t5gtyfghli8.com - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 3 HTTP transactions. The main IP is 45.8.106.39, located in Curacao and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is t5gtyfghli8.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 30th 2023. Valid for: a year.

This is the only time t5gtyfghli8.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	40.127.232.184 40.127.232.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	45.8.106.39 45.8.106.39	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3

2 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

5gringos.lic.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.cpaxtracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.127.232.184 (Dublin, Ireland) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

5g.lp247p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.8.106.39 (Curacao)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

t5gtyfghli8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	t5gtyfghli8.com t5gtyfghli8.com	72 KB
2	lp247p.com 2 redirects 5g.lp247p.com	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 875	7 KB
1	cpaxtracker.com 1 redirects track.cpaxtracker.com	696 B
1	lic.cx 1 redirects 5gringos.lic.cx	566 B
3	5

	Domain	Requested by
2	t5gtyfghli8.com	static.cloudflareinsights.com
2	5g.lp247p.com	2 redirects
1	static.cloudflareinsights.com	t5gtyfghli8.com
1	track.cpaxtracker.com	1 redirects
1	5gringos.lic.cx	1 redirects
3	5

This site contains no links.

Subject Issuer	Validity	Valid
t5gtyfghli8.com Cloudflare Inc ECC CA-3	`2023-01-30` - `2024-01-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://t5gtyfghli8.com/de/?btag=a_11747b_417c_64662079fe1fe600016d1d93_15630&affid=1552
Frame ID: CA92F51C2A09F80AF8F06E1AC404E60C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

403

Page URL History Show full URLs

https://5gringos.lic.cx/mcCU5 HTTP 302
https://track.cpaxtracker.com/click?pid=15630&offer_id=2033&sub2=456413355&sub3=kivin_ma4&sub4=145730164&s... HTTP 302
https://5g.lp247p.com/C.ashx?btag=a_11747b_417c_&affid=1552&siteid=11747&adid=417&c=64662079fe1fe6... HTTP 302
https://5g.lp247p.com/C.ashx?btag=a_11747b_417c_&affid=1552&siteid=11747&adid=417&c=64662079fe1fe6... HTTP 302
https://t5gtyfghli8.com/de/?btag=a_11747b_417c_64662079fe1fe600016d1d93_15630&affid=1552 Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

79 kB
Transfer

186 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://5gringos.lic.cx/mcCU5 HTTP 302
https://track.cpaxtracker.com/click?pid=15630&offer_id=2033&sub2=456413355&sub3=kivin_ma4&sub4=145730164&sub5=16 HTTP 302
https://5g.lp247p.com/C.ashx?btag=a_11747b_417c_&affid=1552&siteid=11747&adid=417&c=64662079fe1fe600016d1d93_15630 HTTP 302
https://5g.lp247p.com/C.ashx?btag=a_11747b_417c_&affid=1552&siteid=11747&adid=417&c=64662079fe1fe600016d1d93_15630&AutoR=1 HTTP 302
https://t5gtyfghli8.com/de/?btag=a_11747b_417c_64662079fe1fe600016d1d93_15630&affid=1552 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

Primary Request / Show response
t5gtyfghli8.com/de/
Redirect Chain

https://5gringos.lic.cx/mcCU5
https://track.cpaxtracker.com/click?pid=15630&offer_id=2033&sub2=456413355&sub3=kivin_ma4&sub4=145730164&sub5=16
https://5g.lp247p.com/C.ashx?btag=a_11747b_417c_&affid=1552&siteid=11747&adid=417&c=64662079fe1fe600016d1d93_15630
https://5g.lp247p.com/C.ashx?btag=a_11747b_417c_&affid=1552&siteid=11747&adid=417&c=64662079fe1fe600016d1d93_15630&AutoR=1
https://t5gtyfghli8.com/de/?btag=a_11747b_417c_64662079fe1fe600016d1d93_15630&affid=1552

97 KB
72 KB

338ms
111ms

Document
text/html

45.8.106.39
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://t5gtyfghli8.com/de/?btag=a_11747b_417c_64662079fe1fe600016d1d93_15630&affid=1552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.106.39 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4385ec2afb64b924c26db9dbab60631b0ee1369ad2c0aa865567216dadf0dc2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7c944299b8230eb2-AMS
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 18 May 2023 12:56:25 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 209
Content-Type: text/html; charset=utf-8
Date: Thu, 18 May 2023 12:56:25 GMT
Location: https://t5gtyfghli8.com/de/?btag=a_11747b_417c_64662079fe1fe600016d1d93_15630&affid=1552
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 118ms
64ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: t5gtyfghli8.com
URL: https://t5gtyfghli8.com/de/?btag=a_11747b_417c_64662079fe1fe600016d1d93_15630&affid=1552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://t5gtyfghli8.com/
Origin: https://t5gtyfghli8.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 12:56:26 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c94429af8f9b7a0-AMS

GET
DATA 200
OK truncated
/ 26 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7272588e183702a6345d090e649b2729a8735179b523f27b22ab0bb42499bc6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 23 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cd50a484619139272f92a5394804e29db6facd1660c3aceaa186108f2b992e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2eba650117d151157debdafc65c24e55268ea3e5e438a25c1d4d4625e9823b5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96298f7bd694f8cf0ec73f52ffac9d2fcd0173c5e3059cf4d7b8c8c790b52996

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 rum Show response
t5gtyfghli8.com/cdn-cgi/ 0
104 B 42ms
42ms XHR
text/plain 45.8.106.39
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://t5gtyfghli8.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

45.8.106.39 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://t5gtyfghli8.com/de/?btag=a_11747b_417c_64662079fe1fe600016d1d93_15630&affid=1552
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 May 2023 12:56:26 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c94429b8aaa0eb2-AMS
x-frame-options: DENY

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| __cfBeacon

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
track.cpaxtracker.com/	1970-01-20 20:39:10	Name: afclick Value: 64662079fe1fe600016d1d93
track.cpaxtracker.com/	1970-01-20 20:39:10	Name: afoffers Value: {"2033":1684414585}
5g.lp247p.com/	1970-01-20 21:29:34	Name: CEK Value: a
5g.lp247p.com/	1970-01-20 14:03:10	Name: XYZ Value: 120&0&148&&&&0&1&&2cd722ef-f5c8-4c46-8321-61f5398e3c08&&a_11747b_417&
5g.lp247p.com/	1970-01-20 14:03:10	Name: A_417 Value: a=417&r=0&fv=0&lv=0&vc=0&fc=20230518&lc=20230518125625&cc=1
5g.lp247p.com/	1970-01-20 14:03:10	Name: PM_6 Value: c=64662079fe1fe600016d1d93_15630&s=11747&ad=417&md=0&pm=6&d=20230518125625&ip=533501547&r=0&ref=&RedirectParams=btag%3da_11747b_417c_64662079fe1fe600016d1d93_15630%26affid%3d1552

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t5gtyfghli8.com/de/?btag=a_11747b_417c_64662079fe1fe600016d1d93_15630&affid=1552#popup-reg Message: Failed to load resource: the server responded with a status of 403 ()
rendering	warning	URL: https://t5gtyfghli8.com/de/?btag=a_11747b_417c_64662079fe1fe600016d1d93_15630&affid=1552#popup-reg Message: The key "target-densitydpi" is not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5g.lp247p.com
5gringos.lic.cx
static.cloudflareinsights.com
t5gtyfghli8.com
track.cpaxtracker.com
2606:4700::6810:3965
2a06:98c1:3121::3
40.127.232.184
45.8.106.39
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
2eba650117d151157debdafc65c24e55268ea3e5e438a25c1d4d4625e9823b5c
8cd50a484619139272f92a5394804e29db6facd1660c3aceaa186108f2b992e7
96298f7bd694f8cf0ec73f52ffac9d2fcd0173c5e3059cf4d7b8c8c790b52996
a7272588e183702a6345d090e649b2729a8735179b523f27b22ab0bb42499bc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4385ec2afb64b924c26db9dbab60631b0ee1369ad2c0aa865567216dadf0dc2

t5gtyfghli8.com Open in urlscan Pro 45.8.106.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

50 %IPv6

5 Domains

5 Subdomains

3 IPs

3 Countries

79 kBTransfer

186 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

6 Cookies

2 Console Messages

Indicators

t5gtyfghli8.com Open in urlscan Pro
45.8.106.39 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

79 kB
Transfer

186 kB
Size

6
Cookies

3 HTTP transactions
4 data transactions