r.redirekted.com Open in urlscan Pro
66.165.243.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://skype.com.ua/
Effective URL:
https://r.redirekted.com/redirect?redirect_id=3ac2cdd0338c3273cee6c3ca108f3aec&request_id=572ed7ec719bfb3f15547ff9d68cca34
Submission: On July 03 via api (July 3rd 2022, 2:48:05 am UTC) from GB — Scanned from GB

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 9 HTTP transactions. The main IP is 66.165.243.160, located in and belongs to . The main domain is r.redirekted.com.
TLS certificate: Issued by R3 on June 23rd 2022. Valid for: 3 months.

This is the only time r.redirekted.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	5.161.53.17 5.161.53.17	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
2 2	52.7.173.249 52.7.173.249	14618 (AMAZON-AES) (AMAZON-AES)
1 3	103.224.182.241 103.224.182.241	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 2	103.224.212.246 103.224.212.246	() ()
4	66.165.243.160 66.165.243.160	() ()
9	5

1 5.161.53.17 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.17.53.161.5.clients.your-server.de

skype.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.173.249 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-173-249.compute-1.amazonaws.com

trwsr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nkpts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.224.182.241 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-241.above.com

booots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.224.212.246 (None, ) 1 redirects

ASN- ()

0redird.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.165.243.160 (None, )

ASN- ()

r.redirekted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	redirekted.com r.redirekted.com	11 KB
3	booots.com 1 redirects booots.com	8 KB
2	0redird.com 1 redirects 0redird.com	2 KB
1	nkpts.com 1 redirects nkpts.com	274 B
1	trwsr.com 1 redirects trwsr.com	282 B
1	skype.com.ua skype.com.ua — Cisco Umbrella Rank: 95451	945 B
0	google-analytics.com Failed www.google-analytics.com Failed
9	7

	Domain	Requested by
4	r.redirekted.com	0redird.com r.redirekted.com
3	booots.com	1 redirects booots.com
2	0redird.com	1 redirects booots.com
1	nkpts.com	1 redirects
1	trwsr.com	1 redirects
1	skype.com.ua
0	www.google-analytics.com Failed	r.redirekted.com
9	7

This site contains no links.

Subject Issuer	Validity	Valid
booots.com R3	`2022-05-27` - `2022-08-25`	3 months	crt.sh
redirekted.com R3	`2022-06-23` - `2022-09-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://r.redirekted.com/redirect?redirect_id=3ac2cdd0338c3273cee6c3ca108f3aec&request_id=572ed7ec719bfb3f15547ff9d68cca34
Frame ID: 6235F2643A0CEC457B5700E98537C97F
Requests: 7 HTTP requests in this frame

Frame: https://r.redirekted.com/go?e=04mWWSFWzVTs-pPC9S2W703F0EzX-fvB8SzXW1KWz8IsugvC-uvVu5aq9gwXyj3K59Gr8RFW9ywXYy3BeLaVVk3F8AzXYkaF9gHs7fPXzRzXY13BdHPqV5aqdfxXbplB59Gr-RPX58IA3OKM7c0MVEwCajwZcxUC75GsUAQWa5mZ78IF-AaVx1KW48ysmkKF55GsQSPXxO2Z2uxCm8GssEmBsyHslgFEeZ3WYImq4uzXbHaB8gRrY53p8bRs-x3BdfRrtcFWe4Gs7NKLetPrtk3Ba4mX-ZlB9IvX-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Frame ID: 1470834B3EBC7327200DB3848C8A6394
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://skype.com.ua/ Page URL
http://trwsr.com/ HTTP 302
http://nkpts.com/ugb4iv7u HTTP 302
http://booots.com/ HTTP 302
https://booots.com/ Page URL
http://0redird.com/jr.php?gz=9cr77Iicr%2BUMpstXCHNSrX49fmhUZHdlQS8xSjR3c1dvL0tyanlZU1J1aDZjczZ5... HTTP 302
http://0redird.com/jr.php?gz=9cr77Iicr%2BUMpstXCHNSrX49fmhUZHdlQS8xSjR3c1dvL0tyanlZU1J1aDZjczZ5... Page URL
https://r.redirekted.com/redirect?redirect_id=3ac2cdd0338c3273cee6c3ca108f3aec&request_id=572ed7ec719... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

