orige-duo.com Open in urlscan Pro
54.209.45.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tzpzc.com/trf?&o=%2Fn9GrOorD6hgfVYmNjW63FP9D6dsZRYuL8HwAv48ciMIES0afJBWK94GecHaP2RPPuYiyFsyVwCMc7B2ScGr8G5...
Effective URL:
https://orige-duo.com/zcvisitor/582fdef7-dd5e-11ed-a503-0abe80a5f9a1/ef4aacc0-427a-11e5-9690-0afe289da1cd?campaignid=e...
Submission: On April 17 via manual (April 17th 2023, 8:30:20 pm UTC) from US — Scanned from DE

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 54.209.45.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is orige-duo.com. The Cisco Umbrella rank of the primary domain is 693923.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 26th 2023. Valid for: a year.

This is the only time orige-duo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	208.91.196.46 208.91.196.46	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC)
1	54.209.45.135 54.209.45.135	14618 (AMAZON-AES) (AMAZON-AES)
2	2

1 208.91.196.46 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC, VG)

tzpzc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.45.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-45-135.compute-1.amazonaws.com

orige-duo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	orige-duo.com orige-duo.com — Cisco Umbrella Rank: 693923	523 B
1	tzpzc.com tzpzc.com	4 KB
2	2

	Domain	Requested by
1	orige-duo.com
1	tzpzc.com
2	2

This site contains no links.

Subject Issuer	Validity	Valid
orige-duo.com Amazon RSA 2048 M02	`2023-01-26` - `2024-02-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://orige-duo.com/zcvisitor/582fdef7-dd5e-11ed-a503-0abe80a5f9a1/ef4aacc0-427a-11e5-9690-0afe289da1cd?campaignid=ebb4a130-a26a-11ed-ae29-0a918cbcbb97
Frame ID: 8A7535474ABD261A72C3788A28B92E85
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tzpzc.com/trf?&o=%2Fn9GrOorD6hgfVYmNjW63FP9D6dsZRYuL8HwAv48ciMIES0afJBWK94GecHaP2RPPuY... Page URL
https://orige-duo.com/zcvisitor/582fdef7-dd5e-11ed-a503-0abe80a5f9a1/ef4aacc0-427a-11e5-9690-0afe2... Page URL

