urlscan.io logo urlscan.io
SecurityTrails logo

transitplay.com Open in urlscan Pro
139.99.166.212  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3yQHOzq#2f3pn.QFmwxunsFtLQPkrKITgVwUTP?f3Bcbmcc2wHPcxGcHcdcLzcSc3Y1jdwPJcbbb2D
Effective URL: http://transitplay.com/anchor/
Submission: On September 13 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 139.99.166.212, located in Sydney, Australia and belongs to OVH, FR. The main domain is transitplay.com.
This is the only time transitplay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
1 139.99.166.212 16276 (OVH)
2 2
Apex Domain
Subdomains		 Transfer
1 transitplay.com
transitplay.com
861 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4581
232 B
0 shortdomainlink.com Failed
vqe.shortdomainlink.com Failed
2 3
Domain Requested by
1 transitplay.com
1 bit.ly 1 redirects
0 vqe.shortdomainlink.com Failed transitplay.com
2 3

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Frame: https://vqe.shortdomainlink.com/?kw=74&s2=0b826f3e86eb4858aa3e014a96174603
Frame ID: 9373B3D95BC6CCAE584F4B4B899ED695
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/3yQHOzq HTTP 301
    http://transitplay.com/anchor/ Page URL

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3yQHOzq HTTP 301
    http://transitplay.com/anchor/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://transitplay.com/2f3pn.QFmwxunsFtLQPkrKITgVwUTP?f3Bcbmcc2wHPcxGcHcdcLzcSc3Y1jdwPJcbbb2D HTTP 302
  • https://www.br2ghatrk.com/4C2WD7/B1PQXH/?sub1=2_188797_2625672&sub2=2048_3281866_3510942_45&sub3=940248409_81-95-5-41 HTTP 302
  • https://www.br2ghatrk.com/4C2WD7/2CTPL/?__rpt=0&__po=182&__ptid=36139b6b1ef1437297f6daecb21e0779&__rpa=0&__rc=1&sub1=2_188797_2625672&sub2=2048_3281866_3510942_45&sub3=940248409_81-95-5-41&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
  • https://vqe.shortdomainlink.com/?kw=74&s2=0b826f3e86eb4858aa3e014a96174603

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
transitplay.com/anchor/
Redirect Chain
  • https://bit.ly/3yQHOzq
  • http://transitplay.com/anchor/
614 B
861 B 		Document
General
Check archive.org
Download Go to
Full URL
http://transitplay.com/anchor/
Protocol
HTTP/1.1
Server
139.99.166.212 Sydney, Australia, ASN16276 (OVH, FR),
Reverse DNS
ip212.ip-139-99-166.net
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
close
Content-Length
614
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Sep 2022 12:47:55 GMT
ETag
"266-5dbfde4165a41"
Last-Modified
Wed, 06 Apr 2022 15:19:43 GMT
Server
Apache

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
117
content-type
text/html; charset=utf-8
date
Tue, 13 Sep 2022 12:47:54 GMT
location
http://transitplay.com/anchor/
server
nginx
via
1.1 google
/
vqe.shortdomainlink.com/
Redirect Chain
  • http://transitplay.com/2f3pn.QFmwxunsFtLQPkrKITgVwUTP?f3Bcbmcc2wHPcxGcHcdcLzcSc3Y1jdwPJcbbb2D
  • https://www.br2ghatrk.com/4C2WD7/B1PQXH/?sub1=2_188797_2625672&sub2=2048_3281866_3510942_45&sub3=940248409_81-95-5-41
  • https://www.br2ghatrk.com/4C2WD7/2CTPL/?__rpt=0&__po=182&__ptid=36139b6b1ef1437297f6daecb21e0779&__rpa=0&__rc=1&sub1=2_188797_2625672&sub2=2048_3281866_3510942_45&sub3=940248409_81-95-5-41&sub4=&su...
  • https://vqe.shortdomainlink.com/?kw=74&s2=0b826f3e86eb4858aa3e014a96174603
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vqe.shortdomainlink.com
URL
https://vqe.shortdomainlink.com/?kw=74&s2=0b826f3e86eb4858aa3e014a96174603

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

4 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m8dcLS-80ed5ef20b840ba9ef-00t
www.br2ghatrk.com/ Name: uniqueClick_B1PQXH
Value: 31cdf4e7-6d36-4e35-9e76-729b5408163d:1663073277
www.br2ghatrk.com/ Name: uniqueClick_2CTPL
Value: 72cd0c7d-0b70-4630-96b4-2e7128d06ee4:1663073277
www.br2ghatrk.com/ Name: transaction_id
Value: 0b826f3e86eb4858aa3e014a96174603

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
transitplay.com
vqe.shortdomainlink.com
vqe.shortdomainlink.com
139.99.166.212
67.199.248.10