citines-boutlet.com
Open in
urlscan Pro
18.195.23.231
Public Scan
Effective URL: https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly9uamU1My5UUlVFZmFzdG1lZGl1bS5jb20_a3c9NGE2ZGYyZTUtZjdkYi00MDRkLW...
Submission: On October 12 via manual from US
Summary
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 22nd 2018. Valid for: a year.
This is the only time citines-boutlet.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.243.141.158 34.243.141.158 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 2606:4700:30:... 2606:4700:30::681c:5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2606:4700:30:... 2606:4700:30::6818:659a | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
2 | 18.195.23.231 18.195.23.231 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
10 | 5 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-243-141-158.eu-west-1.compute.amazonaws.com
rdldtrk.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
apidata.info |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-23-231.eu-central-1.compute.amazonaws.com
citines-boutlet.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
citines-boutlet.com
citines-boutlet.com |
2 KB |
2 |
t67.me
p.t67.me |
7 KB |
1 |
apidata.info
apidata.info |
657 B |
1 |
googleapis.com
ajax.googleapis.com |
33 KB |
1 |
rdldtrk.com
1 redirects
rdldtrk.com |
557 B |
0 |
truefastmedium.com
Failed
nje53.truefastmedium.com Failed |
|
10 | 6 |
Domain | Requested by | |
---|---|---|
2 | citines-boutlet.com |
p.t67.me
|
2 | p.t67.me |
p.t67.me
|
1 | apidata.info |
p.t67.me
|
1 | ajax.googleapis.com |
p.t67.me
|
1 | rdldtrk.com | 1 redirects |
0 | nje53.truefastmedium.com Failed | |
10 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni45886.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-09-12 - 2019-03-21 |
6 months | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2018-09-25 - 2018-12-18 |
3 months | crt.sh |
sni162576.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-09-20 - 2019-03-29 |
6 months | crt.sh |
citines-boutlet.com COMODO RSA Domain Validation Secure Server CA |
2018-05-22 - 2019-05-22 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://nje53.truefastmedium.com/?kw=4a6df2e5-f7db-404d-b409-5845d402bac1_1&s2=wLEJVDNUED0770FHHRCBNF1C
Frame ID: F4025C606E2F0F6F85EB6DA1E5CAB57D
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://rdldtrk.com/
HTTP 302
https://p.t67.me/r/?sc=1&oaffid=-1&ooid=-1&oreqid=2072085997 Page URL
- https://citines-boutlet.com/00c49050-0024-4781-9b2b-82b047963221?sc=1&oaffid=-1&ooid=-1&oreqid=207208599... Page URL
- https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly9uamU1My5UUlVFZmFzdG1lZGl1bS5jb20_a3c9NGE2ZG... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /cloudflare/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://rdldtrk.com/
HTTP 302
https://p.t67.me/r/?sc=1&oaffid=-1&ooid=-1&oreqid=2072085997 Page URL
- https://citines-boutlet.com/00c49050-0024-4781-9b2b-82b047963221?sc=1&oaffid=-1&ooid=-1&oreqid=2072085997&country_code=DE&country_name=Germany&time_zone=null&latitude=51.0&longitude=9.0&connection_type=Wifi&browser_name=Chrome&os_name=macOS Page URL
- https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly9uamU1My5UUlVFZmFzdG1lZGl1bS5jb20_a3c9NGE2ZGYyZTUtZjdkYi00MDRkLWI0MDktNTg0NWQ0MDJiYWMxXzEmczI9d0xFSlZETlVFRDA3NzBGSEhSQ0JORjFD&ts=1539360227098&hash=gJvIC5508lt00qDySf-SNCbF-H9UoKGa64-zAYq4iaA&rm=DJ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://rdldtrk.com/ HTTP 302
- https://p.t67.me/r/?sc=1&oaffid=-1&ooid=-1&oreqid=2072085997
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
p.t67.me/r/ Redirect Chain
|
349 B 534 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
apidata.info/ |
795 B 657 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logic_tree.js
p.t67.me/r/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
00c49050-0024-4781-9b2b-82b047963221
citines-boutlet.com/ |
816 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
redirect
citines-boutlet.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
redirect
citines-boutlet.com/ |
496 B 790 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
nje53.truefastmedium.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
nje53.truefastmedium.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- citines-boutlet.com
- URL
- https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly9uamU1My5UUlVFZmFzdG1lZGl1bS5jb20_a3c9NGE2ZGYyZTUtZjdkYi00MDRkLWI0MDktNTg0NWQ0MDJiYWMxXzEmczI9d0xFSlZETlVFRDA3NzBGSEhSQ0JORjFD&ts=1539360227098&hash=gJvIC5508lt00qDySf-SNCbF-H9UoKGa64-zAYq4iaA&rm=DJ
- Domain
- nje53.truefastmedium.com
- URL
- https://nje53.truefastmedium.com/?kw=4a6df2e5-f7db-404d-b409-5845d402bac1_1&s2=wLEJVDNUED0770FHHRCBNF1C
- Domain
- nje53.truefastmedium.com
- URL
- https://nje53.truefastmedium.com/?kw=4a6df2e5-f7db-404d-b409-5845d402bac1_1&s2=wLEJVDNUED0770FHHRCBNF1C
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
apidata.info
citines-boutlet.com
nje53.truefastmedium.com
p.t67.me
rdldtrk.com
citines-boutlet.com
nje53.truefastmedium.com
18.195.23.231
2606:4700:30::6818:659a
2606:4700:30::681c:5
2a00:1450:4001:806::200a
34.243.141.158
05a3acb81de3fc3932d95570ad4792c64cc05fae14f738c21c205000bfa22f40
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
531421c969cb2bd06fe54d5e4afc649ad349bee6702448fec40f338248d344cb
911b8d737ab5228c537f56a3180c0d4d61c4a94b601c0064b49f718605446a11
b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d