urlscan.io logo urlscan.io
SecurityTrails logo

www.1red.com Open in urlscan Pro
104.18.17.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.caclow.ink/1redlink/
Effective URL: https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Submission: On June 02 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 17 HTTP transactions. The main IP is 104.18.17.216, located in and belongs to CLOUDFLARENET, US. The main domain is www.1red.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 31st 2023. Valid for: a year.
This is the only time www.1red.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 193.149.3.67 204843 (TR-STERLY...)
1 1 2606:4700:303... ()
5 2606:4700:303... ()
2 2607:f8b0:402... ()
2 7 104.18.17.216 13335 (CLOUDFLAR...)
17 5
1    193.149.3.67 (Sofia, Bulgaria)

ASN204843 (TR-STERLY_VERI_MERKEZI_YAZILIM_VE_SIBER_GUVENLIK_HIZMETLERI_ANONIM_SIRKETI, TR)
PTR: blake.baseinvestigator.com
www.caclow.ink
1    2606:4700:3032::ac43:dcb5 (United States)

ASN- ()
1redlink.com
5    2606:4700:3034::ac43:ab16 (United States)

ASN- ()
red.playlink.me
2    2607:f8b0:4020:805::200a (Montreal, Canada)

ASN- ()
fonts.googleapis.com
7    104.18.17.216 (None, )

ASN13335 (CLOUDFLARENET, US)
1red.com
www.1red.com
Apex Domain
Subdomains		 Transfer
7 1red.com
1red.com
www.1red.com
47 KB
5 playlink.me
red.playlink.me
7 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 66
3 KB
1 1redlink.com
1redlink.com
661 B
1 caclow.ink
www.caclow.ink
267 B
0 s7s.ai Failed
payments-lib.cdn.s7s.ai Failed
17 6
Domain Requested by
5 www.1red.com red.playlink.me
www.1red.com
5 red.playlink.me red.playlink.me
2 1red.com 2 redirects
2 fonts.googleapis.com red.playlink.me
www.1red.com
1 1redlink.com 1 redirects
1 www.caclow.ink
0 payments-lib.cdn.s7s.ai Failed www.1red.com
17 7

This site contains no links.

Subject Issuer Validity Valid
www.caclow.ink
R3		 2023-06-02 -
2023-08-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-11 -
2023-11-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Frame ID: 108D3F4B0D91006204CA7CB2D54E1681
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.caclow.ink/1redlink/ Page URL
  2. https://1redlink.com/hd58c145c HTTP 302
    https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57... Page URL
  3. https://1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57... HTTP 301
    https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57... Page URL

Page Statistics

17
Requests

71 %
HTTPS

60 %
IPv6

6
Domains

7
Subdomains

5
IPs

4
Countries

56 kB
Transfer

973 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.caclow.ink/1redlink/ Page URL
  2. https://1redlink.com/hd58c145c HTTP 302
    https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139 Page URL
  3. https://1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139 HTTP 301
    https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://1redlink.com/hd58c145c HTTP 302
  • https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Request Chain 6
  • https://1red.com/images/favicon.png?t=1685739511039 HTTP 301
  • https://www.1red.com/images/favicon.png?t=1685739511039

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.caclow.ink/1redlink/ 		123 B
267 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.caclow.ink/1redlink/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.149.3.67 Sofia, Bulgaria, ASN204843 (TR-STERLY_VERI_MERKEZI_YAZILIM_VE_SIBER_GUVENLIK_HIZMETLERI_ANONIM_SIRKETI, TR),
Reverse DNS
blake.baseinvestigator.com
Software
Apache /
Resource Hash
df72619c0004f764191f07cc946619706dd301ea611cf1b168ee684cebf0dbee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
131
content-type
text/html
date
Fri, 02 Jun 2023 20:58:28 GMT
etag
"7b-5fd2811b2a381-gzip"
last-modified
Fri, 02 Jun 2023 16:30:20 GMT
server
Apache
vary
Accept-Encoding
/
red.playlink.me/
Redirect Chain
  • https://1redlink.com/hd58c145c
  • https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ab16 , United States, ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.3-4ubuntu2.18
Resource Hash
128bb5083957b74b310aab22e4e312644554ff95d4bb8ab4c0fbf2b3e8f5fc39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.caclow.ink/1redlink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7d129d6458565b28-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 02 Jun 2023 20:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOmOPf%2BzmCZfyuI1XB6NS7gWAsawvsA1rZ88qkY%2Fm2YJOA6mBbd0BGJFfeik2I%2Bm6Q9kzVvjl8svztY4XLFngMe9oIQP23BK%2BwoOtItFX6wREalHrHkvNuOkMaot69EbxQjZykPx3YckWMFwabo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.3-4ubuntu2.18

