salestraff.com Open in urlscan Pro
62.212.87.142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://redrct.site/hrfp?url=http%3A%2F%2Fsalestraff.com%2Fd%2F328075762b888dff5d%3Fsub%3DM_25763398942d5c49eb241517...
Effective URL:
http://salestraff.com/d/328075762b888dff5d?sub=M_25763398942d5c49eb241517475268&source=943
Submission: On February 01 via manual (February 1st 2018, 8:55:47 am UTC) from JP

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 62.212.87.142, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is salestraff.com.

This is the only time salestraff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.165.5.250 54.165.5.250	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	62.212.87.142 62.212.87.142	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2

1 54.165.5.250 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-5-250.compute-1.amazonaws.com

redrct.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.212.87.142 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

salestraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	salestraff.com salestraff.com	8 KB
1	redrct.site redrct.site	731 B
2	2

	Domain	Requested by
1	salestraff.com
1	redrct.site
2	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://salestraff.com/d/328075762b888dff5d?sub=M_25763398942d5c49eb241517475268&source=943
Frame ID: (2BAB5351A7C4D0F1C9AA5171184A30D8)
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://redrct.site/hrfp?url=http%3A%2F%2Fsalestraff.com%2Fd%2F328075762b888dff5d%3Fsub%3DM_2576... Page URL
http://salestraff.com/d/328075762b888dff5d?sub=M_25763398942d5c49eb241517475268&source=943 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

9 kB
Transfer

8 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://redrct.site/hrfp?url=http%3A%2F%2Fsalestraff.com%2Fd%2F328075762b888dff5d%3Fsub%3DM_25763398942d5c49eb241517475268%26source%3D943 Page URL
http://salestraff.com/d/328075762b888dff5d?sub=M_25763398942d5c49eb241517475268&source=943 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set hrfp Show response redrct.site/	140 B 731 B	984ms 117ms	Document text/html	54.165.5.250 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://redrct.site/hrfp?url=http%3A%2F%2Fsalestraff.com%2Fd%2F328075762b888dff5d%3Fsub%3DM_25763398942d5c49eb241517475268%26source%3D943 Protocol HTTP/1.1 Server 54.165.5.250 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-165-5-250.compute-1.amazonaws.com Software nginx/1.12.2 / PHP/7.1.11 Resource Hash `22422e80584ed120ac4b66df034398495ebc2d4b9db0ceadbf67ecbeee5e3386` Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host redrct.site Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Thu, 01 Feb 2018 08:55:08 GMT Content-Encoding gzip Server nginx/1.12.2 X-Powered-By PHP/7.1.11 Content-Type text/html; charset=utf-8 Set-Cookie PHPSESSID=v30bsujoj8v2budui6pthodr0l; path=/ AWSELB=151F171F102002C82363931B27C8B37E6541B8FE32DB3E733A0D3ABBF7DA8DBF1113D3455AD39D155401ABA06A1FC5158C3B9739B73E17059D03D5EA8EABCB4BE229ABAECC;PATH=/ Cache-Control no-store, no-cache, must-revalidate no-cache="set-cookie" Connection keep-alive Content-Length 146 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	Primary Request 328075762b888dff5d Show response salestraff.com/d/	8 KB 8 KB	820ms 16ms	Document text/html	62.212.87.142 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://salestraff.com/d/328075762b888dff5d?sub=M_25763398942d5c49eb241517475268&source=943 Protocol HTTP/1.1 Server 62.212.87.142 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `3ffe1f9f765fd02c70b8c54092681cdc1df825fe655a794628e92067b0d659d7` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host salestraff.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://redrct.site/hrfp?url=http%3A%2F%2Fsalestraff.com%2Fd%2F328075762b888dff5d%3Fsub%3DM_25763398942d5c49eb241517475268%26source%3D943 Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer http://redrct.site/hrfp?url=http%3A%2F%2Fsalestraff.com%2Fd%2F328075762b888dff5d%3Fsub%3DM_25763398942d5c49eb241517475268%26source%3D943 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 01 Feb 2018 08:55:09 GMT Last-Modified Thu, 25 Jan 2018 16:58:01 GMT Server nginx Accept-Ranges bytes ETag "5a6a0c99-1e95" Content-Length 7829 Content-Type text/html

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

redrct.site
salestraff.com
54.165.5.250
62.212.87.142
22422e80584ed120ac4b66df034398495ebc2d4b9db0ceadbf67ecbeee5e3386
3ffe1f9f765fd02c70b8c54092681cdc1df825fe655a794628e92067b0d659d7

salestraff.com Open in urlscan Pro 62.212.87.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

2 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

9 kBTransfer

8 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

salestraff.com Open in urlscan Pro
62.212.87.142 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

9 kB
Transfer

8 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions