safety-sys-r1.biz
Open in
urlscan Pro
161.35.82.21
Public Scan
Submitted URL: http://comericabenefitehr.com/
Effective URL: https://safety-sys-r1.biz/landers/9a9f5b6d64/index.html?src=OJlOKFZT33Qc&t1=10_1908117875&clickid=ccdbe6jgx153z716&t2=348
Submission: On June 14 via api from US — Scanned from US
Effective URL: https://safety-sys-r1.biz/landers/9a9f5b6d64/index.html?src=OJlOKFZT33Qc&t1=10_1908117875&clickid=ccdbe6jgx153z716&t2=348
Submission: On June 14 via api from US — Scanned from US
Summary
This website contacted 5 IPs
in 3 countries
across 7 domains to perform 10 HTTP transactions.
The main IP is 161.35.82.21, located in
Amsterdam, Netherlands and
belongs to DIGITALOCEAN-ASN, US.
The main domain is safety-sys-r1.biz.
TLS certificate: Issued by R3 on May 10th 2024. Valid for: 3 months.
This is the only time safety-sys-r1.biz was scanned on urlscan.io!
TLS certificate: Issued by R3 on May 10th 2024. Valid for: 3 months.
This is the only time safety-sys-r1.biz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 103.224.212.213 103.224.212.213 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 1 4 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 1 4 | 161.35.82.21 161.35.82.21 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a04:4e42:400... 2a04:4e42:400::649 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2a04:4e42::485 2a04:4e42::485 | 54113 (FASTLY) (FASTLY) | |
| 10 | 5 |
1
103.224.212.213
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-213.above.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-213.above.com
| comericabenefitehr.com |
4
103.224.182.206
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
| unitju.com |
4
161.35.82.21
(Amsterdam, Netherlands)
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: paying-adkela.plan-3
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: paying-adkela.plan-3
| cldprtct2go-xbx.xyz | |
| safety-sys-r1.biz |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 4 |
unitju.com
1 redirects
unitju.com |
4 KB |
| 3 |
safety-sys-r1.biz
safety-sys-r1.biz |
134 KB |
| 2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265 |
138 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373 |
7 KB |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 814 |
24 KB |
| 1 |
cldprtct2go-xbx.xyz
1 redirects
cldprtct2go-xbx.xyz |
621 B |
| 1 |
comericabenefitehr.com
1 redirects
comericabenefitehr.com |
2 KB |
| 10 | 7 |
| Domain | Requested by | |
|---|---|---|
| 4 | unitju.com |
1 redirects
unitju.com
|
| 3 | safety-sys-r1.biz |
unitju.com
safety-sys-r1.biz |
| 2 | cdnjs.cloudflare.com |
safety-sys-r1.biz
cdnjs.cloudflare.com |
| 1 | cdn.jsdelivr.net |
safety-sys-r1.biz
|
| 1 | code.jquery.com |
safety-sys-r1.biz
|
| 1 | cldprtct2go-xbx.xyz | 1 redirects |
| 1 | comericabenefitehr.com | 1 redirects |
| 10 | 7 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| hankkunneman.com R3 |
2024-04-15 - 2024-07-14 |
3 months | crt.sh |
| safety-sys-r1.biz R3 |
2024-05-10 - 2024-08-08 |
3 months | crt.sh |
| cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://safety-sys-r1.biz/landers/9a9f5b6d64/index.html?src=OJlOKFZT33Qc&t1=10_1908117875&clickid=ccdbe6jgx153z716&t2=348
Frame ID: CBB15B4E72A47242EA56DC44D3DDB15F
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
TotalAV - Protect Your Digital LifePage URL History Show full URLs
-
http://comericabenefitehr.com/
HTTP 307
https://comericabenefitehr.com/ HTTP 302
http://unitju.com/xr.php?e=OstZdsVcq08zDwMO13afXX49fkg1bUJxWTNKZERZNUt3TUZ3Y1U5bjg3d003M3Z0WFF... HTTP 307
https://unitju.com/xr.php?e=OstZdsVcq08zDwMO13afXX49fkg1bUJxWTNKZERZNUt3TUZ3Y1U5bjg3d003M3Z0WFF... Page URL
-
https://unitju.com/r.php?u=https%3A%2F%2Fcldprtct2go-xbx.xyz%2Fcxzzl4k.php%3Fkey%3Dtwl1qrbrhe0k...
