seiwjr.red-work.com Open in urlscan Pro
172.67.144.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cas5-0-urlprotect.trendmicro.com/wis/clicktime/v1/query?url=http%3A%2F%2Fwww.jp-area.com%2Fbeppu%2Frank.cgi%3Fmode%3Dlink%26id%3D...
Effective URL:
https://seiwjr.red-work.com/
Submission Tags: falconsandbox
Submission: On October 03 via api (October 3rd 2024, 8:01:28 am UTC) from US — Scanned from CA

Summary HTTP 3 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 172.67.144.176, located in United States and belongs to CLOUDFLARENET, US. The main domain is seiwjr.red-work.com.
TLS certificate: Issued by WE1 on September 26th 2024. Valid for: 3 months.

This is the only time seiwjr.red-work.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.187.74.250 54.187.74.250	16509 (AMAZON-02) (AMAZON-02)
2 2	112.78.125.83 112.78.125.83	9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.)
3	172.67.144.176 172.67.144.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	1

1 54.187.74.250 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-74-250.us-west-2.compute.amazonaws.com

cas5-0-urlprotect.trendmicro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 112.78.125.83 (Japan) 2 redirects

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: www623b.sakura.ne.jp

www.jp-area.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.144.176 (United States)

ASN13335 (CLOUDFLARENET, US)

seiwjr.red-work.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	red-work.com seiwjr.red-work.com	2 KB
2	jp-area.com 2 redirects www.jp-area.com	272 B
1	trendmicro.com 1 redirects cas5-0-urlprotect.trendmicro.com	248 B
3	3

	Domain	Requested by
3	seiwjr.red-work.com
2	www.jp-area.com	2 redirects
1	cas5-0-urlprotect.trendmicro.com	1 redirects
3	3

This site contains no links.

Subject Issuer	Validity	Valid
red-work.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://seiwjr.red-work.com/
Frame ID: C217BA3FDB76D0C65B29135CA0125EEB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

2 kB
Transfer

1 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response seiwjr.red-work.com/ Redirect Chain https://cas5-0-urlprotect.trendmicro.com/wis/clicktime/v1/query?url=http%3A%2F%2Fwww.jp-area.com%2Fbeppu%2Frank.cgi%3Fmode%3Dlink%26id%3D218%26url%3Dhttps%3A%2F%2FseIWjr.red-work.com&umid=f5bea97c-... http://www.jp-area.com/beppu/rank.cgi?mode=link&id=218&url=https://seIWjr.red-work.com https://www.jp-area.com/beppu/rank.cgi?mode=link&id=218&url=https://seIWjr.red-work.com https://seiwjr.red-work.com/ http://www.jp-area.com/beppu/rank.cgi?mode=link&id=218&url=https://seIWjr.red-work.com https://seiwjr.red-work.com/	0 475 B	703ms 703ms	Document text/html	172.67.144.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seiwjr.red-work.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.144.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8ccb67674afd541f-YYZ content-encoding br content-type text/html; charset=UTF-8 date Thu, 03 Oct 2024 08:01:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktyegn%2Fruph4B%2FZm%2Bux8P2Nu9uQ8euWvtsJ54dcy%2B40HwJWEUOWQ1Qlx0KRm9LtliQOcjfOQpoJ7ZE2clTCP79jm5FWu2FpOUkIGz7h0gPJzM8a%2FdEUrYatdL2aiVzeDNVERNUs2"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" x-turbo-charged-by LiteSpeed Redirect headers Connection keep-alive Content-Length 0 Content-Type text/html Date Thu, 03 Oct 2024 08:01:22 GMT Location https://seIWjr.red-work.com Server nginx
GET H3	200	speculation seiwjr.red-work.com/cdn-cgi/	128 B 542 B	29ms 28ms	Other application/speculationrules+json	172.67.144.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seiwjr.red-work.com/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.144.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://seiwjr.red-work.com Referer https://seiwjr.red-work.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vqGDj3haoMiFDkOGJmpBsE9Ljs9eeWO5JNuqg5%2BBSGKgceaepTgFZhovmkZpOu9giliRvlR%2F%2F9ID62L3AXARsa6VKl9TBrZXqXJlPjGCc1j0zcmufncd4dF5erFa1abtBBggK97l"}],"group":"cf-nel","max_age":604800} cf-ray 8ccb676bbd33541f-YYZ access-control-allow-origin https://seiwjr.red-work.com content-length 128 date Thu, 03 Oct 2024 08:01:23 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	404	favicon.ico seiwjr.red-work.com/	1 KB 1 KB	238ms 237ms	Other text/html	172.67.144.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seiwjr.red-work.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.144.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://seiwjr.red-work.com/ Response headers cache-control private, no-cache, no-store, must-revalidate, max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status BYPASS pragma no-cache speculation-rules "/cdn-cgi/speculation" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rhcthzSCufv7UA%2BT2ilzt9UZmmXXED4MwBB6gUdETRs3jF9uEUMwmsLLK9P%2BPf7ikkndN3NPDdhVsSgdKVSMW1gf7RzP3xRiy9qG62tQ24JnTO7AWaIS1EY64zidnR3hWe0UXeeZ"}],"group":"cf-nel","max_age":604800} cf-ray 8ccb676bed41541f-YYZ date Thu, 03 Oct 2024 08:01:24 GMT x-turbo-charged-by LiteSpeed content-type text/html vary Accept-Encoding server cloudflare

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://seiwjr.red-work.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas5-0-urlprotect.trendmicro.com
seiwjr.red-work.com
www.jp-area.com
112.78.125.83
172.67.144.176
54.187.74.250
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

seiwjr.red-work.com Open in urlscan Pro 172.67.144.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

1 IPs

2 Countries

2 kBTransfer

1 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

seiwjr.red-work.com Open in urlscan Pro
172.67.144.176 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

2 kB
Transfer

1 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions