urlscan.io logo urlscan.io
SecurityTrails logo

boxerlux.us.to Open in urlscan Pro
169.47.130.80  Public Scan

Go To Rescan Add Verdict Report
URL: http://boxerlux.us.to/
Submission: On August 17 via manual from MA — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 6 domains to perform 2 HTTP transactions. The main IP is 169.47.130.80, located in Ashburn, United States and belongs to SOFTLAYER, US. The main domain is boxerlux.us.to.
This is the only time boxerlux.us.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 169.47.130.80 36351 (SOFTLAYER)
1 1 94.158.244.32 39798 (MIVOCLOUD)
1 1 54.164.6.3 14618 (AMAZON-AES)
1 1 52.207.126.104 14618 (AMAZON-AES)
1 1 18.232.203.164 ()
1 2 108.138.128.88 ()
2 2
1    169.47.130.80 (Ashburn, United States)

ASN36351 (SOFTLAYER, US)
PTR: 50.82.2fa9.ip4.static.sl-reverse.com
boxerlux.us.to
1    94.158.244.32 (Bend, United States)

ASN39798 (MIVOCLOUD, MD)
PTR: mail.mivocloud.com
superates.xyz
1    54.164.6.3 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-6-3.compute-1.amazonaws.com
profityxpath.com
1    52.207.126.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-126-104.compute-1.amazonaws.com
mrktrecord12.com
1    18.232.203.164 (None, )

ASN- ()
speedtrkgood.com
2    108.138.128.88 (None, )

ASN- ()
geterieroofing.com
Apex Domain
Subdomains		 Transfer
2 geterieroofing.com
geterieroofing.com
310 B
1 speedtrkgood.com
speedtrkgood.com
872 B
1 mrktrecord12.com
mrktrecord12.com
315 B
1 profityxpath.com
profityxpath.com
855 B
1 superates.xyz
superates.xyz
374 B
1 us.to
boxerlux.us.to
1 KB
2 6
Domain Requested by
2 geterieroofing.com 1 redirects boxerlux.us.to
1 speedtrkgood.com 1 redirects
1 mrktrecord12.com 1 redirects
1 profityxpath.com 1 redirects
1 superates.xyz 1 redirects
1 boxerlux.us.to
2 6

This site contains no links.

Subject Issuer Validity Valid
geterieroofing.com
Amazon RSA 2048 M02		 2022-11-18 -
2023-12-17		 a year crt.sh

This page contains 2 frames:

Primary Page: http://boxerlux.us.to/
Frame ID: CC55336CC5D407B478D74FF370E9977C
Requests: 1 HTTP requests in this frame

Frame: https://geterieroofing.com/savings/?hxc_id=8243&hxc_a1=42660&hxc_a2=2089&hxc_a3=414910187&utm_medium=email&utm_source=DA&utm_content=50off
Frame ID: BAC43695803A4C43ACE70AC45DDF64FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://superates.xyz/cl/0_mt/8/289/691/0/0 HTTP 302
  • https://profityxpath.com/?E=qg%2f3UnzXeeeDMeoMuehJ91%2bujUSx%2bSqx&s1=8&s2=0_0&s3=0_0_289_10829_mt HTTP 302
  • https://mrktrecord12.com/?E=vL%2fb9JidmRZY41EJ%2f533KFVqBx6r8JukDbfaF54T%2fx8%3d&s1=2089&s2=409-7393778&s3=5172036 HTTP 302
  • https://speedtrkgood.com/?E=vL%2fb9JidmRZY41EJ%2f533KFVqBx6r8JukDbfaF54T%2fx8%3d&s1=2089&s2=409-7393778&s3=5172036&ckmguid=18be3c18-ba5d-4980-bf7b-5faf91ae3f8f HTTP 302
  • https://geterieroofing.com/savings?hxc_id=8243&hxc_a1=42660&hxc_a2=2089&hxc_a3=414910187&utm_medium=email&utm_source=DA&utm_content=50off HTTP 302
  • https://geterieroofing.com/savings/?hxc_id=8243&hxc_a1=42660&hxc_a2=2089&hxc_a3=414910187&utm_medium=email&utm_source=DA&utm_content=50off

