click.trlxcf01.com - urlscan.io

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 2 HTTP transactions. The main IP is 2606:4700:3037::6815:2ae9, located in United States and belongs to CLOUDFLARENET, US. The main domain is click.trlxcf01.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 21st 2020. Valid for: a year.

This is the only time click.trlxcf01.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	213.227.132.161 213.227.132.161	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	178.63.45.29 178.63.45.29	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3037::6815:2ae9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2

1 213.227.132.161 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

trk.hracmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.45.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.45.63.178.clients.your-server.de

125cf238f604.traffic-c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:2ae9 (United States)

ASN13335 (CLOUDFLARENET, US)

click.trlxcf01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	trlxcf01.com click.trlxcf01.com	2 KB
1	traffic-c.com 125cf238f604.traffic-c.com	1 KB
1	hracmp.com 1 redirects trk.hracmp.com	96 B
2	3

	Domain	Requested by
1	click.trlxcf01.com
1	125cf238f604.traffic-c.com
1	trk.hracmp.com	1 redirects
2	3

This site contains no links.

Subject Issuer	Validity	Valid
traffic-c.com R3	`2021-03-19` - `2021-06-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://click.trlxcf01.com/click/Q0MU7gvhnwKHErVWsY?affid=100515&c1=5qbd6eojdanrhnmxssxkwk0cg,15628455,5,4568&c3=4568
Frame ID: 6E4CB757C3F2EFCFB93F6EAE91C5E413
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://trk.hracmp.com/click?pid=57&offer_id=5798 HTTP 302
https://125cf238f604.traffic-c.com/?p=4568&media_type=mainstream Page URL
https://click.trlxcf01.com/click/Q0MU7gvhnwKHErVWsY?affid=100515&c1=5qbd6eojdanrhnmxssxkwk0cg,15628455,... Page URL

Page Statistics

2
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

3 kB
Transfer

1 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trk.hracmp.com/click?pid=57&offer_id=5798 HTTP 302
https://125cf238f604.traffic-c.com/?p=4568&media_type=mainstream Page URL
https://click.trlxcf01.com/click/Q0MU7gvhnwKHErVWsY?affid=100515&c1=5qbd6eojdanrhnmxssxkwk0cg,15628455,5,4568&c3=4568 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://trk.hracmp.com/click?pid=57&offer_id=5798 HTTP 302
https://125cf238f604.traffic-c.com/?p=4568&media_type=mainstream