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d129d60ebde5968-IAD
content-type
text/html; charset=utf-8
date
Fri, 02 Jun 2023 20:58:30 GMT
location
https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NBA2zW2vyo8w2syqjqy4mSep6aaoN1syWui6ntcfsl1XJDTnTQFp%2B%2BHkD8CEYkwPiRyWdr6RowCnIZqc22QhxvCza6e2iJyBukP4UvNmtMJcAji%2FficPSKqYKpI04Yf3%2FYD34ECwHO3XWk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains max-age=31536000
vary
Accept-Encoding
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Requested by
Host: red.playlink.me
URL: https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200a Montreal, Canada, ASN (),
Reverse DNS
Software
ESF /
Resource Hash
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://red.playlink.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Jun 2023 20:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 18:59:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jun 2023 20:58:30 GMT
email-decode.min.js
red.playlink.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://red.playlink.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: red.playlink.me
URL: https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ab16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 20:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 May 2023 15:21:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6476145d-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeTNDxyUwmjIngOalxLFjCS%2BfI%2FqobIEUvnzcrn7ny4O5EmmyrZXiZrjJjM2uV8l19AQoVyOi7I3h%2F4nhsqa1n5qn7%2FwbURDZwzF8EaYC3gxV6SCsjUz8kTI6HFRuVZU5hmC%2F%2Fb6R3HI5UuWxWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7d129d66699a5b28-IAD
expires
Sun, 04 Jun 2023 20:58:30 GMT
mirrors.js
red.playlink.me/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://red.playlink.me/js/mirrors.js
Requested by
Host: red.playlink.me
URL: https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ab16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
539453bc5e6650e545a19b64ffb7339c5ec485b9fa65201890f82c9aef85eea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 20:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6874
cf-polished
origSize=6074
cf-bgj
minify
last-modified
Fri, 04 Jun 2021 12:56:58 GMT
server
cloudflare
etag
W/"60ba231a-17ba"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1BTTOS2JWXoTokgA67JqNgrNXG56b3mdp6YTorR6OZ2GEZCJsa6vea6iguppTSWlAOfAGAYg0q%2FEXoEtTaferjFhVSShNNUHyGSfPSdUSIRTUCGQYl4JwoVnCuXieWLpZjITYDbiXuc8nCI1KU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
7d129d66699b5b28-IAD
mirrors
red.playlink.me/redirector/ 		188 B
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://red.playlink.me/redirector/mirrors
Requested by
Host: red.playlink.me
URL: https://red.playlink.me/js/mirrors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ab16 , United States, ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.3-4ubuntu2.18
Resource Hash
a74d73e82bad63994c4e091caea5c67b040147f233b09744dc826de04f11fc98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.3-4ubuntu2.18
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BavIU1J8iOdsX4hcfCPqOAQIoZb8%2Fo%2F7cpL%2F6xdMMPWZuEFeV6LbxZoj09ELOQC3LerpAWGcR2%2F%2Bw8BYNDqs6rEfSBmCMmaVP7tfFkcZeDr8JwoAoDMrgpycyBJ0c6dyt%2BctzFFw3lpMjvE3QQo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
7d129d674a225b28-IAD
favicon.png
www.1red.com/images/
Redirect Chain
  • https://1red.com/images/favicon.png?t=1685739511039
  • https://www.1red.com/images/favicon.png?t=1685739511039
1001 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.1red.com/images/favicon.png?t=1685739511039
Protocol
H2
Server
104.18.17.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://red.playlink.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 20:58:32 GMT
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
MISS
last-modified
Thu, 01 Jun 2023 12:00:13 GMT
server
cloudflare
etag
"6478884d-3e9"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7d129d6f6c90544f-YYZ
alt-svc
h3=":443"; ma=86400
content-length
1001
expires
Sat, 03 Jun 2023 00:58:32 GMT

Redirect headers

date
Fri, 02 Jun 2023 20:58:32 GMT
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
text/html
location
https://www.1red.com/images/favicon.png?t=1685739511039
cache-control
public, max-age=14400
cf-ray
7d129d6c4f03544f-YYZ
alt-svc
h3=":443"; ma=86400
content-length
162
expires
Sat, 03 Jun 2023 00:58:32 GMT
redirect
red.playlink.me/redirector/log/ 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://red.playlink.me/redirector/log/redirect
Requested by
Host: red.playlink.me
URL: https://red.playlink.me/js/mirrors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ab16 , United States, ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.3-4ubuntu2.18
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://red.playlink.me/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
X-CSRF-TOKEN
0WUi8Wjg0OC2tbanlxKgkGwBODKlDUdgL5UY88rF
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryi0HOu757MF5mYqUf

