urlscan.io logo urlscan.io
SecurityTrails logo

www.trafyield.com Open in urlscan Pro
35.201.127.73  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kirutotukam.com/?ts=1667329433932&id=344
Effective URL: http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
Submission: On November 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 5 domains to perform 2 HTTP transactions. The main IP is 35.201.127.73, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.trafyield.com. The Cisco Umbrella rank of the primary domain is 897720.
This is the only time www.trafyield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.64.52 13335 (CLOUDFLAR...)
1 1 99.86.240.18 16509 (AMAZON-02)
1 1 137.74.247.34 16276 (OVH)
1 35.201.127.73 15169 (GOOGLE)
1 35.201.117.228 15169 (GOOGLE)
2 2
1    104.21.64.52 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
kirutotukam.com
1    99.86.240.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-18.vie50.r.cloudfront.net
waytogypts.xyz
1    137.74.247.34 (Villepinte, France)

ASN16276 (OVH, FR)
PTR: ip34.ip-137-74-247.eu
tm-offers.gamingadult.com
1    35.201.127.73 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 73.127.201.35.bc.googleusercontent.com
www.trafyield.com
1    35.201.117.228 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 228.117.201.35.bc.googleusercontent.com
dexchangeinc.com
Apex Domain
Subdomains		 Transfer
1 dexchangeinc.com
dexchangeinc.com — Cisco Umbrella Rank: 85445
1 trafyield.com
www.trafyield.com — Cisco Umbrella Rank: 897720
3 KB
1 gamingadult.com
tm-offers.gamingadult.com — Cisco Umbrella Rank: 103838
144 B
1 waytogypts.xyz
waytogypts.xyz — Cisco Umbrella Rank: 207983
755 B
1 kirutotukam.com
kirutotukam.com — Cisco Umbrella Rank: 320734
662 B
2 5
Domain Requested by
1 dexchangeinc.com www.trafyield.com
1 www.trafyield.com
1 tm-offers.gamingadult.com 1 redirects
1 waytogypts.xyz 1 redirects
1 kirutotukam.com 1 redirects
2 5

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Frame: http://dexchangeinc.com/jump/next.php?stamat=m%257C%252C4ojNqNhJqB1dAN0dEdHP3xP.803%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRpTXHmP4fPJqZw3misuQaTrYiQZ_O80jDaW0Nc5Qo-FKvvrAUwtubi-6hYNcaJ4DcM%252C&cbpage=http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}&cbur=0.9931093803899775&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Frame ID: 20DEE4F05BC9DDAF530F393D5209007F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://kirutotukam.com/?ts=1667329433932&id=344 HTTP 302
    http://waytogypts.xyz/redirect?tid=959637&ref=android-traffic.com HTTP 302
    https://tm-offers.gamingadult.com/?offer=3692&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=55811923046545396... HTTP 302
    http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID} Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

2
IPs

3
Countries

3 kB
Transfer

7 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kirutotukam.com/?ts=1667329433932&id=344 HTTP 302
    http://waytogypts.xyz/redirect?tid=959637&ref=android-traffic.com HTTP 302
    https://tm-offers.gamingadult.com/?offer=3692&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=5581192304654539689&subid2=959637 HTTP 302
    http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request next.php
www.trafyield.com/jump/
Redirect Chain
  • https://kirutotukam.com/?ts=1667329433932&id=344
  • http://waytogypts.xyz/redirect?tid=959637&ref=android-traffic.com
  • https://tm-offers.gamingadult.com/?offer=3692&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=5581192304654539689&subid2=959637
  • http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
Protocol
HTTP/1.1
Server
35.201.127.73 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
73.127.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
796410ed057b40cd445904a46557c027b7f5b3c1af92fcf23e20821e7e8eb1b2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 01 Nov 2022 19:10:49 GMT
Server
openresty
Transfer-Encoding
chunked
Via
1.1 google

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 01 Nov 2022 19:10:49 GMT
location
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
server
nginx
next.php
dexchangeinc.com/jump/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://dexchangeinc.com/jump/next.php?stamat=m%257C%252C4ojNqNhJqB1dAN0dEdHP3xP.803%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRpTXHmP4fPJqZw3misuQaTrYiQZ_O80jDaW0Nc5Qo-FKvvrAUwtubi-6hYNcaJ4DcM%252C&cbpage=http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}&cbur=0.9931093803899775&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Requested by
Host: www.trafyield.com
URL: http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
Protocol
HTTP/1.1
Server
35.201.117.228 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
228.117.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 01 Nov 2022 19:10:49 GMT
Server
openresty
Via
1.1 google

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml function| ReopenUrlBuilder object| browser function| isFraud function| preppopedRedirect

2 Cookies

Domain/Path Name / Value
kirutotukam.com/ Name: _ctid
Value: 471352552
waytogypts.xyz/ Name: csu
Value: cc865e68-4900-43de-85d5-75e8fbaa82b1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dexchangeinc.com
kirutotukam.com
tm-offers.gamingadult.com
waytogypts.xyz
www.trafyield.com
104.21.64.52
137.74.247.34
35.201.117.228
35.201.127.73
99.86.240.18
796410ed057b40cd445904a46557c027b7f5b3c1af92fcf23e20821e7e8eb1b2