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response 125cf238f604.traffic-c.com/ Redirect Chain https://trk.hracmp.com/click?pid=57&offer_id=5798 https://125cf238f604.traffic-c.com/?p=4568&media_type=mainstream	845 B 1 KB	132ms 67ms	Document text/html	178.63.45.29 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://125cf238f604.traffic-c.com/?p=4568&media_type=mainstream Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.63.45.29 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.29.45.63.178.clients.your-server.de Software / Resource Hash `9daa86ca9653c052fdd74ee49a981effa50811b9f38f8f6b57f85c34bca18c18` Request headers :method GET :authority 125cf238f604.traffic-c.com :scheme https :path /?p=4568&media_type=mainstream pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 Mar 2021 16:25:23 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie t-uuid=5qbd6eojk6kcxjcpd7z8kg8gs; expires=Wed, 26-Mar-2031 16:25:23 GMT; Max-Age=315532800; path=/; domain=.traffic-c.com traffic-visited-offers=%7C%7C157552%7Cunspecified; expires=Sat, 27-Mar-2021 16:25:23 GMT; Max-Age=86400; path=/; domain=.traffic-c.com traffic-back=ok; expires=Fri, 26-Mar-2021 16:25:53 GMT; Max-Age=30; path=/; domain=.traffic-c.com rts-trck=1; expires=Fri, 26-Mar-2021 16:35:23 GMT; Max-Age=600; path=/; domain=125cf238f604.traffic-c.com last-modified Fri, 26 Mar 2021 16:25:23 GMT expires Fri, 26 Mar 2021 16:25:23 GMT cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 pragma no-cache x-robots-tag noindex, nofollow content-encoding gzip Redirect headers server nginx date Fri, 26 Mar 2021 16:25:23 GMT content-length 0 location https://125cf238f604.traffic-c.com/?p=4568&media_type=mainstream
GET H2	400	Primary Request Q0MU7gvhnwKHErVWsY Show response click.trlxcf01.com/click/	24 B 2 KB	484ms 459ms	Document text/html	2606:4700:3037::6815:2ae9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://click.trlxcf01.com/click/Q0MU7gvhnwKHErVWsY?affid=100515&c1=5qbd6eojdanrhnmxssxkwk0cg,15628455,5,4568&c3=4568 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:2ae9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e37b6f5753f324cba2796bfa3efdb1b0b0f20d97596abb201e281af57858235f` Request headers :method GET :authority click.trlxcf01.com :scheme https :path /click/Q0MU7gvhnwKHErVWsY?affid=100515&c1=5qbd6eojdanrhnmxssxkwk0cg,15628455,5,4568&c3=4568 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://125cf238f604.traffic-c.