fuckr.securesaferoute.com
Open in
urlscan Pro
34.199.149.224
Public Scan
Submitted URL: http://url9376.inboxpartners.com/ls/click?upn=gIs76ctITmoWR3Oy19kk56OmDaHns1eHelnoof1qGBov6Ns0H9ferEd2AHP6jM-2BXTT5Vum8cEvZj0iGnM...
Effective URL: http://fuckr.securesaferoute.com/?page=land2/501_sb_spfy&x_source=vip56660.46507-143651.b2b02a01-b0f7-4e50-a471-b1bc79c238cc.wn4c...
Submission: On September 19 via api from BE
Effective URL: http://fuckr.securesaferoute.com/?page=land2/501_sb_spfy&x_source=vip56660.46507-143651.b2b02a01-b0f7-4e50-a471-b1bc79c238cc.wn4c...
Submission: On September 19 via api from BE
Summary
This website contacted 4 IPs
in 2 countries
across 6 domains to perform 10 HTTP transactions.
The main IP is 34.199.149.224, located in
Ashburn, United States and
belongs to AMAZON-AES, US.
The main domain is fuckr.securesaferoute.com.
This is the only time fuckr.securesaferoute.com was scanned on urlscan.io!
This is the only time fuckr.securesaferoute.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 167.89.123.54 167.89.123.54 | 11377 (SENDGRID) (SENDGRID) | |
| 2 2 | 104.27.166.218 104.27.166.218 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 1 | 18.194.134.212 18.194.134.212 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 5 | 34.199.149.224 34.199.149.224 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 5 | 104.18.29.111 104.18.29.111 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:818::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81b::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 10 | 4 |
1
167.89.123.54
(United States)
ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net
ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net
| url9376.inboxpartners.com |
1
18.194.134.212
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-134-212.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-134-212.eu-central-1.compute.amazonaws.com
| lvemsg.com |
5
34.199.149.224
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-149-224.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-149-224.compute-1.amazonaws.com
| fuckr.securesaferoute.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
minidtcdn.com
media.minidtcdn.com |
284 KB |
| 5 |
securesaferoute.com
2 redirects
fuckr.securesaferoute.com |
15 KB |
| 3 |
inboxpartners.com
3 redirects
url9376.inboxpartners.com www.inboxpartners.com |
1018 B |
| 1 |
gstatic.com
fonts.gstatic.com |
13 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
542 B |
| 1 |
lvemsg.com
1 redirects
lvemsg.com |
840 B |
| 10 | 6 |
| Domain | Requested by | |
|---|---|---|
| 5 | media.minidtcdn.com |
fuckr.securesaferoute.com
|
| 5 | fuckr.securesaferoute.com |
2 redirects
fuckr.securesaferoute.com
|
| 2 | www.inboxpartners.com | 2 redirects |
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | fonts.googleapis.com |
fuckr.securesaferoute.com
|
| 1 | lvemsg.com | 1 redirects |
| 1 | url9376.inboxpartners.com | 1 redirects |
| 10 | 7 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| upload.video.google.com GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://fuckr.securesaferoute.com/?page=land2/501_sb_spfy&x_source=vip56660.46507-143651.b2b02a01-b0f7-4e50-a471-b1bc79c238cc.wn4ceue5l20skq122d2coi6s&pgen=n&cpy=4
Frame ID: B8AA38DD6A3D15A4EF2C4A376E1D6BE4
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://url9376.inboxpartners.com/ls/click?upn=gIs76ctITmoWR3Oy19kk56OmDaHns1eHelnoof1qGBov6Ns0H9ferEd2AHP6jM-...
HTTP 302
http://www.inboxpartners.com/1e8927a9bf16f211066da350245b04_a78d655f-010101010001/C/ HTTP 301
https://www.inboxpartners.com/1e8927a9bf16f211066da350245b04_a78d655f-010101010001/C/ HTTP 302
http://lvemsg.com/b2b02a01-b0f7-4e50-a471-b1bc79c238cc HTTP 302
http://fuckr.securesaferoute.com/?in=fuckr1a:best&x_source=vip56660:b2b02a01-b0f7-4e50-a471-b1bc79c238cc.wn4c... HTTP 302
http://fuckr.securesaferoute.com/?page=land2/501_sb_spfy&x_source=vip56660.46507-143651.b2b02a01-b0f7-4e50-a4... HTTP 302
http://fuckr.securesaferoute.com/?page=land2/501_sb_spfy&x_source=vip56660.46507-143651.b2b02a01-b0f7-4e50-a4... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /php\/?([\d.]+)?/i
CentOS
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /CentOS/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://url9376.inboxpartners.com/ls/click?upn=gIs76ctITmoWR3Oy19kk56OmDaHns1eHelnoof1qGBov6Ns0H9ferEd2AHP6jM-2BXTT5Vum8cEvZj0iGnM3RA5BbHUNbJaX5XNN-2FSAze3T0XnirfNmwT1e1W-2BkNGHNtJBBuIU_gdk3V7NGFEt02l8mduMNzYjqodsC7ORCgvdSrBSFFP5bwZZu7JCASQL2l6PvRxeG1K4D0qvU7pYfEersARGsYn0bSJWkfiXMD9PEhymIpI1y-2FeYKcEKiOmRgoJkeE3DS03pJPUXgJrVY2FvHgvqe41cUnQShxElx2u36lAD31FEfmWNtoRgYSgb5INTsNVGEdyvEmzWaPwqV1g40EX1MUmXPOVtDaHeEy1eNBB7vLY7N-2BG-2BdImt-2BjkMV17eYA8PH
HTTP 302
http://www.inboxpartners.com/1e8927a9bf16f211066da350245b04_a78d655f-010101010001/C/ HTTP 301
https://www.inboxpartners.com/1e8927a9bf16f211066da350245b04_a78d655f-010101010001/C/ HTTP 302
http://lvemsg.com/b2b02a01-b0f7-4e50-a471-b1bc79c238cc HTTP 302
http://fuckr.securesaferoute.com/?in=fuckr1a:best&x_source=vip56660:b2b02a01-b0f7-4e50-a471-b1bc79c238cc.wn4ceue5l20skq122d2coi6s HTTP 302
http://fuckr.securesaferoute.com/?page=land2/501_sb_spfy&x_source=vip56660.46507-143651.b2b02a01-b0f7-4e50-a471-b1bc79c238cc.wn4ceue5l20skq122d2coi6s&eml=&pgen=n&cpy=4 HTTP 302
http://fuckr.securesaferoute.com/?page=land2/501_sb_spfy&x_source=vip56660.46507-143651.b2b02a01-b0f7-4e50-a471-b1bc79c238cc.wn4ceue5l20skq122d2coi6s&pgen=n&cpy=4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
/
fuckr.securesaferoute.com/ Redirect Chain
|
25 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style1.css
media.minidtcdn.com/land2/common/sb_spfy/css/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-2.1.4.min.js
media.minidtcdn.com/land2/js/ |
82 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
1 KB 542 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
skin.css
fuckr.securesaferoute.com/land2/css/fuckr/501_sb_spfy/ |
275 B 454 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo_hd_white.png
fuckr.securesaferoute.com/land2/img/fuckr/501_sb_spfy/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
0.jpg
media.minidtcdn.com/land2/common/sb_spfy/img/n/ |
171 KB 171 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow_down.svg
media.minidtcdn.com/land2/common/sb_spfy/img/ |
324 B 909 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2
fonts.gstatic.com/s/questrial/v11/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1.jpg
media.minidtcdn.com/land2/common/sb_spfy/img/n/ |
77 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery number| iOs_timer function| is_nxt_setup function| term_pop function| is_taken function| visual_is_taken function| is_all_empty function| viewport number| vpWidth number| vpHeight string| mobileImageFolder string| stage string| count string| sugg string| cpy number| minNumber number| maxNumber number| randomStartNumber number| minNumber1 number| maxNumber1 number| randomAddNumber boolean| displayError boolean| passwordError boolean| error1 boolean| error2 boolean| error3 boolean| raceSelect1 boolean| raceSelect2 boolean| raceSelect3 string| url function| nextStep function| headlineShake function| showError string| bName function| taCount function| createObject function| randomNumberFromRangeStart function| randomNumberFromRange function| startCount number| maxL2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| fuckr.securesaferoute.com/ | Name: src Value: vip56660.46507-143651.b2b02a01-b0f7-4e50-a471-b1bc79c238cc.wn4ceue5l20skq122d2coi6s |
|
| fuckr.securesaferoute.com/ | Name: PHPSESSID Value: 3f851b594625a276f502e549bafdbc6c |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
fuckr.securesaferoute.com
lvemsg.com
media.minidtcdn.com
url9376.inboxpartners.com
www.inboxpartners.com
104.18.29.111
104.27.166.218
167.89.123.54
18.194.134.212
2a00:1450:4001:818::200a
2a00:1450:4001:81b::2003
34.199.149.224
01b89573033a49d93f2d6edd665518f58531e914cb37cc6027385074e47942a4
084091a996cfe0e4512851684a38bcf9ed8791c5cc49692aa767a37d616be599
453869e38309ce92a7de71087ba2f67f2d070b5e789a91377e73951b16459c5f
459cefeed4ebd64a0fabfb78f02ffe08674cbb923b42d74ee4ea97a0aacdd04b
5c277b55b88d1cad0030a989df9bb6d6df23d5853443e6d7776f99713255eaa3
862d1ee334fd36ea5de9c4d4d61975d79f2e322ec587790f65f69c3496a9ecaf
89d46070266f342bb7757578eff7b2173240780b7d3117b82b2adc72081bd145
b20970b15a77c805c4e5cf0f3199612f79bedc9d4305f76510af60ee43dc8bd7
d8c0a7a26103f8ea912875c9144943241e7d33c3f544da46d76a6d71d3c234fb
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c