1redirc.com
Open in
urlscan Pro
103.224.182.206
Public Scan
Submitted URL: https://storage.googleapis.com/pist1/afehrgdbcehhff/z14rdtjhryheth.html#rd/u14888tkngM27314bOUw282oJA7223wIck1659
Effective URL: http://1redirc.com/r2.php?e=Mu2BTcmn4E0PUb211PcWO349fnNqMkRYYUhnUXk3QkNsbnBVOUZNRkkvaHZGbWxwZU1FVVB0NkxweW1DV25uTjQ...
Submission: On October 08 via api from BE — Scanned from DE
Effective URL: http://1redirc.com/r2.php?e=Mu2BTcmn4E0PUb211PcWO349fnNqMkRYYUhnUXk3QkNsbnBVOUZNRkkvaHZGbWxwZU1FVVB0NkxweW1DV25uTjQ...
Submission: On October 08 via api from BE — Scanned from DE
Summary
This website contacted 4 IPs
in 4 countries
across 6 domains to perform 7 HTTP transactions.
The main IP is 103.224.182.206, located in
Australia and
belongs to TRELLIAN-AS-AP Trellian Pty. Limited, AU.
The main domain is 1redirc.com.
The Cisco Umbrella rank of the primary domain is 405994.
This is the only time 1redirc.com was scanned on urlscan.io!
This is the only time 1redirc.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 2a00:1450:400... 2a00:1450:4001:80e::2010 | 15169 (GOOGLE) (GOOGLE) | |
| 1 2 | 51.159.66.142 51.159.66.142 | 12876 (Online SAS) (Online SAS) | |
| 1 1 | 45.79.3.248 45.79.3.248 | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
| 1 1 | 103.224.182.242 103.224.182.242 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 4 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 7 | 4 |
1
2a00:1450:4001:80e::2010
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| storage.googleapis.com |
1
45.79.3.248
(Richardson, United States)
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 45-79-3-248.ip.linodeusercontent.com
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 45-79-3-248.ip.linodeusercontent.com
| www.gettrafficonlineleads.com |
1
103.224.182.242
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-242.above.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-242.above.com
| opt-limit-me.com |
4
103.224.182.206
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
| 1redirc.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 4 |
1redirc.com
1redirc.com — Cisco Umbrella Rank: 405994 |
8 KB |
| 2 |
floza.xyz
1 redirects
floza.xyz |
618 B |
| 1 |
opt-limit-me.com
1 redirects
opt-limit-me.com |
2 KB |
| 1 |
gettrafficonlineleads.com
1 redirects
www.gettrafficonlineleads.com |
333 B |
| 1 |
googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 696 |
841 B |
| 0 |
safedirect.site
Failed
safedirect.site Failed |
|
| 7 | 6 |
| Domain | Requested by | |
|---|---|---|
| 4 | 1redirc.com |
floza.xyz
1redirc.com |
| 2 | floza.xyz |
1 redirects
storage.googleapis.com
|
| 1 | opt-limit-me.com | 1 redirects |
| 1 | www.gettrafficonlineleads.com | 1 redirects |
| 1 | storage.googleapis.com | |
| 0 | safedirect.site Failed |
1redirc.com
|
| 7 | 6 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| storage.googleapis.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://safedirect.site/?cid=vyf52ndo621h5yejhr08&cpv=0.010&kw=.de.01.desktop.nonadult&subid=1341841398
Frame ID: 245B1570E82AFECCE7F9B67FE31A491F