HTTP 302
https://cldprtct2go-xbx.xyz/cxzzl4k.php?key=twl1qrbrhe0kmcu5tyso&sid=202406142132534f8edaebe738baf610&cp... HTTP 302
https://safety-sys-r1.biz/landers/9a9f5b6d64/index.html?src=OJlOKFZT33Qc&t1=10_1908117875&clickid=ccdb... Page URL
Detected technologies
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://comericabenefitehr.com/
HTTP 307
https://comericabenefitehr.com/ HTTP 302
http://unitju.com/xr.php?e=OstZdsVcq08zDwMO13afXX49fkg1bUJxWTNKZERZNUt3TUZ3Y1U5bjg3d003M3Z0WFFHODZkdVB0eW9WVHVHWUpQT1AyNExiT2dTeW9XU1FJNytYUVNNRUZ2Unl4UW9kZmloVm4yWDhiT0lCZkgrZmdyMU81M0VPdVFKR0Y1MGJWais2K1Q1QmVISkpKbGUySVR2TUNRdlh1NmswbkZ5SC9aMy9VcXNGbi83dlRORk5ZMVZjTms5Q1VuQkR4TWFqcFhvdmNGUmFrVDdYS2lhNEdKNUtHTVNONmNXMUNGNlFkd2p4TlhJTm1tbUlLdlJTT1VYYkoxVHRBVkxhU1Z4c05TVHJQbXJJZHVhYTZmZkpJZG5XTk1OeWxNSDRGU1VjRkV2QitqMzgrY3VWUjBMbUxZN3JJYm1jb1RGckhLMG9wREhiZTB2UFQ5RUs4UDlJcTNKUzBpZTEwZCtuTUw4d2U3NWV0QnBycWlWMi94b0JpSGhJcy8wdjB4ZDZOVXlYdHpOOUtXT3JwY2gvTzNpWml1UU1EWEhsblBkRW9yb0VXeVFmQURqK2R3c0w0c1pBeWt1N2dPcHRuRzl4S1l1blAzUGJtUEc3eThPNUc5bUR5aVFRUmZkNFE0MGp0WStadUN0S1ZjRDhCaW0rdXdOaGltMXpNZzZCSWF5UHNvUitBeEdNc01GVlZuOHZKTUhvNVhKWDhxNW9BamV5clhOQmM0eFhqNFk4UmMybFhqK2hRdlZjeDlnZWtQZkp0bUxmZmhaSDJKQ2NPTkxBOFBnK2htQlhYdTNna3RVQ1N6M083ZmlaSjBaMGtGWWs1WGdFVUtpVWg5Q2RIOU9GU2FNeG9HZU9kaVVxbmQ4TFlCOEpkdi9xV1V4VlFyTytPaEtTV1p5T2RId1Bha05aT1Z5azVGRXovckhmSldNR21MVE1IU0o4bU9VVnZ1dWQ2eERjK2JrOTJ3dlZCd0xTVUxjbnVDcWRxUWdLY29ucms0M1FkZDZYZUNnM05nZ1lCUi9GYldFZDNlL0NCTTg0bkFFbkRVNXNYK2ZHSisybWh2N2UxVnVmcnJhSHd1T1pDcjNYb2ZiOUxKbWI4NjdsN0VsSlNibUM5clF4cFZnOWFrZnBjUTBnVTRjRFltTXluVWVCSUp2SXlrUmV4dnVGMGc5Z3Y5UUtMM0xPZkJ6cG5jU0lmbXZCSXlyWWRWTjh3eXpMUFQzU29LL0FvK1VCSXdWU01XVUlrVVpkQT09 HTTP 307
https://unitju.com/xr.php?e=OstZdsVcq08zDwMO13afXX49fkg1bUJxWTNKZERZNUt3TUZ3Y1U5bjg3d003M3Z0WFFHODZkdVB0eW9WVHVHWUpQT1AyNExiT2dTeW9XU1FJNytYUVNNRUZ2Unl4UW9kZmloVm4yWDhiT0lCZkgrZmdyMU81M0VPdVFKR0Y1MGJWais2K1Q1QmVISkpKbGUySVR2TUNRdlh1NmswbkZ5SC9aMy9VcXNGbi83dlRORk5ZMVZjTms5Q1VuQkR4TWFqcFhvdmNGUmFrVDdYS2lhNEdKNUtHTVNONmNXMUNGNlFkd2p4TlhJTm1tbUlLdlJTT1VYYkoxVHRBVkxhU1Z4c05TVHJQbXJJZHVhYTZmZkpJZG5XTk1OeWxNSDRGU1VjRkV2QitqMzgrY3VWUjBMbUxZN3JJYm1jb1RGckhLMG9wREhiZTB2UFQ5RUs4UDlJcTNKUzBpZTEwZCtuTUw4d2U3NWV0QnBycWlWMi94b0JpSGhJcy8wdjB4ZDZOVXlYdHpOOUtXT3JwY2gvTzNpWml1UU1EWEhsblBkRW9yb0VXeVFmQURqK2R3c0w0c1pBeWt1N2dPcHRuRzl4S1l1blAzUGJtUEc3eThPNUc5bUR5aVFRUmZkNFE0MGp0WStadUN0S1ZjRDhCaW0rdXdOaGltMXpNZzZCSWF5UHNvUitBeEdNc01GVlZuOHZKTUhvNVhKWDhxNW9BamV5clhOQmM0eFhqNFk4UmMybFhqK2hRdlZjeDlnZWtQZkp0bUxmZmhaSDJKQ2NPTkxBOFBnK2htQlhYdTNna3RVQ1N6M083ZmlaSjBaMGtGWWs1WGdFVUtpVWg5Q2RIOU9GU2FNeG9HZU9kaVVxbmQ4TFlCOEpkdi9xV1V4VlFyTytPaEtTV1p5T2RId1Bha05aT1Z5azVGRXovckhmSldNR21MVE1IU0o4bU9VVnZ1dWQ2eERjK2JrOTJ3dlZCd0xTVUxjbnVDcWRxUWdLY29ucms0M1FkZDZYZUNnM05nZ1lCUi9GYldFZDNlL0NCTTg0bkFFbkRVNXNYK2ZHSisybWh2N2UxVnVmcnJhSHd1T1pDcjNYb2ZiOUxKbWI4NjdsN0VsSlNibUM5clF4cFZnOWFrZnBjUTBnVTRjRFltTXluVWVCSUp2SXlrUmV4dnVGMGc5Z3Y5UUtMM0xPZkJ6cG5jU0lmbXZCSXlyWWRWTjh3eXpMUFQzU29LL0FvK1VCSXdWU01XVUlrVVpkQT09 Page URL
-
https://unitju.com/r.php?u=https%3A%2F%2Fcldprtct2go-xbx.xyz%2Fcxzzl4k.php%3Fkey%3Dtwl1qrbrhe0kmcu5tyso%26sid%3D202406142132534f8edaebe738baf610%26cpv%3D0.011%26subid%3D1908117875%26kw%3D.us.01.desktop.nonadult.windows.chrome&s=j&enc=FpaFJdPg4pXXniMxgk%2FlyX49fitFYTJ3TDV4MjIwL0N5c1NDYUd0bGtyMFlKMC9JSEdoMzczMTlwVW05R2tKOU9HQjJ1OUxRVkM1K256Yy90enkyNzN6YjZmbEU5Y09nSTVOZzFLcGVDR3FNOVhMcVFOeExRR2hBRDlMZ3NlUy9UNVUrS1pLdk1XSFpMRDFya1poTFBIT1JZNFlta0pDUms2ei9XVURHaGRwYTNlNW5KNFJRT3A4TEdSUUc0R1JwblRXM1B4U21aVDFXeXE1UEpwUTRtcU1MSzU0amRvMWs5ZlZkb0s5eVVVaHpLRUxVMDJ3RGs0UmhEOEJzQXhJeGI3S1dMSm1QbmpBbmQrMk1GLytEbDdIU1IwMkVud0RPYmFlVThrcGxSQklMUTlqaUpCaXp3TU9xdU0veFpzeExhbmZoRXhYcDdaTlJ2VkN1dERtWUdNbDNqK2xWU2htREd3Zkh3MjVjQnFzbWQxRlBFNmZXZ0hQM1FLcEdTWnlTSUdRZVIxcTRuMTRSdWVuM2cwcVV0VVpyTDVQUEdNNmxIQWM2eExhK3pZVzBkdDJDeTNSSUVnb0lvcngrQUMyVGlsdUtyeVFkbWxxUXAxczNndU8veFg5Q0NkSTd2S3BiWDdFVVluZHp0c1V4Tm9aZ25UTFVZQ3A1NDg1Wi9ZMlZJSndpYlNKd3Y5U1lvV0ZzZVoyaXBuNXZ3SGhtdkxueU5kL0FGZC9JWkp4NDZNWmUxQ0Zmd0p0WGNWYVozNVllOWQ2QmRCU05lendXZ2JHTkdRRlVOWEp1TXpkVGcvY1NEMWI5K2NRbGpoL21YcXdaa1JsNHFEMHVxNS9oYWlONUR1b29wTTBNRmRMRDd5T3Z6WHNHMzRmVFFYZW01U2tucXFmTEJhWDVobXpXSk1udVp6eE4vTXdIVzdXTzdQRldBQlZNdnJsZm1rMFljRG1EWS85L1V2cHp0K2NoU1hWQi81YnB0QTNRbnZWQisxKzVCMEZ3b1hDZkYybFhmSkdhd2o0YkRTU3RkanBBUTQ0a2dFSGdVajZDOVhBQzN5bUFQTEZGUW1FSkJISG1yelZUUkF6VXgxNHBWc3FqSFVEanV6UzhKYVMrMVY3ODJzODJZQzZZenhjNSt1NEU3TkZHWUZnNDNmZU5GVGNvdmRpT2NrOU9GcG13aXArSnplbllvUUd5WG1PWTFtK1R5TlRmSzNlTkVibTdPMDJKUDZEZjZIaHFHdy9YZk9mYURuMnA2Ymcza3dyekZhSVNUQ0U4RTdLVWxaZHZKWE5KTGRXNlFwa3V5d0VHUzF4UGpmZmpzTktmaEhFSnJYVG5TZkdZblZ4aHZqM1g3ME4wTHIrMSs2VGNDeDFoSGhFK1FkSFBUd1BhN3pXTngra3RNNXlRcW1XTFcwcEEzZnpPUlJ6WFYxZGpTT0x2UVdsSVVFMElUN0d0MlNoRDl4NW5wNVNQY0RubUhHbnZ0WGttdEZ4RnJSYnd1TTNjNmVsRGVYSjh5RkxYNm9LWlhQYlk5dz0%3D&vs=1600:1200&ds=1600:1200&sl=30:30&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=-1
HTTP 302
https://cldprtct2go-xbx.xyz/cxzzl4k.php?key=twl1qrbrhe0kmcu5tyso&sid=202406142132534f8edaebe738baf610&cpv=0.011&subid=1908117875&kw=.us.01.desktop.nonadult.windows.chrome HTTP 302
https://safety-sys-r1.biz/landers/9a9f5b6d64/index.html?src=OJlOKFZT33Qc&t1=10_1908117875&clickid=ccdbe6jgx153z716&t2=348 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://comericabenefitehr.com/ HTTP 307
- https://comericabenefitehr.com/ HTTP 302
- http://unitju.com/xr.php?e=OstZdsVcq08zDwMO13afXX49fkg1bUJxWTNKZERZNUt3TUZ3Y1U5bjg3d003M3Z0WFFHODZkdVB0eW9WVHVHWUpQT1AyNExiT2dTeW9XU1FJNytYUVNNRUZ2Unl4UW9kZmloVm4yWDhiT0lCZkgrZmdyMU81M0VPdVFKR0Y1MGJWais2K1Q1QmVISkpKbGUySVR2TUNRdlh1NmswbkZ5SC9aMy9VcXNGbi83dlRORk5ZMVZjTms5Q1VuQkR4TWFqcFhvdmNGUmFrVDdYS2lhNEdKNUtHTVNONmNXMUNGNlFkd2p4TlhJTm1tbUlLdlJTT1VYYkoxVHRBVkxhU1Z4c05TVHJQbXJJZHVhYTZmZkpJZG5XTk1OeWxNSDRGU1VjRkV2QitqMzgrY3VWUjBMbUxZN3JJYm1jb1RGckhLMG9wREhiZTB2UFQ5RUs4UDlJcTNKUzBpZTEwZCtuTUw4d2U3NWV0QnBycWlWMi94b0JpSGhJcy8wdjB4ZDZOVXlYdHpOOUtXT3JwY2gvTzNpWml1UU1EWEhsblBkRW9yb0VXeVFmQURqK2R3c0w0c1pBeWt1N2dPcHRuRzl4S1l1blAzUGJtUEc3eThPNUc5bUR5aVFRUmZkNFE0MGp0WStadUN0S1ZjRDhCaW0rdXdOaGltMXpNZzZCSWF5UHNvUitBeEdNc01GVlZuOHZKTUhvNVhKWDhxNW9BamV5clhOQmM0eFhqNFk4UmMybFhqK2hRdlZjeDlnZWtQZkp0bUxmZmhaSDJKQ2NPTkxBOFBnK2htQlhYdTNna3RVQ1N6M083ZmlaSjBaMGtGWWs1WGdFVUtpVWg5Q2RIOU9GU2FNeG9HZU9kaVVxbmQ4TFlCOEpkdi9xV1V4VlFyTytPaEtTV1p5T2RId1Bha05aT1Z5azVGRXovckhmSldNR21MVE1IU0o4bU9VVnZ1dWQ2eERjK2JrOTJ3dlZCd0xTVUxjbnVDcWRxUWdLY29ucms0M1FkZDZYZUNnM05nZ1lCUi9GYldFZDNlL0NCTTg0bkFFbkRVNXNYK2ZHSisybWh2N2UxVnVmcnJhSHd1T1pDcjNYb2ZiOUxKbWI4NjdsN0VsSlNibUM5clF4cFZnOWFrZnBjUTBnVTRjRFltTXluVWVCSUp2SXlrUmV4dnVGMGc5Z3Y5UUtMM0xPZkJ6cG5jU0lmbXZCSXlyWWRWTjh3eXpMUFQzU29LL0FvK1VCSXdWU01XVUlrVVpkQT09 HTTP 307
- https://unitju.com/xr.php?e=OstZdsVcq08zDwMO13afXX49fkg1bUJxWTNKZERZNUt3TUZ3Y1U5bjg3d003M3Z0WFFHODZkdVB0eW9WVHVHWUpQT1AyNExiT2dTeW9XU1FJNytYUVNNRUZ2Unl4UW9kZmloVm4yWDhiT0lCZkgrZmdyMU81M0VPdVFKR0Y1MGJWais2K1Q1QmVISkpKbGUySVR2TUNRdlh1NmswbkZ5SC9aMy9VcXNGbi83dlRORk5ZMVZjTms5Q1VuQkR4TWFqcFhvdmNGUmFrVDdYS2lhNEdKNUtHTVNONmNXMUNGNlFkd2p4TlhJTm1tbUlLdlJTT1VYYkoxVHRBVkxhU1Z4c05TVHJQbXJJZHVhYTZmZkpJZG5XTk1OeWxNSDRGU1VjRkV2QitqMzgrY3VWUjBMbUxZN3JJYm1jb1RGckhLMG9wREhiZTB2UFQ5RUs4UDlJcTNKUzBpZTEwZCtuTUw4d2U3NWV0QnBycWlWMi94b0JpSGhJcy8wdjB4ZDZOVXlYdHpOOUtXT3JwY2gvTzNpWml1UU1EWEhsblBkRW9yb0VXeVFmQURqK2R3c0w0c1pBeWt1N2dPcHRuRzl4S1l1blAzUGJtUEc3eThPNUc5bUR5aVFRUmZkNFE0MGp0WStadUN0S1ZjRDhCaW0rdXdOaGltMXpNZzZCSWF5UHNvUitBeEdNc01GVlZuOHZKTUhvNVhKWDhxNW9BamV5clhOQmM0eFhqNFk4UmMybFhqK2hRdlZjeDlnZWtQZkp0bUxmZmhaSDJKQ2NPTkxBOFBnK2htQlhYdTNna3RVQ1N6M083ZmlaSjBaMGtGWWs1WGdFVUtpVWg5Q2RIOU9GU2FNeG9HZU9kaVVxbmQ4TFlCOEpkdi9xV1V4VlFyTytPaEtTV1p5T2RId1Bha05aT1Z5azVGRXovckhmSldNR21MVE1IU0o4bU9VVnZ1dWQ2eERjK2JrOTJ3dlZCd0xTVUxjbnVDcWRxUWdLY29ucms0M1FkZDZYZUNnM05nZ1lCUi9GYldFZDNlL0NCTTg0bkFFbkRVNXNYK2ZHSisybWh2N2UxVnVmcnJhSHd1T1pDcjNYb2ZiOUxKbWI4NjdsN0VsSlNibUM5clF4cFZnOWFrZnBjUTBnVTRjRFltTXluVWVCSUp2SXlrUmV4dnVGMGc5Z3Y5UUtMM0xPZkJ6cG5jU0lmbXZCSXlyWWRWTjh3eXpMUFQzU29LL0FvK1VCSXdWU01XVUlrVVpkQT09
10 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
xr.php
