Submitted URL: https://rb.gy/zmxaqm#EHZBBT.html?od=1syr64010ad6e7b84_vl_Active16vl_1a14.nc76ac.C0000ri1ut11pat00l_x11657.i1ut...
Effective URL: https://moaroffers.com/terminated.html?t=33797&aid=142802&sid=187482&xk=804150801a0733f2f86490352c6c804f&clickid=qdlga6...
Submission: On March 27 via manual from US — Scanned from DE

Summary

This website contacted 2 IPs in 4 countries across 11 domains to perform 2 HTTP transactions. The main IP is 68.169.87.225, located in United States and belongs to ISPRIME, US. The main domain is moaroffers.com.
TLS certificate: Issued by R3 on February 28th 2023. Valid for: 3 months.
This is the only time moaroffers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.248.133.123 16509 (AMAZON-02)
2 3 142.4.25.154 46606 (UNIFIEDLA...)
1 1 104.155.58.45 15169 (GOOGLE)
2 2 34.90.63.227 396982 (GOOGLE-CL...)
1 1 50.18.80.16 16509 (AMAZON-02)
1 1 34.242.89.242 16509 (AMAZON-02)
1 1 52.209.162.59 16509 (AMAZON-02)
2 2 34.224.231.77 14618 (AMAZON-AES)
1 1 52.86.83.175 14618 (AMAZON-AES)
1 68.169.87.225 30602 (ISPRIME)
2 2
Apex Domain
Subdomains
Transfer
3 wasked.com
wasked.com
2 KB
2 intrigulngdate.net
ogngqz.intrigulngdate.net
1 KB
1 moaroffers.com
moaroffers.com
288 B
1 allison-bangs.com
go.allison-bangs.com — Cisco Umbrella Rank: 957353
932 B
1 safeclink.com
safeclink.com
802 B
1 clickcomma.com
clickcomma.com
297 B
1 top-clicks.xyz
your.top-clicks.xyz
345 B
1 pansen-infichel.com
pansen-infichel.com
620 B
1 get-leads.xyz
ideal.get-leads.xyz
383 B
1 agawalp.com
agawalp.com
731 B
1 rb.gy
rb.gy — Cisco Umbrella Rank: 151235
159 B
2 11
Domain Requested by
3 wasked.com 2 redirects
2 ogngqz.intrigulngdate.net 2 redirects
1 moaroffers.com wasked.com
1 go.allison-bangs.com 1 redirects
1 safeclink.com 1 redirects
1 clickcomma.com 1 redirects
1 your.top-clicks.xyz 1 redirects
1 pansen-infichel.com 1 redirects
1 ideal.get-leads.xyz 1 redirects
1 agawalp.com 1 redirects
1 rb.gy 1 redirects
2 11

This site contains no links.

Subject Issuer Validity Valid
moaroffers.com
R3
2023-02-28 -
2023-05-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://moaroffers.com/terminated.html?t=33797&aid=142802&sid=187482&xk=804150801a0733f2f86490352c6c804f&clickid=qdlga64210fcc0008806e&i18n_country=DE&hts_id=c6dd4812-0da6-46da-a2ed-c969691f4e2c
Frame ID: AD0A3724839F1B04FEFD8A3EB5442E05
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://rb.gy/zmxaqm HTTP 301
    http://wasked.com/short HTTP 301
    http://wasked.com/short/ Page URL
  2. http://wasked.com/EHZBBT.html?od=1syr64010ad6e7b84_vl_Active16vl_1a14.nc76ac.C0000ri1ut11pat00... HTTP 302
    https://agawalp.com/?a=5107&oc=15959&c=46764&p=r&m=3&s1=tyiyyttruyytru_1a164010ad6e82b0&s2=yr1a1... HTTP 302
    https://ideal.get-leads.xyz/click?pid=4726&offer_id=5242&sub2=300019084&sub4=5107 HTTP 302
    https://pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=5107&var3=&var4=&clickid... HTTP 302
    https://your.top-clicks.xyz/click?pid=888&offer_id=4050&sub2=wnhlv1cknhpjbrin2okagv7g&sub4=4726 HTTP 302
    https://clickcomma.com/?a=2312&c=54637&s2=64210fcbdac66c00016ae463&s1=888_4726 HTTP 302
    https://safeclink.com/?a=2312&c=54637&s2=64210fcbdac66c00016ae463&s1=888_4726&ckmguid=4267241a-15a... HTTP 302
    https://ogngqz.intrigulngdate.net/?utm_source=1e3a4e532f1c7040&s1=187482&s2=1779328&s3=-1&s5=Redirect&click_id... HTTP 302
    https://ogngqz.intrigulngdate.net/c/4c8a669b83e6c2d3?click_id=ioedn64210fcc000c4fdf&j4=&j5=1&j6=1&j8=1&j9=1&lp... HTTP 302
    https://go.allison-bangs.com/go.php?t=51568&aid=142802&sid=187482&clickid=qdlga64210fcc0008806e HTTP 302
    https://moaroffers.com/terminated.html?t=33797&aid=142802&sid=187482&xk=804150801a0733f2f86490352c6... Page URL

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

2
IPs

4
Countries

1 kB
Transfer

1 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rb.gy/zmxaqm HTTP 301
    http://wasked.com/short HTTP 301
    http://wasked.com/short/ Page URL
  2. http://wasked.com/EHZBBT.html?od=1syr64010ad6e7b84_vl_Active16vl_1a14.nc76ac.C0000ri1ut11pat00l_x11657.i1ut1MW8waWc2LTI3MDg2Y3E0v6dzj HTTP 302
    https://agawalp.com/?a=5107&oc=15959&c=46764&p=r&m=3&s1=tyiyyttruyytru_1a164010ad6e82b0&s2=yr1a1|M21unJj=|i1ut1|1o0ig6|27086cq|79445|0000ri1ut1|C|Dzy6pTS0nS93LJy0|PC|18fu1rd&s3=p3ylAwDjZGOuMQMyA2V4AS92oS9OL3EcqzHkAaMfKmSuZGD= HTTP 302
    https://ideal.get-leads.xyz/click?pid=4726&offer_id=5242&sub2=300019084&sub4=5107 HTTP 302
    https://pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=5107&var3=&var4=&clickid=64210fcac6e8f80001202c2a HTTP 302
    https://your.top-clicks.xyz/click?pid=888&offer_id=4050&sub2=wnhlv1cknhpjbrin2okagv7g&sub4=4726 HTTP 302
    https://clickcomma.com/?a=2312&c=54637&s2=64210fcbdac66c00016ae463&s1=888_4726 HTTP 302
    https://safeclink.com/?a=2312&c=54637&s2=64210fcbdac66c00016ae463&s1=888_4726&ckmguid=4267241a-15ae-4dde-a69b-d236d738400c HTTP 302
    https://ogngqz.intrigulngdate.net/?utm_source=1e3a4e532f1c7040&s1=187482&s2=1779328&s3=-1&s5=Redirect&click_id=11355585&j5=1&j6=1&j8=1&j9=1 HTTP 302
    https://ogngqz.intrigulngdate.net/c/4c8a669b83e6c2d3?click_id=ioedn64210fcc000c4fdf&j4=&j5=1&j6=1&j8=1&j9=1&lp=MJ&s1=187482&s2=1779328&s3=backuser&s5= HTTP 302
    https://go.allison-bangs.com/go.php?t=51568&aid=142802&sid=187482&clickid=qdlga64210fcc0008806e HTTP 302
    https://moaroffers.com/terminated.html?t=33797&aid=142802&sid=187482&xk=804150801a0733f2f86490352c6c804f&clickid=qdlga64210fcc0008806e&i18n_country=DE&hts_id=c6dd4812-0da6-46da-a2ed-c969691f4e2c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://rb.gy/zmxaqm HTTP 301
  • http://wasked.com/short HTTP 301
  • http://wasked.com/short/

