tracking.roxylink.com

Summary

This website contacted 1 IPs in 3 countries across 5 domains to perform 2 HTTP transactions. The main IP is 50.28.38.15, located in United States and belongs to LIQUIDWEB, US. The main domain is tracking.roxylink.com.
TLS certificate: Issued by R11 on October 16th 2024. Valid for: 3 months.

This is the only time tracking.roxylink.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.193.28.36 212.193.28.36	215594 (WORLDBUS-...) (WORLDBUS-NETHERLANDS)
1 1	104.199.34.244 104.199.34.244	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.240.19.90 35.240.19.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.91.142.64 34.91.142.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	50.28.38.15 50.28.38.15	32244 (LIQUIDWEB) (LIQUIDWEB)
2	1

1 212.193.28.36 (Amsterdam, Netherlands) 1 redirects

ASN215594 (WORLDBUS-NETHERLANDS, GE)
PTR: static.36.28.193.212.hostname.ge

graphyssl1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.34.244 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 244.34.199.104.bc.googleusercontent.com

promotivates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.240.19.90 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.19.240.35.bc.googleusercontent.com

subdimesionful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.142.64 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.142.91.34.bc.googleusercontent.com

affinity.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.28.38.15 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host01.roxyads.com

tracking.roxylink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	roxylink.com tracking.roxylink.com	2 KB
1	g2afse.com 1 redirects affinity.g2afse.com	351 B
1	subdimesionful.com 1 redirects subdimesionful.com	751 B
1	promotivates.com 1 redirects promotivates.com	320 B
1	graphyssl1.com 1 redirects graphyssl1.com	390 B
2	5

	Domain	Requested by
2	tracking.roxylink.com
1	affinity.g2afse.com	1 redirects
1	subdimesionful.com	1 redirects
1	promotivates.com	1 redirects
1	graphyssl1.com	1 redirects
2	5

This site contains no links.

Subject Issuer	Validity	Valid
roxyads.com R11	`2024-10-16` - `2025-01-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tracking.roxylink.com/aff_c?offer_id=2053&aff_id=2059&aff_sub=152&aff_sub2=867&aff_click_id=67293fd8524af10001d82ad3
Frame ID: 5F98FF718937B437F4C59F9A6C1768BE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://graphyssl1.com/r38dd.php?pfpykjljsjfig=hczujtrcbzlsz19m0c4g006dtv003nom010ed0n0557541wd7u HTTP 307
https://graphyssl1.com/r38dd.php?pfpykjljsjfig=hczujtrcbzlsz19m0c4g006dtv003nom010ed0n0557541wd7u HTTP 307
http://graphyssl1.com/r38dd.php?pfpykjljsjfig=hczujtrcbzlsz19m0c4g006dtv003nom010ed0n0557541wd7u HTTP 302
https://promotivates.com/?a=867&oc=22159&c=58605&m=3&s1=1_1510122_170662&s2=517_297859_0557541_23&s3=... HTTP 302
https://subdimesionful.com/?a=867&oc=22159&c=58605&m=3&s1=1_1510122_170662&s2=517_297859_0557541_23&s3=... HTTP 302
https://affinity.g2afse.com/click?pid=152&offer_id=3283&sub1=378716546&sub2=867 HTTP 302
https://tracking.roxylink.com/aff_c?offer_id=2053&aff_id=2059&aff_sub=152&aff_sub2=867&aff_click_id=67293f... Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

