Script http-affiliate-id

Script types:
Categories: safe, discovery

Script Summary

Grabs affiliate network IDs (e.g. Google AdSense or Analytics, Amazon Associates, etc.) from a web page. These can be used to identify pages with the same owner.

If there is more than one target using an ID, the postrule of this script shows the ID along with a list of the targets using it.

Supported IDs:

  • Google Analytics
  • Google AdSense
  • Amazon Associates

Script Arguments


The path to request. Defaults to /.


See the documentation for the slaxml library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library., http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent

See the documentation for the http library.

Example Usage

nmap --script=http-affiliate-id.nse --script-args http-affiliate-id.url-path=/website <target>

Script Output

80/tcp open  http
| http-affiliate-id:
|   Amazon Associates ID: XXXX-XX
|   Google Adsense ID: pub-YYYY
|_  Google Analytics ID: UA-ZZZZ-ZZ
Post-scan script results:
| http-affiliate-id: Possible related sites
| Google Analytics ID: UA-2460010-99 used by:
| Google Adsense ID: pub-0766144451700556 used by:



  • Hani Benhabiles
  • Daniel Miller
  • Patrick Donnelly

License: Same as Nmap--See