Response headers

date
Fri, 02 Jun 2023 20:58:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.3-4ubuntu2.18
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJDXIJZqlMt9Sba1R702h1gm1rv1ELDYGMZvmfVBcqA%2BAwSDs8F9HWV8R7fFcbrmikX006ph9huWEzZnmilb803oil9F0VySVqyirSlloe07Nk19oUddjb2V1bEcK7mp2L6xiCzPkVHtLZjdq3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
7d129d727a925b28-IAD
Primary Request /
www.1red.com/
Redirect Chain
  • https://1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
  • https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
1 KB
772 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Requested by
Host: red.playlink.me
URL: https://red.playlink.me/js/mirrors.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
815cfbb93ea4dfc2f3506cc491f2a844c212a1ac604054af76b0fa204d816444

Request headers

Referer
https://red.playlink.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d129d734c4f5485-YYZ
content-encoding
gzip
content-type
text/html
date
Fri, 02 Jun 2023 20:58:33 GMT
etag
W/"6478886a-421"
last-modified
Thu, 01 Jun 2023 12:00:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d129d72699f544f-YYZ
content-length
162
content-type
text/html
date
Fri, 02 Jun 2023 20:58:32 GMT
location
https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
css
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic
Requested by
Host: www.1red.com
URL: https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200a Montreal, Canada, ASN (),
Reverse DNS
Software
ESF /
Resource Hash
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.1red.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Jun 2023 20:58:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 20:31:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jun 2023 20:58:33 GMT
index.js
payments-lib.cdn.s7s.ai/v1/ 		0
0
runtime.d979f591.js
www.1red.com/js/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1red.com/js/runtime.d979f591.js
Requested by
Host: www.1red.com
URL: https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 20:58:33 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Thu, 01 Jun 2023 12:01:03 GMT
server
cloudflare
age
4545
etag
W/"6478887f-8dc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7d129d7668165485-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 03 Jun 2023 00:58:33 GMT
main.04b3c03c.js
www.1red.com/js/ 		741 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1red.com/js/main.04b3c03c.js
Requested by
Host: www.1red.com
URL: https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 20:58:33 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Thu, 01 Jun 2023 12:00:49 GMT
server
cloudflare
age
4545
etag
W/"64788871-1a5099"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7d129d7668175485-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 03 Jun 2023 00:58:33 GMT
191377df.css
www.1red.com/css/ 		147 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.1red.com/css/191377df.css
Requested by
Host: www.1red.com
URL: https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec65882627b222b514d22cad6d3c6acc6f4259f117ee750512a5f346922f692

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.1red.com/?http_referrer=https%3A%2F%2Fwww.caclow.ink%2F&sign-up=modal&stag=401_647a57f61237724e561da139
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 20:58:33 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Thu, 01 Jun 2023 11:59:45 GMT
server
cloudflare
age
4545
etag
W/"64788831-24c7e"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
7d129d7658075485-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 03 Jun 2023 00:58:33 GMT
common.f68c7113.js
www.1red.com/js/ 		0
0
defaultVendors.8265fc7e.js
www.1red.com/js/ 		0
0
app.97320860.js
www.1red.com/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
payments-lib.cdn.s7s.ai
URL
https://payments-lib.cdn.s7s.ai/v1/index.js
Domain
www.1red.com
URL
https://www.1red.com/js/common.f68c7113.js
Domain
www.1red.com
URL
https://www.1red.com/js/defaultVendors.8265fc7e.js
Domain
www.1red.com
URL
https://www.1red.com/js/app.97320860.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

5 Cookies

Domain/Path Name / Value
1redlink.com/ Name: 4fc82b26aecb47d2868c
Value: 647a57f61237724e561da139
red.playlink.me/ Name: last-mirror-host
Value: 1red.com
red.playlink.me/ Name: last-mirror-ssl
Value: 1
red.playlink.me/ Name: XSRF-TOKEN
Value: eyJpdiI6IllpZzJpc2F5MzlSa01MM3pcL041WWVnPT0iLCJ2YWx1ZSI6IjVGYXArXC91aENHVWlpM1V4aGFkS2JTZVRpejZuWDJIaVN5aDNKMXorWXYzVlZiR1hRN092bVwvY2JQNkhxeUgrUyIsIm1hYyI6IjJlZTY3MTgzYjA1NTBmOWFmMjA1NDViNjgyY2ZiNGJlNWQ1MmJjYmZhOGJlOWUyNzU5NjI0YzljNGRlMmRlZjYifQ%3D%3D
red.playlink.me/ Name: redirector_session
Value: eyJpdiI6InFndUtqYkZqNGUwbEt1U3NHaUN4Zmc9PSIsInZhbHVlIjoiOFRNSHIyMUVsaVdZZlwvTXdkOXR4K3J2TjNUYWF3QmdKWm55cjFpcGo5TDFLRTk2VGVnaUF6WkV2T1RiSU1qRjIiLCJtYWMiOiIzZmRmNTM1YWMyNmI3YzliM2JkZmM3NDg3MzIyOTM0NWZiMTVkYjU2MTE2NjE2ZWZjNzhhMzFmMGU5ZTVjZmUxIn0%3D