urlscan.io logo urlscan.io
SecurityTrails logo

redirect-6.com Open in urlscan Pro
94.237.46.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.pastelpaintings.net/Link/?url=&clnt=dfe28&utm_medium=0&utm_campaign=f3&cv=ee4f473285d5996767a4b9f6&slid=1
Effective URL: https://redirect-6.com/dmr?stage=outgoing&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N...
Submission: On May 22 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 4 domains to perform 3 HTTP transactions. The main IP is 94.237.46.111, located in Badhoevedorp, Netherlands and belongs to UPCLOUD, FI. The main domain is redirect-6.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 3rd 2020. Valid for: 3 months.
This is the only time redirect-6.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 212.103.46.20 38964 (BALTNETAS)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 94.237.46.111 202053 (UPCLOUD)
1 52.10.180.155 16509 (AMAZON-02)
3 2
Apex Domain
Subdomains		 Transfer
3 redirect-6.com
redirect-6.com
1006 B
2 cakecaliber.com
www.cakecaliber.com
1 KB
1 safertrck.com
click.safertrck.com
238 B
1 pastelpaintings.net
www.pastelpaintings.net
406 B
3 4
Domain Requested by
3 redirect-6.com 1 redirects
2 www.cakecaliber.com 2 redirects
1 click.safertrck.com
1 www.pastelpaintings.net 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
redirect-6.com
Let's Encrypt Authority X3		 2020-05-03 -
2020-08-01		 3 months crt.sh
click.safertrck.com
Sectigo RSA Domain Validation Secure Server CA		 2019-05-16 -
2021-05-15		 2 years crt.sh

This page contains 1 frames:

Frame: https://click.safertrck.com/?c=1034&s1=61905&s2=9d58497d2550f796b16a15c6a1fd6d8fb29579e5c85760e1d30692deeaa395db
Frame ID: 0CC5840FAB9509A950D54F8D1442C607
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.pastelpaintings.net/Link/?url=&clnt=dfe28&utm_medium=0&utm_campaign=f3&cv=ee4f473285d5996767a4b9... HTTP 302
    https://www.cakecaliber.com/survey/allernieuwste/source=13373/subid=e:BnHSKkq4jQSvFDkzeMB8mOu69I1tXQGbSk... HTTP 302
    https://www.cakecaliber.com/urlshort_test/uid_long=33424&tracking_id=41147752&token=bjOz9lfI6KcwmwHevcZ1... HTTP 302
    https://redirect-6.com/o/52338/61905?s1=7H76S HTTP 307
    https://redirect-6.com/dmr?stage=incoming&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9N... Page URL
  2. https://redirect-6.com/dmr?stage=outgoing&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9N... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^envoy$/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Page Statistics

3
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

1 kB
Transfer

1 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.pastelpaintings.net/Link/?url=&clnt=dfe28&utm_medium=0&utm_campaign=f3&cv=ee4f473285d5996767a4b9f6&slid=1 HTTP 302
    https://www.cakecaliber.com/survey/allernieuwste/source=13373/subid=e:BnHSKkq4jQSvFDkzeMB8mOu69I1tXQGbSkk36C1VFxs&subid2=pastelpaintings.net&subid3=13373/nrp=okawxk5jwj1537efsv0j74fjn HTTP 302
    https://www.cakecaliber.com/urlshort_test/uid_long=33424&tracking_id=41147752&token=bjOz9lfI6KcwmwHevcZ1bFf6E6FoxqHBFu9PjS9E&preview=0&subid_json=eyJzdWJpZDEiOiJlOkJuSFNLa3E0alFTdkZEa3plTUI4bU91NjlJMXRYUUdiU2trMzZDMVZGeHMiLCJzdWJpZCI6ImU6Qm5IU0trcTRqUVN2RkRremVNQjhtT3U2OUkxdFhRR2JTa2szNkMxVkZ4cyIsInN1YmlkMiI6InBhc3RlbHBhaW50aW5ncy5uZXQiLCJzdWJpZDMiOiIxMzM3MyJ9 HTTP 302
    https://redirect-6.com/o/52338/61905?s1=7H76S HTTP 307
    https://redirect-6.com/dmr?stage=incoming&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D Page URL
  2. https://redirect-6.com/dmr?stage=outgoing&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.pastelpaintings.net/Link/?url=&clnt=dfe28&utm_medium=0&utm_campaign=f3&cv=ee4f473285d5996767a4b9f6&slid=1 HTTP 302
  • https://www.cakecaliber.com/survey/allernieuwste/source=13373/subid=e:BnHSKkq4jQSvFDkzeMB8mOu69I1tXQGbSkk36C1VFxs&subid2=pastelpaintings.net&subid3=13373/nrp=okawxk5jwj1537efsv0j74fjn HTTP 302
  • https://www.cakecaliber.com/urlshort_test/uid_long=33424&tracking_id=41147752&token=bjOz9lfI6KcwmwHevcZ1bFf6E6FoxqHBFu9PjS9E&preview=0&subid_json=eyJzdWJpZDEiOiJlOkJuSFNLa3E0alFTdkZEa3plTUI4bU91NjlJMXRYUUdiU2trMzZDMVZGeHMiLCJzdWJpZCI6ImU6Qm5IU0trcTRqUVN2RkRremVNQjhtT3U2OUkxdFhRR2JTa2szNkMxVkZ4cyIsInN1YmlkMiI6InBhc3RlbHBhaW50aW5ncy5uZXQiLCJzdWJpZDMiOiIxMzM3MyJ9 HTTP 302
  • https://redirect-6.com/o/52338/61905?s1=7H76S HTTP 307
  • https://redirect-6.com/dmr?stage=incoming&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
dmr
redirect-6.com/
Redirect Chain
  • http://www.pastelpaintings.net/Link/?url=&clnt=dfe28&utm_medium=0&utm_campaign=f3&cv=ee4f473285d5996767a4b9f6&slid=1
  • https://www.cakecaliber.com/survey/allernieuwste/source=13373/subid=e:BnHSKkq4jQSvFDkzeMB8mOu69I1tXQGbSkk36C1VFxs&subid2=pastelpaintings.net&subid3=13373/nrp=okawxk5jwj1537efsv0j74fjn
  • https://www.cakecaliber.com/urlshort_test/uid_long=33424&tracking_id=41147752&token=bjOz9lfI6KcwmwHevcZ1bFf6E6FoxqHBFu9PjS9E&preview=0&subid_json=eyJzdWJpZDEiOiJlOkJuSFNLa3E0alFTdkZEa3plTUI4bU91Njl...
  • https://redirect-6.com/o/52338/61905?s1=7H76S
  • https://redirect-6.com/dmr?stage=incoming&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%...
293 B
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect-6.com/dmr?stage=incoming&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.237.46.111 Badhoevedorp, Netherlands, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-46-111.nl-ams1.upcloud.host
Software
envoy /
Resource Hash

