urlscan.io logo urlscan.io
SecurityTrails logo

1d6ceb3b060.terrifictc.net Open in urlscan Pro
94.237.103.119  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lrohjyvey.com/cl/345e9e836586fe98?p1=%5B%5Bsubid%5D%5D&p2=&source=advertizer&site=%5B%5Bpid%5D%5D&p1=rj4vvsr1w...
Effective URL: https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=c2f9ab342ea84f5491bbb7a4a046cbde1653b&pi=84493
Submission: On January 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 1 HTTP transactions. The main IP is 94.237.103.119, located in Finland and belongs to UPCLOUD, FI. The main domain is 1d6ceb3b060.terrifictc.net.
TLS certificate: Issued by R3 on November 17th 2023. Valid for: 3 months.
This is the only time 1d6ceb3b060.terrifictc.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2600:1f18:66d... 14618 (AMAZON-AES)
1 94.237.103.119 202053 (UPCLOUD)
1 1
Apex Domain
Subdomains		 Transfer
1 terrifictc.net
1d6ceb3b060.terrifictc.net
1 cddtsecure.com
cddtsecure.com
3 KB
1 lrohjyvey.com
lrohjyvey.com
1 KB
1 3
Domain Requested by
1 1d6ceb3b060.terrifictc.net
1 cddtsecure.com 1 redirects
1 lrohjyvey.com 1 redirects
1 3

This site contains no links.

Subject Issuer Validity Valid
terrifictc.net
R3		 2023-11-17 -
2024-02-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=c2f9ab342ea84f5491bbb7a4a046cbde1653b&pi=84493
Frame ID: 1F921A9A65DE4489D5279B5FF5440830
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1d6ceb3b060.terrifictc.net/
Redirect Chain
  • http://lrohjyvey.com/cl/345e9e836586fe98?p1=%5B%5Bsubid%5D%5D&p2=&source=advertizer&site=%5B%5Bpid%5D%5D&p1=rj4vvsr1wejybbf9tiwodx
  • https://cddtsecure.com/?a=84493&c=238825&co=115463&mt=18&s2={clickId}
  • https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=c2f9ab342ea84f5491bbb7a4a046cbde1653b&pi=84493
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=c2f9ab342ea84f5491bbb7a4a046cbde1653b&pi=84493
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.103.119 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-103-119.de-fra1.upcloud.host
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 20 Jan 2024 22:12:10 GMT
x-traffic-status
BISP

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Sat, 20 Jan 2024 22:12:09 GMT
location
https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=c2f9ab342ea84f5491bbb7a4a046cbde1653b&pi=84493
server
nginx

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Domain/Path Name / Value
lrohjyvey.com/ Name: sbc345e9e836586fe98
Value: eyJpdiI6ImNwV25xNFdOYjlONm8vcW1qRnFqVVE9PSIsInZhbHVlIjoibVRxM2Y3MzQxOFZzVW9md2pvWW9jUT09IiwibWFjIjoiMmM0YTA4YjBlYTdjNjQyNjA3ZDkyZmY0OTk4NGUwMTZkOGZmOThjYzRiOWUyMzA3MDYwZWUxMGU2OWNmYzcwNiIsInRhZyI6IiJ9
lrohjyvey.com/ Name: vis
Value: eyJpdiI6Ijd2WUUyVC94VzhxUDhodS9KZ3JFWVE9PSIsInZhbHVlIjoidytSbml6NUk2eEVzemtVMFREOWQ4dz09IiwibWFjIjoiNTMyYjg5YzBjZjIxMWFiM2I4ZDU2YTZjNTA3NTQ3MWE3NTQ5ODk3ODhkZmQ3ZWU5NmY4NWJiOThlM2M5NTY1MiIsInRhZyI6IiJ9
.cddtsecure.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/ Name: gdm_click_freq_v2_1_001
Value: 9F7RbTk9ZLrBUiMv9EPTXnJzKUUirhfuiwn1FAEbmTfk+1sg6ieUejlR7lGvq0z7
.cddtsecure.com/ Name: gdm_sid_v1_3_001
Value: e04xfEL0JJ7juRagrX3hC8sjnPlJwBZhI4KtAkONx/jBzjr8VfNgRvjkSKVsVsGxjcILBSUItuodyIFrANUp4mNLjjQxGNhnR1E8Ao38p6YkceL+GanMDCM+dAX0sboKIM2HwSkjSh/UFtoviX7U+In/KcWZironBdX1+cenZqttk+jjwT+HugpLTOT2TJWpFFfa81dvgSqZyE87HDitpR/H3Q6G20CrNx3/XLUp+OWV5+uRSxjSilI5RRerk8TmV4LDi0NVen9DyAerSnjELdizRdxP08o0f/2JptnSR4dbCGsrmsl0mQE08xOFVFWWyYCg704ydMrHPiTIZGCiS+cZS6qdnydKdgdoB1fIIbBSdCNo3lxMNUb0Sltwd4J4nBm2dy8L41t8EW+rMrV5j5CjOhtbeFsrIZRAI91urXOYLxWVt7mN1m8oPFjpGx4/zMHxXjL6Hugj/xfHLkLgl9jHz9LLfIJxjh9exvhsfPcthR+mGEiW0MeAxe5JEG6nb6vFu5rEqwy3kqyHstQ/XEQINbNRYPNGamug+M2FN+eeAhgwEv2XKliHHWr80IEIMuSoz0wP9O+YsAw2O3PtI9IC4XLjRzWvFSRJ0CVOHYlAC/OxVLst6VCHAsR7FBCXyg8Bfnax3Blu39eaQjF8x0GjLNlqYvfuvkbKtEDCyUpi3yg8+X3NqWnDaRFB68vAHah7rwl9AI8FsNxVfYX30kjVb08rMnh7YUZtwhFC31KG3lz2/3Tfxpi+wJMzUfL0KpxtZZ/Z64kmi9uOJb6rhvYEAdzVQHnMDh4eWwIwCn4DBI2n7TxYnzsB0DRVfFQ6KMOjCjyTusj6BfkK8h2MTiQQ7S2wONwLt0mBTnjCik0Zb8m8/apPjOH3gTeCUHvfPQ+RQeCmdIvcBqOjx+FKKS4h5/hTH2cCAJyjNbYh2SsdRw5s4BTRMIBH/6wrCOwNS0UGwUo3DrA+tXt5ut8/XZ/FZS8UYcRGIzFnRrbtX+7q9U7LepjT+56ogzVuGPU2Ky1sMLilxyDXBbn+KsIX5V11oM22HZztJ4zlqKNJs/BiHJUVu9zejZPlbrNOXkCwzeVEE9VelxYeKg7j1kQ70HxVSRKjABvxoVa2gP12CnQ=
.cddtsecure.com/ Name: gdm_sid_v2_3_001
Value: e04xfEL0JJ7juRagrX3hC8sjnPlJwBZhI4KtAkONx/jBzjr8VfNgRvjkSKVsVsGxjcILBSUItuodyIFrANUp4mNLjjQxGNhnR1E8Ao38p6YkceL+GanMDCM+dAX0sboKIM2HwSkjSh/UFtoviX7U+In/KcWZironBdX1+cenZqttk+jjwT+HugpLTOT2TJWpFFfa81dvgSqZyE87HDitpR/H3Q6G20CrNx3/XLUp+OWV5+uRSxjSilI5RRerk8TmV4LDi0NVen9DyAerSnjELdizRdxP08o0f/2JptnSR4dbCGsrmsl0mQE08xOFVFWWyYCg704ydMrHPiTIZGCiS+cZS6qdnydKdgdoB1fIIbBSdCNo3lxMNUb0Sltwd4J4nBm2dy8L41t8EW+rMrV5j5CjOhtbeFsrIZRAI91urXOYLxWVt7mN1m8oPFjpGx4/zMHxXjL6Hugj/xfHLkLgl9jHz9LLfIJxjh9exvhsfPcthR+mGEiW0MeAxe5JEG6nb6vFu5rEqwy3kqyHstQ/XEQINbNRYPNGamug+M2FN+eeAhgwEv2XKliHHWr80IEIMuSoz0wP9O+YsAw2O3PtI9IC4XLjRzWvFSRJ0CVOHYlAC/OxVLst6VCHAsR7FBCXyg8Bfnax3Blu39eaQjF8x0GjLNlqYvfuvkbKtEDCyUpi3yg8+X3NqWnDaRFB68vAHah7rwl9AI8FsNxVfYX30kjVb08rMnh7YUZtwhFC31KG3lz2/3Tfxpi+wJMzUfL0KpxtZZ/Z64kmi9uOJb6rhvYEAdzVQHnMDh4eWwIwCn4DBI2n7TxYnzsB0DRVfFQ6KMOjCjyTusj6BfkK8h2MTiQQ7S2wONwLt0mBTnjCik0Zb8m8/apPjOH3gTeCUHvfPQ+RQeCmdIvcBqOjx+FKKS4h5/hTH2cCAJyjNbYh2SsdRw5s4BTRMIBH/6wrCOwNS0UGwUo3DrA+tXt5ut8/XZ/FZS8UYcRGIzFnRrbtX+7q9U7LepjT+56ogzVuGPU2Ky1sMLilxyDXBbn+KsIX5V11oM22HZztJ4zlqKNJs/BiHJUVu9zejZPlbrNOXkCwzeVEE9VelxYeKg7j1kQ70HxVSRKjABvxoVa2gP12CnQ=
.cddtsecure.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/ Name: gdm_uid_v2_1_001
Value: rCbYekQvDwm3qbI0D+8xztJLaGTqsdzX9PwjgDT0uLNCxSJqRtvOGi22LqiGGoXB
.cddtsecure.com/ Name: gdm_uid_v1_1_001
Value: rCbYekQvDwm3qbI0D+8xztJLaGTqsdzX9PwjgDT0uLNCxSJqRtvOGi22LqiGGoXB
.cddtsecure.com/ Name: gdm_click_freq_v1_1_001
Value: 9F7RbTk9ZLrBUiMv9EPTXnJzKUUirhfuiwn1FAEbmTfk+1sg6ieUejlR7lGvq0z7
.cddtsecure.com/ Name: gdm_click_adv_freq_v2_1_001
Value: Noe/5evDT0YYJOp2kg0BwY4WpuPSEqMqkPDgLK/VX8PuyOwcUpJrJvNsZwXS3+CO
.cddtsecure.com/ Name: gdm_click_adv_freq_v1_1_001
Value: Noe/5evDT0YYJOp2kg0BwY4WpuPSEqMqkPDgLK/VX8PuyOwcUpJrJvNsZwXS3+CO

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d6ceb3b060.terrifictc.net
cddtsecure.com
lrohjyvey.com
2600:1f18:66d3:cb10:af77:9836:cb70:92ed
2606:4700:3031::6815:5792
94.237.103.119