gulimedia.offerstrack.net

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 3 HTTP transactions. The main IP is 47.241.22.124, located in Singapore and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is gulimedia.offerstrack.net.

This is the only time gulimedia.offerstrack.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	23.235.244.225 23.235.244.225	20454 (SSASN2) (SSASN2)
1	94.237.99.118 94.237.99.118	202053 (UPCLOUD) (UPCLOUD)
1	47.241.22.124 47.241.22.124	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
3	3

2 23.235.244.225 (Phoenix, United States) 1 redirects

ASN20454 (SSASN2, US)

pssy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.237.99.118 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-99-118.de-fra1.upcloud.host

1d5e051bc65.traffic-c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.241.22.124 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

gulimedia.offerstrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	pssy.xyz 1 redirects pssy.xyz — Cisco Umbrella Rank: 164078	19 KB
1	offerstrack.net gulimedia.offerstrack.net	155 B
1	traffic-c.com 1d5e051bc65.traffic-c.com	1 KB
3	3

	Domain	Requested by
2	pssy.xyz	1 redirects
1	gulimedia.offerstrack.net
1	1d5e051bc65.traffic-c.com
3	3

This site contains no links.

Subject Issuer	Validity	Valid
pssy.xyz R3	`2023-01-13` - `2023-04-13`	3 months	crt.sh
traffic-c.com R3	`2022-12-09` - `2023-03-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://gulimedia.offerstrack.net/index.php?offer_id=564&aff_id=325&aff_sub2=5xrg4kva2erqbzp7dt3sck84g,16667592,5,4554
Frame ID: A11BB4E0154A82FE50F3C943F9269A93
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://pssy.xyz/p/1evxr/direct/t:intlib/bs:MDRlMDgxYmY1MDRkNDE2NjVhNTk0M2ZkZDdmZDg0NjdjM2VlM... Page URL
https://pssy.xyz/p/1evxr/direct/t:intlib/bs:MDRlMDgxYmY1MDRkNDE2NjVhNTk0M2ZkZDdmZDg0NjdjM2VlM... HTTP 302
https://1d5e051bc65.traffic-c.com/?p=4554&media_type=mainstream&pi=04_MS_DP_TrafficCompany_cert&click_id=e5534... Page URL
http://gulimedia.offerstrack.net/index.php?offer_id=564&aff_id=325&aff_sub2=5xrg4kva2erqbzp7dt3sck84g,1666759... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

20 kB
Transfer

52 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pssy.xyz/p/1evxr/direct/t:intlib/bs:MDRlMDgxYmY1MDRkNDE2NjVhNTk0M2ZkZDdmZDg0NjdjM2VlMzIzNWQ1MWRlMDFjOTc5ZjRjZjg4YTc2NTI4M3wyMzc0MTkxfDR8NDEuMjQ5LjkxLjc0fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDkuMC4wLjAgU2FmYXJpLzUzNy4zNnwzNjE3OTV8MTY3NTEzMTI3NHxpYmFIUjBjSE02THk5M2QzY3VaR0ZwYkhsamNubHdkR2xqTFc1bGQzTXVZMjl0THc9PQ& Page URL
https://pssy.xyz/p/1evxr/direct/t:intlib/bs:MDRlMDgxYmY1MDRkNDE2NjVhNTk0M2ZkZDdmZDg0NjdjM2VlMzIzNWQ1MWRlMDFjOTc5ZjRjZjg4YTc2NTI4M3wyMzc0MTkxfDR8NDEuMjQ5LjkxLjc0fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDkuMC4wLjAgU2FmYXJpLzUzNy4zNnwzNjE3OTV8MTY3NTEzMTI3NHxpYmFIUjBjSE02THk5M2QzY3VaR0ZwYkhsamNubHdkR2xqTFc1bGQzTXVZMjl0THc9PQ&?prc_c=1675131521&prc_r=eyJIVFRQX1VTRVJfQUdFTlQiOiJNb3ppbGxhXC81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvMTA5LjAuNTQxNC4xMTkgU2FmYXJpXC81MzcuMzYifQ==&prc_h=f0305614aa328be2671751a7fac777d581a3d249c5a20927804e489d1580fb05&pr_tsid=26508e423afab01f81ceecd3ac37a7990d85eb884625453214c7061d88cbf8a7&pr_tsids=bee99e3dccc5a9b474d85a0bb79e5c0aca9c0f814601360c12303b3cc271dcf8 HTTP 302
https://1d5e051bc65.traffic-c.com/?p=4554&media_type=mainstream&pi=04_MS_DP_TrafficCompany_cert&click_id=e5534cbb5f8978f468c5e69a31466217c5799b273aa107acdb8f468bab79f18b&sub_id=7753721&transaction_id=S27576840 Page URL
http://gulimedia.offerstrack.net/index.php?offer_id=564&aff_id=325&aff_sub2=5xrg4kva2erqbzp7dt3sck84g,16667592,5,4554 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://pssy.xyz/p/1evxr/direct/t:intlib/bs:MDRlMDgxYmY1MDRkNDE2NjVhNTk0M2ZkZDdmZDg0NjdjM2VlMzIzNWQ1MWRlMDFjOTc5ZjRjZjg4YTc2NTI4M3wyMzc0MTkxfDR8NDEuMjQ5LjkxLjc0fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDkuMC4wLjAgU2FmYXJpLzUzNy4zNnwzNjE3OTV8MTY3NTEzMTI3NHxpYmFIUjBjSE02THk5M2QzY3VaR0ZwYkhsamNubHdkR2xqTFc1bGQzTXVZMjl0THc9PQ&?prc_c=1675131521&prc_r=eyJIVFRQX1VTRVJfQUdFTlQiOiJNb3ppbGxhXC81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvMTA5LjAuNTQxNC4xMTkgU2FmYXJpXC81MzcuMzYifQ==&prc_h=f0305614aa328be2671751a7fac777d581a3d249c5a20927804e489d1580fb05&pr_tsid=26508e423afab01f81ceecd3ac37a7990d85eb884625453214c7061d88cbf8a7&pr_tsids=bee99e3dccc5a9b474d85a0bb79e5c0aca9c0f814601360c12303b3cc271dcf8 HTTP 302
https://1d5e051bc65.traffic-c.com/?p=4554&media_type=mainstream&pi=04_MS_DP_TrafficCompany_cert&click_id=e5534cbb5f8978f468c5e69a31466217c5799b273aa107acdb8f468bab79f18b&sub_id=7753721&transaction_id=S27576840

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	bs:MDRlMDgxYmY1MDRkNDE2NjVhNTk0M2ZkZDdmZDg0NjdjM2VlMzIzNWQ1MWRlMDFjOTc5ZjRjZjg4YTc2NTI4M3wyMzc0MTkxfDR8NDEuMjQ5LjkxLjc0fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy... Show response pssy.xyz/p/1evxr/direct/t:intlib/	50 KB 18 KB	479ms 186ms	Document text/html	23.235.244.225 SSASN2
General Check archive.org Show headers Download Go to Full URL https://pssy.xyz/p/1evxr/direct/t:intlib/bs:MDRlMDgxYmY1MDRkNDE2NjVhNTk0M2ZkZDdmZDg0NjdjM2VlMzIzNWQ1MWRlMDFjOTc5ZjRjZjg4YTc2NTI4M3wyMzc0MTkxfDR8NDEuMjQ5LjkxLjc0fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDkuMC4wLjAgU2FmYXJpLzUzNy4zNnwzNjE3OTV8MTY3NTEzMTI3NHxpYmFIUjBjSE02THk5M2QzY3VaR0ZwYkhsamNubHdkR2xqTFc1bGQzTXVZMjl0THc9PQ& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.235.244.225 Phoenix, United States, ASN20454 (SSASN2, US), Reverse DNS Software nginx / Resource Hash `848db7fa3a27599154ec4529cadc141f60c6c5277329a38e7773b8e4234897d4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-CH Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Device-Memory, RTT, ECT, Downlink Access-Control-Allow-Origin * Cache-Control no-cache, must-revalidate, no-transform Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 31 Jan 2023 02:18:41 GMT Expires Tue, 31 Dec 2013 23:59:59 GMT Server nginx Transfer-Encoding chunked
GET H2	200	/ Show response 1d5e051bc65.traffic-c.com/ Redirect Chain https://pssy.xyz/p/1evxr/direct/t:intlib/bs:MDRlMDgxYmY1MDRkNDE2NjVhNTk0M2ZkZDdmZDg0NjdjM2VlMzIzNWQ1MWRlMDFjOTc5ZjRjZjg4YTc2NTI4M3wyMzc0MTkxfDR8NDEuMjQ5LjkxLjc0fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwL... https://1d5e051bc65.traffic-c.com/?p=4554&media_type=mainstream&pi=04_MS_DP_TrafficCompany_cert&click_id=e5534cbb5f8978f468c5e69a31466217c5799b273aa107acdb8f468bab79f18b&sub_id=7753721&transaction_...	1 KB 1 KB	484ms 169ms	Document text/html	94.237.99.118 UPCLOUD
General Check archive.org Show headers Download Go to Full URL https://1d5e051bc65.traffic-c.com/?p=4554&media_type=mainstream&pi=04_MS_DP_TrafficCompany_cert&click_id=e5534cbb5f8978f468c5e69a31466217c5799b273aa107acdb8f468bab79f18b&sub_id=7753721&transaction_id=S27576840 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.237.99.118 , Finland, ASN202053 (UPCLOUD, FI), Reverse DNS 94-237-99-118.de-fra1.upcloud.host Software / Resource Hash `9adbf41719787a9cecbe0e84c9d9461ec232a538449b909629e180d7cc60eee3` Request headers Content-Type application/x-www-form-urlencoded Origin https://pssy.xyz Referer https://pssy.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 31 Jan 2023 02:18:42 GMT expires Tue, 31 Jan 2023 02:18:42 GMT last-modified Tue, 31 Jan 2023 02:18:42 GMT pragma no-cache vary Accept-Encoding x-robots-tag noindex, nofollow Redirect headers Access-Control-Allow-Origin * Cache-Control no-cache, must-revalidate, no-transform Connection keep-alive Content-Type text/html; charset=UTF-8 Date Tue, 31 Jan 2023 02:18:42 GMT Expires Tue, 31 Dec 2013 23:59:59 GMT Location https://1d5e051bc65.traffic-c.com/?p=4554&media_type=mainstream&pi=04_MS_DP_TrafficCompany_cert&click_id=e5534cbb5f8978f468c5e69a31466217c5799b273aa107acdb8f468bab79f18b&sub_id=7753721&transaction_id=S27576840 Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	Primary Request index.php Show response gulimedia.offerstrack.net/	23 B 155 B	785ms 292ms	Document application/json	47.241.22.124 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL http://gulimedia.offerstrack.net/index.php?offer_id=564&aff_id=325&aff_sub2=5xrg4kva2erqbzp7dt3sck84g,16667592,5,4554 Protocol HTTP/1.1 Server 47.241.22.124 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `2ca1aaa896da4666f1a09a89083cb1e6898a7473e6b5d79346270e0eabd7b0fa` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Length 23 Content-Type application/json Date Tue, 31 Jan 2023 02:18:43 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pssy.xyz/p/1evxr/direct/t:intlib	1970-01-20 13:38:03	Name: woa1quur7O Value: 6bc15b95c307ce07e1503af00f894d4c94c1f89fa873a566579e5f4a7308da542870000c27fcfeeaa3d499aeac5826d862efc1b5219c524462f8bc5f2bcc95e9
pssy.xyz/p/1evxr/direct/t:intlib	1970-01-20 09:18:51	Name: biscuit_suus99w8 Value: d1e01f5c2668b6a93bbfeb749c940f3d1a65bfde1129ad2c8b45c33c83344fa6
.1d5e051bc65.traffic-c.com/	1970-01-20 09:18:52	Name: rts-trck Value: 1
.traffic-c.com/	1970-01-20 18:54:51	Name: t-uuid Value: 5xrg4kva98louwtwscf408wg4
.traffic-c.com/	1970-01-20 09:18:51	Name: traffic-back Value: ok

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d5e051bc65.traffic-c.com
gulimedia.offerstrack.net
pssy.xyz
23.235.244.225
47.241.22.124
94.237.99.118
2ca1aaa896da4666f1a09a89083cb1e6898a7473e6b5d79346270e0eabd7b0fa
848db7fa3a27599154ec4529cadc141f60c6c5277329a38e7773b8e4234897d4
9adbf41719787a9cecbe0e84c9d9461ec232a538449b909629e180d7cc60eee3

gulimedia.offerstrack.net Open in urlscan Pro 47.241.22.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

67 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

20 kBTransfer

52 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

Indicators

gulimedia.offerstrack.net Open in urlscan Pro
47.241.22.124 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

20 kB
Transfer

52 kB
Size

5
Cookies

3 HTTP transactions
0 data transactions