rdsb21.club
Open in
urlscan Pro
206.54.170.14
Public Scan
Effective URL: https://rdsb21.club/?sourceid=38170&clickid=AI_7zmAalQAAyUACAENIFwASAPbytVsA&retry_count=5&push_tb=https%3A%2F%2Fr3a...
Submission Tags: falconsandbox
Submission: On June 20 via api from US
Summary
TLS certificate: Issued by R3 on May 27th 2021. Valid for: 3 months.
This is the only time rdsb21.club was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 188.72.236.136 188.72.236.136 | 35415 (WEBZILLA) (WEBZILLA) | |
1 4 | 206.54.170.14 206.54.170.14 | 35415 (WEBZILLA) (WEBZILLA) | |
1 | 188.72.236.132 188.72.236.132 | 35415 (WEBZILLA) (WEBZILLA) | |
1 | 139.45.196.205 139.45.196.205 | 9002 (RETN-AS) (RETN-AS) | |
6 | 5 |
ASN35415 (WEBZILLA, NL)
PTR: 1f2-12-d2456-136.webazilla.com
installmentaecrloan.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
rdsb21.club
rdsb21.club |
28 KB |
1 |
ptongouh.net
ptongouh.net |
28 KB |
1 |
best-to-120.com
best-to-120.com |
10 KB |
1 |
awesomedownloadyourfiles.com
1 redirects
awesomedownloadyourfiles.com |
338 B |
1 |
installmentaecrloan.com
installmentaecrloan.com |
6 KB |
6 | 5 |
Domain | Requested by | |
---|---|---|
3 | rdsb21.club |
best-to-120.com
rdsb21.club |
1 | ptongouh.net |
rdsb21.club
|
1 | best-to-120.com |
installmentaecrloan.com
|
1 | awesomedownloadyourfiles.com | 1 redirects |
1 | installmentaecrloan.com | |
6 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
installmentaecrloan.com R3 |
2021-06-13 - 2021-09-11 |
3 months | crt.sh |
best-to-120.com R3 |
2021-04-22 - 2021-07-21 |
3 months | crt.sh |
rdsb21.club R3 |
2021-05-27 - 2021-08-25 |
3 months | crt.sh |
ptongouh.net R3 |
2021-04-21 - 2021-07-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://rdsb21.club/?sourceid=38170&clickid=AI_7zmAalQAAyUACAENIFwASAPbytVsA&retry_count=5&push_tb=https%3A%2F%2Fr3adyt0download.com%2Fptb%2FAI_7zmAalQAAyUACAENIFwASAPbytVsA%3Fq%3Dcalifornia%2Byellow%2Bimmunization%2Bcard%2Bpdf%26utm_source%3D4c08fffb3398da3b&fp=9e91d368200b3225f99bd64cfdc6a7c3e9194213&utm_source=4c08fffb3398da3b&click_url=https%3A%2F%2Fr3adyt0download.com%2Faapc1aaAI_7zmAalQAAyUACAENIFwASAPbytVsAbeQesXLi5c8kobXPKKK8yjr27p1_8v9xUe30aEvGpDoCl6o-AJuRNFXMxklV3M1_UIrObiGd0EEn4MVUIaDcF3_1kxZk-_ECZOmnXzy3oFQ7iK5ODebhbFTm5Xdd0_8pBIK-JQOejG9H14ZvHMPZPkXGyzvzj5gP5YuQAtdgiQexN9NeqTswR6QpYAXsemQb6HJpIc10defIInb2yQVw-pEXO-fAFhG03V8Ypp5aWaeMEUTu_QsXy7QCBYChMwSa6i5Nk-BtKMLpf2PfqG55nLUncIzVbnerlGJn891FMLrRVmT71gIR78ZbV_CRA1TozURLt3BGQNM0WR-VfOcKtWruEZp1-bzAMuPkmH_M4J4hpr_YTfrpXUfv-DsYjakzHJaoPhbbzU1dzscrCZXZdmPD1G4l5NhGeY6TViSi2k8hotNaD7-4QjHyoV8qtqpOML6jVUarox0Nvrd7WcWpODOOvCxN2NZrUp-XORWctj8Eh7Iq6ZaUDfGLyFW-M98a_miQAc97cxv3ajhGtiMwTKUkOFjSembd1SJ258RKf-XeSXTvm1JE_thAUr3RXkTv0l5X_7RSXszvXFTUrGhJzqphSNq9FDLdoT0m0-VnKorkMSvYgmhi-9w7NPWKRS6nswU0qs1bT-LEX1zmyg%3D%3D
Frame ID: 3AA645E01C35D4474E314C6EAC76C81B
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://installmentaecrloan.com/Byr9f29b4b9d3927e49789a254b7c85c089cb4110575c?q=california%2Byellow%2Bimmuni... Page URL
-
https://awesomedownloadyourfiles.com/565/?ip=195.242.213.110&utm_content=12422&utm_term=california+yellow+immuniz...
HTTP 301
https://best-to-120.com/AVr9J2b67ded3df236803ef8fea55dfcb38ce592c8146?q=california+yellow+immunizati... Page URL
- https://rdsb21.club/?sourceid=38170&clickid=AI_7zmAalQAAyUACAENIFwASAPbytVsA&retry_count=5&push_... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://installmentaecrloan.com/Byr9f29b4b9d3927e49789a254b7c85c089cb4110575c?q=california%2Byellow%2Bimmunization%2Bcard%2Bpdf&s2=1ieo8fd13au21%2C%20which%20downloads%20the%20same%20file Page URL
-
https://awesomedownloadyourfiles.com/565/?ip=195.242.213.110&utm_content=12422&utm_term=california+yellow+immunization+card+pdf&utm_source=AI77zmCGMAAAgkMCAENIFwASAI5J-LcA
HTTP 301
https://best-to-120.com/AVr9J2b67ded3df236803ef8fea55dfcb38ce592c8146?q=california+yellow+immunization+card+pdf Page URL
- https://rdsb21.club/?sourceid=38170&clickid=AI_7zmAalQAAyUACAENIFwASAPbytVsA&retry_count=5&push_tb=https%3A%2F%2Fr3adyt0download.com%2Fptb%2FAI_7zmAalQAAyUACAENIFwASAPbytVsA%3Fq%3Dcalifornia%2Byellow%2Bimmunization%2Bcard%2Bpdf%26utm_source%3D4c08fffb3398da3b&fp=9e91d368200b3225f99bd64cfdc6a7c3e9194213&utm_source=4c08fffb3398da3b&click_url=https%3A%2F%2Fr3adyt0download.com%2Faapc1aaAI_7zmAalQAAyUACAENIFwASAPbytVsAbeQesXLi5c8kobXPKKK8yjr27p1_8v9xUe30aEvGpDoCl6o-AJuRNFXMxklV3M1_UIrObiGd0EEn4MVUIaDcF3_1kxZk-_ECZOmnXzy3oFQ7iK5ODebhbFTm5Xdd0_8pBIK-JQOejG9H14ZvHMPZPkXGyzvzj5gP5YuQAtdgiQexN9NeqTswR6QpYAXsemQb6HJpIc10defIInb2yQVw-pEXO-fAFhG03V8Ypp5aWaeMEUTu_QsXy7QCBYChMwSa6i5Nk-BtKMLpf2PfqG55nLUncIzVbnerlGJn891FMLrRVmT71gIR78ZbV_CRA1TozURLt3BGQNM0WR-VfOcKtWruEZp1-bzAMuPkmH_M4J4hpr_YTfrpXUfv-DsYjakzHJaoPhbbzU1dzscrCZXZdmPD1G4l5NhGeY6TViSi2k8hotNaD7-4QjHyoV8qtqpOML6jVUarox0Nvrd7WcWpODOOvCxN2NZrUp-XORWctj8Eh7Iq6ZaUDfGLyFW-M98a_miQAc97cxv3ajhGtiMwTKUkOFjSembd1SJ258RKf-XeSXTvm1JE_thAUr3RXkTv0l5X_7RSXszvXFTUrGhJzqphSNq9FDLdoT0m0-VnKorkMSvYgmhi-9w7NPWKRS6nswU0qs1bT-LEX1zmyg%3D%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://awesomedownloadyourfiles.com/565/?ip=195.242.213.110&utm_content=12422&utm_term=california+yellow+immunization+card+pdf&utm_source=AI77zmCGMAAAgkMCAENIFwASAI5J-LcA HTTP 301
- https://best-to-120.com/AVr9J2b67ded3df236803ef8fea55dfcb38ce592c8146?q=california+yellow+immunization+card+pdf
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Byr9f29b4b9d3927e49789a254b7c85c089cb4110575c
installmentaecrloan.com/ |
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
AVr9J2b67ded3df236803ef8fea55dfcb38ce592c8146
best-to-120.com/ Redirect Chain
|
9 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
rdsb21.club/ |
21 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.js
rdsb21.club/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
replacer.js
rdsb21.club/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
micro.tag.min.js
ptongouh.net/pfe/current/ |
77 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| replaceTemplates function| getTextNodes function| parseUrlParams function| isInIframe object| ntfcSDK0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
awesomedownloadyourfiles.com
best-to-120.com
installmentaecrloan.com
ptongouh.net
rdsb21.club
139.45.196.205
188.72.236.132
188.72.236.136
206.54.170.14
0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1
1663185f31ed0b7f2fbe6c9eb49b339b49eb007ba39cbb885f478fdf84f014bc
7112a5c6afae10e266f4d0c189f68e2188b176fc15c48c855798812d28d40845
e0e96551e6f44fd7377acd9cd879e994feabe9882f88631539b247dffecf220b
e7c60f73aaa4f0bce7aeca666d47ce1ec0a4e5aee9240cb92664f8f0cdf856df
e950d8495f7276630fda8732db8a59e1b64661cbceab642cf5e0986855b872d6