stream.slimtraf.com
Open in
urlscan Pro
167.114.254.98
Public Scan
Effective URL: https://stream.slimtraf.com/directclick/?pid=3OciuN5zVbpbhxVix2pMpOBU7Lc1&wsid=o8jRfucVLRuRahAZGhuONRumx522g0UK65ban4wzKfFkC...
Submission: On January 09 via manual from PT
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 4th 2019. Valid for: 3 months.
This is the only time stream.slimtraf.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.11 67.199.248.11 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD - Google LLC) | |
6 8 | 184.171.242.5 184.171.242.5 | 33182 (DIMENOC) (DIMENOC - HostDime.com) | |
1 | 167.114.254.98 167.114.254.98 | 16276 (OVH) (OVH) | |
1 6 | 2a00:1450:400... 2a00:1450:4001:808::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:400c:c00::9b | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 167.114.228.34 167.114.228.34 | 16276 (OVH) (OVH) | |
10 | 5 |
ASN396982 (GOOGLE-PRIVATE-CLOUD - Google LLC, US)
PTR: bit.ly
bit.ly |
ASN33182 (DIMENOC - HostDime.com, Inc., US)
PTR: single-4730.banahosting.com
tracking-all-traffic.offerdirecto.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
offerdirecto.com
6 redirects
tracking-all-traffic.offerdirecto.com |
77 KB |
6 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
123fastcdn.com
go.123fastcdn.com |
181 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
102 B |
1 |
slimtraf.com
stream.slimtraf.com |
28 KB |
1 |
bit.ly
1 redirects
bit.ly |
451 B |
10 | 6 |
Domain | Requested by | |
---|---|---|
8 | tracking-all-traffic.offerdirecto.com |
6 redirects
tracking-all-traffic.offerdirecto.com
|
6 | www.google-analytics.com |
1 redirects
tracking-all-traffic.offerdirecto.com
|
1 | go.123fastcdn.com |
stream.slimtraf.com
|
1 | stats.g.doubleclick.net | |
1 | stream.slimtraf.com |
tracking-all-traffic.offerdirecto.com
|
1 | bit.ly | 1 redirects |
10 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
tracking-all-traffic.offerdirecto.com Let's Encrypt Authority X3 |
2020-01-08 - 2020-04-07 |
3 months | crt.sh |
stream.slimtraf.com Let's Encrypt Authority X3 |
2019-11-04 - 2020-02-02 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-12-10 - 2020-03-03 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2019-12-10 - 2020-03-03 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
http://go.123fastcdn.com/l/?type=a&pre=netficks-intl-v1&dlang=en&url=https%3A%2F%2Fhello.fuckbook.xxx%2Flander%2Fml605_u_trial%2F%3Fofferit_code%3Dslimspots.38.38.241.0.0.0.0.0.0.0.0%26offerit_conversion_variables._ocid%3D20010901_01_250803_8e2c9a0af2225%26offerit_conversion_variables.subaff%3Da250803sVjmIjo9v0f%26affe%3Dgfno
Frame ID: DFC830C5ECCA1689681AD69514E53AA5
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://bit.ly/2msX7Na
HTTP 301
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={su... Page URL
-
https://tracking-all-traffic.offerdirecto.com/control-user.php?id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1...
HTTP 302
https://tracking-all-traffic.offerdirecto.com/control-click_id.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9... HTTP 302
https://tracking-all-traffic.offerdirecto.com/control-bloq-ofertas.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&ty... HTTP 302
https://tracking-all-traffic.offerdirecto.com/pais.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}... HTTP 302
https://tracking-all-traffic.offerdirecto.com/control-ip.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1=... HTTP 302
https://tracking-all-traffic.offerdirecto.com/9/click24.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&sub1={sub1}&s... HTTP 302
https://stream.slimtraf.com/directclick/?pid=3OciuN5zVbpbhxVix2pMpOBU7Lc1&wsid=o8jRfucVLRuRahAZGhuONRumx... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bit.ly/2msX7Na
HTTP 301
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3} Page URL
-
https://tracking-all-traffic.offerdirecto.com/control-user.php?id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200
HTTP 302
https://tracking-all-traffic.offerdirecto.com/control-click_id.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200 HTTP 302
https://tracking-all-traffic.offerdirecto.com/control-bloq-ofertas.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200 HTTP 302
https://tracking-all-traffic.offerdirecto.com/pais.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200 HTTP 302
https://tracking-all-traffic.offerdirecto.com/control-ip.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200&pais=BE&b=M247%20Ltd%20Brussels&c=SI HTTP 302
https://tracking-all-traffic.offerdirecto.com/9/click24.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200&b=M247%20Ltd%20Brussels&c=SI&pais=BE HTTP 302
https://stream.slimtraf.com/directclick/?pid=3OciuN5zVbpbhxVix2pMpOBU7Lc1&wsid=o8jRfucVLRuRahAZGhuONRumx522g0UK65ban4wzKfFkCG0IotX2GdwATng&subid=VjmIjo9v0f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://bit.ly/2msX7Na HTTP 301
- https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=972428009&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DVjmIjo9v0f%26type%3D9%26idoffer%3D86350%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=359403269&gjid=1819958657&cid=1862274097.1578528294&tid=UA-97406603-1&_gid=575000209.1578528294&_r=1&z=619335274 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1862274097.1578528294&jid=359403269&_gid=575000209.1578528294&gjid=1819958657&_v=j79&z=619335274
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
tracking-all-traffic.offerdirecto.com/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
stream.slimtraf.com/directclick/ Redirect Chain
|
26 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.gif
tracking-all-traffic.offerdirecto.com/ |
75 KB 75 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
go.123fastcdn.com/l/ |
0 181 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
go.123fastcdn.com
stats.g.doubleclick.net
stream.slimtraf.com
tracking-all-traffic.offerdirecto.com
www.google-analytics.com
167.114.228.34
167.114.254.98
184.171.242.5
2a00:1450:4001:808::200e
2a00:1450:400c:c00::9b
67.199.248.11
c42e65d6aee8d0ab0994af0ff0d3163d1bb1b0e2081e9bbce7d76e00ee321e31
cba52d24e85b76825c879261fd422f8c73d2dc233e2ff5ffc68e16d31a2a5a63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855