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://125cf238f604.traffic-c.com/ Response headers date Fri, 26 Mar 2021 16:25:23 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d3e4ce47e60877841eaa3e4b7d02038131616775923; expires=Sun, 25-Apr-21 16:25:23 GMT; path=/; domain=.trlxcf01.com; HttpOnly; SameSite=Lax AWSALB=HrYhjsCfefn4gVEDf6K8ohB/dze7kvTAhJN8/DSIl+C5NOsZAc/Pz+EiXwPZsRbM51n0g6wbi47fyZC9XaPstDroUaRnFUY8DFWKIe5zltJGP9QFNdx5afUfSjFY; Expires=Fri, 02 Apr 2021 16:25:23 GMT; Path=/ AWSALBCORS=HrYhjsCfefn4gVEDf6K8ohB/dze7kvTAhJN8/DSIl+C5NOsZAc/Pz+EiXwPZsRbM51n0g6wbi47fyZC9XaPstDroUaRnFUY8DFWKIe5zltJGP9QFNdx5afUfSjFY; Expires=Fri, 02 Apr 2021 16:25:23 GMT; Path=/; SameSite=None XSRF-TOKEN=eyJpdiI6IkxMOVV2R3pTZDJIV1FXMTBUUk5TRUE9PSIsInZhbHVlIjoiS1VvdWxPZkJzQ3lVeHV2NlNPVnRkS3o0N09hXC80TXBaSmM0c045NUExSEdsZXJiMURxeXlXZnF4c3UwTTVCM05BWWJcL0lOdHoxbEh6bVRVQ3V4Mnl5Zz09IiwibWFjIjoiODdkODhjM2E2NGI1NDJkYTIyOWM4ZmI4YTc0Zjg4NzI5Yzg5N2U2NDY2MDU5NjkwZTVkYmNjOWEyODE4ZTU5MyJ9; expires=Fri, 26-Mar-2021 18:25:23 GMT; Max-Age=7200; path=/ session=eyJpdiI6IlZSTFdjZnNVYWJPalZzUEwyK3hhNGc9PSIsInZhbHVlIjoiT0tyNGZVNVNTUWV3bytCakhJYTRcL0d4cEJzd3ZBU0pGd29NbEFBNjR6TmJRVmkwdFN1MUtOXC9zc3pleFwvSEVNV2VcL1FHWTFZelwvWUdta0FZM0V1VERJUT09IiwibWFjIjoiMmNlOGJkZGU5MTY0NjlkNWU2NTVkYzE2MWNjOGU5NmFkNGE4ODRlZjM4ZTdjNjhiMWNjNjM1NmQ3ODA3ZWI1ZCJ9; expires=Fri, 26-Mar-2021 18:25:23 GMT; Max-Age=7200; path=/; HttpOnly BAH6x8Ycz8wLfH7I4iQF1iNEvu3eFC4aV2lnnYdD=eyJpdiI6IkdZcTVNYmpKbVBtbVIwcStBTHl5M0E9PSIsInZhbHVlIjoiYndsbWpcL0VQWUE3cDZTV1RyOXdmdGJNRnFDQkdYcDFmT0xkOVwvaTByWHZjSXZVZUdzMFFtb1JONE10eWpWZ3pxUG1ldU1NVkRuSlE4aVRBYXcwTUhxM0JVYms2R3hNSjZlVjBoN1lvb2xzNjJYbUlLYXEwd1ZXUldza2dcL3pZTjNLK3JUcDJ6c2EwTXNOaGZCNVM2RHI1Rlc0MFV5K3dqMXRuTExCR1FXcVViMlpyREVzSE0yWkFuU3ZmMzFUNGdDbnNDbHhIWHVcL0J2TTB5UFwvZWRiWURZalJrZmx6NUZNKzRzVDBHM3dZdXdESzNiTGdsY1lZbDgxSjRwMFZWTFJRWlRNT3A3YzU3MWJrXC80YkZxS2M5eFRFTTBkdmdaXC83NXg4MFViS0xzU2pKZ1JWTjVrbXdJaXU3Y1AwTnN5MUl5M1dXdExKVUN1Z2xiZHhTNUFWbXplQnBtZEw1MmJDOW9oblRFNk9QMzFsZFNhNXNkZ0M4UU1Md3NBOGJvWFhuTWYyaW5iSFRSNVlNQWgwYllmQkZmaHU5VUZFNzRvUnBuaHRZYnFzTk9KcG1tRkRnXC9HUktWUFdoZlJZanU1bW50Y1dabWFtdlppdWJIdjB1VzRWMW40UT09IiwibWFjIjoiZmEyYjhlN2Y4OGFkOTAxODA5M2ZjZDUzYmFmMDQ4MmM3NTlmODlhY2JjMjc2YWEyZDI1Yzg5YzZjOTFkZmE0MCJ9; expires=Fri, 26-Mar-2021 18:25:23 GMT; Max-Age=7200; path=/; HttpOnly cache-control no-cache, private cf-cache-status DYNAMIC cf-request-id 0910f3de6800004eb54b2cd000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p%2B%2BB17%2B3ujytUiYO07FPkV3W3rrjs%2F2ysRmxlyZqtVND1uVQAwhugG8Foik6G6HaD62CyHq%2FHxJeKT5bIOydsHa7kDKnRV1n1fVfpCz2sl8f2WVZDnRK5FDgTCG2I1g%3D"}],"max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6361bc10a9014eb5-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
click.trlxcf01.com/	1970-01-19 17:06:23	Name: session Value: eyJpdiI6IlZSTFdjZnNVYWJPalZzUEwyK3hhNGc9PSIsInZhbHVlIjoiT0tyNGZVNVNTUWV3bytCakhJYTRcL0d4cEJzd3ZBU0pGd29NbEFBNjR6TmJRVmkwdFN1MUtOXC9zc3pleFwvSEVNV2VcL1FHWTFZelwvWUdta0FZM0V1VERJUT09IiwibWFjIjoiMmNlOGJkZGU5MTY0NjlkNWU2NTVkYzE2MWNjOGU5NmFkNGE4ODRlZjM4ZTdjNjhiMWNjNjM1NmQ3ODA3ZWI1ZCJ9
click.trlxcf01.com/	1970-01-19 17:06:23	Name: XSRF-TOKEN Value: eyJpdiI6IkxMOVV2R3pTZDJIV1FXMTBUUk5TRUE9PSIsInZhbHVlIjoiS1VvdWxPZkJzQ3lVeHV2NlNPVnRkS3o0N09hXC80TXBaSmM0c045NUExSEdsZXJiMURxeXlXZnF4c3UwTTVCM05BWWJcL0lOdHoxbEh6bVRVQ3V4Mnl5Zz09IiwibWFjIjoiODdkODhjM2E2NGI1NDJkYTIyOWM4ZmI4YTc0Zjg4NzI5Yzg5N2U2NDY2MDU5NjkwZTVkYmNjOWEyODE4ZTU5MyJ9
click.trlxcf01.com/	1970-01-19 17:16:20	Name: AWSALB Value: HrYhjsCfefn4gVEDf6K8ohB/dze7kvTAhJN8/DSIl+C5NOsZAc/Pz+EiXwPZsRbM51n0g6wbi47fyZC9XaPstDroUaRnFUY8DFWKIe5zltJGP9QFNdx5afUfSjFY
click.trlxcf01.com/	1970-01-19 17:06:23	Name: BAH6x8Ycz8wLfH7I4iQF1iNEvu3eFC4aV2lnnYdD Value: eyJpdiI6IkdZcTVNYmpKbVBtbVIwcStBTHl5M0E9PSIsInZhbHVlIjoiYndsbWpcL0VQWUE3cDZTV1RyOXdmdGJNRnFDQkdYcDFmT0xkOVwvaTByWHZjSXZVZUdzMFFtb1JONE10eWpWZ3pxUG1ldU1NVkRuSlE4aVRBYXcwTUhxM0JVYms2R3hNSjZlVjBoN1lvb2xzNjJYbUlLYXEwd1ZXUldza2dcL3pZTjNLK3JUcDJ6c2EwTXNOaGZCNVM2RHI1Rlc0MFV5K3dqMXRuTExCR1FXcVViMlpyREVzSE0yWkFuU3ZmMzFUNGdDbnNDbHhIWHVcL0J2TTB5UFwvZWRiWURZalJrZmx6NUZNKzRzVDBHM3dZdXdESzNiTGdsY1lZbDgxSjRwMFZWTFJRWlRNT3A3YzU3MWJrXC80YkZxS2M5eFRFTTBkdmdaXC83NXg4MFViS0xzU2pKZ1JWTjVrbXdJaXU3Y1AwTnN5MUl5M1dXdExKVUN1Z2xiZHhTNUFWbXplQnBtZEw1MmJDOW9oblRFNk9QMzFsZFNhNXNkZ0M4UU1Md3NBOGJvWFhuTWYyaW5iSFRSNVlNQWgwYllmQkZmaHU5VUZFNzRvUnBuaHRZYnFzTk9KcG1tRkRnXC9HUktWUFdoZlJZanU1bW50Y1dabWFtdlppdWJIdjB1VzRWMW40UT09IiwibWFjIjoiZmEyYjhlN2Y4OGFkOTAxODA5M2ZjZDUzYmFmMDQ4MmM3NTlmODlhY2JjMjc2YWEyZDI1Yzg5YzZjOTFkZmE0MCJ9
.trlxcf01.com/	1970-01-19 17:49:27	Name: __cfduid Value: d3e4ce47e60877841eaa3e4b7d02038131616775923

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

125cf238f604.traffic-c.com
click.trlxcf01.com
trk.hracmp.com
178.63.45.29
213.227.132.161
2606:4700:3037::6815:2ae9
9daa86ca9653c052fdd74ee49a981effa50811b9f38f8f6b57f85c34bca18c18
e37b6f5753f324cba2796bfa3efdb1b0b0f20d97596abb201e281af57858235f

click.trlxcf01.com Open in urlscan Pro 2606:4700:3037::6815:2ae9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

3 kBTransfer

1 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

5 Cookies

Indicators

click.trlxcf01.com Open in urlscan Pro
2606:4700:3037::6815:2ae9 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

3 kB
Transfer

1 kB
Size

5
Cookies

2 HTTP transactions
0 data transactions