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://storage.googleapis.com/pist1/afehrgdbcehhff/z14rdtjhryheth.html Page URL
- http://floza.xyz/rd/u14888tkngM27314bOUw282oJA7223wIck1659 Page URL
-
http://floza.xyz/track/u14888tkngM27314bOUw282oJA7223wIck1659
HTTP 302
https://www.gettrafficonlineleads.com/bGb83QVj6btV_zBUOIx5PdT3IN83wDtIw4jzM_C1eR2co-h399RLfOY4-727qeHLD3QTMK5SF0dD... HTTP 302
https://opt-limit-me.com/unsubscribe/EZifHyV-BkgMjSpdBTlO-R90udjTztsM36XJrUMKr5vEID3mE92GaSNYy6Az_HK1... HTTP 302
http://1redirc.com/r2.php?e=Mu2BTcmn4E0PUb211PcWO349fnNqMkRYYUhnUXk3QkNsbnBVOUZNRkkvaHZGbWxwZU1... Page URL
Detected technologies
SWFObject
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- swfobject.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://storage.googleapis.com/pist1/afehrgdbcehhff/z14rdtjhryheth.html Page URL
- http://floza.xyz/rd/u14888tkngM27314bOUw282oJA7223wIck1659 Page URL
-
http://floza.xyz/track/u14888tkngM27314bOUw282oJA7223wIck1659
HTTP 302
https://www.gettrafficonlineleads.com/bGb83QVj6btV_zBUOIx5PdT3IN83wDtIw4jzM_C1eR2co-h399RLfOY4-727qeHLD3QTMK5SF0dDCENXp0uN6g~~ HTTP 302
https://opt-limit-me.com/unsubscribe/EZifHyV-BkgMjSpdBTlO-R90udjTztsM36XJrUMKr5vEID3mE92GaSNYy6Az_HK1E0M48XuMSMsvQ_ClhACcA5r3FALxdwaP-X0XaWzaTy1zvp2Uz44s9lzyPRDmCfbwn4lPpuW_KcQMXrHd1W5C6Q HTTP 302
http://1redirc.com/r2.php?e=Mu2BTcmn4E0PUb211PcWO349fnNqMkRYYUhnUXk3QkNsbnBVOUZNRkkvaHZGbWxwZU1FVVB0NkxweW1DV25uTjQwdTN2VXRVRzBYZkd2ZGtWSzBqOFlLNVUwVEZYZ3lsckp4eVJQK3hRRGRQUTB4Mm9GcnIvY05ENTkyRXA1VHhQTk40YjdCT0NhSUFwLzRILzdxSjlzeUhmNnlVa1Exc3IrL1RDMHJZbTJXT0RqRnhlWW0zaTFpM2gyamczUGVicU9YS1gwWW9uRnpoOFdyYlU5Y3NTaHRUTU9QN1FJZ3dwSmNSN25EL2NLd0lLMkRHT09Jb2oxUFozRWk3MHNQWkhONkhNVWppcVlVVXhpTXhSZWZEbVNBb1F5ZUNoY1ovS0dUOU9WMkJkQm90WFM5MGppMXRJbFowa0x3V0JQUXVMRithUUE2U000azY4Skp5UVIvWnRWNmQ1Q1NMRXNMdzNTVEE4YWxCSlloN1VRc1pXaUdDS3pad0l5bmxTOW9EQ2lJZHhwNU8vZnRLeTZyVmliMUFCdUhnN1dhZnBHTVI5ZWVFVVJxMTJGL2t2cER4UHZua3h6OWdUQjlTY2xhY2FNZG5LdEUwbGNMZDEwZVcrQXdvbkZ2a3BRL21nMXJhY3pXYnpjVFg2bWE3VmhqVzdhbEt0OEM2RW9aUFlqeTVIeDZYNHBJNHZaNFVPMGFFbUd5NHQ1dGN3b0RidVRTUXVxaDdYQkNDL1VxVmtjMzk5RWZadmV3L3lEM0xLdTVrZk1NRDhKQnk5RHNueE9MbFhuUS9RclBjRVQ5RDNKRFdxWWdmSVl2VG5TRHllTE95TFdYUDlXaG9TWVYrY1c2WTc1NjNNWHFLa2ZTYnNVQ3Azc0NLNUFaMzkvYjVxTm9YM2pkT2MwWDU0QkhyZnJKenVBbW9TQm1YREdhdGYwSVloc3pRVzZmazZ3VU45YnZyV1hpZHVsdzRJODZjSWd4bktzSW9ROFBTc3hGMG5BRDNEQWNrYURLbEtlSTUzTlkvQ3piNGxOcDdLKzNXQTJjVXBvMlVDRlZEcXlYbUFPWXh5TWh5VkQxdkFGc0RvbzVyRzhIYmFhM3doU2FCTHJsQ1VmYmtpcmxlTUJ4eitYT3RTODQzWVk3LzRPdWdTcjRkT0d4Qkpha1UxTHJ3aW5pd1pobm85RmNscjJqZzB1THNHVGFSNkE2WVpxSG9YM2VubEZZRlBGQkVNaGRuS24xbjVUSXhyNUozTnhqL2VyaGIvZTlwOGZON3ZKNkdFeUIza3c3aUVpWW9oc25nWFN4K3Exb0ttM0R4NC9QaEhPQnYxWTh1OWwwRFdVMFg0bjYzRWttbDRrL0tUYVA4NGVnMzlRYzZpTWN5cjg2KzhieVFGNzl2c1ZCVC83Rmx2cXZzZjRFeE5kdGVxQ0pVOGJBQzVFQ0hRWHpzakg5ckpqKzdpTDgySXUzWnVPSHRHSitTekhC Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- http://1redirc.com/r.php?u=https%3A%2F%2Fsafedirect.site%2F%3Fcid%3Dvyf52ndo621h5yejhr08%26cpv%3D0.010%26kw%3D.de.01.desktop.nonadult%26subid%3D1341841398&s=j&enc=lWhI8ssl9bCHFw5jXAGs0X49fkZkYmNMTWsrVnZncDJnZ3lVeTJMOUNndFJSaWZKakZtdnZRWDhHYk8xS1BoandEdVlacEhGNUNzQ2UxYUY2aEpDMVZqUysxZXhiMms5NUlkejZUYlVCMExjcmU3YTF5WFBJZnVCblBHM1orU09iM1RlZ2t3T0FxV0NtOU41TXIvcEZ6ejJuSnk0VFowUmJZU0dVa0RySW8wMFRKVXIzdUYwYVFEbnNRT3VyV0ZGbTVxZTBNZlA4Q21LaHVoUGtQTzIwTVhIMGRFVGNRTU9ISTcvMlZnWmN3ZVpENE5tTFZMazJSOHBnYWFJRXhaenRiUGdJNFMzUHV0c2hxU3NTcjErWVdkM0VmT2hkM3NPTktwdXNpaHN1dFJuZVdJcURVS0VmdlhEaktRK0U0UTZIOXJDWFRTNStvUUVhSVRMRkM1OER6cHo3UmgrMjU1TWhpUEVkWTgxcVovam1jVWF6b3FndE8zdE9RVDZhU2Erbk5SMW91cXhqNnRrc3VvZ2hXNWJzVHBQRFByNDBVSkhxSmdhOWtITjFjb2dzNVhDOTVDY1FqeGlYY3BVODF4Z25IYUVsYTVUNnJzR3NXcEpvMWxmYWFxUnpNMUdkTHR6S0tydlpYZzZpVHB1dzFJUnlMV0lwUzBZbWRPSGJZYkhDUy8rWEVjWWgvYVFrMEd3a3p0REVDTHlnbjB3UXNra2VOLzVGMGxKTCtzdmJVZzFZdERYSzRxdERsdC9sRDE4RHBYZlJ0SnZCTTUvK21Lb1pEdFRMQlpKa1FKSnpjT3NwRm5lYVZ5SXRNa05SeENnRjkwajBkN0VjVDI0eGZIeVZmRmlZZnhFYlZmMTFUa3dSMGRJNVZtZzhsbk8ycFJVWjYrS0VEOEVlMHRRWUsxY052U2ZmaUhNU2Jja0VZb0lpZzNIRVkxSms1akd6TXRWdGNSMG5peHpoYzNSZXdyWThzdTFKcmNsT3Mwem1uaWR0TlBTY1VPb0Q3QUNUbzZsdUtBU0t3bGFtZXNSTXphWGJiaDNEa0tDRzJVWitnUFFQbE5lVkhNV1hpSDZOazMwS3dpNUloYW5qTGJMUU9wQW01TDdieW1TWWVxc2JhNk1rSDFxa1cvZXRTbGlXV2lPOVR1SHhHQ2QwTVZ1MkpBSWdpaEtjL3FYSHFHdFpodnRqRDlubXYvbDhldSs5WjZxYWFWYVI3YXRsUTJQZUU5OVpjOWRBbGt4cjdNcGZvb0RLaTVHb2Q3Y0VWaWY4MGxMVCt2SXN3UXB5Q0dLRVdqN09VK3MzYkpZbmFEY2x5M28rd0FOQTNzWmlGOFY2aDRndlNJOUI2bjZnY0hCTnp5aE13U01aWm14ajVmWHhwc1ZvczlteFlvajZuWFVCYjJ4djNIa1VBK0h0RHJEZC9pRDBpeXl1NHZZTmFjQnFxWnUrZXIyVHY0WXpZQ3lhQWZlOWdrSlRQNitvT0RLM3RmeFVXdXVOWVdxR1c4cDQ3SzVkSGFWbXByWUVUTVdSbWVKekZkVnloNEFCRkZDb0FLa0dLTEQvdkZ2UEN1aXh0aFNhU1hSNEFoMkV1WkJVRElOSkxaRmllYXZzVzVUSlk9&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
- https://safedirect.site/?cid=vyf52ndo621h5yejhr08&cpv=0.010&kw=.de.01.desktop.nonadult&subid=1341841398
7 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
z14rdtjhryheth.html
storage.googleapis.com/pist1/afehrgdbcehhff/ |
263 B 841 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
u14888tkngM27314bOUw282oJA7223wIck1659
floza.xyz/rd/ |
243 B 360 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
r2.php
1redirc.com/ Redirect Chain
|
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jscheck.js
1redirc.com/javascript/ |
899 B 718 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
swfobject.js
1redirc.com/javascript/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jscheck.php
1redirc.com/ |
0 166 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
safedirect.site/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- safedirect.site
- URL
- https://safedirect.site/?cid=vyf52ndo621h5yejhr08&cpv=0.010&kw=.de.01.desktop.nonadult&subid=1341841398
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| opt-limit-me.com/unsubscribe | Name: __tad Value: 1665239502.2241608 |
|
| .1redirc.com/ | Name: __dsnsid Value: 20221009013142eba888d1e56c662db9 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1redirc.com
floza.xyz
opt-limit-me.com
safedirect.site
storage.googleapis.com
www.gettrafficonlineleads.com
safedirect.site
103.224.182.206
103.224.182.242
2a00:1450:4001:80e::2010
45.79.3.248
51.159.66.142
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
d947bb5761786cc93bb3fa1ab314c316f1fb1687496e2347b33e4a9f59e0ddd7