ak.ocoaksib.com - urlscan.io

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 5 HTTP transactions. The main IP is 23.55.235.218, located in Newark, United States and belongs to AKAMAI-ASN1, NL. The main domain is ak.ocoaksib.com. The Cisco Umbrella rank of the primary domain is 89440.

This is the only time ak.ocoaksib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	23.55.235.218 23.55.235.218	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
1 1	34.147.37.248 34.147.37.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.196.173.211 54.196.173.211	14618 (AMAZON-AES) (AMAZON-AES)
5	4

3 23.55.235.218 (Newark, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-235-218.deploy.static.akamaitechnologies.com

ak.ocoaksib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.147.37.248 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.37.147.34.bc.googleusercontent.com

wildbearads.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.196.173.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-173-211.compute-1.amazonaws.com

track.cntclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ocoaksib.com 1 redirects ak.ocoaksib.com — Cisco Umbrella Rank: 89440	17 KB
1	cntclaim.com track.cntclaim.com — Cisco Umbrella Rank: 293399
1	go2affise.com 1 redirects wildbearads.go2affise.com — Cisco Umbrella Rank: 221565	327 B
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 36259	467 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9876	492 B
5	5

	Domain	Requested by
3	ak.ocoaksib.com	1 redirects ak.ocoaksib.com
1	track.cntclaim.com
1	wildbearads.go2affise.com	1 redirects
1	datatechone.com	ak.ocoaksib.com
1	my.rtmark.net	ak.ocoaksib.com
5	5

This site contains no links.

Subject Issuer	Validity	Valid
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
track.cntclaim.com R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh

This page contains 1 frames:

Frame: https://track.cntclaim.com/8LJN3/2H85N29/?source_id=184_6118780&sub1=65cd2623386c0f0001115ca1
Frame ID: 989EF26E459DA75582AB21E30767E03F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redirect

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

16 kB
Transfer

33 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://ak.ocoaksib.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://wildbearads.go2affise.com/click?pid=184&offer_id=11708&sub1=781734131188117917&sub2=6118780 HTTP 302
https://track.cntclaim.com/8LJN3/2H85N29/?source_id=184_6118780&sub1=65cd2623386c0f0001115ca1

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 0.7625140375193172 Show response
ak.ocoaksib.com/4/6118780/ 33 KB
14 KB 376ms
308ms Document
text/html 23.55.235.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://ak.ocoaksib.com/4/6118780/0.7625140375193172
Protocol: HTTP/1.1
Server: 23.55.235.218 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-235-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 146525be70a06780069566376437b25af08e30e38d44c2b1c1a10e8d9b59651a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
Access-Control-Allow-Methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: * *
Access-Control-Max-Age: 86400
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 13305
Content-Type: text/html; charset=utf8
Date: Wed, 14 Feb 2024 20:44:18 GMT
Expires: Wed, 14 Feb 2024 20:44:18 GMT
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Pragma: no-cache
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Trace-Id: 5dba388099371d9d2b1de441daa3acd8

POST
H/1.1 200
OK sftouch
ak.ocoaksib.com/ 2 B
839 B 148ms
147ms Ping
text/plain 23.55.235.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

http://ak.ocoaksib.com/sftouch?userId=d7d8178384a045df967d2a86c6de35d2&z=6118780&p_rid=8a994cde-7bec-462c-87a1-bfb894449de8&p_src=sf&branchId=150040&rb=IM2d8t2PXzGbQk7D59LFvFRC94uTIA-EZVPAfEX3bxsiLPs2gBY7jjtvyRuHmxFsvcoRBmGXbgBEXCJ_8e8B-fCKd7L8lqFhsqC7bdSPOGCD5ieL4aPAHRA1iL2LxUh1BQ7Z6Qn3rnMDnIefq65yZ2XRaNHPDyNscnHVLSezeBh_MCzChfMXb8UTSWOVziAl3Bhz7MYHWoacGLkTLH4go7nYIYEb9ycTTigWHLNNn8u-0lP8Z5FLHN_FhxSvc6R_oRCrJOrTsPLwcW7mDUiHZGzPvnDJk7R0msycj4fHngs=

Requested by

Host: ak.ocoaksib.com
URL: http://ak.ocoaksib.com/4/6118780/0.7625140375193172

Protocol

HTTP/1.1

Server

23.55.235.218 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-55-235-218.deploy.static.akamaitechnologies.com

Software

/

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ak.ocoaksib.com/4/6118780/0.7625140375193172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Strict-Transport-Security: max-age=1
Date: Wed, 14 Feb 2024 20:44:18 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2
X-Trace-Id: 79eeef1c29e9fd82b4a905ac2cc7c079
Pragma: no-cache
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: http://ak.ocoaksib.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires: Wed, 14 Feb 2024 20:44:18 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
492 B 435ms
140ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=d7d8178384a045df967d2a86c6de35d2&z=6118780&p_rid=8a994cde-7bec-462c-87a1-bfb894449de8&p_src=sf

Requested by

Host: ak.ocoaksib.com
URL: http://ak.ocoaksib.com/4/6118780/0.7625140375193172

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ak.ocoaksib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 20:44:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
467 B 418ms
137ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=8a994cde-7bec-462c-87a1-bfb894449de8
Requested by: Host: ak.ocoaksib.com
URL: http://ak.ocoaksib.com/4/6118780/0.7625140375193172
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: http://ak.ocoaksib.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 14 Feb 2024 20:44:19 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://ak.ocoaksib.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H/1.1

204
No Content

/
track.cntclaim.com/8LJN3/2H85N29/
Redirect Chain

http://ak.ocoaksib.com/?z=6118780&syncedCookie=true&rhd=false
https://wildbearads.go2affise.com/click?pid=184&offer_id=11708&sub1=781734131188117917&sub2=6118780
https://track.cntclaim.com/8LJN3/2H85N29/?source_id=184_6118780&sub1=65cd2623386c0f0001115ca1

0
0

217ms
99ms

Document
text/plain

54.196.173.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.cntclaim.com/8LJN3/2H85N29/?source_id=184_6118780&sub1=65cd2623386c0f0001115ca1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.196.173.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-173-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: http://ak.ocoaksib.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
date: Wed, 14 Feb 2024 20:44:20 GMT
server: nginx
vary: Origin
x-eflow-request-id: c4521191-4a95-4e8c-acb5-6cc9d9d181bc

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Wed, 14 Feb 2024 20:44:19 GMT
location: https://track.cntclaim.com/8LJN3/2H85N29/?source_id=184_6118780&sub1=65cd2623386c0f0001115ca1
server: nginx
x-adjust-use-original-forwarded-for: 1

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __ds3dcV__

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ak.ocoaksib.com/	1970-01-21 03:11:19	Name: OAID Value: d7d8178384a045df967d2a86c6de35d2
ak.ocoaksib.com/	1970-01-21 03:11:19	Name: oaidts Value: 1707943458
my.rtmark.net/	1970-01-21 03:11:19	Name: ID Value: d7d8178384a045df967d2a86c6de35d2
ak.ocoaksib.com/	1970-01-20 18:35:48	Name: syncedCookie Value: true
wildbearads.go2affise.com/	1970-01-21 03:11:19	Name: afclick Value: 65cd2623386c0f0001115ca1
wildbearads.go2affise.com/	1970-01-21 03:11:19	Name: afoffers Value: {"11708":1707943459}

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://ak.ocoaksib.com/4/6118780/0.7625140375193172(Line 46) Message: getGamepad will now require Secure Context. Please update your application accordingly. For more information see https://github.com/w3c/gamepad/pull/120
other	warning	URL: http://ak.ocoaksib.com/4/6118780/0.7625140375193172 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.ocoaksib.com
datatechone.com
my.rtmark.net
track.cntclaim.com
wildbearads.go2affise.com
139.45.195.253
139.45.195.8
23.55.235.218
34.147.37.248
54.196.173.211
146525be70a06780069566376437b25af08e30e38d44c2b1c1a10e8d9b59651a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

ak.ocoaksib.com Open in urlscan Pro 23.55.235.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

5 Requests

60 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

16 kBTransfer

33 kBSize

6 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

6 Cookies

2 Console Messages

Indicators

ak.ocoaksib.com Open in urlscan Pro
23.55.235.218 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

16 kB
Transfer

33 kB
Size

6
Cookies

5 HTTP transactions
0 data transactions