click.trlxcf02.com - urlscan.io

Summary

This website contacted 2 IPs in 3 countries across 4 domains to perform 2 HTTP transactions. The main IP is 2606:4700:3031::6815:1c79, located in United States and belongs to CLOUDFLARENET, US. The main domain is click.trlxcf02.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 21st 2020. Valid for: a year.

This is the only time click.trlxcf02.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	158.101.160.202 158.101.160.202	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	34.91.44.202 34.91.44.202	15169 (GOOGLE) (GOOGLE)
1 1	35.204.14.125 35.204.14.125	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::6815:1c79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2

2 158.101.160.202 (Frankfurt am Main, Germany) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

aymayma.diskstation.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.44.202 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 202.44.91.34.bc.googleusercontent.com

versaliet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.14.125 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 125.14.204.35.bc.googleusercontent.com

plaqexit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:1c79 (United States)

ASN13335 (CLOUDFLARENET, US)

click.trlxcf02.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	diskstation.org 1 redirects aymayma.diskstation.org	566 B
1	trlxcf02.com click.trlxcf02.com	2 KB
1	plaqexit.com 1 redirects plaqexit.com	738 B
1	versaliet.com 1 redirects versaliet.com	286 B
2	4

	Domain	Requested by
2	aymayma.diskstation.org	1 redirects
1	click.trlxcf02.com	aymayma.diskstation.org
1	plaqexit.com	1 redirects
1	versaliet.com	1 redirects
2	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=197023267&c3=1188
Frame ID: 451F12063BDA47B16C23838209D02E9F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://aymayma.diskstation.org/rd/c2539HWkgo2489177hiSB59MQY4420jUfs607 Page URL
http://aymayma.diskstation.org/track/c2539HWkgo2489177hiSB59MQY4420jUfs607 HTTP 302
https://versaliet.com/?a=1188&oc=13108&c=37542&m=3&s1=7&s2=607-2539&s3=2489177-59-4420 HTTP 302
https://plaqexit.com/?a=1188&oc=13108&c=37542&m=3&s1=7&s2=607-2539&s3=2489177-59-4420&ckmguid=a26... HTTP 302
https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=197023267&c3=1188 Page URL

Page Statistics

2
Requests

50 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

3 kB
Transfer

0 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aymayma.diskstation.org/rd/c2539HWkgo2489177hiSB59MQY4420jUfs607 Page URL
http://aymayma.diskstation.org/track/c2539HWkgo2489177hiSB59MQY4420jUfs607 HTTP 302
https://versaliet.com/?a=1188&oc=13108&c=37542&m=3&s1=7&s2=607-2539&s3=2489177-59-4420 HTTP 302
https://plaqexit.com/?a=1188&oc=13108&c=37542&m=3&s1=7&s2=607-2539&s3=2489177-59-4420&ckmguid=a26f9089-6b7f-4b4b-879f-53186521e3e6 HTTP 302
https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=197023267&c3=1188 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	c2539HWkgo2489177hiSB59MQY4420jUfs607 Show response aymayma.diskstation.org/rd/	231 B 348 B	61ms 35ms	Document text/html	158.101.160.202 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL http://aymayma.diskstation.org/rd/c2539HWkgo2489177hiSB59MQY4420jUfs607 Protocol HTTP/1.1 Server 158.101.160.202 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software / Resource Hash `713940c0f79d2d462a7848fde8ddd58d39be328f17d2b342ed5f0118a9e21420` Request headers Host aymayma.diskstation.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type text/html; charset=utf-8 Date Wed, 28 Apr 2021 11:28:45 GMT Content-Length 231
GET H2	400	Primary Request yX3CWb8iyJQi8Bznu2 Show response click.trlxcf02.com/click/ Redirect Chain http://aymayma.diskstation.org/track/c2539HWkgo2489177hiSB59MQY4420jUfs607 https://versaliet.com/?a=1188&oc=13108&c=37542&m=3&s1=7&s2=607-2539&s3=2489177-59-4420 https://plaqexit.com/?a=1188&oc=13108&c=37542&m=3&s1=7&s2=607-2539&s3=2489177-59-4420&ckmguid=a26f9089-6b7f-4b4b-879f-53186521e3e6 https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=197023267&c3=1188	24 B 2 KB	441ms 415ms	Document text/html	2606:4700:3031::6815:1c79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=197023267&c3=1188 Requested by Host: aymayma.diskstation.org URL: http://aymayma.diskstation.org/rd/c2539HWkgo2489177hiSB59MQY4420jUfs607 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:1c79 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e37b6f5753f324cba2796bfa3efdb1b0b0f20d97596abb201e281af57858235f` Request headers :method GET :authority click.trlxcf02.com :scheme https :path /click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=197023267&c3=1188 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer http://aymayma.diskstation.org/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://aymayma.diskstation.org/rd/c2539HWkgo2489177hiSB59MQY4420jUfs607 Response headers date Wed, 28 Apr 2021 11:28:46 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=db0f04ba7d12b42fd091153b86e4f004e1619609326; expires=Fri, 28-May-21 11:28:46 GMT; path=/; domain=.trlxcf02.com; HttpOnly; SameSite=Lax AWSALB=j5IKurW8fMkBJ9zxGD4fgDHSKDTsdHOIv+5hoL2iQgKb73ZswDvNGEz2v8asmdI2LA3gM+FGo7KjNjCARNTxiYRgEPlEvOFhfKqAfFVA5iLDZ3DBUJWZi9IUaqEO; Expires=Wed, 05 May 2021 11:28:46 GMT; Path=/ AWSALBCORS=j5IKurW8fMkBJ9zxGD4fgDHSKDTsdHOIv+5hoL2iQgKb73ZswDvNGEz2v8asmdI2LA3gM+FGo7KjNjCARNTxiYRgEPlEvOFhfKqAfFVA5iLDZ3DBUJWZi9IUaqEO; Expires=Wed, 05 May 2021 11:28:46 GMT; Path=/; SameSite=None XSRF-TOKEN=eyJpdiI6InRlNDZMWlhCaFZkeFI4QThxS2FnbFE9PSIsInZhbHVlIjoicTNuYXN3UDhQQ3g4a2VPUGlcL0o4RDJBSWZKZzNnWEVcLzg4b282aWE4djFmU244c2YxZ0t5TjB1bU92ZUlha21NVEVVcWpaUFR5YTR3dWxhcHdobFNidz09IiwibWFjIjoiNmUxYWFmZjllMjI4YzU5YTBhZmU2NGQ1NmIyNjkzMWVlODIzNGVjNjc4NWM5MGI4OTk5OTg2MjI3ZDk0MTY5MSJ9; expires=Wed, 28-Apr-2021 13:28:46 GMT; Max-Age=7200; path=/ session=eyJpdiI6ImI1Ym1iQklyZmZSemtaVjVyeXl4MFE9PSIsInZhbHVlIjoiRUt2Uk9QaHN1V2x3d3NQNkxSMDZicHhOMDg3NHRhYzNSV1YwaWZ2SFNIZ0poRTlvYXZhR1BpbE9BTWoxbVdCVTYxQ1hYM3lsNEVDclM1Q2pyWDFFa0E9PSIsIm1hYyI6ImU0NDBjZTY5NTQ0NjNiNDk2M2MyMzdmNDI2YTM1MTVkMDZmYmIwOWNmN2JkMTZmYjYyM2Q4YTAzYzUyNDAxZTYifQ%3D%3D; expires=Wed, 28-Apr-2021 13:28:46 GMT; Max-Age=7200; path=/; HttpOnly sbsF6Inx5bMB2RH3TniMvus0kKljDRBUmg1nkHgA=eyJpdiI6IlwvV04rSDlZa3QydDJ2OXNrc0dzRWNBPT0iLCJ2YWx1ZSI6ImhaRjU2U29QMzErcFdvNmRBYUVpRERVMzhVQ2pLazhkQWpLaVo3aXJlbjl6S0NDQ2QrSWVqcVBNUDYwb3VuT2tuWVRoUEJwK3dGQTZXc2xLbTgzaXRYTVNYTXZBYmpnN2VwT1NTQmltZUw3Y1BQa3VhVzlMeW1cL1dCRkJva2s0dXpaYXJwZUhuTnNCMGxcL3NMMGtFemc5N0paODJBamJkOTNkeWRqVW5XQlZpK3MrN0I3VG1EYlVhUzB2XC83Rm5yNU1DRnVtckVGRmc5TXZyNmFGRFZ0eFRBQzVKRFpXZ0RNS0xWUEpuMkVXanJaQVRXM0dnb0Yzc2cra3lrenB2VWxMRkhuUXl0TE1vXC9ReTNhXC9yMjd5cjFySTBEZEk0ZmZFWmxcL0ppd2k0R3JJYlFhYjhqQTh1WDh3UnJ3UURcL25XRTFwMUk4STFDYmtxMFhYenZcL3o0Qzh1cTAzdmpCYkY1NmlDY1J5MjZEZ1VYRWV2MERSRjB2NDlVdzlIN0k0ZUFlZWhNR2thME11eFY4ejBsVVBJTGZ1QT09IiwibWFjIjoiYWE5MGZmYTFjMmQ5ZmQ0OGMxYWIzOTRlNmIyOGZhOThiY2VhODMzM2NlODg2NzJkNzAyOGQ5ZjljN2ZmYTFhOSJ9; expires=Wed, 28-Apr-2021 13:28:46 GMT; Max-Age=7200; path=/; HttpOnly cache-control no-cache, private cf-cache-status DYNAMIC cf-request-id 09b9d629ab0000c2f477a83000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1cD1uF1nhjq8AW116PLbwV4r7pn1qMRAvDX3D3MUzPjvfW8ABcpQJVh69uxQiSzcszDDbQRYL%2BSgPJ%2BhuKOWEpPvPB%2FSu1QvawmV0xgvHA54qtW2HvgH5HSP5wFtzeM%3D"}]} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 646ff2ef7ad7c2f4-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers Date Wed, 28 Apr 2021 11:28:45 GMT Content-Type text/html; charset=utf-8 Content-Length 210 Cache-Control private Location https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=197023267&c3=1188 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie st=JrZ4ndoTZQw+ow4rgRmjJ7k24ghXTEgYuvFl413Hg2SGq7lJP5KHfw==; domain=.plaqexit.com; path=/; HttpOnly ti=e+55dtY1ODpmOJxzM1va47k24ghXTEgYuvFl413Hg2SGq7lJP5KHfw==; domain=.plaqexit.com; expires=Tue, 28-Apr-2026 12:28:45 GMT; path=/; HttpOnly c12658=JrZ4ndoTZQzk1rpGxnFFvI7O1OJywrhpSljPgx5qU9C9Qfid3/X4Pw==; domain=.plaqexit.com; expires=Fri, 28-May-2021 11:28:45 GMT; path=/; HttpOnly