Request headers

:method
GET
:authority
redirect-6.com
:scheme
https
:path
/dmr?stage=incoming&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
alt-svc
clear
content-type
text/html; charset=utf-8
date
Fri, 22 May 2020 07:54:42 GMT
server
envoy
via
1.1 google
x-convertingteam-destinationurl
https://click.safertrck.com/?c=1034&s1=61905&s2=9d58497d2550f796b16a15c6a1fd6d8fb29579e5c85760e1d30692deeaa395db
x-envoy-upstream-service-time
0
content-length
293

Redirect headers

status
307
alt-svc
clear
content-type
application/json
date
Fri, 22 May 2020 07:54:42 GMT
grpc-metadata-content-type
application/grpc
location
/dmr?stage=incoming&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D
server
envoy
via
1.1 google
x-envoy-upstream-service-time
175
content-length
2
Primary Request dmr
redirect-6.com/ 		229 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect-6.com/dmr?stage=outgoing&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.237.46.111 Badhoevedorp, Netherlands, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-46-111.nl-ams1.upcloud.host
Software
envoy /
Resource Hash

Request headers

:method
GET
:authority
redirect-6.com
:scheme
https
:path
/dmr?stage=outgoing&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://redirect-6.com/dmr?stage=incoming&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://redirect-6.com/dmr?stage=incoming&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D

Response headers

status
200
alt-svc
clear
content-type
text/html; charset=utf-8
date
Fri, 22 May 2020 07:54:42 GMT
server
envoy
via
1.1 google
x-convertingteam-destinationurl
https://click.safertrck.com/?c=1034&s1=61905&s2=9d58497d2550f796b16a15c6a1fd6d8fb29579e5c85760e1d30692deeaa395db
x-envoy-upstream-service-time
1
content-length
229
/
click.safertrck.com/ 		0
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.safertrck.com/?c=1034&s1=61905&s2=9d58497d2550f796b16a15c6a1fd6d8fb29579e5c85760e1d30692deeaa395db
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.180.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-180-155.us-west-2.compute.amazonaws.com
Software
Apache/2.4.27 (Amazon) PHP/5.6.33 / PHP/5.6.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
click.safertrck.com
:scheme
https
:path
/?c=1034&s1=61905&s2=9d58497d2550f796b16a15c6a1fd6d8fb29579e5c85760e1d30692deeaa395db
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://redirect-6.com/dmr?stage=outgoing&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://redirect-6.com/dmr?stage=outgoing&url=aHR0cHM6Ly9jbGljay5zYWZlcnRyY2suY29tLz9jPTEwMzQmczE9NjE5MDUmczI9OWQ1ODQ5N2QyNTUwZjc5NmIxNmExNWM2YTFmZDZkOGZiMjk1NzllNWM4NTc2MGUxZDMwNjkyZGVlYWEzOTVkYg%3D%3D

Response headers

status
200
date
Fri, 22 May 2020 07:54:43 GMT
content-type
text/html; charset=UTF-8
content-length
0
server
Apache/2.4.27 (Amazon) PHP/5.6.33
x-powered-by
PHP/5.6.33
set-cookie
PHPSESSID=c0gm0d8dp792ttup8dnpmbl572; path=/
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache, must-revalidate
pragma
no-cache

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Domain/Path Name / Value
click.safertrck.com/ Name: PHPSESSID
Value: c0gm0d8dp792ttup8dnpmbl572

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.safertrck.com
redirect-6.com
www.cakecaliber.com
www.pastelpaintings.net
212.103.46.20
2606:4700:3033::6812:3c30
52.10.180.155
94.237.46.111
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855