best-redirect.com
Open in
urlscan Pro
88.198.52.40
Public Scan
Effective URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.co...
Submission: On March 12 via api from US
Summary
TLS certificate: Issued by R3 on December 24th 2020. Valid for: 3 months.
This is the only time best-redirect.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 212.32.237.92 212.32.237.92 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
2 | 54.84.27.165 54.84.27.165 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 10 | 88.198.52.40 88.198.52.40 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200e | 15169 (GOOGLE) (GOOGLE) | |
5 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2004 | 15169 (GOOGLE) (GOOGLE) | |
23 | 9 |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ww2.capitalonecovid19.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-27-165.compute-1.amazonaws.com
nicanor-the.com |
ASN24940 (HETZNER-AS, DE)
PTR: d24370fff.fastvps-server.com
qwertyredirect.com | |
best-redirect.com |
ASN15169 (GOOGLE, US)
translate.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
best-redirect.com
best-redirect.com |
330 KB |
5 |
googleapis.com
translate.googleapis.com |
99 KB |
2 |
gstatic.com
www.gstatic.com |
3 KB |
2 |
google.com
translate.google.com www.google.com |
2 KB |
2 |
nicanor-the.com
nicanor-the.com |
3 KB |
2 |
capitalonecovid19.com
1 redirects
ww2.capitalonecovid19.com |
1 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
1 KB |
1 |
jquery.com
code.jquery.com |
83 KB |
1 |
qwertyredirect.com
1 redirects
qwertyredirect.com |
454 B |
23 | 9 |
Domain | Requested by | |
---|---|---|
9 | best-redirect.com |
nicanor-the.com
best-redirect.com |
5 | translate.googleapis.com |
translate.google.com
translate.googleapis.com srcdoc |
2 | www.gstatic.com |
translate.googleapis.com
best-redirect.com |
2 | nicanor-the.com |
ww2.capitalonecovid19.com
nicanor-the.com |
2 | ww2.capitalonecovid19.com | 1 redirects |
1 | www.google.com |
best-redirect.com
|
1 | translate.google.com |
best-redirect.com
|
1 | cdnjs.cloudflare.com |
best-redirect.com
|
1 | code.jquery.com |
best-redirect.com
|
1 | qwertyredirect.com | 1 redirects |
23 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
best-redirect.com R3 |
2020-12-24 - 2021-03-24 |
3 months | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Frame ID: 57DDF7C4F5EBBEDC185D9D1ED5654095
Requests: 21 HTTP requests in this frame
Frame:
https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: B519949BB0DE16485B1464682E2040CB
Requests: 1 HTTP requests in this frame
Frame:
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 9D118402D577A1E2139F5471FBD98885
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://ww2.capitalonecovid19.com/ Page URL
-
http://ww2.capitalonecovid19.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYxNTU...
HTTP 302
http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef4... Page URL
- http://nicanor-the.com/zcredirect?visitid=0a6bd470-8385-11eb-a236-12197d98db03&type=js&browserWidth... Page URL
-
https://qwertyredirect.com/click.php?key=yor0ajb60ss3eljvjs25&cid=zr0a6bd470838511eba23612197d98db0304c...
HTTP 302
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&doma... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://ww2.capitalonecovid19.com/ Page URL
-
http://ww2.capitalonecovid19.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYxNTU5NjQ5OSwiaWF0IjoxNjE1NTg5Mjk5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycGxyanEzN3Qwbm4yNjltdG8wbWk4MjkiLCJuYmYiOjE2MTU1ODkyOTksInRzIjoxNjE1NTg5Mjk5MTY5MTk3fQ.hnYYSxOtLpRT-0IVstbZ-f3w5zMqXaw0251xG3YTiuw&sid=0a4b1a4a-8385-11eb-b121-c7a147ad50fd
HTTP 302
http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf33910-7c27-11eb-b8c3-0a52992aaad9 Page URL
- http://nicanor-the.com/zcredirect?visitid=0a6bd470-8385-11eb-a236-12197d98db03&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
-
https://qwertyredirect.com/click.php?key=yor0ajb60ss3eljvjs25&cid=zr0a6bd470838511eba23612197d98db0304ca50c48f2f4d5d8c951928ab5aa037054310c5d61f593706&visit_cost=0.009000&target=golf-kop-FIkgjtXk&campaign_id=1527352&geo=FR&keyword=capitalonecovid19%2Ccapitalonecovid19%2Ccapitalonecovid19.com&source=badious-buzzard&match=&campaign_name=FR+NON+ADULT&t8=&traffic_type=DOMAIN&visitor_type=NON-ADULT
HTTP 302
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://ww2.capitalonecovid19.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYxNTU5NjQ5OSwiaWF0IjoxNjE1NTg5Mjk5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycGxyanEzN3Qwbm4yNjltdG8wbWk4MjkiLCJuYmYiOjE2MTU1ODkyOTksInRzIjoxNjE1NTg5Mjk5MTY5MTk3fQ.hnYYSxOtLpRT-0IVstbZ-f3w5zMqXaw0251xG3YTiuw&sid=0a4b1a4a-8385-11eb-b121-c7a147ad50fd HTTP 302
- http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf33910-7c27-11eb-b8c3-0a52992aaad9
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ww2.capitalonecovid19.com/ |
481 B 846 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
72092e88-2c53-401c-b988-51ef43ce1034
nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/ Redirect Chain
|
1000 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zcredirect
nicanor-the.com/ |
974 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
best-redirect.com/landers/antivirus/mcafee/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_land1.css
best-redirect.com/landers/antivirus/mcafee/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_land2.css
best-redirect.com/landers/antivirus/mcafee/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
best-redirect.com/landers/antivirus/mcafee/ |
140 KB 141 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
best-redirect.com/landers/antivirus/mcafee/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.js
code.jquery.com/ |
281 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
best-redirect.com/landers/antivirus/mcafee/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
best-redirect.com/landers/antivirus/mcafee/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mcafee.png
best-redirect.com/landers/antivirus/mcafee/ |
116 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bglogogray.png
best-redirect.com/landers/antivirus/mcafee/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
element.js
translate.google.com/translate_a/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
translate.googleapis.com/translate_static/css/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
translate.googleapis.com/translate_static/js/element/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
element_main.js
translate.googleapis.com/element/TE_20210224_00/e/js/element/ |
250 KB 90 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
translateelement.css
translate.googleapis.com/translate_static/css/ Frame B519 |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ |
825 B 914 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cleardot.gif
www.google.com/images/ |
43 B 143 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
l
translate.googleapis.com/translate_a/ Frame 9D11 |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| getUrlParameter string| doms string| bbURL function| Cookies boolean| PreventExitPop function| ExitPop function| outGoingLink string| tabunder function| go function| getUrlVars function| getUrlParam function| googleTranslateElementInit string| lang object| google object| closure_lm_2985142 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
best-redirect.com/ | Name: googtrans Value: /en/en |
|
best-redirect.com/ | Name: GoogleAccountsLocale_session Value: en |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
best-redirect.com
cdnjs.cloudflare.com
code.jquery.com
nicanor-the.com
qwertyredirect.com
translate.google.com
translate.googleapis.com
ww2.capitalonecovid19.com
www.google.com
www.gstatic.com
2001:4de0:ac18::1:a:2b
212.32.237.92
2606:4700::6810:135e
2a00:1450:4001:802::200a
2a00:1450:4001:810::2004
2a00:1450:4001:812::2003
2a00:1450:4001:82a::200e
54.84.27.165
88.198.52.40
029326a3c2908bab5fcb9226902859a5670fae26fb7ef56d04bae7080a01f4dd
06eb9ab973c9bfdde9e9d17bdd93064c578b39c67a647a5f5ebfeacecd881b3d
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33ff0e688ffd08ceade87f0fc32fec64cee09e0a2404be7c34f0df7d6b058f9d
36be57005ea3d4d63d6bfdca39b94f5e8782991ba7db619c0e659291e3d20bf3
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
57c0d40b7cd2cae18120ce0a33ecd2352c7107482682ddbbe992332d65d352b2
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
69f8a70d5ad10be049ed06d6e623749938a5475b7c21f4ef3348a268d2643cfe
6e0c03b8492b2cb09906fb36902c09fcf71202e76866a23b65731e190fcfb392
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
863e3287374bddff08f0d39c7d1b0ad5de13caf73cea8a44c3c24858924c8aea
9d80ef720f38f316de6437ad3e784cb90536666c6472e02d1263d9ecdfbe7ec2
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
db4c7e76d15507e2a1d857af162bf1c98f97dcc0ad0afaa7cba1d163954e8566
df2e047bf21bf00c0434e6d7b3ba08f9ed27b9b73f65b29866c9e1d03217d184
e086f1f274ae191cfe55810194b6cfe234b48bf9f09b6465a22be60311432a3b
fa325d846ec9bdee661b08806947c1710a5a6fa3d9e3c51fc85a250ba5f08c8e