9
Requests

67 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

20 kB
Transfer

27 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://skype.com.ua/ Page URL
http://trwsr.com/ HTTP 302
http://nkpts.com/ugb4iv7u HTTP 302
http://booots.com/ HTTP 302
https://booots.com/ Page URL
http://0redird.com/jr.php?gz=9cr77Iicr%2BUMpstXCHNSrX49fmhUZHdlQS8xSjR3c1dvL0tyanlZU1J1aDZjczZ5ek5UQ0FHQ1A4V1M1Ui92bnJPOGxQME9QeElzK1lYVU9QbzFVS0JTdE9EeUo4UGtweityeFlteDFaQmNpRkMrekthY2xNWGdHUHViNjJvQ3NlZUtvVldSaFREZUZESW9nRWxpWFdleHdYUENZemY2UzF6LzNiMHZrcDBpTGVmeHArREpxbytxenZ3MkNvdXVuWUJjUDNaMkdtdXBtWmREcmcydU9JT24rNDQ0Wlltcm14Rm50NytmTVBUdjNlbXE2M2dWWlRhbFVOLy9PZGhjY2YwOUNCcUw1Wmt4dFZlWUJQV09FSlFxYk1vSVpGcFZGVFMyZFRNWEtZNUxubFlYRXFuRzlZU3lLSTFyREhIbE9jRXVEeW4vSVd5WmRLTW5zTkJVUUpMWGNiMkErK1BkZ3ZTbzI0NXp3T1V2eXFPZjRWVWpXOEVvM3QyVjdaeitLTExLeFJlZkFaOEJWZGltS0tOR0dVL1IrNkgrTVRzSTd6NkZtOFQvYmVCMW5IOEJNZjZmNHlaaHFrTGhKQmxLRjVNMVZzbDluVDlyZWxYcTY5NnRLV0UvQk5adVEybExPTWJwRURaTWRDalFVMkRmWHM2Y3ZOaTBRV09ZKzFUdi9Ra3NwaGFWVWtaR281M1k0cUpOVGdhcVlCK25KRGF1Qk9PbVVYdEhNaHVLWnhnQ0Jqd2k2OEJkTEFzOWJrM3hlejE3a0NZZjc1RGRycitjbk81Tk91Nmt4UDZ3K1dLWXNmTDJ0U1ZaZWViRm02aFFrbzhrcHJ3V243TE9RYjBpRUxIVEVKdHJOSGVOdWhuQWxPNmppaE5WK2lvVStPeno2Rkc0TmdGTm9zWmROcU1ucEpXbURHQ3FGTGRwdVpiODhzYmNEMm9vN1lnTWlKeVZxKzBRWXJ1T0kzbjRoYkhnaVhUYkFNRlNQbkdhdFpwaGZzV2RuU3A3NHh6VXV1cTlDbmVwaDRxSGVRSU8wTkRMTkE5WA%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 302