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
boxerlux.us.to/ 		919 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://boxerlux.us.to/
Protocol
HTTP/1.1
Server
169.47.130.80 Ashburn, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
50.82.2fa9.ip4.static.sl-reverse.com
Software
nginx/1.16.1 /
Resource Hash
ecf66013f4e9ea35a4badd9a29979b844a251b8855387ac79e7c9575d0ac4332

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
public, max-age=15
Connection
keep-alive
Content-Length
919
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 10:46:55 GMT
Server
nginx/1.16.1
X-Abuse
URL redirection provided by freedns.afraid.org - please report any misuse of this service
/
geterieroofing.com/savings/ Frame BAC4
Redirect Chain
  • http://superates.xyz/cl/0_mt/8/289/691/0/0
  • https://profityxpath.com/?E=qg%2f3UnzXeeeDMeoMuehJ91%2bujUSx%2bSqx&s1=8&s2=0_0&s3=0_0_289_10829_mt
  • https://mrktrecord12.com/?E=vL%2fb9JidmRZY41EJ%2f533KFVqBx6r8JukDbfaF54T%2fx8%3d&s1=2089&s2=409-7393778&s3=5172036
  • https://speedtrkgood.com/?E=vL%2fb9JidmRZY41EJ%2f533KFVqBx6r8JukDbfaF54T%2fx8%3d&s1=2089&s2=409-7393778&s3=5172036&ckmguid=18be3c18-ba5d-4980-bf7b-5faf91ae3f8f
  • https://geterieroofing.com/savings?hxc_id=8243&hxc_a1=42660&hxc_a2=2089&hxc_a3=414910187&utm_medium=email&utm_source=DA&utm_content=50off
  • https://geterieroofing.com/savings/?hxc_id=8243&hxc_a1=42660&hxc_a2=2089&hxc_a3=414910187&utm_medium=email&utm_source=DA&utm_content=50off
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://geterieroofing.com/savings/?hxc_id=8243&hxc_a1=42660&hxc_a2=2089&hxc_a3=414910187&utm_medium=email&utm_source=DA&utm_content=50off
Requested by
Host: boxerlux.us.to
URL: http://boxerlux.us.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.88 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://boxerlux.us.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
70507
content-encoding
br
content-type
text/html
date
Wed, 16 Aug 2023 15:11:53 GMT
etag
W/"a87170000844468a635f4b601925ada8"
last-modified
Mon, 14 Aug 2023 15:01:41 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 57eada8217c838cfdc4ec177bbe3523c.cloudfront.net (CloudFront)
x-amz-cf-id
ooKEJ52c33-wa1cqx5QTxJ4k8kphHZYv5Q8saDH1NXaX8S9rtuxIkw==
x-amz-cf-pop
JFK50-P4
x-cache
Hit from cloudfront

Redirect headers

content-length
0
date
Thu, 17 Aug 2023 10:46:59 GMT
location
/savings/?hxc_id=8243&hxc_a1=42660&hxc_a2=2089&hxc_a3=414910187&utm_medium=email&utm_source=DA&utm_content=50off
server
CloudFront
via
1.1 57eada8217c838cfdc4ec177bbe3523c.cloudfront.net (CloudFront)
x-amz-cf-id
iD8EmNm9O7aQPhIXvXLPhxeey2ZtDRVCXYbFqaUMmfv9PzGevhPDsw==
x-amz-cf-pop
JFK50-P4
x-cache
FunctionGeneratedResponse from cloudfront

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1

3 Cookies

Domain/Path Name / Value
.profityxpath.com/ Name: sid
Value: c2vkfydjZpdHfhzP8mc05pdmKQiIDMeQ5DkZ0oleoC5zPCg94hMRwA==
.profityxpath.com/ Name: trk
Value: PLK9Keg2PxtHfhzP8mc05pdmKQiIDMeQ5DkZ0oleoC5zPCg94hMRwA==
.profityxpath.com/ Name: c409
Value: c2vkfydjZpe2VSmZx0+6/wynSIj1EQOdIG1G0lNpNx4=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

boxerlux.us.to
geterieroofing.com
mrktrecord12.com
profityxpath.com
speedtrkgood.com
superates.xyz
108.138.128.88
169.47.130.80
18.232.203.164
52.207.126.104
54.164.6.3
94.158.244.32
ecf66013f4e9ea35a4badd9a29979b844a251b8855387ac79e7c9575d0ac4332