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
wasked.com/short/
Redirect Chain
  • https://rb.gy/zmxaqm
  • http://wasked.com/short
  • http://wasked.com/short/
578 B
907 B
Document
General
Full URL
http://wasked.com/short/
Protocol
HTTP/1.1
Server
142.4.25.154 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
142-4-25-154.unifiedlayer.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
578
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Mar 2023 03:38:47 GMT
ETag
"242-58e4670ed2d40"
Keep-Alive
timeout=5, max=99
Last-Modified
Mon, 22 Jul 2019 15:07:57 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16

Redirect headers

Connection
Keep-Alive
Content-Length
232
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 27 Mar 2023 03:38:47 GMT
Keep-Alive
timeout=5, max=100
Location
http://wasked.com/short/
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Primary Request terminated.html
moaroffers.com/
Redirect Chain
  • http://wasked.com/EHZBBT.html?od=1syr64010ad6e7b84_vl_Active16vl_1a14.nc76ac.C0000ri1ut11pat00l_x11657.i1ut1MW8waWc2LTI3MDg2Y3E0v6dzj
  • https://agawalp.com/?a=5107&oc=15959&c=46764&p=r&m=3&s1=tyiyyttruyytru_1a164010ad6e82b0&s2=yr1a1|M21unJj=|i1ut1|1o0ig6|27086cq|79445|0000ri1ut1|C|Dzy6pTS0nS93LJy0|PC|18fu1rd&s3=p3ylAwDjZGOuMQMyA2V4...
  • https://ideal.get-leads.xyz/click?pid=4726&offer_id=5242&sub2=300019084&sub4=5107
  • https://pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=5107&var3=&var4=&clickid=64210fcac6e8f80001202c2a
  • https://your.top-clicks.xyz/click?pid=888&offer_id=4050&sub2=wnhlv1cknhpjbrin2okagv7g&sub4=4726
  • https://clickcomma.com/?a=2312&c=54637&s2=64210fcbdac66c00016ae463&s1=888_4726
  • https://safeclink.com/?a=2312&c=54637&s2=64210fcbdac66c00016ae463&s1=888_4726&ckmguid=4267241a-15ae-4dde-a69b-d236d738400c
  • https://ogngqz.intrigulngdate.net/?utm_source=1e3a4e532f1c7040&s1=187482&s2=1779328&s3=-1&s5=Redirect&click_id=11355585&j5=1&j6=1&j8=1&j9=1
  • https://ogngqz.intrigulngdate.net/c/4c8a669b83e6c2d3?click_id=ioedn64210fcc000c4fdf&j4=&j5=1&j6=1&j8=1&j9=1&lp=MJ&s1=187482&s2=1779328&s3=backuser&s5=
  • https://go.allison-bangs.com/go.php?t=51568&aid=142802&sid=187482&clickid=qdlga64210fcc0008806e
  • https://moaroffers.com/terminated.html?t=33797&aid=142802&sid=187482&xk=804150801a0733f2f86490352c6c804f&clickid=qdlga64210fcc0008806e&i18n_country=DE&hts_id=c6dd4812-0da6-46da-a2ed-c969691f4e2c
68 B
288 B
Document
General
Full URL
https://moaroffers.com/terminated.html?t=33797&aid=142802&sid=187482&xk=804150801a0733f2f86490352c6c804f&clickid=qdlga64210fcc0008806e&i18n_country=DE&hts_id=c6dd4812-0da6-46da-a2ed-c969691f4e2c
Requested by
Host: wasked.com
URL: http://wasked.com/short/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.225 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
9118beb139c573ef899bfbd1b8e1ffa80834fed76ce3fd51807451978af90fc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://wasked.com/short/#EHZBBT.html?od=1syr64010ad6e7b84_vl_Active16vl_1a14.nc76ac.C0000ri1ut11pat00l_x11657.i1ut1MW8waWc2LTI3MDg2Y3E0v6dzj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
76
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 03:38:53 GMT
server
Apache
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 03:38:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://moaroffers.com/terminated.html?t=33797&aid=142802&sid=187482&xk=804150801a0733f2f86490352c6c804f&clickid=qdlga64210fcc0008806e&i18n_country=DE&hts_id=c6dd4812-0da6-46da-a2ed-c969691f4e2c
p3p
CP="NOI ADM DEV COM NAV OUR STP"
server
nginx
x-powered-by
PHP/8.1.17
x-robots-tag
otherbot: noindex, nofollow googlebot: noindex, nofollow