http://0redird.com/jr.php?gz=9cr77Iicr%2BUMpstXCHNSrX49fmhUZHdlQS8xSjR3c1dvL0tyanlZU1J1aDZjczZ5ek5UQ0FHQ1A4V1M1Ui92bnJPOGxQME9QeElzK1lYVU9QbzFVS0JTdE9EeUo4UGtweityeFlteDFaQmNpRkMrekthY2xNWGdHUHViNjJvQ3NlZUtvVldSaFREZUZESW9nRWxpWFdleHdYUENZemY2UzF6LzNiMHZrcDBpTGVmeHArREpxbytxenZ3MkNvdXVuWUJjUDNaMkdtdXBtWmREcmcydU9JT24rNDQ0Wlltcm14Rm50NytmTVBUdjNlbXE2M2dWWlRhbFVOLy9PZGhjY2YwOUNCcUw1Wmt4dFZlWUJQV09FSlFxYk1vSVpGcFZGVFMyZFRNWEtZNUxubFlYRXFuRzlZU3lLSTFyREhIbE9jRXVEeW4vSVd5WmRLTW5zTkJVUUpMWGNiMkErK1BkZ3ZTbzI0NXp3T1V2eXFPZjRWVWpXOEVvM3QyVjdaeitLTExLeFJlZkFaOEJWZGltS0tOR0dVL1IrNkgrTVRzSTd6NkZtOFQvYmVCMW5IOEJNZjZmNHlaaHFrTGhKQmxLRjVNMVZzbDluVDlyZWxYcTY5NnRLV0UvQk5adVEybExPTWJwRURaTWRDalFVMkRmWHM2Y3ZOaTBRV09ZKzFUdi9Ra3NwaGFWVWtaR281M1k0cUpOVGdhcVlCK25KRGF1Qk9PbVVYdEhNaHVLWnhnQ0Jqd2k2OEJkTEFzOWJrM3hlejE3a0NZZjc1RGRycitjbk81Tk91Nmt4UDZ3K1dLWXNmTDJ0U1ZaZWViRm02aFFrbzhrcHJ3V243TE9RYjBpRUxIVEVKdHJOSGVOdWhuQWxPNmppaE5WK2lvVStPeno2Rkc0TmdGTm9zWmROcU1ucEpXbURHQ3FGTGRwdVpiODhzYmNEMm9vN1lnTWlKeVZxKzBRWXJ1T0kzbjRoYkhnaVhUYkFNRlNQbkdhdFpwaGZzV2RuU3A3NHh6VXV1cTlDbmVwaDRxSGVRSU8wTkRMTkE5WA%3D%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1656816483.5283779 Page URL
https://r.redirekted.com/redirect?redirect_id=3ac2cdd0338c3273cee6c3ca108f3aec&request_id=572ed7ec719bfb3f15547ff9d68cca34 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://trwsr.com/ HTTP 302
http://nkpts.com/ugb4iv7u HTTP 302
http://booots.com/ HTTP 302
https://booots.com/

Request Chain 3

http://0redird.com/jr.php?gz=9cr77Iicr%2BUMpstXCHNSrX49fmhUZHdlQS8xSjR3c1dvL0tyanlZU1J1aDZjczZ5ek5UQ0FHQ1A4V1M1Ui92bnJPOGxQME9QeElzK1lYVU9QbzFVS0JTdE9EeUo4UGtweityeFlteDFaQmNpRkMrekthY2xNWGdHUHViNjJvQ3NlZUtvVldSaFREZUZESW9nRWxpWFdleHdYUENZemY2UzF6LzNiMHZrcDBpTGVmeHArREpxbytxenZ3MkNvdXVuWUJjUDNaMkdtdXBtWmREcmcydU9JT24rNDQ0Wlltcm14Rm50NytmTVBUdjNlbXE2M2dWWlRhbFVOLy9PZGhjY2YwOUNCcUw1Wmt4dFZlWUJQV09FSlFxYk1vSVpGcFZGVFMyZFRNWEtZNUxubFlYRXFuRzlZU3lLSTFyREhIbE9jRXVEeW4vSVd5WmRLTW5zTkJVUUpMWGNiMkErK1BkZ3ZTbzI0NXp3T1V2eXFPZjRWVWpXOEVvM3QyVjdaeitLTExLeFJlZkFaOEJWZGltS0tOR0dVL1IrNkgrTVRzSTd6NkZtOFQvYmVCMW5IOEJNZjZmNHlaaHFrTGhKQmxLRjVNMVZzbDluVDlyZWxYcTY5NnRLV0UvQk5adVEybExPTWJwRURaTWRDalFVMkRmWHM2Y3ZOaTBRV09ZKzFUdi9Ra3NwaGFWVWtaR281M1k0cUpOVGdhcVlCK25KRGF1Qk9PbVVYdEhNaHVLWnhnQ0Jqd2k2OEJkTEFzOWJrM3hlejE3a0NZZjc1RGRycitjbk81Tk91Nmt4UDZ3K1dLWXNmTDJ0U1ZaZWViRm02aFFrbzhrcHJ3V243TE9RYjBpRUxIVEVKdHJOSGVOdWhuQWxPNmppaE5WK2lvVStPeno2Rkc0TmdGTm9zWmROcU1ucEpXbURHQ3FGTGRwdVpiODhzYmNEMm9vN1lnTWlKeVZxKzBRWXJ1T0kzbjRoYkhnaVhUYkFNRlNQbkdhdFpwaGZzV2RuU3A3NHh6VXV1cTlDbmVwaDRxSGVRSU8wTkRMTkE5WA%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 302
http://0redird.com/jr.php?gz=9cr77Iicr%2BUMpstXCHNSrX49fmhUZHdlQS8xSjR3c1dvL0tyanlZU1J1aDZjczZ5ek5UQ0FHQ1A4V1M1Ui92bnJPOGxQME9QeElzK1lYVU9QbzFVS0JTdE9EeUo4UGtweityeFlteDFaQmNpRkMrekthY2xNWGdHUHViNjJvQ3NlZUtvVldSaFREZUZESW9nRWxpWFdleHdYUENZemY2UzF6LzNiMHZrcDBpTGVmeHArREpxbytxenZ3MkNvdXVuWUJjUDNaMkdtdXBtWmREcmcydU9JT24rNDQ0Wlltcm14Rm50NytmTVBUdjNlbXE2M2dWWlRhbFVOLy9PZGhjY2YwOUNCcUw1Wmt4dFZlWUJQV09FSlFxYk1vSVpGcFZGVFMyZFRNWEtZNUxubFlYRXFuRzlZU3lLSTFyREhIbE9jRXVEeW4vSVd5WmRLTW5zTkJVUUpMWGNiMkErK1BkZ3ZTbzI0NXp3T1V2eXFPZjRWVWpXOEVvM3QyVjdaeitLTExLeFJlZkFaOEJWZGltS0tOR0dVL1IrNkgrTVRzSTd6NkZtOFQvYmVCMW5IOEJNZjZmNHlaaHFrTGhKQmxLRjVNMVZzbDluVDlyZWxYcTY5NnRLV0UvQk5adVEybExPTWJwRURaTWRDalFVMkRmWHM2Y3ZOaTBRV09ZKzFUdi9Ra3NwaGFWVWtaR281M1k0cUpOVGdhcVlCK25KRGF1Qk9PbVVYdEhNaHVLWnhnQ0Jqd2k2OEJkTEFzOWJrM3hlejE3a0NZZjc1RGRycitjbk81Tk91Nmt4UDZ3K1dLWXNmTDJ0U1ZaZWViRm02aFFrbzhrcHJ3V243TE9RYjBpRUxIVEVKdHJOSGVOdWhuQWxPNmppaE5WK2lvVStPeno2Rkc0TmdGTm9zWmROcU1ucEpXbURHQ3FGTGRwdVpiODhzYmNEMm9vN1lnTWlKeVZxKzBRWXJ1T0kzbjRoYkhnaVhUYkFNRlNQbkdhdFpwaGZzV2RuU3A3NHh6VXV1cTlDbmVwaDRxSGVRSU8wTkRMTkE5WA%3D%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1656816483.5283779

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response skype.com.ua/	182 B 945 B	790ms 146ms	Document text/html	5.161.53.17 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL http://skype.com.ua/ Protocol HTTP/1.1 Server 5.161.53.17 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.17.53.161.5.clients.your-server.de Software nginx / Resource Hash `3cd625b0275047cff4a9e8db11d8945f18513ffa6a1f96ea7f57671c01792952` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate,post-check=0,pre-check=0 Connection keep-alive Content-Length 182 Content-Type text/html; charset=UTF-8 Date Sun, 03 Jul 2022 02:47:59 GMT Expires 0 Last-Modified Sun, 03 Jul 2022 02:47:59 GMT Pragma no-cache Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	/ Show response booots.com/ Redirect Chain http://trwsr.com/ http://nkpts.com/ugb4iv7u http://booots.com/ https://booots.com/	7 KB 3 KB	988ms 426ms	Document text/html	103.224.182.241 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://booots.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.224.182.241 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-182-241.above.com Software Apache/2.4.38 (Debian) / Resource Hash `8f7c64289e8562b29304611c33e29dac748c2a88bfef06c675ede7f0d31a01d1` Request headers Referer http://skype.com.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Connection close Content-Encoding gzip Content-Length 3238 Content-Type text/html; charset=UTF-8 Date Sun, 03 Jul 2022 02:48:01 GMT Server Apache/2.4.38 (Debian) Vary Accept-Encoding Redirect headers Connection close Content-Length 0 Content-Type text/html; charset=UTF-8 Date Sun, 03 Jul 2022 02:48:01 GMT Location https://booots.com/ Server Apache/2.4.38 (Debian)
GET H/1.1	200 OK	swfobject.js Show response booots.com/js/	10 KB 4 KB	544ms 184ms	Script application/javascript	103.224.182.241 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://booots.com/js/swfobject.js Requested by Host: booots.com URL: https://booots.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.224.182.241 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-182-241.above.com Software Apache/2.4.38 (Debian) / Resource Hash `a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed` Request headers accept-language en-GB,en;q=0.9 Referer https://booots.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 03 Jul 2022 02:48:02 GMT Content-Encoding gzip Last-Modified Thu, 17 Feb 2022 03:46:00 GMT Server Apache/2.4.38 (Debian) ETag "27ef-5d82e9ac12e00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 3949
GET H/1.1	200 OK	jr.php 0redird.com/ Redirect Chain http://0redird.com/jr.php?gz=9cr77Iicr%2BUMpstXCHNSrX49fmhUZHdlQS8xSjR3c1dvL0tyanlZU1J1aDZjczZ5ek5UQ0FHQ1A4V1M1Ui92bnJPOGxQME9QeElzK1lYVU9QbzFVS0JTdE9EeUo4UGtweityeFlteDFaQmNpRkMrekthY2xNWGdHUHViNj... http://0redird.com/jr.php?gz=9cr77Iicr%2BUMpstXCHNSrX49fmhUZHdlQS8xSjR3c1dvL0tyanlZU1J1aDZjczZ5ek5UQ0FHQ1A4V1M1Ui92bnJPOGxQME9QeElzK1lYVU9QbzFVS0JTdE9EeUo4UGtweityeFlteDFaQmNpRkMrekthY2xNWGdHUHViNj...	466 B 492 B	371ms 187ms	Document text/html	103.224.212.246
General Check archive.org Show headers Download Go to Full URL http://0redird.com/jr.php?gz=9cr77Iicr%2BUMpstXCHNSrX49fmhUZHdlQS8xSjR3c1dvL0tyanlZU1J1aDZjczZ5ek5UQ0FHQ1A4V1M1Ui92bnJPOGxQME9QeElzK1lYVU9QbzFVS0JTdE9EeUo4UGtweityeFlteDFaQmNpRkMrekthY2xNWGdHUHViNjJvQ3NlZUtvVldSaFREZUZESW9nRWxpWFdleHdYUENZemY2UzF6LzNiMHZrcDBpTGVmeHArREpxbytxenZ3MkNvdXVuWUJjUDNaMkdtdXBtWmREcmcydU9JT24rNDQ0Wlltcm14Rm50NytmTVBUdjNlbXE2M2dWWlRhbFVOLy9PZGhjY2YwOUNCcUw1Wmt4dFZlWUJQV09FSlFxYk1vSVpGcFZGVFMyZFRNWEtZNUxubFlYRXFuRzlZU3lLSTFyREhIbE9jRXVEeW4vSVd5WmRLTW5zTkJVUUpMWGNiMkErK1BkZ3ZTbzI0NXp3T1V2eXFPZjRWVWpXOEVvM3QyVjdaeitLTExLeFJlZkFaOEJWZGltS0tOR0dVL1IrNkgrTVRzSTd6NkZtOFQvYmVCMW5IOEJNZjZmNHlaaHFrTGhKQmxLRjVNMVZzbDluVDlyZWxYcTY5NnRLV0UvQk5adVEybExPTWJwRURaTWRDalFVMkRmWHM2Y3ZOaTBRV09ZKzFUdi9Ra3NwaGFWVWtaR281M1k0cUpOVGdhcVlCK25KRGF1Qk9PbVVYdEhNaHVLWnhnQ0Jqd2k2OEJkTEFzOWJrM3hlejE3a0NZZjc1RGRycitjbk81Tk91Nmt4UDZ3K1dLWXNmTDJ0U1ZaZWViRm02aFFrbzhrcHJ3V243TE9RYjBpRUxIVEVKdHJOSGVOdWhuQWxPNmppaE5WK2lvVStPeno2Rkc0TmdGTm9zWmROcU1ucEpXbURHQ3FGTGRwdVpiODhzYmNEMm9vN1lnTWlKeVZxKzBRWXJ1T0kzbjRoYkhnaVhUYkFNRlNQbkdhdFpwaGZzV2RuU3A3NHh6VXV1cTlDbmVwaDRxSGVRSU8wTkRMTkE5WA%3D%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1656816483.5283779 Requested by Host: booots.com URL: https://booots.com/ Protocol HTTP/1.1 Server 103.224.212.246 -, , ASN (), Reverse DNS Software Apache/2.4.38 (Debian) / Resource Hash Request headers Referer https://booots.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Connection close Content-Encoding gzip Content-Length 263 Content-Type text/html; charset=UTF-8 Date Sun, 03 Jul 2022 02:48:03 GMT Server Apache/2.4.38 (Debian) Vary Accept-Encoding X-JR-Code s Redirect headers Connection close Content-Length 0 Content-Type text/html; charset=UTF-8 Date Sun, 03 Jul 2022 02:48:03 GMT Location jr.php?gz=9cr77Iicr%2BUMpstXCHNSrX49fmhUZHdlQS8xSjR3c1dvL0tyanlZU1J1aDZjczZ5ek5UQ0FHQ1A4V1M1Ui92bnJPOGxQME9QeElzK1lYVU9QbzFVS0JTdE9EeUo4UGtweityeFlteDFaQmNpRkMrekthY2xNWGdHUHViNjJvQ3NlZUtvVldSaFREZUZESW9nRWxpWFdleHdYUENZemY2UzF6LzNiMHZrcDBpTGVmeHArREpxbytxenZ3MkNvdXVuWUJjUDNaMkdtdXBtWmREcmcydU9JT24rNDQ0Wlltcm14Rm50NytmTVBUdjNlbXE2M2dWWlRhbFVOLy9PZGhjY2YwOUNCcUw1Wmt4dFZlWUJQV09FSlFxYk1vSVpGcFZGVFMyZFRNWEtZNUxubFlYRXFuRzlZU3lLSTFyREhIbE9jRXVEeW4vSVd5WmRLTW5zTkJVUUpMWGNiMkErK1BkZ3ZTbzI0NXp3T1V2eXFPZjRWVWpXOEVvM3QyVjdaeitLTExLeFJlZkFaOEJWZGltS0tOR0dVL1IrNkgrTVRzSTd6NkZtOFQvYmVCMW5IOEJNZjZmNHlaaHFrTGhKQmxLRjVNMVZzbDluVDlyZWxYcTY5NnRLV0UvQk5adVEybExPTWJwRURaTWRDalFVMkRmWHM2Y3ZOaTBRV09ZKzFUdi9Ra3NwaGFWVWtaR281M1k0cUpOVGdhcVlCK25KRGF1Qk9PbVVYdEhNaHVLWnhnQ0Jqd2k2OEJkTEFzOWJrM3hlejE3a0NZZjc1RGRycitjbk81Tk91Nmt4UDZ3K1dLWXNmTDJ0U1ZaZWViRm02aFFrbzhrcHJ3V243TE9RYjBpRUxIVEVKdHJOSGVOdWhuQWxPNmppaE5WK2lvVStPeno2Rkc0TmdGTm9zWmROcU1ucEpXbURHQ3FGTGRwdVpiODhzYmNEMm9vN1lnTWlKeVZxKzBRWXJ1T0kzbjRoYkhnaVhUYkFNRlNQbkdhdFpwaGZzV2RuU3A3NHh6VXV1cTlDbmVwaDRxSGVRSU8wTkRMTkE5WA%3D%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1656816483.5283779 Server Apache/2.4.38 (Debian) X-JR-Code cr
GET H/1.1	200 OK	Primary Request redirect Show response r.redirekted.com/	832 B 1 KB	766ms 172ms	Document text/html	66.165.243.160