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

4 kB
Transfer

3 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tzpzc.com/trf?&o=%2Fn9GrOorD6hgfVYmNjW63FP9D6dsZRYuL8HwAv48ciMIES0afJBWK94GecHaP2RPPuYiyFsyVwCMc7B2ScGr8G5GBG%2BpJTJsdLHBkH%2FHIQ5Fn7pLap9YMgu%2FcVGi%2FzTo%2FCiHi4go7vptlkZkhoXChpfWNBx6HmSoXxtyK7%2FdRl9Vlb77vfLSil%2FUDJWmdARkqQfnlTU%2BRJKif0GiVoTBJGbhpEDhRJUiU0AUOfYo8xO6UpjjzXzRYGWzdJ42f8mJ9%2FGCSRy1%2F3t4PR%2B%2BOv8efliIoqyymiYf01g%2BoE47zfB9JocrKd0edQQBWZGJSUfGiic3K25L6feuCOlfAh4iEZCIyEdz6ulPwKURHzLi9LW9v1faOJzdzRlUidDRvARLdu3IREBcxiBH6d3uszXJUAolVJapq7R5Qk1%2FsN3FFasMLhOheHaSFhZ5lCMZa4lDDp4g4FwkxhNlAGGzEuwx4FqZB5ae6xmocnRHDhP2rHLcJyBM16GzVPhXst2wSOA5%2B7F57BUSx0FPUOYD%2F0T%2BLP29ek9Zf1Bpngxhh0Fm2uUJRaXMcPcgm7oLqeWZsor%2B&c=21294293088799610252679&n=fLDgL9GIqLYGvLwSXmz4fhbMLjknnBGz%2FZkE%2FaivVxFCNgWNOfFDzPie5PEr98m3agflP%2BJ0Cy71M26U5GGFkPvATioRyA2ufWx9SkFhBkpX%2BmoH1NV0KqOslfd8YoA0OEdgi7ndz0aqRCVHETpCI0E%2B%2B5I6Y%2FCnDbPK5110dhEQ1uWNhDN0jVty0wHa9SgsCAXBeQnwDob5yGpsPhP0KE8o6lDfkJVB9Rzr454GWq7PUt5rcCOUnMDyYfaf9LyYiM141Ue%2BHvz3F3GsLHgtc%2FVnOyMZFAuQCg7qAj2PnouVgRfmrLU7k%2FAE2wZM03G7o9%2FmcOtfR58pPGzT5N4JJhGk%2FsUajmkec0LUZQhtpqqt2mHO6KlNSOd%2FVLPGwvTumBR%2FX9am%2FJGcHlhA8CiyKqfALG3o3xPosaH2GIwa%2FM7cQhat21egPrkwWSz4TI30JUFk0bV4apdBS25VFRc0i4GC3xZBkn4M2vC5cp%2FuD7jgWePKT%2FicHcO3pg%2FB2p6Ou7sKHltu9slJynKaqE8tH7VQBotCfMKlOpNTH6RvO5%2BNmgxiL23QnvaP2iCEE0KrsS8aDrntdVqBMYwL1j7GeYE34%2Fafz3fbNm4q1vB%2Blz8oZeeXNtXP2QFoj3oiliHxoGvOy%2B7lE0gnCWwUiXVhxXFcsTYqPrpkeTFq9uM79bWlLsEK0uAoemiWcSSiK96yQAwejLbTBSnNl4TJ2xLRXCDYaNst3sK0%2FMTiRxI9jJaZzbzfPmCoJUdCCbHYuxEfSeRIHmiTAQrit%2F4zEL0iiELKpmevq2GdZo43fMpsHbyfyMaxb8dujbCsA9YW61tDv38X2xuQH8TyFkMlM9gG1w%3D%3D&kgp=0&_opnslfp=1&jccheck=1 Page URL
https://orige-duo.com/zcvisitor/582fdef7-dd5e-11ed-a503-0abe80a5f9a1/ef4aacc0-427a-11e5-9690-0afe289da1cd?campaignid=ebb4a130-a26a-11ed-ae29-0a918cbcbb97 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK trf
tzpzc.com/ 3 KB
4 KB 535ms
223ms Document
text/html 208.91.196.46
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to

Full URL: http://tzpzc.com/trf?&o=%2Fn9GrOorD6hgfVYmNjW63FP9D6dsZRYuL8HwAv48ciMIES0afJBWK94GecHaP2RPPuYiyFsyVwCMc7B2ScGr8G5GBG%2BpJTJsdLHBkH%2FHIQ5Fn7pLap9YMgu%2FcVGi%2FzTo%2FCiHi4go7vptlkZkhoXChpfWNBx6HmSoXxtyK7%2FdRl9Vlb77vfLSil%2FUDJWmdARkqQfnlTU%2BRJKif0GiVoTBJGbhpEDhRJUiU0AUOfYo8xO6UpjjzXzRYGWzdJ42f8mJ9%2FGCSRy1%2F3t4PR%2B%2BOv8efliIoqyymiYf01g%2BoE47zfB9JocrKd0edQQBWZGJSUfGiic3K25L6feuCOlfAh4iEZCIyEdz6ulPwKURHzLi9LW9v1faOJzdzRlUidDRvARLdu3IREBcxiBH6d3uszXJUAolVJapq7R5Qk1%2FsN3FFasMLhOheHaSFhZ5lCMZa4lDDp4g4FwkxhNlAGGzEuwx4FqZB5ae6xmocnRHDhP2rHLcJyBM16GzVPhXst2wSOA5%2B7F57BUSx0FPUOYD%2F0T%2BLP29ek9Zf1Bpngxhh0Fm2uUJRaXMcPcgm7oLqeWZsor%2B&c=21294293088799610252679&n=fLDgL9GIqLYGvLwSXmz4fhbMLjknnBGz%2FZkE%2FaivVxFCNgWNOfFDzPie5PEr98m3agflP%2BJ0Cy71M26U5GGFkPvATioRyA2ufWx9SkFhBkpX%2BmoH1NV0KqOslfd8YoA0OEdgi7ndz0aqRCVHETpCI0E%2B%2B5I6Y%2FCnDbPK5110dhEQ1uWNhDN0jVty0wHa9SgsCAXBeQnwDob5yGpsPhP0KE8o6lDfkJVB9Rzr454GWq7PUt5rcCOUnMDyYfaf9LyYiM141Ue%2BHvz3F3GsLHgtc%2FVnOyMZFAuQCg7qAj2PnouVgRfmrLU7k%2FAE2wZM03G7o9%2FmcOtfR58pPGzT5N4JJhGk%2FsUajmkec0LUZQhtpqqt2mHO6KlNSOd%2FVLPGwvTumBR%2FX9am%2FJGcHlhA8CiyKqfALG3o3xPosaH2GIwa%2FM7cQhat21egPrkwWSz4TI30JUFk0bV4apdBS25VFRc0i4GC3xZBkn4M2vC5cp%2FuD7jgWePKT%2FicHcO3pg%2FB2p6Ou7sKHltu9slJynKaqE8tH7VQBotCfMKlOpNTH6RvO5%2BNmgxiL23QnvaP2iCEE0KrsS8aDrntdVqBMYwL1j7GeYE34%2Fafz3fbNm4q1vB%2Blz8oZeeXNtXP2QFoj3oiliHxoGvOy%2B7lE0gnCWwUiXVhxXFcsTYqPrpkeTFq9uM79bWlLsEK0uAoemiWcSSiK96yQAwejLbTBSnNl4TJ2xLRXCDYaNst3sK0%2FMTiRxI9jJaZzbzfPmCoJUdCCbHYuxEfSeRIHmiTAQrit%2F4zEL0iiELKpmevq2GdZo43fMpsHbyfyMaxb8dujbCsA9YW61tDv38X2xuQH8TyFkMlM9gG1w%3D%3D&kgp=0&_opnslfp=1&jccheck=1
Protocol: HTTP/1.1
Server: 208.91.196.46 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache
Connection: Keep-Alive
Content-Length: 3405
Content-Type: text/html; charset=UTF-8
Date: Mon, 17 Apr 2023 20:30:05 GMT
Expires: Mon, 22 Jul 2002 11:12:01 GMT
Keep-Alive: timeout=5, max=128
Pragma: no-cache
Server: Apache

GET
H2 500 Primary Request ef4aacc0-427a-11e5-9690-0afe289da1cd Show response
orige-duo.com/zcvisitor/582fdef7-dd5e-11ed-a503-0abe80a5f9a1/ 62 B
523 B 814ms
121ms Document
text/html 54.209.45.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://orige-duo.com/zcvisitor/582fdef7-dd5e-11ed-a503-0abe80a5f9a1/ef4aacc0-427a-11e5-9690-0afe289da1cd?campaignid=ebb4a130-a26a-11ed-ae29-0a918cbcbb97

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.209.45.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-45-135.compute-1.amazonaws.com

Software

IeXJBoIy /

Resource Hash

a402e74a16d6d5e13146c2d8cb07a95d2fccd90e362efd6bc05cd988a4e92747

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: http://tzpzc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Mon, 17 Apr 2023 20:30:06 GMT
server: IeXJBoIy
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://orige-duo.com/zcvisitor/582fdef7-dd5e-11ed-a503-0abe80a5f9a1/ef4aacc0-427a-11e5-9690-0afe289da1cd?campaignid=ebb4a130-a26a-11ed-ae29-0a918cbcbb97 Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

orige-duo.com
tzpzc.com
208.91.196.46
54.209.45.135
a402e74a16d6d5e13146c2d8cb07a95d2fccd90e362efd6bc05cd988a4e92747

orige-duo.com Open in urlscan Pro 54.209.45.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

50 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

4 kBTransfer

3 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

orige-duo.com Open in urlscan Pro
54.209.45.135 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

4 kB
Transfer

3 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions