urlscan.io logo urlscan.io
SecurityTrails logo

trusted-redirect.com Open in urlscan Pro
31.42.185.185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://beta.reliancestaandard.com/
Effective URL: https://trusted-redirect.com/nlp/index.php?uid=371&sub1=9f3dc16oj9lfvvr394&url_bnm_redirect=https://www.sdno6trk.com/2B4SBT3/...
Submission: On January 30 via api from IN — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 9 HTTP transactions. The main IP is 31.42.185.185, located in Kyiv, Ukraine and belongs to YURTEH-AS, UA. The main domain is trusted-redirect.com.
TLS certificate: Issued by R3 on January 20th 2024. Valid for: 3 months.
This is the only time trusted-redirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 81.17.29.149 51852 (PLI-AS)
2 50.17.94.62 14618 (AMAZON-AES)
1 2 15.197.224.234 16509 (AMAZON-02)
1 130.211.29.114 396982 (GOOGLE-CL...)
1 1 173.239.53.32 27257 (WEBAIR-IN...)
1 2 31.42.185.185 30860 (YURTEH-AS)
2 35.241.15.240 15169 (GOOGLE)
9 7
2    81.17.29.149 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)
PTR: hostedby.privatelayer.com
beta.reliancestaandard.com
2    50.17.94.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-94-62.compute-1.amazonaws.com
enlil-syf.com
2    15.197.224.234 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com
trustflayer3.online
1    130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
1    173.239.53.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml-v4.iforcircles-2.online
2    31.42.185.185 (Kyiv, Ukraine)

ASN30860 (YURTEH-AS, UA)
PTR: neattomb.com
trusted-redirect.com
2    35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
Apex Domain
Subdomains		 Transfer
3 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 19101
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9177
89 KB
2 trusted-redirect.com
trusted-redirect.com
1 KB
2 trustflayer3.online
trustflayer3.online
1 KB
2 enlil-syf.com
enlil-syf.com — Cisco Umbrella Rank: 285480
3 KB
2 reliancestaandard.com
beta.reliancestaandard.com
1 KB
1 iforcircles-2.online
xml-v4.iforcircles-2.online
389 B
0 sdno6trk.com Failed
www.sdno6trk.com Failed
9 7
Domain Requested by
2 cas.avalon.perfdrive.com cdn.perfdrive.com
2 trusted-redirect.com 1 redirects trustflayer3.online
2 trustflayer3.online 1 redirects enlil-syf.com
2 enlil-syf.com beta.reliancestaandard.com
enlil-syf.com
2 beta.reliancestaandard.com 1 redirects
1 xml-v4.iforcircles-2.online 1 redirects
1 cdn.perfdrive.com trustflayer3.online
0 www.sdno6trk.com Failed
9 8

This site contains no links.

Subject Issuer Validity Valid
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
trusted-redirect.com
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-07-24 -
2024-08-05		 a year crt.sh

This page contains 1 frames:

Frame: https://www.sdno6trk.com/2B4SBT3/83KB7S/?uid=371&sub1=9f3dc16oj9lfvvr394
Frame ID: B316490DF78C5261C87A00CB1B482325
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://beta.reliancestaandard.com/ Page URL
  2. http://beta.reliancestaandard.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MT... HTTP 302
    http://enlil-syf.com/zclkvisitor/791d68a6-bf0b-11ee-ab8c-1237ec88a4ed/72092e88-2c53-401c-b988-51e... Page URL
  3. http://enlil-syf.com/zclkredirect?visitid=791d68a6-bf0b-11ee-ab8c-1237ec88a4ed&type=js&browserWid... Page URL
  4. http://trustflayer3.online/api/v1/px?xmlid=MRrPNYzXADxiMKK4yW1zg8hfVcjHTjn1G18gy4vl Page URL
  5. http://trustflayer3.online/api/v1/pxcheck?impId=MRrPNYzXADxiMKK4yW1zg8hfVcjHTjn1G18gy4vl&minfo=eyJjb29r... HTTP 302
    http://xml-v4.iforcircles-2.online/click?seat=2419196&i=8FbMGXJSCy0_0 HTTP 302
    https://trusted-redirect.com/click.php?key=fnhw0dqoia4qu555puuh&conversion=XEPfO6RWVDc&bid=0.04&source_su... HTTP 302
    https://trusted-redirect.com/nlp/index.php?uid=371&sub1=9f3dc16oj9lfvvr394&url_bnm_redirect=https://www.s... Page URL

Page Statistics

9
Requests

44 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

95 kB
Transfer

242 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://beta.reliancestaandard.com/ Page URL
  2. http://beta.reliancestaandard.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwNjU4Mzg0OSwiaWF0IjoxNzA2NTc2NjQ5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydW5ma3F0NGs1djFkbnMwcTgwa2xhZTIiLCJuYmYiOjE3MDY1NzY2NDksInRzIjoxNzA2NTc2NjQ5MDUwNDE5fQ.3jWuWChkL2MvG-L8e8MR-W28HUEEnwMgZ6QLTgSQNh8&sid=78fd9169-bf0b-11ee-b7a2-6ed52b0a2d8f HTTP 302
    http://enlil-syf.com/zclkvisitor/791d68a6-bf0b-11ee-ab8c-1237ec88a4ed/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=792c5cc3-bf0b-11ee-ab8c-1237ec88a4ed Page URL
  3. http://enlil-syf.com/zclkredirect?visitid=791d68a6-bf0b-11ee-ab8c-1237ec88a4ed&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&usingEventListener=true Page URL
  4. http://trustflayer3.online/api/v1/px?xmlid=MRrPNYzXADxiMKK4yW1zg8hfVcjHTjn1G18gy4vl Page URL
  5. http://trustflayer3.online/api/v1/pxcheck?impId=MRrPNYzXADxiMKK4yW1zg8hfVcjHTjn1G18gy4vl&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjI0IFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cDovL3RydXN0ZmxheWVyMy5vbmxpbmUvYXBpL3YxL3B4P3htbGlkPU1SclBOWXpYQUR4aU1LSzR5VzF6ZzhoZlZjakhUam4xRzE4Z3k0dmwiLCJkZXZpY2VTcmVlblNpemUiOiIxMjAweDE2MDAiLCJkZXZpY2VXaW5kb3dTaXplIjoiMTIwMHgxNjAwIiwid25kMnNyY1JhdGlvTHdyMDYiOmZhbHNlLCJlZmZlY3RpdmVUeXBlIjoiNGciLCJpc0JvdCI6Im9mZiJ9 HTTP 302
    http://xml-v4.iforcircles-2.online/click?seat=2419196&i=8FbMGXJSCy0_0 HTTP 302
    https://trusted-redirect.com/click.php?key=fnhw0dqoia4qu555puuh&conversion=XEPfO6RWVDc&bid=0.04&source_subid=3574be6837c2545d053cf2edf&banner=5609878&carrier=UPC+Schweiz&IP=31.10.157.254&campaign=956808&query=reliancestaandard%252Creliancestaandard.com%252Creliance%2520standard&state=zh HTTP 302
    https://trusted-redirect.com/nlp/index.php?uid=371&sub1=9f3dc16oj9lfvvr394&url_bnm_redirect=https://www.sdno6trk.com/2B4SBT3/83KB7S/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://beta.reliancestaandard.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwNjU4Mzg0OSwiaWF0IjoxNzA2NTc2NjQ5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydW5ma3F0NGs1djFkbnMwcTgwa2xhZTIiLCJuYmYiOjE3MDY1NzY2NDksInRzIjoxNzA2NTc2NjQ5MDUwNDE5fQ.3jWuWChkL2MvG-L8e8MR-W28HUEEnwMgZ6QLTgSQNh8&sid=78fd9169-bf0b-11ee-b7a2-6ed52b0a2d8f HTTP 302
  • http://enlil-syf.com/zclkvisitor/791d68a6-bf0b-11ee-ab8c-1237ec88a4ed/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=792c5cc3-bf0b-11ee-ab8c-1237ec88a4ed

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
beta.reliancestaandard.com/ 		487 B
940 B 		Document
General
Check archive.org
Download Go to
Full URL
http://beta.reliancestaandard.com/
Protocol
HTTP/1.1
Server
81.17.29.149 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control
max-age=0, private, must-revalidate
connection
close
content-length
487
content-type
text/html; charset=utf-8
date
Tue, 30 Jan 2024 01:04:08 GMT
server
nginx
72092e88-2c53-401c-b988-51ef43ce1034
enlil-syf.com/zclkvisitor/791d68a6-bf0b-11ee-ab8c-1237ec88a4ed/
Redirect Chain
  • http://beta.reliancestaandard.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwNjU4Mzg0OSwiaWF0IjoxNzA2NTc2NjQ5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydW5ma3F0NGs1d...
  • http://enlil-syf.com/zclkvisitor/791d68a6-bf0b-11ee-ab8c-1237ec88a4ed/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=792c5cc3-bf0b-11ee-ab8c-1237ec88a4ed
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://enlil-syf.com/zclkvisitor/791d68a6-bf0b-11ee-ab8c-1237ec88a4ed/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=792c5cc3-bf0b-11ee-ab8c-1237ec88a4ed
Requested by
Host: beta.reliancestaandard.com
URL: http://beta.reliancestaandard.com/
Protocol
HTTP/1.1
Server
50.17.94.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-94-62.compute-1.amazonaws.com
Software
lrCNcCpa /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://beta.reliancestaandard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 30 Jan 2024 01:04:09 GMT
Server
lrCNcCpa
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Tue, 30 Jan 2024 01:04:08 GMT
location
http://enlil-syf.com/zclkvisitor/791d68a6-bf0b-11ee-ab8c-1237ec88a4ed/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=792c5cc3-bf0b-11ee-ab8c-1237ec88a4ed
server
nginx
zclkredirect
enlil-syf.com/ 		348 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://enlil-syf.com/zclkredirect?visitid=791d68a6-bf0b-11ee-ab8c-1237ec88a4ed&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&usingEventListener=true
Requested by
Host: enlil-syf.com
URL: http://enlil-syf.com/zclkvisitor/791d68a6-bf0b-11ee-ab8c-1237ec88a4ed/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=792c5cc3-bf0b-11ee-ab8c-1237ec88a4ed
Protocol
HTTP/1.1
Server
50.17.94.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-94-62.compute-1.amazonaws.com
Software
pekQOWQQ /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://enlil-syf.com/zclkvisitor/791d68a6-bf0b-11ee-ab8c-1237ec88a4ed/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=792c5cc3-bf0b-11ee-ab8c-1237ec88a4ed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 30 Jan 2024 01:04:10 GMT
Server
pekQOWQQ
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
px
trustflayer3.online/api/v1/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://trustflayer3.online/api/v1/px?xmlid=MRrPNYzXADxiMKK4yW1zg8hfVcjHTjn1G18gy4vl
Requested by
Host: enlil-syf.com
URL: http://enlil-syf.com/zclkredirect?visitid=791d68a6-bf0b-11ee-ab8c-1237ec88a4ed&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&usingEventListener=true
Protocol
HTTP/1.1
Server
15.197.224.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab226b763647f1870.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
http://enlil-syf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Jan 2024 01:04:10 GMT
ETag
W/"8ad-jSoIHWWl660YYq8k+D0rPpsk3Io"
Transfer-Encoding
chunked
Vary
Accept-Encoding
stormcaster.js
cdn.perfdrive.com/advanced/ 		237 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by
Host: trustflayer3.online
URL: http://trustflayer3.online/api/v1/px?xmlid=MRrPNYzXADxiMKK4yW1zg8hfVcjHTjn1G18gy4vl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://trustflayer3.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 01:04:10 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 25 Oct 2023 04:28:49 GMT
server
nginx/1.24.0
age
0
etag
W/"65389981-3b2cb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90360
Primary Request index.php
trusted-redirect.com/nlp/
Redirect Chain
  • http://trustflayer3.online/api/v1/pxcheck?impId=MRrPNYzXADxiMKK4yW1zg8hfVcjHTjn1G18gy4vl&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbG...
  • http://xml-v4.iforcircles-2.online/click?seat=2419196&i=8FbMGXJSCy0_0
  • https://trusted-redirect.com/click.php?key=fnhw0dqoia4qu555puuh&conversion=XEPfO6RWVDc&bid=0.04&source_subid=3574be6837c2545d053cf2edf&banner=5609878&carrier=UPC+Schweiz&IP=31.10.157.254&campaign=9...
  • https://trusted-redirect.com/nlp/index.php?uid=371&sub1=9f3dc16oj9lfvvr394&url_bnm_redirect=https://www.sdno6trk.com/2B4SBT3/83KB7S/
117 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trusted-redirect.com/nlp/index.php?uid=371&sub1=9f3dc16oj9lfvvr394&url_bnm_redirect=https://www.sdno6trk.com/2B4SBT3/83KB7S/
Requested by
Host: trustflayer3.online
URL: http://trustflayer3.online/api/v1/px?xmlid=MRrPNYzXADxiMKK4yW1zg8hfVcjHTjn1G18gy4vl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
31.42.185.185 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
neattomb.com
Software
nginx/1.20.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://trustflayer3.online/api/v1/px?xmlid=MRrPNYzXADxiMKK4yW1zg8hfVcjHTjn1G18gy4vl
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Jan 2024 01:04:28 GMT
Server
nginx/1.20.1
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Jan 2024 01:04:27 GMT
Location
https://trusted-redirect.com/nlp/index.php?uid=371&sub1=9f3dc16oj9lfvvr394&url_bnm_redirect=https://www.sdno6trk.com/2B4SBT3/83KB7S/
Server
nginx/1.20.1
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
jsdata
cas.avalon.perfdrive.com/ 		360 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
http://trustflayer3.online/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Tue, 30 Jan 2024 01:04:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		255 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
http://trustflayer3.online/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Tue, 30 Jan 2024 01:04:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
content-type
text/plain; charset=UTF-8
/
www.sdno6trk.com/2B4SBT3/83KB7S/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.sdno6trk.com
URL
https://www.sdno6trk.com/2B4SBT3/83KB7S/?uid=371&sub1=9f3dc16oj9lfvvr394

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Domain/Path Name / Value
.reliancestaandard.com/ Name: sid
Value: 78fd9169-bf0b-11ee-b7a2-6ed52b0a2d8f
.trustflayer3.online/ Name: __ssds
Value: 2
.trustflayer3.online/ Name: __ssuzjsr2
Value: a9be0cd8e
.trustflayer3.online/ Name: __uzmaj2
Value: d772bc69-0b01-492f-aa5b-814b283529f8
.trustflayer3.online/ Name: __uzmbj2
Value: 1706576650
.trustflayer3.online/ Name: __uzmcj2
Value: 808181071554
.trustflayer3.online/ Name: __uzmdj2
Value: 1706576650
.trustflayer3.online/ Name: __uzmlj2
Value: bUNyRx70DOK5dfkirlHDZHAsptmMoPSwjSFkHwNCY1g=
.trustflayer3.online/ Name: __uzmfj2
Value: 7f600037e4b926-618b-448b-b18a-08f58ac70bcc17065766509410-0454c579094d3c6410
trusted-redirect.com/ Name: uclick
Value: 16oj9lfvvr
trusted-redirect.com/ Name: uclickhash
Value: 16oj9lfvvr-16oj9lfvvr-cia0-ciho-1nrn-qdy9i4-qd7v3y-ec2380

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beta.reliancestaandard.com
cas.avalon.perfdrive.com
cdn.perfdrive.com
enlil-syf.com
trusted-redirect.com
trustflayer3.online
www.sdno6trk.com
xml-v4.iforcircles-2.online
www.sdno6trk.com
130.211.29.114
15.197.224.234
173.239.53.32
31.42.185.185
35.241.15.240
50.17.94.62
81.17.29.149