x.trafficandoffers.com Open in urlscan Pro
168.61.221.57 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.totalpatriot.com/a/1044/click/60447/7920814/38fb4177261e72a460843b1c6370fe03960108d8/033e7a3635d27adf74dc7bf0a2b6...
Effective URL:
http://x.trafficandoffers.com/clk.trk?CID=435150&AFID=477715&ADID=2445996&SID=1265&SID2=1024b2772760ed258826a3095eaff1
Submission: On January 19 via manual (January 19th 2022, 10:07:40 am UTC) from HR — Scanned from DE

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 4 domains to perform 1 HTTP transactions. The main IP is 168.61.221.57, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is x.trafficandoffers.com. The Cisco Umbrella rank of the primary domain is 923702.

This is the only time x.trafficandoffers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	15169 (GOOGLE) (GOOGLE)
1 1	34.253.72.70 34.253.72.70	16509 (AMAZON-02) (AMAZON-02)
2 2	3.248.18.157 3.248.18.157	16509 (AMAZON-02) (AMAZON-02)
1	168.61.221.57 168.61.221.57	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	1

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.totalpatriot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.72.70 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-72-70.eu-west-1.compute.amazonaws.com

go.offerwave.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.18.157 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-18-157.eu-west-1.compute.amazonaws.com

www.reachclear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.61.221.57 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.trafficandoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	reachclear.com 2 redirects www.reachclear.com	2 KB
1	trafficandoffers.com x.trafficandoffers.com — Cisco Umbrella Rank: 923702	479 B
1	offerwave.org 1 redirects go.offerwave.org	2 KB
1	totalpatriot.com 1 redirects links.totalpatriot.com	761 B
1	4

	Domain	Requested by
2	www.reachclear.com	2 redirects
1	x.trafficandoffers.com
1	go.offerwave.org	1 redirects
1	links.totalpatriot.com	1 redirects
1	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://x.trafficandoffers.com/clk.trk?CID=435150&AFID=477715&ADID=2445996&SID=1265&SID2=1024b2772760ed258826a3095eaff1
Frame ID: 2F7884AA83DF1721C55AC99CCF2C1E2D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Error

Page URL History Show full URLs

https://links.totalpatriot.com/a/1044/click/60447/7920814/38fb4177261e72a460843b1c6370fe03960108d8/033e7a36... HTTP 302
https://go.offerwave.org/aff_c?offer_id=312&aff_id=1000&aff_sub=011822tpam&aff_sub3=7920814&file_id=2233 HTTP 302
https://www.reachclear.com/aff_c?offer_id=9440&aff_id=1265&aff_sub=011822tpam&aff_sub5=102b902c90c24022... HTTP 302
https://www.reachclear.com/aff_r?offer_id=9440&aff_id=1265&url=http%3A%2F%2Fx.trafficandoffers.com%2Fcl... HTTP 302
http://x.trafficandoffers.com/clk.trk?CID=435150&AFID=477715&ADID=2445996&SID=1265&SID2=1024b2772760ed2588... Page URL

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.totalpatriot.com/a/1044/click/60447/7920814/38fb4177261e72a460843b1c6370fe03960108d8/033e7a3635d27adf74dc7bf0a2b6415322610778 HTTP 302
https://go.offerwave.org/aff_c?offer_id=312&aff_id=1000&aff_sub=011822tpam&aff_sub3=7920814&file_id=2233 HTTP 302
https://www.reachclear.com/aff_c?offer_id=9440&aff_id=1265&aff_sub=011822tpam&aff_sub5=102b902c90c2402229eff4cb5dd6d3&aff_sub4=&aff_sub3=7920814 HTTP 302
https://www.reachclear.com/aff_r?offer_id=9440&aff_id=1265&url=http%3A%2F%2Fx.trafficandoffers.com%2Fclk.trk%3FCID%3D435150%26AFID%3D477715%26ADID%3D2445996%26SID%3D1265%26SID2%3D1024b2772760ed258826a3095eaff1&urlauth=806855530000949730276346908855 HTTP 302
http://x.trafficandoffers.com/clk.trk?CID=435150&AFID=477715&ADID=2445996&SID=1265&SID2=1024b2772760ed258826a3095eaff1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	403 Invalid Country	Primary Request clk.trk Show response x.trafficandoffers.com/ Redirect Chain https://links.totalpatriot.com/a/1044/click/60447/7920814/38fb4177261e72a460843b1c6370fe03960108d8/033e7a3635d27adf74dc7bf0a2b6415322610778 https://go.offerwave.org/aff_c?offer_id=312&aff_id=1000&aff_sub=011822tpam&aff_sub3=7920814&file_id=2233 https://www.reachclear.com/aff_c?offer_id=9440&aff_id=1265&aff_sub=011822tpam&aff_sub5=102b902c90c2402229eff4cb5dd6d3&aff_sub4=&aff_sub3=7920814 https://www.reachclear.com/aff_r?offer_id=9440&aff_id=1265&url=http%3A%2F%2Fx.trafficandoffers.com%2Fclk.trk%3FCID%3D435150%26AFID%3D477715%26ADID%3D2445996%26SID%3D1265%26SID2%3D1024b2772760ed2588... http://x.trafficandoffers.com/clk.trk?CID=435150&AFID=477715&ADID=2445996&SID=1265&SID2=1024b2772760ed258826a3095eaff1	98 B 479 B	373ms 144ms	Document text/html	168.61.221.57 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://x.trafficandoffers.com/clk.trk?CID=435150&AFID=477715&ADID=2445996&SID=1265&SID2=1024b2772760ed258826a3095eaff1 Protocol HTTP/1.1 Server 168.61.221.57 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / ASP.NET Resource Hash `6079170491e83df4294bd9519e6352e214afb30968f290a681ddb5f3b2078de5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx Date Wed, 19 Jan 2022 10:07:35 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Cache-Control private P3P policyref="/p3p/P3P.x.trafficandoffers.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC" X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Encoding gzip Redirect headers Server nginx Date Wed, 19 Jan 2022 10:07:35 GMT Content-Type text/html; charset=iso-8859-1 Content-Length 318 Connection keep-alive Cache-Control no-cache, no-store, must-revalidate Expires Sat, 26 Jul 1997 05:00:00 GMT Location http://x.trafficandoffers.com/clk.trk?CID=435150&AFID=477715&ADID=2445996&SID=1265&SID2=1024b2772760ed258826a3095eaff1 Pragma no-cache Access-Control-Allow-Origin * X-Request-Id 64949bb3f7b9b3f39f49db2955974b2a Access-Control-Allow-Headers Tune-SDK-Version

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
links.totalpatriot.com/	1970-01-20 00:17:10	Name: _session_id Value: b469b0e3db33f0c6fe7d79b8be071895
go.offerwave.org/	1970-01-20 01:01:05	Name: enc_aff_session_312 Value: ENC03a74baff4ad0178f4ddb62aa0a7f56a0c84b089ccdb4671e9991710e572b28819cfb23e74bda78314acd5d2c797a1b80104c716dced4ccf09428de41b4a364a252a0b27ad875baee3def1a2e23e92a969c77ad58be02ee3277f7d896497f34fcca86639d01ca1e0d067f615d61540aaa9323dd359ddcd293199daf114acf9f8a708397962
go.offerwave.org/	1970-01-21 01:42:02	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ny4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
www.reachclear.com/	1970-01-20 01:01:05	Name: enc_aff_session_9440 Value: ENC03bd1dbc57a183736571382abd152922d727d0b401220796384da23dd6625a68d7428372f76e22dfd8e8f742f1567be6afaab677d43bc3c2737e874e18c6b87bf37fee9f5a3dd94d2f6fabdd91cdc235ea2f7ec30256ac79f24b762169001cb786d0ba83d099ca1fde9e6f082f3be1ca646f744022ab95c967f9d7f3e2d7e61492442a6d758f7c5846da205249fc016162d2725ac02b10b060c53800e67915991708730407
www.reachclear.com/	1970-01-21 01:42:02	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ny4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://x.trafficandoffers.com/clk.trk?CID=435150&AFID=477715&ADID=2445996&SID=1265&SID2=1024b2772760ed258826a3095eaff1 Message: Failed to load resource: the server responded with a status of 403 (Invalid Country)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.offerwave.org
links.totalpatriot.com
www.reachclear.com
x.trafficandoffers.com
168.61.221.57
3.248.18.157
34.253.72.70
35.238.129.105
6079170491e83df4294bd9519e6352e214afb30968f290a681ddb5f3b2078de5

x.trafficandoffers.com Open in urlscan Pro 168.61.221.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

1 Requests

0 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

1 IPs

2 Countries

0 kBTransfer

0 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

x.trafficandoffers.com Open in urlscan Pro
168.61.221.57 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

5
Cookies

1 HTTP transactions
0 data transactions