General Check archive.org Show headers Download Go to Full URL https://r.redirekted.com/redirect?redirect_id=3ac2cdd0338c3273cee6c3ca108f3aec&request_id=572ed7ec719bfb3f15547ff9d68cca34 Requested by Host: 0redird.com URL: http://0redird.com/jr.php?gz=9cr77Iicr%2BUMpstXCHNSrX49fmhUZHdlQS8xSjR3c1dvL0tyanlZU1J1aDZjczZ5ek5UQ0FHQ1A4V1M1Ui92bnJPOGxQME9QeElzK1lYVU9QbzFVS0JTdE9EeUo4UGtweityeFlteDFaQmNpRkMrekthY2xNWGdHUHViNjJvQ3NlZUtvVldSaFREZUZESW9nRWxpWFdleHdYUENZemY2UzF6LzNiMHZrcDBpTGVmeHArREpxbytxenZ3MkNvdXVuWUJjUDNaMkdtdXBtWmREcmcydU9JT24rNDQ0Wlltcm14Rm50NytmTVBUdjNlbXE2M2dWWlRhbFVOLy9PZGhjY2YwOUNCcUw1Wmt4dFZlWUJQV09FSlFxYk1vSVpGcFZGVFMyZFRNWEtZNUxubFlYRXFuRzlZU3lLSTFyREhIbE9jRXVEeW4vSVd5WmRLTW5zTkJVUUpMWGNiMkErK1BkZ3ZTbzI0NXp3T1V2eXFPZjRWVWpXOEVvM3QyVjdaeitLTExLeFJlZkFaOEJWZGltS0tOR0dVL1IrNkgrTVRzSTd6NkZtOFQvYmVCMW5IOEJNZjZmNHlaaHFrTGhKQmxLRjVNMVZzbDluVDlyZWxYcTY5NnRLV0UvQk5adVEybExPTWJwRURaTWRDalFVMkRmWHM2Y3ZOaTBRV09ZKzFUdi9Ra3NwaGFWVWtaR281M1k0cUpOVGdhcVlCK25KRGF1Qk9PbVVYdEhNaHVLWnhnQ0Jqd2k2OEJkTEFzOWJrM3hlejE3a0NZZjc1RGRycitjbk81Tk91Nmt4UDZ3K1dLWXNmTDJ0U1ZaZWViRm02aFFrbzhrcHJ3V243TE9RYjBpRUxIVEVKdHJOSGVOdWhuQWxPNmppaE5WK2lvVStPeno2Rkc0TmdGTm9zWmROcU1ucEpXbURHQ3FGTGRwdVpiODhzYmNEMm9vN1lnTWlKeVZxKzBRWXJ1T0kzbjRoYkhnaVhUYkFNRlNQbkdhdFpwaGZzV2RuU3A3NHh6VXV1cTlDbmVwaDRxSGVRSU8wTkRMTkE5WA%3D%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1656816483.5283779 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.165.243.160 -, , ASN (), Reverse DNS Software nginx/1.21.5 / PHP/8.0.14 Resource Hash `b5e60781ce58a5339fc75e4c47cc51cd542a1868e484ce6919296737e0cc7ca6` Request headers Referer http://0redird.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sun, 03 Jul 2022 02:48:04 GMT Server nginx/1.21.5 Transfer-Encoding chunked X-Powered-By PHP/8.0.14
GET H/1.1	200 OK	adren.css r.redirekted.com/css/	243 B 479 B	173ms 172ms	Stylesheet text/css	66.165.243.160
General Check archive.org Show headers Download Go to Full URL https://r.redirekted.com/css/adren.css?n=1849584831 Requested by Host: r.redirekted.com URL: https://r.redirekted.com/redirect?redirect_id=3ac2cdd0338c3273cee6c3ca108f3aec&request_id=572ed7ec719bfb3f15547ff9d68cca34 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.165.243.160 -, , ASN (), Reverse DNS Software nginx/1.21.5 / Resource Hash `e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777` Request headers accept-language en-GB,en;q=0.9 Referer https://r.redirekted.com/redirect?redirect_id=3ac2cdd0338c3273cee6c3ca108f3aec&request_id=572ed7ec719bfb3f15547ff9d68cca34 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 03 Jul 2022 02:48:04 GMT Last-Modified Sat, 03 Jul 2021 05:46:18 GMT Server nginx/1.21.5 ETag "60dff9aa-f3" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 243
GET H/1.1	200 OK	adren.min.js Show response r.redirekted.com/js/	7 KB 8 KB	363ms 188ms	Script application/javascript	66.165.243.160
General Check archive.org Show headers Download Go to Full URL https://r.redirekted.com/js/adren.min.js?n=1849584831 Requested by Host: r.redirekted.com URL: https://r.redirekted.com/redirect?redirect_id=3ac2cdd0338c3273cee6c3ca108f3aec&request_id=572ed7ec719bfb3f15547ff9d68cca34 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.165.243.160 -, , ASN (), Reverse DNS Software nginx/1.21.5 / Resource Hash `55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec` Request headers accept-language en-GB,en;q=0.9 Referer https://r.redirekted.com/redirect?redirect_id=3ac2cdd0338c3273cee6c3ca108f3aec&request_id=572ed7ec719bfb3f15547ff9d68cca34 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 03 Jul 2022 02:48:04 GMT Last-Modified Sat, 03 Jul 2021 05:46:18 GMT Server nginx/1.21.5 ETag "60dff9aa-1d68" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 7528
