urlscan.io logo urlscan.io
SecurityTrails logo

i.4redi.icu Open in urlscan Pro
18.195.174.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.news.financial-news.biz/c/eJwdUsuupCAU_Jru3RjewqIXnfS9u_kIQBAUURFE_fqxJzlJpc4jqdSp7mWFQODpXwggBDCEgFMKeQMb_iGiJT_w_fmAtn...
Effective URL: http://i.4redi.icu/1e779290-b128-4313-b2a1-d46fd6fc8a28?SID=FIMG&UID=M&EID=EN-AT-02&DPID=AM5&Date=110322&USER=61a23...
Submission Tags: demotag1 demotag2 Search All
Submission: On June 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 1 HTTP transactions. The main IP is 18.195.174.160, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is i.4redi.icu.
This is the only time i.4redi.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.157.170.152 16509 (AMAZON-02)
1 1 5.79.106.181 60781 (LEASEWEB-...)
1 18.195.174.160 16509 (AMAZON-02)
1 1
Apex Domain
Subdomains		 Transfer
1 4redi.icu
i.4redi.icu
425 B
1 twopercenttheory.co
k.twopercenttheory.co
542 B
1 financial-news.biz
email.news.financial-news.biz
635 B
1 3
Domain Requested by
1 i.4redi.icu
1 k.twopercenttheory.co 1 redirects
1 email.news.financial-news.biz 1 redirects
1 3

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://i.4redi.icu/1e779290-b128-4313-b2a1-d46fd6fc8a28?SID=FIMG&UID=M&EID=EN-AT-02&DPID=AM5&Date=110322&USER=61a2308685846300164b2ef2&CT=MM&EXS=%7BEXS%7D&CID=1471208168
Frame ID: B8292141A0DB2EF47D81FCD26BE38C8F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://email.news.financial-news.biz/c/eJwdUsuupCAU_Jru3RjewqIXnfS9u_kIQBAUURFE_fqxJzlJpc4jqdSp7mWFQODpXwggBDCEgF... HTTP 302
    http://k.twopercenttheory.co/?xtl=nbh4iyx2libklqu0pgr9bxn26x9qzm712dl1qkiuoh4tny2tiid8x7lm7r53nni643takgw... HTTP 302
    http://i.4redi.icu/1e779290-b128-4313-b2a1-d46fd6fc8a28?SID=FIMG&UID=M&EID=EN-AT-02&DPID=AM5&Da... Page URL

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.news.financial-news.biz/c/eJwdUsuupCAU_Jru3RjewqIXnfS9u_kIQBAUURFE_fqxJzlJpc4jqdSp7mWFQODpXwggBDCEgFMKeQMb_iGiJT_w_fmAtn3_PgiIpm6N9VFG7WX4858qfz3dyxpgGTMWyU4LQCgmUkuhNWTWUs71c3pRSjBG5BleLuflgd8P9HvX2OQ6LyZpE3N2Zk5no-fvCP8eOTzwJypH_Hmg4NUY1gKWPgl1RMQOsV5TC1EX4Dr6MjuS44my9x0_2jC1ieIYPSM4y7Gvg_tqCzBHeaZKWAo6LFS5dLgd2hqOsGeKqBbyIiOaO7mUYRtDqZ71ux1bbLjgB6Ym7sW21FG-qflc9B762q1ttzpq1bQvaydbepoqpLDMrzgRMqYz96yVSNDWuKtXMjHtaJS-xjlmoPSQTUZUHjTDonP1c-HnWuAwmtRDgS7J0XpZnaDVni9jTgpf7NBJgaHsoyFEn8sQx8guyiJWbfWlQufLQJEtlx0gPBF3O3ogZry7Ta3TRiaDbBLtjmF_ZocnqTEeLPEOdsMgV4K_61tR21zu79xH77_07pTNJN_dlEGJMOCMU04YBgAyotAdgWd6meAvqUx2jYx-jrXc4cl7aaR-5tfRJD4CABq4cd7M6iCmfgG7sXEDKyw2zNQKG2qQkg1UIv8DOoLiHg HTTP 302
    http://k.twopercenttheory.co/?xtl=nbh4iyx2libklqu0pgr9bxn26x9qzm712dl1qkiuoh4tny2tiid8x7lm7r53nni643takgwjh2adcl1tnayrw46rlclp5bhrxhv1fwlxlvt525c9az4k2odapujskluwi6gvfk73e898x35envuf75h58sboypcvlgwdq7dqh5fbmvpqda75yew9a9f6iq3r44krytg67a2957ehzgbar6ch5naiwnont0bcjtet25ax5t1uctwiou8yqu1jkerg192za82qzfcr1fci8pktrb3z6xcrb0juvke44cypjnkn6z56n3b7wiuw1hiuj52fuzfj11y28hv2&eih=wms4me2fr97v31gyth3mac33jf4ih1djjaq432&subsource=AM5&userid=61a2308685846300164b2ef2 HTTP 302
    http://i.4redi.icu/1e779290-b128-4313-b2a1-d46fd6fc8a28?SID=FIMG&UID=M&EID=EN-AT-02&DPID=AM5&Date=110322&USER=61a2308685846300164b2ef2&CT=MM&EXS=%7BEXS%7D&CID=1471208168 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1e779290-b128-4313-b2a1-d46fd6fc8a28
i.4redi.icu/
Redirect Chain
  • http://email.news.financial-news.biz/c/eJwdUsuupCAU_Jru3RjewqIXnfS9u_kIQBAUURFE_fqxJzlJpc4jqdSp7mWFQODpXwggBDCEgFMKeQMb_iGiJT_w_fmAtn3_PgiIpm6N9VFG7WX4858qfz3dyxpgGTMWyU4LQCgmUkuhNWTWUs71c3pRSjBG5B...
  • http://k.twopercenttheory.co/?xtl=nbh4iyx2libklqu0pgr9bxn26x9qzm712dl1qkiuoh4tny2tiid8x7lm7r53nni643takgwjh2adcl1tnayrw46rlclp5bhrxhv1fwlxlvt525c9az4k2odapujskluwi6gvfk73e898x35envuf75h58sboypcvlgw...
  • http://i.4redi.icu/1e779290-b128-4313-b2a1-d46fd6fc8a28?SID=FIMG&UID=M&EID=EN-AT-02&DPID=AM5&Date=110322&USER=61a2308685846300164b2ef2&CT=MM&EXS=%7BEXS%7D&CID=1471208168
145 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
http://i.4redi.icu/1e779290-b128-4313-b2a1-d46fd6fc8a28?SID=FIMG&UID=M&EID=EN-AT-02&DPID=AM5&Date=110322&USER=61a2308685846300164b2ef2&CT=MM&EXS=%7BEXS%7D&CID=1471208168
Protocol
HTTP/1.1
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
82d0f8dc4d7987ba3d4b6514dc0ebbc333c548a1a87b1c6e32caff1fea9b9816

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Length
145
Content-Type
application/json;charset=UTF-8
Date
Thu, 30 Jun 2022 20:38:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 30 Jun 2022 20:38:33 GMT
Location
http://i.4redi.icu/1e779290-b128-4313-b2a1-d46fd6fc8a28?SID=FIMG&UID=M&EID=EN-AT-02&DPID=AM5&Date=110322&USER=61a2308685846300164b2ef2&CT=MM&EXS=%7BEXS%7D&CID=1471208168
Server
nginx/1.12.2
Strict-Transport-Security
max-age=86400
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
None
X-Powered-By
PHP/5.6.40
X-XSS-Protection
1; mode=block;

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: http://i.4redi.icu/1e779290-b128-4313-b2a1-d46fd6fc8a28?SID=FIMG&UID=M&EID=EN-AT-02&DPID=AM5&Date=110322&USER=61a2308685846300164b2ef2&CT=MM&EXS=%7BEXS%7D&CID=1471208168
Message:
Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.news.financial-news.biz
i.4redi.icu
k.twopercenttheory.co
18.157.170.152
18.195.174.160
5.79.106.181
82d0f8dc4d7987ba3d4b6514dc0ebbc333c548a1a87b1c6e32caff1fea9b9816