urlscan.io logo urlscan.io
SecurityTrails logo

142.11.249.50 Open in urlscan Pro
142.11.249.50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.shoort.ink/RedwanRedirect#4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmykql11
Effective URL: http://142.11.249.50/4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmykql11
Submission: On February 03 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 142.11.249.50, located in United States and belongs to HOSTWINDS, US. The main domain is 142.11.249.50.
This is the only time 142.11.249.50 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.64.118.123 22612 (NAMECHEAP...)
1 108.138.36.116 16509 (AMAZON-02)
2 142.11.249.50 54290 (HOSTWINDS)
3 2
Apex Domain
Subdomains		 Transfer
1 sendx.io
imagecdn.sendx.io — Cisco Umbrella Rank: 874414
527 B
1 shoort.ink
www.shoort.ink
310 B
3 2
Domain Requested by
1 imagecdn.sendx.io
1 www.shoort.ink 1 redirects
3 2

This site contains no links.

Subject Issuer Validity Valid
*.sendx.io
Amazon RSA 2048 M01		 2023-10-04 -
2024-10-31		 a year crt.sh

This page contains 1 frames:

Primary Page: http://142.11.249.50/4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmykql11
Frame ID: 632503D1633C7C635F2DE730D02B4DA3
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.shoort.ink/RedwanRedirect HTTP 302
    https://imagecdn.sendx.io/images/840f4477-2071-4b5b-a7c9-79cd553fea12/PkHg8lqzDdXAkqx2TcYWjW/redirecte... Page URL
  2. http://142.11.249.50/rd/4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafw... Page URL
  3. http://142.11.249.50/4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmyk... Page URL

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

0 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.shoort.ink/RedwanRedirect HTTP 302
    https://imagecdn.sendx.io/images/840f4477-2071-4b5b-a7c9-79cd553fea12/PkHg8lqzDdXAkqx2TcYWjW/redirectedSENDIORedwan.HTM Page URL
  2. http://142.11.249.50/rd/4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmykql11 Page URL
  3. http://142.11.249.50/4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmykql11 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.shoort.ink/RedwanRedirect HTTP 302
  • https://imagecdn.sendx.io/images/840f4477-2071-4b5b-a7c9-79cd553fea12/PkHg8lqzDdXAkqx2TcYWjW/redirectedSENDIORedwan.HTM

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirectedSENDIORedwan.HTM
imagecdn.sendx.io/images/840f4477-2071-4b5b-a7c9-79cd553fea12/PkHg8lqzDdXAkqx2TcYWjW/
Redirect Chain
  • https://www.shoort.ink/RedwanRedirect
  • https://imagecdn.sendx.io/images/840f4477-2071-4b5b-a7c9-79cd553fea12/PkHg8lqzDdXAkqx2TcYWjW/redirectedSENDIORedwan.HTM
155 B
527 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imagecdn.sendx.io/images/840f4477-2071-4b5b-a7c9-79cd553fea12/PkHg8lqzDdXAkqx2TcYWjW/redirectedSENDIORedwan.HTM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-116.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12917
content-length
155
content-type
text/html
date
Sat, 03 Feb 2024 14:46:37 GMT
etag
"e02b9a6baaf46604c3ee5c79a21abfd8"
last-modified
Sun, 03 Dec 2023 11:26:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 a79cccd642ddc0038c3b0c4a9e7fcd6c.cloudfront.net (CloudFront)
x-amz-cf-id
hjLCZjA3G4M714Z_QklZa_FI28nUJdoqJQF4WCYLPBuDVi35d5VRUA==
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 03 Feb 2024 14:46:36 GMT
location
https://imagecdn.sendx.io/images/840f4477-2071-4b5b-a7c9-79cd553fea12/PkHg8lqzDdXAkqx2TcYWjW/redirectedSENDIORedwan.HTM
server
LiteSpeed
x-powered-by
PHP/7.1.33
x-turbo-charged-by
LiteSpeed
4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmykql11
142.11.249.50/rd/ 		231 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
http://142.11.249.50/rd/4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmykql11
Requested by
Host: imagecdn.sendx.io
URL: https://imagecdn.sendx.io/images/840f4477-2071-4b5b-a7c9-79cd553fea12/PkHg8lqzDdXAkqx2TcYWjW/redirectedSENDIORedwan.HTM
Protocol
HTTP/1.1
Server
142.11.249.50 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-1046285.hostwindsdns.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
231
Content-Type
text/html; charset=utf-8
Date
Sat, 03 Feb 2024 14:46:37 GMT
X-Address
gin_throttle_mw_360000000000_146.70.117.107
X-Ratelimit-Limit
10
X-Ratelimit-Remaining
9
X-Ratelimit-Reset
1706975197
Primary Request 4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmykql11
142.11.249.50/ 		68 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
http://142.11.249.50/4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmykql11
Requested by
Host: 142.11.249.50
URL: http://142.11.249.50/rd/4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmykql11
Protocol
HTTP/1.1
Server
142.11.249.50 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-1046285.hostwindsdns.com
Software
/
Resource Hash
bcecb3f1a13d5fb0653675040659acc463bec74b840262a755d4f67c90b2ab6b

Request headers

Referer
http://142.11.249.50/rd/4awtgkbckzm13989gqhhc428tjirudlecmcuyj2komiinuwdr102504jzyokng380tbflfafwmykql11
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
68
Content-Type
application/json; charset=utf-8
Date
Sat, 03 Feb 2024 14:46:37 GMT
X-Address
gin_throttle_mw_360000000000_146.70.117.107
X-Ratelimit-Limit
10
X-Ratelimit-Remaining
8
X-Ratelimit-Reset
1706975197

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

imagecdn.sendx.io
www.shoort.ink
108.138.36.116
142.11.249.50
192.64.118.123
bcecb3f1a13d5fb0653675040659acc463bec74b840262a755d4f67c90b2ab6b