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

24 Cookies

Domain/Path Name / Value
.agawalp.com/ Name: st
Value: DkkEogG329Z6D2PIXI6NSktvpd5OHcyc89g3rwAaIGU+7SswKDUcVA==
.agawalp.com/ Name: tm
Value: e+4XURZYfsqbTrnUmm1PTUtvpd5OHcyc89g3rwAaIGU+7SswKDUcVA==
.agawalp.com/ Name: c14175
Value: DkkEogG329ZxLbiK71S+s/buacDf9i5qqRYhTwzw+eudbs63lv5LVw==
ideal.get-leads.xyz/ Name: afclick
Value: 64210fcac6e8f80001202c2a
ideal.get-leads.xyz/ Name: afoffers
Value: {"5242":1679888330}
.pansen-infichel.com/ Name: a757149c-fd88-4a9b-9a99-827e6ad49ebc-v4
Value: hoTYMOYqD1NRb2pIwOQzInYhIhCOhRY_cpjDWj4PSSo
.pansen-infichel.com/ Name: cc-v4
Value: lUIpoWZf56Qtbf35jJoka4l%2F%2FOq1TiSgsD7l0MdhDrN3WBi%2BElMdlRCeSGfRNQ%2F8H1T8jJqqUdCkxWcCWkv4LNh5oKAaAx1TJbMZ1AXu7HL9gpSOaAyaiJVhUL0QoFhprNNY1agKIWrfRcj9LQa9QQ%3D%3D
your.top-clicks.xyz/ Name: afclick
Value: 64210fcbdac66c00016ae463
your.top-clicks.xyz/ Name: afoffers
Value: {"4050":1679888331}
.safeclink.com/ Name: sid
Value: Go9n9frjzaHZ9lflm0MFnNgcZp7o+JEnoua9UPoQoHggnur4Rk+ggQ==
.safeclink.com/ Name: trk
Value: uMsiCKtGqz/Z9lflm0MFnNgcZp7o+JEnoua9UPoQoHggnur4Rk+ggQ==
.safeclink.com/ Name: c4538
Value: Go9n9frjzaHxoMUa5ma+Xhij8cFzjh515ejfbGSnt8k=
ogngqz.intrigulngdate.net/ Name: unique_id
Value: 6420f8ce000a0c88
ogngqz.intrigulngdate.net/ Name: unique_id2
Value: 6420f8ce000e9f3c
ogngqz.intrigulngdate.net/ Name: ref_token
Value: 166616_187482
ogngqz.intrigulngdate.net/ Name: 6420f8ce000e9f3c_c
Value: 2
ogngqz.intrigulngdate.net/ Name: tid
Value: qdlga64210fcc0008806e
.allison-bangs.com/ Name: bd_ovtu
Value: 1
.allison-bangs.com/ Name: bdreff
Value: NONE
.allison-bangs.com/ Name: tour
Value: 33797
.allison-bangs.com/ Name: affsubid
Value: 142802-187482
.allison-bangs.com/ Name: bdvisit
Value: 142802
.allison-bangs.com/ Name: bdcounter
Value: 1
.allison-bangs.com/ Name: xk
Value: 804150801a0733f2f86490352c6c804f