1
IPs

3
Countries

2 kB
Transfer

1 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://graphyssl1.com/r38dd.php?pfpykjljsjfig=hczujtrcbzlsz19m0c4g006dtv003nom010ed0n0557541wd7u HTTP 307
https://graphyssl1.com/r38dd.php?pfpykjljsjfig=hczujtrcbzlsz19m0c4g006dtv003nom010ed0n0557541wd7u HTTP 307
http://graphyssl1.com/r38dd.php?pfpykjljsjfig=hczujtrcbzlsz19m0c4g006dtv003nom010ed0n0557541wd7u HTTP 302
https://promotivates.com/?a=867&oc=22159&c=58605&m=3&s1=1_1510122_170662&s2=517_297859_0557541_23&s3=581162848_1l1i11 HTTP 302
https://subdimesionful.com/?a=867&oc=22159&c=58605&m=3&s1=1_1510122_170662&s2=517_297859_0557541_23&s3=581162848_1l1i11&ckmguid=81d30a3c-319e-4e9a-a1fd-c9e19df2b80a HTTP 302
https://affinity.g2afse.com/click?pid=152&offer_id=3283&sub1=378716546&sub2=867 HTTP 302
https://tracking.roxylink.com/aff_c?offer_id=2053&aff_id=2059&aff_sub=152&aff_sub2=867&aff_click_id=67293fd8524af10001d82ad3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	500	Primary Request aff_c Show response tracking.roxylink.com/ Redirect Chain http://graphyssl1.com/r38dd.php?pfpykjljsjfig=hczujtrcbzlsz19m0c4g006dtv003nom010ed0n0557541wd7u https://graphyssl1.com/r38dd.php?pfpykjljsjfig=hczujtrcbzlsz19m0c4g006dtv003nom010ed0n0557541wd7u http://graphyssl1.com/r38dd.php?pfpykjljsjfig=hczujtrcbzlsz19m0c4g006dtv003nom010ed0n0557541wd7u https://promotivates.com/?a=867&oc=22159&c=58605&m=3&s1=1_1510122_170662&s2=517_297859_0557541_23&s3=581162848_1l1i11 https://subdimesionful.com/?a=867&oc=22159&c=58605&m=3&s1=1_1510122_170662&s2=517_297859_0557541_23&s3=581162848_1l1i11&ckmguid=81d30a3c-319e-4e9a-a1fd-c9e19df2b80a https://affinity.g2afse.com/click?pid=152&offer_id=3283&sub1=378716546&sub2=867 https://tracking.roxylink.com/aff_c?offer_id=2053&aff_id=2059&aff_sub=152&aff_sub2=867&aff_click_id=67293fd8524af10001d82ad3	93 B 186 B	198ms 54ms	Document text/html	50.28.38.15 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://tracking.roxylink.com/aff_c?offer_id=2053&aff_id=2059&aff_sub=152&aff_sub2=867&aff_click_id=67293fd8524af10001d82ad3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.28.38.15 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host01.roxyads.com Software Apache / PHP/7.4.33 Resource Hash `fd12bdd35ed522386a9673755ad1315b7e4bfec7e91c5a4439569542c7b55a8c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-type text/html; charset=UTF-8 date Mon, 04 Nov 2024 21:42:48 GMT server Apache x-powered-by PHP/7.4.33 Redirect headers access-control-allow-origin * content-length 0 date Mon, 04 Nov 2024 21:42:48 GMT location https://tracking.roxylink.com/aff_c?offer_id=2053&aff_id=2059&aff_sub=152&aff_sub2=867&aff_click_id=67293fd8524af10001d82ad3 server nginx x-adjust-use-original-forwarded-for 1
GET H2	200	favicon.ico tracking.roxylink.com/	1 KB 1 KB	37ms 36ms	Other image/vnd.microsoft.icon	50.28.38.15 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://tracking.roxylink.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.28.38.15 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host01.roxyads.com Software Apache / Resource Hash `f0daaca53fd157158e09a41f9284c3919bf60a162ae057bd99e68472d4644780` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://tracking.roxylink.com/aff_c?offer_id=2053&aff_id=2059&aff_sub=152&aff_sub2=867&aff_click_id=67293fd8524af10001d82ad3 Response headers accept-ranges bytes content-length 1422 date Mon, 04 Nov 2024 21:42:48 GMT last-modified Sat, 07 Sep 2024 13:15:03 GMT content-type image/vnd.microsoft.icon server Apache

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.subdimesionful.com/	1969-12-31 23:59:59	Name: sfd Value: rox/m1O72HmqEhN/QKzInkcDlgLJVHE+yuQERbF0xL4fDZwoOzaU6A==
.subdimesionful.com/	1970-01-21 10:21:56	Name: ti Value: rKU4UW8Os4SqEhN/QKzInkcDlgLJVHE+yuQERbF0xL4fDZwoOzaU6A==
.subdimesionful.com/	1970-01-21 01:29:08	Name: c22107 Value: rox/m1O72Hkxfcnu/O/cy8oVak43zmtHgO9MLAtKs3wbL9a3Uh5jrg==
affinity.g2afse.com/	1970-01-21 09:31:32	Name: afclick Value: 67293fd8524af10001d82ad3
affinity.g2afse.com/	1970-01-21 09:31:32	Name: afoffers Value: {"3283":1730756568}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tracking.roxylink.com/aff_c?offer_id=2053&aff_id=2059&aff_sub=152&aff_sub2=867&aff_click_id=67293fd8524af10001d82ad3 Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affinity.g2afse.com
graphyssl1.com
promotivates.com
subdimesionful.com
tracking.roxylink.com
104.199.34.244
212.193.28.36
34.91.142.64
35.240.19.90
50.28.38.15
f0daaca53fd157158e09a41f9284c3919bf60a162ae057bd99e68472d4644780
fd12bdd35ed522386a9673755ad1315b7e4bfec7e91c5a4439569542c7b55a8c

tracking.roxylink.com Open in urlscan Pro 50.28.38.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

1 IPs

3 Countries

2 kBTransfer

1 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

tracking.roxylink.com Open in urlscan Pro
50.28.38.15 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

1
IPs

3
Countries

2 kB
Transfer

1 kB
Size

5
Cookies

2 HTTP transactions
0 data transactions