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
click.trlxcf02.com/	1970-01-19 17:53:36	Name: session Value: eyJpdiI6ImI1Ym1iQklyZmZSemtaVjVyeXl4MFE9PSIsInZhbHVlIjoiRUt2Uk9QaHN1V2x3d3NQNkxSMDZicHhOMDg3NHRhYzNSV1YwaWZ2SFNIZ0poRTlvYXZhR1BpbE9BTWoxbVdCVTYxQ1hYM3lsNEVDclM1Q2pyWDFFa0E9PSIsIm1hYyI6ImU0NDBjZTY5NTQ0NjNiNDk2M2MyMzdmNDI2YTM1MTVkMDZmYmIwOWNmN2JkMTZmYjYyM2Q4YTAzYzUyNDAxZTYifQ%3D%3D
click.trlxcf02.com/	1970-01-19 17:53:36	Name: XSRF-TOKEN Value: eyJpdiI6InRlNDZMWlhCaFZkeFI4QThxS2FnbFE9PSIsInZhbHVlIjoicTNuYXN3UDhQQ3g4a2VPUGlcL0o4RDJBSWZKZzNnWEVcLzg4b282aWE4djFmU244c2YxZ0t5TjB1bU92ZUlha21NVEVVcWpaUFR5YTR3dWxhcHdobFNidz09IiwibWFjIjoiNmUxYWFmZjllMjI4YzU5YTBhZmU2NGQ1NmIyNjkzMWVlODIzNGVjNjc4NWM5MGI4OTk5OTg2MjI3ZDk0MTY5MSJ9
click.trlxcf02.com/	1970-01-19 17:53:36	Name: sbsF6Inx5bMB2RH3TniMvus0kKljDRBUmg1nkHgA Value: eyJpdiI6IlwvV04rSDlZa3QydDJ2OXNrc0dzRWNBPT0iLCJ2YWx1ZSI6ImhaRjU2U29QMzErcFdvNmRBYUVpRERVMzhVQ2pLazhkQWpLaVo3aXJlbjl6S0NDQ2QrSWVqcVBNUDYwb3VuT2tuWVRoUEJwK3dGQTZXc2xLbTgzaXRYTVNYTXZBYmpnN2VwT1NTQmltZUw3Y1BQa3VhVzlMeW1cL1dCRkJva2s0dXpaYXJwZUhuTnNCMGxcL3NMMGtFemc5N0paODJBamJkOTNkeWRqVW5XQlZpK3MrN0I3VG1EYlVhUzB2XC83Rm5yNU1DRnVtckVGRmc5TXZyNmFGRFZ0eFRBQzVKRFpXZ0RNS0xWUEpuMkVXanJaQVRXM0dnb0Yzc2cra3lrenB2VWxMRkhuUXl0TE1vXC9ReTNhXC9yMjd5cjFySTBEZEk0ZmZFWmxcL0ppd2k0R3JJYlFhYjhqQTh1WDh3UnJ3UURcL25XRTFwMUk4STFDYmtxMFhYenZcL3o0Qzh1cTAzdmpCYkY1NmlDY1J5MjZEZ1VYRWV2MERSRjB2NDlVdzlIN0k0ZUFlZWhNR2thME11eFY4ejBsVVBJTGZ1QT09IiwibWFjIjoiYWE5MGZmYTFjMmQ5ZmQ0OGMxYWIzOTRlNmIyOGZhOThiY2VhODMzM2NlODg2NzJkNzAyOGQ5ZjljN2ZmYTFhOSJ9
click.trlxcf02.com/	1970-01-19 18:03:34	Name: AWSALB Value: j5IKurW8fMkBJ9zxGD4fgDHSKDTsdHOIv+5hoL2iQgKb73ZswDvNGEz2v8asmdI2LA3gM+FGo7KjNjCARNTxiYRgEPlEvOFhfKqAfFVA5iLDZ3DBUJWZi9IUaqEO
.trlxcf02.com/	1970-01-19 18:36:41	Name: __cfduid Value: db0f04ba7d12b42fd091153b86e4f004e1619609326

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aymayma.diskstation.org
click.trlxcf02.com
plaqexit.com
versaliet.com
158.101.160.202
2606:4700:3031::6815:1c79
34.91.44.202
35.204.14.125
713940c0f79d2d462a7848fde8ddd58d39be328f17d2b342ed5f0118a9e21420
e37b6f5753f324cba2796bfa3efdb1b0b0f20d97596abb201e281af57858235f

click.trlxcf02.com Open in urlscan Pro 2606:4700:3031::6815:1c79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

50 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

2 IPs

3 Countries

3 kBTransfer

0 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

5 Cookies

Indicators

click.trlxcf02.com Open in urlscan Pro
2606:4700:3031::6815:1c79 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

3 kB
Transfer

0 kB
Size

5
Cookies

2 HTTP transactions
0 data transactions