan 2021 21:36:19 GMT Content-Type text/html; charset=UTF-8 Content-Length 202 Server Apache Set-Cookie uid16298=995379305-20210128153619-7f22caef031f12050a911170cb19194f-; domain=; path=/; SameSite=None; Secure Redirect headers Server nginx Date Thu, 28 Jan 2021 21:36:18 GMT Content-Length 103 Connection keep-alive set-cookie d476d19d-186c-405a-b9bc-9d70efe7e269=56e3c024-adef-48ee-8961-8dfb5f24d5f6; Version=1; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; Domain=travelerguidebuddy.com; Path=/ Location https://congony.com/ff57bbde5f95fe1000/100/56e3c024-adef-48ee-8961-8dfb5f24d5f6/ Cache-Control no-cache Expires Thu, 28 Jan 2021 21:36:18 GMT
GET H/1.1	500 Internal Server Error	Primary Request Cookie set aff_c Show response t6.kerrycachota.com/	572 B 1 KB	129ms 93ms	Document text/html	2606:4700:3030::ac43:9348 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://t6.kerrycachota.com/aff_c?offer_id=437&aff_id=1506&source=email&aff_sub=directwall&aff_sub2=995379305&aff_sub3=77471024&aff_sub4=100 Requested by Host: congony.com URL: https://congony.com/ff57bbde5f95fe1000/100/56e3c024-adef-48ee-8961-8dfb5f24d5f6/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:9348 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1dbf44ad33bef078badd75a496d4974de756ae8354f6b9b7c143a67a35f21cef` Request headers Host t6.kerrycachota.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 28 Jan 2021 21:36:19 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d89d5b214b154491002900379071601dc1611869779; expires=Sat, 27-Feb-21 21:36:19 GMT; path=/; domain=.kerrycachota.com; HttpOnly; SameSite=Lax CF-Cache-Status DYNAMIC cf-request-id 07ec860d8d00004a853288d000000001 Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TmXAFmr7hfCHFbqLkPqmVugl%2FsfknXnHpDgBrtyG7NrW2fVUqGUgByzNvA1vslBWeVVwh7nqbhG4vbNeDlVCVskTLG7EExUSCmWMqK0oOt06jWPh8ggGBktpl5QODn69"}]} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 618dd928e92f4a85-FRA

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.kerrycachota.com/	1970-01-19 16:27:41	Name: __cfduid Value: d89d5b214b154491002900379071601dc1611869779

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.benefits-ahr.com
congony.com
ee525.infusion-links.com
t6.kerrycachota.com
travelerguidebuddy.com
14.1.20.175
147.135.167.138
2606:4700:3030::ac43:9348
2a00:1450:4001:827::2013
50.115.170.115
1dbf44ad33bef078badd75a496d4974de756ae8354f6b9b7c143a67a35f21cef
b4921414f267255df04a1ceca57ba71ed88d804f1ce834d42e68fbfcc04305fc
f295fae64af3ed7fab9bd942d52032fb14716fa229ea098e9b5c77356a11c5ba

t6.kerrycachota.com Open in urlscan Pro 2606:4700:3030::ac43:9348 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

67 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

3 IPs

4 Countries

3 kBTransfer

1 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Indicators

t6.kerrycachota.com Open in urlscan Pro
2606:4700:3030::ac43:9348 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

3
IPs

4
Countries

3 kB
Transfer

1 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions