tracking.affidnwa.com

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 4 HTTP transactions. The main IP is 54.72.199.154, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is tracking.affidnwa.com.

This is the only time tracking.affidnwa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.27.156.221 104.27.156.221	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	104.27.157.221 104.27.157.221	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 3	52.31.20.176 52.31.20.176	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	54.72.199.154 54.72.199.154	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	3

1 104.27.156.221 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

grabify.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.27.157.221 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

grabify.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.20.176 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-20-176.eu-west-1.compute.amazonaws.com

www.gdmclicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gdmconvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.199.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-199-154.eu-west-1.compute.amazonaws.com

tracking.affidnwa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	affidnwa.com 1 redirects tracking.affidnwa.com	2 KB
2	gdmclicks.com 1 redirects www.gdmclicks.com	3 KB
2	grabify.link 2 redirects grabify.link	1 KB
1	gdmconvtrck.com gdmconvtrck.com	1 KB
0	ethereumcodebot.com Failed ethereumcodebot.com Failed
4	5

	Domain	Requested by
2	tracking.affidnwa.com	1 redirects gdmconvtrck.com
2	www.gdmclicks.com	1 redirects
2	grabify.link	2 redirects
1	gdmconvtrck.com	www.gdmclicks.com
0	ethereumcodebot.com Failed
4	5

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Frame: https://ethereumcodebot.com/?TrackingID=830&ClickID=1020bedf580852f748d5cbc4ac6dee&SubCampaignID=2145
Frame ID: 2F7138D98A9C2E301BD702C4C6F1A776
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://grabify.link/4R3L2R HTTP 301
https://grabify.link/4R3L2R HTTP 301
http://www.gdmclicks.com/?a=70578&c=179745 Page URL
http://www.gdmclicks.com/?a=70578&c=179745&oc=72576&sr=t&vt=1545041241012&h=ee946c35b754f45adb77ce388... HTTP 302
http://tracking.affidnwa.com/aff_c?offer_id=458&aff_id=2145&source=70578&aff_click_id=704a35a065fe478fa05... HTTP 302
http://tracking.affidnwa.com/aff_r?offer_id=458&aff_id=2145&url=http%3A%2F%2Fethereumcodebot.com%3FTracki... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

0 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

3 kB
Transfer

3 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://grabify.link/4R3L2R HTTP 301
https://grabify.link/4R3L2R HTTP 301
http://www.gdmclicks.com/?a=70578&c=179745 Page URL
http://www.gdmclicks.com/?a=70578&c=179745&oc=72576&sr=t&vt=1545041241012&h=ee946c35b754f45adb77ce38893ca6997ea4b85a&req=http%3A%2F%2Fwww.gdmclicks.com%2F%3Fa%3D70578%26c%3D179745&us=e5dde4c6c0e1453d8b4bb4c9278a0edc HTTP 302
http://tracking.affidnwa.com/aff_c?offer_id=458&aff_id=2145&source=70578&aff_click_id=704a35a065fe478fa058fc709a516428e613 HTTP 302
http://tracking.affidnwa.com/aff_r?offer_id=458&aff_id=2145&url=http%3A%2F%2Fethereumcodebot.com%3FTrackingID%3D830%26ClickID%3D1020bedf580852f748d5cbc4ac6dee%26SubCampaignID%3D2145&urlauth=308838044850717754715522869587 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://grabify.link/4R3L2R HTTP 301
https://grabify.link/4R3L2R HTTP 301
http://www.gdmclicks.com/?a=70578&c=179745

Request Chain 2

http://tracking.affidnwa.com/aff_r?offer_id=458&aff_id=2145&redirect_pass=1&url=http%3A%2F%2Fethereumcodebot.com%3FTrackingID%3D830%26ClickID%3D1020bedf580852f748d5cbc4ac6dee%26SubCampaignID%3D2145&urlauth=308838044850717754715522869587 HTTP 302
http://ethereumcodebot.com/?TrackingID=830&ClickID=1020bedf580852f748d5cbc4ac6dee&SubCampaignID=2145 HTTP 302
https://ethereumcodebot.com/?TrackingID=830&ClickID=1020bedf580852f748d5cbc4ac6dee&SubCampaignID=2145

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response www.gdmclicks.com/ Redirect Chain http://grabify.link/4R3L2R https://grabify.link/4R3L2R http://www.gdmclicks.com/?a=70578&c=179745	2 KB 997 B	139ms 35ms	Document text/html	52.31.20.176 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://www.gdmclicks.com/?a=70578&c=179745 Protocol HTTP/1.1 Server 52.31.20.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-31-20-176.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash `5c42e96cc5d71ebd26d4d8d9ea0eec3449868ab9a35cbb634a75a18ba8b74474` Request headers Host www.gdmclicks.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 17 Dec 2018 10:07:21 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Server nginx Vary Accept-Encoding Cache-Control no-cache, must-revalidate Pragma no-cache Expires Sat, 1 May 2020 12:00:00 GMT Content-Encoding gzip Redirect headers status 301 date Mon, 17 Dec 2018 10:07:20 GMT content-type text/html; charset=UTF-8 cache-control no-cache, private location http://www.gdmclicks.com/?a=70578&c=179745 x-robots-tag noindex, nofollow x-content-type-options nosniff x-abuse abuse@darkn3ss.com x-ratelimit-limit 10 x-ratelimit-remaining 6 set-cookie XSRF-TOKEN=eyJpdiI6ImpOWEpoRmhuQjM0cDRZY1hibXpaQmc9PSIsInZhbHVlIjoiR2VoRGtLMUNCempTbW1SMjdVd2pkejJOM3dTTTJINjI1SFJwWURaUVR3OVZDSGwwczlRYlhNSlk2NG5sNytheCIsIm1hYyI6IjA0YWMxMWJkYjg5NWZjZDU1YzQ5MzJhYWM3NzNmN2FkYWE4ZjFhNjU5MjkyOTVlYjVkZDljOTIxNmFmZjNkNTYifQ%3D%3D; expires=Mon, 17-Dec-2018 12:07:20 GMT; Max-Age=7200; path=/ grabify_ip_logger_session=eyJpdiI6ImhUemxXRFdVNXdBc0dFQ3l2R2xTeGc9PSIsInZhbHVlIjoidzJ4ZWJBbzV4aHpwWnhocFhtRDZ1d0h2R3c5KzNNUTRDclFPQ3lGRFNHeXgxanllUzlxMDdRSlpCWFBFYktNYiIsIm1hYyI6IjRhNzk1NTI5MWZkNWIwNWY1ZGU2NDA5NWMwY2RlODA1ZDk5ZmE0ZmY2NThjMjgzNzY4ODM0MmNiMWYzMWM0MmMifQ%3D%3D; expires=Mon, 17-Dec-2018 12:07:20 GMT; Max-Age=7200; path=/; httponly expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 48a89500cfdd97e6-FRA
GET H/1.1	200 OK	trck gdmconvtrck.com/	1 KB 1 KB	86ms 33ms	Script text/javascript	52.31.20.176 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://gdmconvtrck.com/trck Requested by Host: www.gdmclicks.com URL: http://www.gdmclicks.com/?a=70578&c=179745 Protocol HTTP/1.1 Server 52.31.20.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-31-20-176.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Referer http://www.gdmclicks.com/?a=70578&c=179745 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Mon, 17 Dec 2018 10:07:21 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Content-Type text/javascript;charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-cache, must-revalidate Transfer-Encoding chunked Connection keep-alive Expires Sat, 1 May 2020 12:00:00 GMT
GET H/1.1	200 OK	Primary Request aff_r tracking.affidnwa.com/ Redirect Chain http://www.gdmclicks.com/?a=70578&c=179745&oc=72576&sr=t&vt=1545041241012&h=ee946c35b754f45adb77ce38893ca6997ea4b85a&req=http%3A%2F%2Fwww.gdmclicks.com%2F%3Fa%3D70578%26c%3D179745&us=e5dde4c6c0e145... http://tracking.affidnwa.com/aff_c?offer_id=458&aff_id=2145&source=70578&aff_click_id=704a35a065fe478fa058fc709a516428e613 http://tracking.affidnwa.com/aff_r?offer_id=458&aff_id=2145&url=http%3A%2F%2Fethereumcodebot.com%3FTrackingID%3D830%26ClickID%3D1020bedf580852f748d5cbc4ac6dee%26SubCampaignID%3D2145&urlauth=3088380...	278 B 537 B	35ms 35ms	Document text/html	54.72.199.154 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://tracking.affidnwa.com/aff_r?offer_id=458&aff_id=2145&url=http%3A%2F%2Fethereumcodebot.com%3FTrackingID%3D830%26ClickID%3D1020bedf580852f748d5cbc4ac6dee%26SubCampaignID%3D2145&urlauth=308838044850717754715522869587 Requested by Host: gdmconvtrck.com URL: http://gdmconvtrck.com/trck Protocol HTTP/1.1 Server 54.72.199.154 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-72-199-154.eu-west-1.compute.amazonaws.com Software nginx/1.13.12 / Resource Hash Request headers Host tracking.affidnwa.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://www.gdmclicks.com/?a=70578&c=179745 Accept-Encoding gzip, deflate Cookie enc_aff_session_458=ENC0343a7e51f4658e98f3c0d3a54ff95d205f0f8bcbbd8c54d67adeff003cb0b2dc94ad8b0281bac2ee88d44d49dc0f75aafa16d87c742e2f300012d7f5595b42314d3bd95969627ca22c512b103aad289ac414b689cbbd0302333b0d926eeb9def99fadce84f5d0300035384128b9a205a976a52adec87b300015be5a4d47fd487382864c9d1634f737ad527b7b8de2e97ec73a2b0c47dbe615598d2c16c5b8fb1bfc5585870ee6a5bdec69d9e506dbcd5c74bef21cdf376fb81d36afa09c5d79562432a48a; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI2Ny4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ== Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.gdmclicks.com/?a=70578&c=179745 Response headers Cache-Control no-cache, no-store, must-revalidate Content-Type text/html Date Mon, 17 Dec 2018 10:07:21 GMT Expires Sat, 26 Jul 1997 05:00:00 GMT Pragma no-cache Server nginx/1.13.12 Content-Length 278 Connection keep-alive Redirect headers Cache-Control no-cache, no-store, must-revalidate Content-Type text/html; charset=iso-8859-1 Date Mon, 17 Dec 2018 10:07:21 GMT Expires Sat, 26 Jul 1997 05:00:00 GMT Location /aff_r?offer_id=458&aff_id=2145&url=http%3A%2F%2Fethereumcodebot.com%3FTrackingID%3D830%26ClickID%3D1020bedf580852f748d5cbc4ac6dee%26SubCampaignID%3D2145&urlauth=308838044850717754715522869587 P3P CP="NOI CUR OUR NOR INT" Pragma no-cache Server nginx/1.13.12 Set-Cookie enc_aff_session_458=ENC0343a7e51f4658e98f3c0d3a54ff95d205f0f8bcbbd8c54d67adeff003cb0b2dc94ad8b0281bac2ee88d44d49dc0f75aafa16d87c742e2f300012d7f5595b42314d3bd95969627ca22c512b103aad289ac414b689cbbd0302333b0d926eeb9def99fadce84f5d0300035384128b9a205a976a52adec87b300015be5a4d47fd487382864c9d1634f737ad527b7b8de2e97ec73a2b0c47dbe615598d2c16c5b8fb1bfc5585870ee6a5bdec69d9e506dbcd5c74bef21cdf376fb81d36afa09c5d79562432a48a; expires=Sun, 17 Feb 2019 10:07:21 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI2Ny4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Wed, 10 Nov 2021 20:47:21 GMT; path=/; tracking_id 1020bedf580852f748d5cbc4ac6dee X-Robots-Tag noindex, nofollow Content-Length 388 Connection keep-alive
GET		/ ethereumcodebot.com/ Redirect Chain http://tracking.affidnwa.com/aff_r?offer_id=458&aff_id=2145&redirect_pass=1&url=http%3A%2F%2Fethereumcodebot.com%3FTrackingID%3D830%26ClickID%3D1020bedf580852f748d5cbc4ac6dee%26SubCampaignID%3D2145... http://ethereumcodebot.com/?TrackingID=830&ClickID=1020bedf580852f748d5cbc4ac6dee&SubCampaignID=2145 https://ethereumcodebot.com/?TrackingID=830&ClickID=1020bedf580852f748d5cbc4ac6dee&SubCampaignID=2145	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ethereumcodebot.com
URL: https://ethereumcodebot.com/?TrackingID=830&ClickID=1020bedf580852f748d5cbc4ac6dee&SubCampaignID=2145

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tracking.affidnwa.com/	1970-01-19 22:36:17	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI2Ny4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
			tracking.affidnwa.com/	1970-01-18 22:39:58	Name: enc_aff_session_458 Value: ENC0343a7e51f4658e98f3c0d3a54ff95d205f0f8bcbbd8c54d67adeff003cb0b2dc94ad8b0281bac2ee88d44d49dc0f75aafa16d87c742e2f300012d7f5595b42314d3bd95969627ca22c512b103aad289ac414b689cbbd0302333b0d926eeb9def99fadce84f5d0300035384128b9a205a976a52adec87b300015be5a4d47fd487382864c9d1634f737ad527b7b8de2e97ec73a2b0c47dbe615598d2c16c5b8fb1bfc5585870ee6a5bdec69d9e506dbcd5c74bef21cdf376fb81d36afa09c5d79562432a48a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ethereumcodebot.com
gdmconvtrck.com
grabify.link
tracking.affidnwa.com
www.gdmclicks.com
ethereumcodebot.com
104.27.156.221
104.27.157.221
52.31.20.176
54.72.199.154
5c42e96cc5d71ebd26d4d8d9ea0eec3449868ab9a35cbb634a75a18ba8b74474

tracking.affidnwa.com Open in urlscan Pro 54.72.199.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

0 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

3 IPs

2 Countries

3 kBTransfer

3 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

tracking.affidnwa.com Open in urlscan Pro
54.72.199.154 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

0 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

3 kB
Transfer

3 kB
Size

2
Cookies

4 HTTP transactions
0 data transactions