GET H/1.1	200 OK	go Show response r.redirekted.com/ Frame 1470	1 KB 2 KB	174ms 174ms	Document text/html	66.165.243.160
General Check archive.org Show headers Download Go to Full URL https://r.redirekted.com/go?e=04mWWSFWzVTs-pPC9S2W703F0EzX-fvB8SzXW1KWz8IsugvC-uvVu5aq9gwXyj3K59Gr8RFW9ywXYy3BeLaVVk3F8AzXYkaF9gHs7fPXzRzXY13BdHPqV5aqdfxXbplB59Gr-RPX58IA3OKM7c0MVEwCajwZcxUC75GsUAQWa5mZ78IF-AaVx1KW48ysmkKF55GsQSPXxO2Z2uxCm8GssEmBsyHslgFEeZ3WYImq4uzXbHaB8gRrY53p8bRs-x3BdfRrtcFWe4Gs7NKLetPrtk3Ba4mX-ZlB9IvX-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW Requested by Host: r.redirekted.com URL: https://r.redirekted.com/js/adren.min.js?n=1849584831 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.165.243.160 -, , ASN (), Reverse DNS Software nginx/1.21.5 / PHP/8.0.14 Resource Hash `990fbe430f35c91e4d1d875c5cb38adc77ce4e239b38d18e39b5093bebab56bb` Request headers Referer https://r.redirekted.com/redirect?redirect_id=3ac2cdd0338c3273cee6c3ca108f3aec&request_id=572ed7ec719bfb3f15547ff9d68cca34 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sun, 03 Jul 2022 02:48:05 GMT Server nginx/1.21.5 Transfer-Encoding chunked X-Powered-By PHP/8.0.14
GET		analytics.js www.google-analytics.com/ Frame 1470	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
skype.com.ua/	1970-01-20 04:58:14	Name: _subid Value: 1887j663kn9dd
skype.com.ua/	1970-02-08 08:28:39	Name: 139e1 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNjU2ODE2NDc5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNjU2ODE2NDc5fSxcInRpbWVcIjoxNjU2ODE2NDc5fSJ9.4iy_Ntta08ZFHtKNfKaEqlVpcpUmXtd9xaHbULebrKc
booots.com/	1970-01-23 19:49:36	Name: __tad Value: 1656816481.5828852

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0redird.com
booots.com
nkpts.com
r.redirekted.com
skype.com.ua
trwsr.com
www.google-analytics.com
www.google-analytics.com
103.224.182.241
103.224.212.246
5.161.53.17
52.7.173.249
66.165.243.160
3cd625b0275047cff4a9e8db11d8945f18513ffa6a1f96ea7f57671c01792952
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
8f7c64289e8562b29304611c33e29dac748c2a88bfef06c675ede7f0d31a01d1
990fbe430f35c91e4d1d875c5cb38adc77ce4e239b38d18e39b5093bebab56bb
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
b5e60781ce58a5339fc75e4c47cc51cd542a1868e484ce6919296737e0cc7ca6
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

r.redirekted.com Open in urlscan Pro 66.165.243.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

67 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

5 IPs

2 Countries

20 kBTransfer

27 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

3 Cookies

Indicators

r.redirekted.com Open in urlscan Pro
66.165.243.160 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

67 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

20 kB
Transfer

27 kB
Size

3
Cookies

9 HTTP transactions
0 data transactions