labes506.ink Open in urlscan Pro
20.81.39.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fhjfcgd.r.bh.d.sendibt3.com/tr/cl/GGG4lAnFTsf8fpk4uI_On7SiJK_oyKSCi7s6kIHGxZUT9iE-_RisSfRPcPq6Xsu36ZJVhLOzGeYhdNbnWF1ywd_sjv...
Effective URL:
http://labes506.ink/redirect/offer%2F001ln%2F120%2Fg4ajw%2Fhd4%2F41%2F79
Submission Tags: falconsandbox
Submission: On July 31 via api (July 31st 2023, 10:53:31 am UTC) from US — Scanned from FR

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 20.81.39.124, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is labes506.ink.

This is the only time labes506.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	1.179.112.197 1.179.112.197	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	20.81.35.14 20.81.35.14	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.81.39.124 20.81.39.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2

1 1.179.112.197 (France) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: m1179112197.mailinblue.me

fhjfcgd.r.bh.d.sendibt3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.81.35.14 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

merboha.bio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.81.39.124 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

labes506.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	labes506.ink labes506.ink	485 B
1	merboha.bio merboha.bio	560 B
1	sendibt3.com 1 redirects fhjfcgd.r.bh.d.sendibt3.com	146 B
2	3

	Domain	Requested by
1	labes506.ink	merboha.bio
1	merboha.bio
1	fhjfcgd.r.bh.d.sendibt3.com	1 redirects
2	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://labes506.ink/redirect/offer%2F001ln%2F120%2Fg4ajw%2Fhd4%2F41%2F79
Frame ID: 6A38B2436A28BAAE5E5FB0164E664D49
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Not Found

Page URL History Show full URLs

https://fhjfcgd.r.bh.d.sendibt3.com/tr/cl/GGG4lAnFTsf8fpk4uI_On7SiJK_oyKSCi7s6kIHGxZUT9iE-_RisSfRPcPq6Xsu36ZJVhL... HTTP 302
http://merboha.bio/redirect.html Page URL
http://labes506.ink/redirect/offer%2F001ln%2F120%2Fg4ajw%2Fhd4%2F41%2F79 Page URL

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1 kB
Transfer

0 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fhjfcgd.r.bh.d.sendibt3.com/tr/cl/GGG4lAnFTsf8fpk4uI_On7SiJK_oyKSCi7s6kIHGxZUT9iE-_RisSfRPcPq6Xsu36ZJVhLOzGeYhdNbnWF1ywd_sjvpE5O3oD7NdGFZ5bAuPm5iSKGWgLp7yX_8Ab40dUrOIffi3zunDkxsIskArwQekhZ3fU2pRAv1lZZifq0XtBV_T6JqDF0WhGL1s6A7TuhwTzWkCXiE9-ytHD_FdrU9Qs-D71WU8JVuLf0TRhRs5OCE HTTP 302
http://merboha.bio/redirect.html Page URL
http://labes506.ink/redirect/offer%2F001ln%2F120%2Fg4ajw%2Fhd4%2F41%2F79 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://fhjfcgd.r.bh.d.sendibt3.com/tr/cl/GGG4lAnFTsf8fpk4uI_On7SiJK_oyKSCi7s6kIHGxZUT9iE-_RisSfRPcPq6Xsu36ZJVhLOzGeYhdNbnWF1ywd_sjvpE5O3oD7NdGFZ5bAuPm5iSKGWgLp7yX_8Ab40dUrOIffi3zunDkxsIskArwQekhZ3fU2pRAv1lZZifq0XtBV_T6JqDF0WhGL1s6A7TuhwTzWkCXiE9-ytHD_FdrU9Qs-D71WU8JVuLf0TRhRs5OCE HTTP 302
http://merboha.bio/redirect.html

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	redirect.html merboha.bio/ Redirect Chain https://fhjfcgd.r.bh.d.sendibt3.com/tr/cl/GGG4lAnFTsf8fpk4uI_On7SiJK_oyKSCi7s6kIHGxZUT9iE-_RisSfRPcPq6Xsu36ZJVhLOzGeYhdNbnWF1ywd_sjvpE5O3oD7NdGFZ5bAuPm5iSKGWgLp7yX_8Ab40dUrOIffi3zunDkxsIskArwQekhZ3... http://merboha.bio/redirect.html	231 B 560 B	242ms 94ms	Document text/html	20.81.35.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://merboha.bio/redirect.html Protocol HTTP/1.1 Server 20.81.35.14 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 231 Content-Type text/html; charset=UTF-8 Date Mon, 31 Jul 2023 10:53:25 GMT ETag "e7-600f31f91b5d8" Keep-Alive timeout=5, max=100 Last-Modified Thu, 20 Jul 2023 23:01:06 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 Redirect headers content-length 55 content-type text/html; charset=utf-8 date Mon, 31 Jul 2023 10:53:25 GMT location http://merboha.bio/redirect.html x-content-type-options nosniff x-sib-server server9 x-xss-protection 1
GET H/1.1	404 Not Found	Primary Request offer%2F001ln%2F120%2Fg4ajw%2Fhd4%2F41%2F79 Show response labes506.ink/redirect/	238 B 485 B	218ms 94ms	Document text/html	20.81.39.124 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://labes506.ink/redirect/offer%2F001ln%2F120%2Fg4ajw%2Fhd4%2F41%2F79 Requested by Host: merboha.bio URL: http://merboha.bio/redirect.html Protocol HTTP/1.1 Server 20.81.39.124 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `23489b8ac49878f976366e028d7ebf85d67ea222d5c314a464603f7a85529ade` Request headers Referer http://merboha.bio/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Connection Keep-Alive Content-Length 238 Content-Type text/html; charset=iso-8859-1 Date Mon, 31 Jul 2023 10:53:26 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://labes506.ink/redirect/offer%2F001ln%2F120%2Fg4ajw%2Fhd4%2F41%2F79 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fhjfcgd.r.bh.d.sendibt3.com
labes506.ink
merboha.bio
1.179.112.197
20.81.35.14
20.81.39.124
23489b8ac49878f976366e028d7ebf85d67ea222d5c314a464603f7a85529ade

labes506.ink Open in urlscan Pro 20.81.39.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

2 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

1 kBTransfer

0 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

labes506.ink Open in urlscan Pro
20.81.39.124 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1 kB
Transfer

0 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions