sokrati.g2afse.com Open in urlscan Pro
212.32.250.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trck.displaymailbox.com/wiz/index.php/campaigns/sd566paool85d/track-url/cp07321fypcff/0ab2a9a1d94b2dd978c9205b43e1c05b0b...
Effective URL:
http://sokrati.g2afse.com/disabled.html
Submission: On January 03 via manual (January 3rd 2022, 5:57:38 am UTC) from IN — Scanned from DE

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 1 HTTP transactions. The main IP is 212.32.250.1, located in Amsterdam, Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is sokrati.g2afse.com.

This is the only time sokrati.g2afse.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	173.255.211.204 173.255.211.204	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	35.201.98.21 35.201.98.21	15169 (GOOGLE) (GOOGLE)
1 2	212.32.250.1 212.32.250.1	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	1

1 173.255.211.204 (Fremont, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li221-204.members.linode.com

trck.displaymailbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.98.21 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 21.98.201.35.bc.googleusercontent.com

trk.afttrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.32.250.1 (Amsterdam, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

sokrati.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	g2afse.com 1 redirects sokrati.g2afse.com	444 B
1	afttrk.com 1 redirects trk.afttrk.com	252 B
1	displaymailbox.com 1 redirects trck.displaymailbox.com	652 B
1	3

	Domain	Requested by
2	sokrati.g2afse.com	1 redirects
1	trk.afttrk.com	1 redirects
1	trck.displaymailbox.com	1 redirects
1	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://sokrati.g2afse.com/disabled.html
Frame ID: 344BC549FB7FA7760F806C4A42FB1E98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Disabled

Page URL History Show full URLs

http://trck.displaymailbox.com/wiz/index.php/campaigns/sd566paool85d/track-url/cp07321fypcff/0ab2a9a1d94b2d... HTTP 301
https://trk.afttrk.com/click?campaign_id=562&pub_id=1285&p1=%7byour-transaction/click-id%7d&source=... HTTP 302
https://sokrati.g2afse.com/click?pid=156&offer_id=33&sub1=61d2904d0dca880340614e9f&sub2=1285_{your-sub-... HTTP 302
http://sokrati.g2afse.com/disabled.html Page URL

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trck.displaymailbox.com/wiz/index.php/campaigns/sd566paool85d/track-url/cp07321fypcff/0ab2a9a1d94b2dd978c9205b43e1c05b0bc1a2ae HTTP 301
https://trk.afttrk.com/click?campaign_id=562&pub_id=1285&p1=%7byour-transaction/click-id%7d&source=%7byour-sub-aff-id%7d HTTP 302
https://sokrati.g2afse.com/click?pid=156&offer_id=33&sub1=61d2904d0dca880340614e9f&sub2=1285_{your-sub-aff-id}&path= HTTP 302
http://sokrati.g2afse.com/disabled.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request disabled.html Show response sokrati.g2afse.com/ Redirect Chain http://trck.displaymailbox.com/wiz/index.php/campaigns/sd566paool85d/track-url/cp07321fypcff/0ab2a9a1d94b2dd978c9205b43e1c05b0bc1a2ae https://trk.afttrk.com/click?campaign_id=562&pub_id=1285&p1=%7byour-transaction/click-id%7d&source=%7byour-sub-aff-id%7d https://sokrati.g2afse.com/click?pid=156&offer_id=33&sub1=61d2904d0dca880340614e9f&sub2=1285_{your-sub-aff-id}&path= http://sokrati.g2afse.com/disabled.html	111 B 343 B	23ms 18ms	Document text/html	212.32.250.1 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://sokrati.g2afse.com/disabled.html Protocol HTTP/1.1 Server 212.32.250.1 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `b7413baf6c8d815f06ac626010aa7c4eff83b4f3ab3fa3cfd4c50cb533b5cf08` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx Date Mon, 03 Jan 2022 05:57:34 GMT Content-Type text/html Last-Modified Fri, 12 Jan 2018 11:09:22 GMT Transfer-Encoding chunked Connection keep-alive ETag W/"5a589762-6f" Content-Encoding gzip Redirect headers server nginx date Mon, 03 Jan 2022 05:57:34 GMT content-length 0 location http://sokrati.g2afse.com/disabled.html access-control-allow-origin *

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			trck.displaymailbox.com/	1969-12-31 23:59:59	Name: mwsid Value: 899e3a7f742447ceb410e886d8cdcc4a
			trk.afttrk.com/	1970-01-20 00:03:14	Name: sess_5fe2caee74f4e55dba7a7946 Value: 60ee785ff225cb758d23caf6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sokrati.g2afse.com
trck.displaymailbox.com
trk.afttrk.com
173.255.211.204
212.32.250.1
35.201.98.21
b7413baf6c8d815f06ac626010aa7c4eff83b4f3ab3fa3cfd4c50cb533b5cf08

sokrati.g2afse.com Open in urlscan Pro 212.32.250.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

1 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

1 IPs

2 Countries

0 kBTransfer

0 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

sokrati.g2afse.com Open in urlscan Pro
212.32.250.1 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

2
Cookies

1 HTTP transactions
0 data transactions