rdrct1.org
Open in
urlscan Pro
108.61.135.76
Public Scan
Effective URL: http://rdrct1.org/rnhbnnyuq
Submission: On June 06 via manual from JO
Summary
This is the only time rdrct1.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 91.234.35.247 91.234.35.247 | 56485 (THEHOST-AS) (THEHOST-AS) | |
1 1 | 195.28.183.126 195.28.183.126 | 15626 (ITLAS) (ITLAS) | |
2 | 108.61.135.76 108.61.135.76 | 20473 (AS-CHOOPA) (AS-CHOOPA - Choopa) | |
2 | 13.32.158.53 13.32.158.53 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
6 | 3 |
ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 108.61.135.76.vultr.com
rdrct1.org |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-53.fra56.r.cloudfront.net
d3ikljl879wvvx.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
cloudfront.net
d3ikljl879wvvx.cloudfront.net |
4 MB |
2 |
rdrct1.org
rdrct1.org |
5 KB |
2 |
lkik.us
lkik.us |
1 KB |
1 |
herodota.ru
1 redirects
herodota.ru |
657 B |
6 | 4 |
Domain | Requested by | |
---|---|---|
2 | d3ikljl879wvvx.cloudfront.net |
rdrct1.org
|
2 | rdrct1.org |
lkik.us
rdrct1.org |
2 | lkik.us |
lkik.us
|
1 | herodota.ru | 1 redirects |
6 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://rdrct1.org/rnhbnnyuq
Frame ID: 0D0937BC70E04431216B8465355F802F
Requests: 6 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://lkik.us/ Page URL
-
http://herodota.ru/?pakusay&charset=windows-1251&keyword=[KEYWORD]
HTTP 302
http://rdrct1.org/rnhbnnyuq Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://lkik.us/ Page URL
-
http://herodota.ru/?pakusay&charset=windows-1251&keyword=[KEYWORD]
HTTP 302
http://rdrct1.org/rnhbnnyuq Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
lkik.us/ |
1 KB 896 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs2.js
lkik.us/ |
301 B 531 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
rnhbnnyuq
rdrct1.org/ Redirect Chain
|
9 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.min.js
d3ikljl879wvvx.cloudfront.net/assets/92ca6c0406acc434f71cba5a43f0aadf/ |
252 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prm.js
rdrct1.org/ |
0 333 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
15.gif
d3ikljl879wvvx.cloudfront.net/assets/92ca6c0406acc434f71cba5a43f0aadf/images/ |
4 MB 4 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| next function| $ function| jQuery string| u3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
rdrct1.org/ | Name: k Value: SFMyNTY.g3QAAAAIbQAAAARhdW5xbQAAABZ7IjEyMjgwIjoiTXB6Z05OZVl2UiJ9bQAAAANoaWRtAAAAHG1lVVBVeEdqSEdFemhXV3VkclZMRWJacnZleU9tAAAAHG1lVVBVeEdqSEdFemhXV3VkclZMRWJacnZleU90AAAAAWQABWFmZmlkYgAChpttAAAAAnJkdAAAAARkAApfX3N0cnVjdF9fZAAYRWxpeGlyLlRkZXguUm90YXRpb25EYXRhZAAOY2xpY2tlZF9vZmZlcnN0AAAAAGQACGxhbmRpbmdzbAAAAAFiAAAB6mpkAAtzZWVuX29mZmVyc2wAAAABYgAAJNdqbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJkAANuaWxtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAALWG5oUGJib1dxU20.Ctmk2WpIPwS7_I1QYNzEd3E6VUIoJASWHasCY3CYTsU |
|
rdrct1.org/ | Name: _opl Value: meUPUxGjHGEzhWWudrVLEbZrveyO:165531 |
|
rdrct1.org/ | Name: uord Value: 2630b35534ff50b4b0e77916e9a7c088 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d3ikljl879wvvx.cloudfront.net
herodota.ru
lkik.us
rdrct1.org
108.61.135.76
13.32.158.53
195.28.183.126
91.234.35.247
007c6074789317ec2bfd04ddd1c9003eea1e51007af7b9cbb9fc47df2073c506
bf3263f94ab0c2fbe51b38790f8196040be6006f04b69adb81ef93a9b53f9c00
c3715ae234af68ae765c3177cdccdb8e1d0e51fd9cd1e0a85d248ed525f5bec3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eca89fbed61b68693b035130b0da8c9c3a0b6d5dcc4160027908c5ca2936dc85