unitju.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jscheck.php
unitju.com/ |
0 150 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.0 |
favicon.ico
unitju.com/ |
94 B 170 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
index.html
safety-sys-r1.biz/landers/9a9f5b6d64/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ |
82 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1.png
safety-sys-r1.biz/landers/9a9f5b6d64/ |
130 KB 130 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.1.slim.min.js
code.jquery.com/ |
71 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ |
122 KB 123 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
safety-sys-r1.biz/ |
0 270 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| $ function| jQuery object| Popper function| showOverlay function| getURLParameter string| fin_link function| urlB64ToUint8Array function| registerSW function| sub function| saveSubscription function| subscribeOnClick4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| comericabenefitehr.com/ | Name: __tad Value: 1718364773.5096755 |
|
| .unitju.com/ | Name: __dsnsid Value: 202406142132534f8edaebe738baf610 |
|
| cldprtct2go-xbx.xyz/ | Name: uclick Value: 6jgx153z |
|
| cldprtct2go-xbx.xyz/ | Name: uclickhash Value: 6jgx153z-6jgx153z-wf6o-0-dui4-twe2-twb7-270824 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
cldprtct2go-xbx.xyz
code.jquery.com
comericabenefitehr.com
safety-sys-r1.biz
unitju.com
103.224.182.206
103.224.212.213
161.35.82.21
2606:4700::6811:190e
2a04:4e42:400::649
2a04:4e42::485
0f7360ce49310e0b64fc4fe9ffe1f6e2675c55e1f6151da34554031968e5d094
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
8feb3f461a10182d56ddc6fbe99db51c0c6dd567abc2f5e0433f1418570a2b1a
9221cfedfc5e03790f46c7890bca21fcc47c5788d89dab0aa0799c492b6ae78a
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
c70409a9b86aa3c8dfb82d87453d14f98ac77a7f9e64afbdedf1c330ed527c20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db