redirectglobal.com Open in urlscan Pro
2606:4700:3037::681f:53b7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bytlly.com/17knqq
Effective URL:
https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1...
Submission: On April 14 via api (April 14th 2020, 7:55:35 am UTC) from US

Summary HTTP 4 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 8 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3037::681f:53b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is redirectglobal.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 5th 2020. Valid for: 8 months.

This is the only time redirectglobal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.149.248.110 5.149.248.110	59711 (HZ-NL-AS) (HZ-NL-AS)
1 1	5.149.248.70 5.149.248.70	59711 (HZ-NL-AS) (HZ-NL-AS)
1	78.140.165.10 78.140.165.10	35415 (WEBZILLA) (WEBZILLA)
1 1	35.190.65.250 35.190.65.250	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3033::681b:bee7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::681f:53b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.223.116.29 34.223.116.29	16509 (AMAZON-02) (AMAZON-02)
1	35.244.148.197 35.244.148.197	15169 (GOOGLE) (GOOGLE)
4	3

1 5.149.248.110 (Netherlands) 1 redirects

ASN59711 (HZ-NL-AS, GB)

bytlly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.149.248.70 (Netherlands) 1 redirects

ASN59711 (HZ-NL-AS, GB)

xtraserp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.140.165.10 (Netherlands)

ASN35415 (WEBZILLA, NL)

g3nerat3dn3w.best	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.65.250 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 250.65.190.35.bc.googleusercontent.com

www.opptmzmobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::681b:bee7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unlocklink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::681f:53b7 (United States)

ASN13335 (CLOUDFLARENET, US)

redirectglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.redirectglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.116.29 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-116-29.us-west-2.compute.amazonaws.com

www.9t5.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.148.197 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 197.148.244.35.bc.googleusercontent.com

www.popcornlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	redirectglobal.com redirectglobal.com www.redirectglobal.com	5 KB
1	popcornlinks.com www.popcornlinks.com
1	9t5.me 1 redirects www.9t5.me	350 B
1	unlocklink.com 1 redirects unlocklink.com	544 B
1	opptmzmobile.com 1 redirects www.opptmzmobile.com	436 B
1	g3nerat3dn3w.best g3nerat3dn3w.best	8 KB
1	xtraserp.com 1 redirects xtraserp.com	596 B
1	bytlly.com 1 redirects bytlly.com	440 B
4	8

	Domain	Requested by
1	www.popcornlinks.com	redirectglobal.com
1	www.9t5.me	1 redirects
1	www.redirectglobal.com	redirectglobal.com
1	redirectglobal.com	g3nerat3dn3w.best
1	unlocklink.com	1 redirects
1	www.opptmzmobile.com	1 redirects
1	g3nerat3dn3w.best
1	xtraserp.com	1 redirects
1	bytlly.com	1 redirects
4	9

This site contains no links.

Subject Issuer	Validity	Valid
g3nerat3dn3w.best Let's Encrypt Authority X3	`2020-04-01` - `2020-06-30`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-05` - `2020-10-09`	8 months	crt.sh
www.popcornlinks.com GTS CA 1D2	`2020-03-23` - `2020-06-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU1Eek91eHlnamd0UkJqc1BpTEgxcFJ3TjBLalk0d21VNnVFNW5VQ2h1QnU1Q2NNPQ
Frame ID: C17306F704DD055B4F8BE69C69CC8A6F
Requests: 3 HTTP requests in this frame

Frame: https://www.popcornlinks.com/welcome.html?aff=4348&theme=0929&language=DE&clickid=18041430_1d_6e_48_67fbf8_ab2_80_5e956c57_2a0104f8019254140000000000000002_3069_0_0_64_64_0_2_2&pub=48
Frame ID: 6AA2BC6939E9BAE274BE828BE6CF4420
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bytlly.com/17knqq HTTP 302
http://xtraserp.com/?acma=VGl0YW5pYyAxOTk3IEdlcm1hbiBIZHR2IDEwODBwIER0cyBYMjY0dHJtZHNmVGl&bewild... HTTP 302
https://g3nerat3dn3w.best/r/?token=9d0745f9c8757824933c881516f6b51678e7f13f&q=Titanic+1997+German+Hdtv... Page URL
https://www.opptmzmobile.com/3PDWK38Z/3FCXT1HD/?sub1=AFZslV7giAAAmDICAERLNAASALSVPeYA HTTP 302
https://unlocklink.com/redirect/action/1IndzM3MuJSoxNjwiKHNmf3BlZ2E_eQ_Pyi?uc=6f16cb1516814605bab80... HTTP 302
https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1M... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

100 %
HTTPS

25 %
IPv6

8
Domains

9
Subdomains

3
IPs

2
Countries

13 kB
Transfer

13 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bytlly.com/17knqq HTTP 302
http://xtraserp.com/?acma=VGl0YW5pYyAxOTk3IEdlcm1hbiBIZHR2IDEwODBwIER0cyBYMjY0dHJtZHNmVGl&bewilderment=ZG93bmxvYWR8YWwwTWpFM2ZIdzNOemQ4ZkRrNU9UbDhmRTFQVGxOVVJWSWdWMmw0SUZ0RGFHRnVaMlZrWFNCN2ZR&risking=&giffiths=&compacts=handicapping HTTP 302
https://g3nerat3dn3w.best/r/?token=9d0745f9c8757824933c881516f6b51678e7f13f&q=Titanic+1997+German+Hdtv+1080p+Dts+X264&s3=Titanic+1997+German+Hdtv+1080p+Dts+X264&s2=mmaa&s1=8fE1BQ19Nb3ZpZXNfZGF0YXw Page URL
https://www.opptmzmobile.com/3PDWK38Z/3FCXT1HD/?sub1=AFZslV7giAAAmDICAERLNAASALSVPeYA HTTP 302
https://unlocklink.com/redirect/action/1IndzM3MuJSoxNjwiKHNmf3BlZ2E_eQ_Pyi?uc=6f16cb1516814605bab80868b26a55d7&tsid=47135&uc2= HTTP 302
https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU1Eek91eHlnamd0UkJqc1BpTEgxcFJ3TjBLalk0d21VNnVFNW5VQ2h1QnU1Q2NNPQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bytlly.com/17knqq HTTP 302
http://xtraserp.com/?acma=VGl0YW5pYyAxOTk3IEdlcm1hbiBIZHR2IDEwODBwIER0cyBYMjY0dHJtZHNmVGl&bewilderment=ZG93bmxvYWR8YWwwTWpFM2ZIdzNOemQ4ZkRrNU9UbDhmRTFQVGxOVVJWSWdWMmw0SUZ0RGFHRnVaMlZrWFNCN2ZR&risking=&giffiths=&compacts=handicapping HTTP 302
https://g3nerat3dn3w.best/r/?token=9d0745f9c8757824933c881516f6b51678e7f13f&q=Titanic+1997+German+Hdtv+1080p+Dts+X264&s3=Titanic+1997+German+Hdtv+1080p+Dts+X264&s2=mmaa&s1=8fE1BQ19Nb3ZpZXNfZGF0YXw

Request Chain 2

https://www.9t5.me/ln/IO5zCiB4348?language=DE&clickid=18041430_1d_6e_48_67fbf8_ab2_80_5e956c57_2a0104f8019254140000000000000002_3069_0_0_64_64_0_2_2&pub=48 HTTP 302
https://www.popcornlinks.com/welcome.html?aff=4348&theme=0929&language=DE&clickid=18041430_1d_6e_48_67fbf8_ab2_80_5e956c57_2a0104f8019254140000000000000002_3069_0_0_64_64_0_2_2&pub=48

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set / Show response g3nerat3dn3w.best/r/ Redirect Chain http://bytlly.com/17knqq http://xtraserp.com/?acma=VGl0YW5pYyAxOTk3IEdlcm1hbiBIZHR2IDEwODBwIER0cyBYMjY0dHJtZHNmVGl&bewilderment=ZG93bmxvYWR8YWwwTWpFM2ZIdzNOemQ4ZkRrNU9UbDhmRTFQVGxOVVJWSWdWMmw0SUZ0RGFHRnVaMlZrWFNCN2ZR&riski... https://g3nerat3dn3w.best/r/?token=9d0745f9c8757824933c881516f6b51678e7f13f&q=Titanic+1997+German+Hdtv+1080p+Dts+X264&s3=Titanic+1997+German+Hdtv+1080p+Dts+X264&s2=mmaa&s1=8fE1BQ19Nb3ZpZXNfZGF0YXw	7 KB 8 KB	520ms 432ms	Document text/html	78.140.165.10 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://g3nerat3dn3w.best/r/?token=9d0745f9c8757824933c881516f6b51678e7f13f&q=Titanic+1997+German+Hdtv+1080p+Dts+X264&s3=Titanic+1997+German+Hdtv+1080p+Dts+X264&s2=mmaa&s1=8fE1BQ19Nb3ZpZXNfZGF0YXw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.165.10 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx/1.16.1 / Resource Hash `93a2d0168fb11391164221f3d5afde17a59d204489f182ec266bec445285264a` Request headers Host g3nerat3dn3w.best Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.16.1 Date Tue, 14 Apr 2020 07:55:02 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie bd_context=06GTQJFwX6tah+WbtaF9Y4T+PBeuR5Vii5I3BtWBpYNEzLBHo3dEsmKtmhs5WSK1y2JX0iv/QNk2J41J4UyQfif/tf12Olu+uOWmrJUlWaMLsXe0aTRBi2vtUHPNsRakh3e9OnwcI/ZEnZ7S0s0A2NMqBYr87++lgD2ci4ZsaCd33GQgk7B6jZxlrfAAWWRDzYyfwU5ijFITmqwSDeD9LnQ6MEFdaVbDUezGjPJxMIDRti7vgmGG/NCRysloR3ErhkA+9jCadvhi+ocEHZV7YFFOftAOLnGFFJKg5B2J/syukcmD82bH7SmQ9k4S+lH3GwlN2GG99IVe; Expires=Wed, 14 Apr 2021 07:55:02 GMT Redirect headers Date Tue, 14 Apr 2020 08:51:58 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie PHPSESSID=ac0436fbb83ecc03ad5cd551e356ec68; path=/ Location https://g3nerat3dn3w.best/r/?token=9d0745f9c8757824933c881516f6b51678e7f13f&q=Titanic+1997+German+Hdtv+1080p+Dts+X264&s3=Titanic+1997+German+Hdtv+1080p+Dts+X264&s2=mmaa&s1=8fE1BQ19Nb3ZpZXNfZGF0YXw Content-Length 0 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H2	200	Primary Request d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU1Eek91eHlnamd0UkJqc1BpTEgxcFJ3T... Show response redirectglobal.com/clk/ Redirect Chain https://www.opptmzmobile.com/3PDWK38Z/3FCXT1HD/?sub1=AFZslV7giAAAmDICAERLNAASALSVPeYA https://unlocklink.com/redirect/action/1IndzM3MuJSoxNjwiKHNmf3BlZ2E_eQ_Pyi?uc=6f16cb1516814605bab80868b26a55d7&tsid=47135&uc2= https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU...	3 KB 4 KB	576ms 525ms	Document text/html	2606:4700:3037::681f:53b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU1Eek91eHlnamd0UkJqc1BpTEgxcFJ3TjBLalk0d21VNnVFNW5VQ2h1QnU1Q2NNPQ Requested by Host: g3nerat3dn3w.best URL: https://g3nerat3dn3w.best/r/?token=9d0745f9c8757824933c881516f6b51678e7f13f&q=Titanic+1997+German+Hdtv+1080p+Dts+X264&s3=Titanic+1997+German+Hdtv+1080p+Dts+X264&s2=mmaa&s1=8fE1BQ19Nb3ZpZXNfZGF0YXw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:53b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `51ea90fa481b9684779889bf6dff84e5bd0f6071a5149a1535f1f0abae818f19` Request headers :method GET :authority redirectglobal.com :scheme https :path /clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU1Eek91eHlnamd0UkJqc1BpTEgxcFJ3TjBLalk0d21VNnVFNW5VQ2h1QnU1Q2NNPQ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://g3nerat3dn3w.best/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://g3nerat3dn3w.best/r/?token=9d0745f9c8757824933c881516f6b51678e7f13f&q=Titanic+1997+German+Hdtv+1080p+Dts+X264&s3=Titanic+1997+German+Hdtv+1080p+Dts+X264&s2=mmaa&s1=8fE1BQ19Nb3ZpZXNfZGF0YXw Response headers status 200 date Tue, 14 Apr 2020 07:55:03 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d425159776c239c3e35bb6553c3907e701586850903; expires=Thu, 14-May-20 07:55:03 GMT; path=/; domain=.redirectglobal.com; HttpOnly; SameSite=Lax; Secure GEO_1e130304e2289b19e90b6aef176238802e2d93cb=67fbf8; expires=Tue, 14-Apr-2020 08:55:03 GMT; Max-Age=3600 click-26a-67fbf8=18041430_1d_6e_48_67fbf8_ab2_80_5e956c57_2a0104f8019254140000000000000002_3069_0_0_64_64_0_2_2; expires=Sun, 11-Oct-2020 07:55:03 GMT; Max-Age=15552000; path=/conversion msv-48-67fbf8-bfd-50-110-0=55832868898534104861030369468629385218; expires=Wed, 15-Apr-2020 07:55:03 GMT; Max-Age=86400 charset UTF-8 content-encoding UTF-8 p3p CP="NOI CURa ADMa PSA OUR NOR OTC" pragma no-cache cache-control no-cache no-cache, must-revalidate, max-age=0 x-robots-tag noindex, nofollow, nocache, noarchive googlebot noindex, nofollow, nocache, noarchive access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 583bdcc1fbf23260-FRA Redirect headers status 302 date Tue, 14 Apr 2020 07:55:03 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d2d9e6e92d7009f85f34ff5acd783388d1586850903; expires=Thu, 14-May-20 07:55:03 GMT; path=/; domain=.unlocklink.com; HttpOnly; SameSite=Lax; Secure location https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU1Eek91eHlnamd0UkJqc1BpTEgxcFJ3TjBLalk0d21VNnVFNW5VQ2h1QnU1Q2NNPQ cache-control no-cache, must-revalidate, max-age=0 access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 583bdcc00a9264af-FRA
GET H2	200	exittraffic.js Show response www.redirectglobal.com/background_loader/getJS/	3 KB 919 B	156ms 122ms	Script text/javascript	2606:4700:3037::681f:53b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.redirectglobal.com/background_loader/getJS/exittraffic.js Requested by Host: redirectglobal.com URL: https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU1Eek91eHlnamd0UkJqc1BpTEgxcFJ3TjBLalk0d21VNnVFNW5VQ2h1QnU1Q2NNPQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:53b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a2aff07047d4795ce7f7feb5b64ec9ff981e7fb1c48cb4cd14910d558c18f439` Request headers Referer https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU1Eek91eHlnamd0UkJqc1BpTEgxcFJ3TjBLalk0d21VNnVFNW5VQ2h1QnU1Q2NNPQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma pragma date Tue, 14 Apr 2020 07:55:04 GMT content-encoding br cf-cache-status EXPIRED server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 583bdcc57ea03260-FRA
GET H2	200	welcome.html www.popcornlinks.com/ Frame 6AA2 Redirect Chain https://www.9t5.me/ln/IO5zCiB4348?language=DE&clickid=18041430_1d_6e_48_67fbf8_ab2_80_5e956c57_2a0104f8019254140000000000000002_3069_0_0_64_64_0_2_2&pub=48 https://www.popcornlinks.com/welcome.html?aff=4348&theme=0929&language=DE&clickid=18041430_1d_6e_48_67fbf8_ab2_80_5e956c57_2a0104f8019254140000000000000002_3069_0_0_64_64_0_2_2&pub=48	0 0	261ms 183ms	Document text/html	35.244.148.197 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.popcornlinks.com/welcome.html?aff=4348&theme=0929&language=DE&clickid=18041430_1d_6e_48_67fbf8_ab2_80_5e956c57_2a0104f8019254140000000000000002_3069_0_0_64_64_0_2_2&pub=48 Requested by Host: redirectglobal.com URL: https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU1Eek91eHlnamd0UkJqc1BpTEgxcFJ3TjBLalk0d21VNnVFNW5VQ2h1QnU1Q2NNPQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.148.197 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 197.148.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash Request headers :method GET :authority www.popcornlinks.com :scheme https :path /welcome.html?aff=4348&theme=0929&language=DE&clickid=18041430_1d_6e_48_67fbf8_ab2_80_5e956c57_2a0104f8019254140000000000000002_3069_0_0_64_64_0_2_2&pub=48 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU1Eek91eHlnamd0UkJqc1BpTEgxcFJ3TjBLalk0d21VNnVFNW5VQ2h1QnU1Q2NNPQ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://redirectglobal.com/clk/d2hBMDYrNjlLZjJLWjkzN2Q0SDR2ZUNNMGIrSUk0ZTZHSTNKR25kOWtZRE5objc1eDYvaG1MRkQwQWJWV3VpK1NTSEE1TlZJYWZtNU91b1dONG1hWjk3SlpjU0tSMklSYkV3dXBGeGpZMWJJUTE4WnkyRkdQTFM2NERWeU1Eek91eHlnamd0UkJqc1BpTEgxcFJ3TjBLalk0d21VNnVFNW5VQ2h1QnU1Q2NNPQ Response headers status 200 x-guploader-uploadid AEnB2UpEKvyByjq33KTdboAWa7DLmHR0Ow8T677VKBifCEVJ8NqOgGAbel0jjVmT2EIlXxqBEkmBI9Ueb_IWcp_JD3akIZadefbJHFtmtINe3O7EI1Ss7Os expires Tue, 14 Apr 2020 08:55:05 GMT date Tue, 14 Apr 2020 07:55:05 GMT cache-control public, max-age=3600 last-modified Mon, 03 Feb 2020 16:26:50 GMT etag "c6f6dd5e7be4d46cfeb788da9e85e8ea" x-goog-generation 1580747210237556 x-goog-metageneration 1 x-goog-stored-content-encoding identity x-goog-stored-content-length 5220 content-type text/html x-goog-hash crc32c=jXujHQ== md5=xvbdXnvk1Gz+t4janoXo6g== x-goog-storage-class MULTI_REGIONAL accept-ranges bytes content-length 5220 server UploadServer alt-svc clear Redirect headers Content-Type text/plain Date Tue, 14 Apr 2020 07:55:04 GMT Location https://www.popcornlinks.com/welcome.html?aff=4348&theme=0929&language=DE&clickid=18041430_1d_6e_48_67fbf8_ab2_80_5e956c57_2a0104f8019254140000000000000002_3069_0_0_64_64_0_2_2&pub=48 Server Apache-Coyote/1.1 Content-Length 0 Connection keep-alive

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.popcornlinks.com/	1970-01-19 08:48:57	Name: _gid Value: GA1.2.1815208250.1586850906
.popcornlinks.com/	1970-01-19 08:47:32	Name: _uetsid Value: _uetf3f52dd5-a416-f501-06d1-c3e6e4aac7f0
.popcornlinks.com/	1970-01-19 10:57:06	Name: _fbp Value: fb.1.1586850905649.1480441047
.popcornlinks.com/	1970-01-19 08:47:30	Name: _gat_UA-79989177-1 Value: 1
.popcornlinks.com/	1970-01-20 02:18:42	Name: _ga Value: GA1.2.1298705479.1586850906
.redirectglobal.com/	1970-01-19 09:30:42	Name: __cfduid Value: d425159776c239c3e35bb6553c3907e701586850903
redirectglobal.com/clk	1970-01-19 08:47:34	Name: GEO_1e130304e2289b19e90b6aef176238802e2d93cb Value: 67fbf8
redirectglobal.com/clk	1970-01-19 08:48:57	Name: msv-48-67fbf8-bfd-50-110-0 Value: 55832868898534104861030369468629385218
www.popcornlinks.com/	1969-12-31 23:59:59	Name: checkByIp Value: {"countryId":60,"countryName":"Denmark","cityName":"Copenhagen","languageId":14,"languageDsc":"DK","status":null,"redirectingURL":null}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bytlly.com
g3nerat3dn3w.best
redirectglobal.com
unlocklink.com
www.9t5.me
www.opptmzmobile.com
www.popcornlinks.com
www.redirectglobal.com
xtraserp.com
2606:4700:3033::681b:bee7
2606:4700:3037::681f:53b7
34.223.116.29
35.190.65.250
35.244.148.197
5.149.248.110
5.149.248.70
78.140.165.10
51ea90fa481b9684779889bf6dff84e5bd0f6071a5149a1535f1f0abae818f19
93a2d0168fb11391164221f3d5afde17a59d204489f182ec266bec445285264a
a2aff07047d4795ce7f7feb5b64ec9ff981e7fb1c48cb4cd14910d558c18f439

redirectglobal.com Open in urlscan Pro 2606:4700:3037::681f:53b7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

25 %IPv6

8 Domains

9 Subdomains

3 IPs

2 Countries

13 kBTransfer

13 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

9 Cookies

Indicators

redirectglobal.com Open in urlscan Pro
2606:4700:3037::681f:53b7 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

25 %
IPv6

8
Domains

9
Subdomains

3
IPs

2
Countries

13 kB
Transfer

13 kB
Size

9
Cookies

4 HTTP transactions
0 data transactions