urlscan.io logo urlscan.io
SecurityTrails logo

r.redirekted.com Open in urlscan Pro
66.165.243.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://foodconsulto.com/responsibilityu.php?utm_source=2a0768&utm_content=0c19d
Effective URL: http://r.redirekted.com/redirect?redirect_id=29ac5b81084fe19132049e0188d1f7e8&request_id=061c659e9deb0a646e91e3838779c922
Submission: On February 14 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 9 HTTP transactions. The main IP is 66.165.243.160, located in and belongs to . The main domain is r.redirekted.com.
This is the only time r.redirekted.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 148.66.136.56 26496 (AS-26496-...)
2 103.224.182.252 133618 (TRELLIAN-...)
1 2 70.32.1.32 32181 (ASN-GIGENET)
4 66.165.243.160 ()
1 2a00:1450:400... ()
9 5
1    148.66.136.56 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
foodconsulto.com
2    103.224.182.252 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-252.above.com
audiological.com
2    70.32.1.32 (Ashburn, United States)

ASN32181 (ASN-GIGENET, US)
PTR: ip-70.32.1.32.hosted.by.gigenet.com
0redirc.com
4    66.165.243.160 (None, )

ASN- ()
r.redirekted.com
1    2a00:1450:4001:810::200e (None, )

ASN- ()
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
4 redirekted.com
r.redirekted.com
11 KB
2 0redirc.com
0redirc.com — Cisco Umbrella Rank: 147476
2 KB
2 audiological.com
audiological.com
6 KB
1 google-analytics.com
www.google-analytics.com
20 KB
1 foodconsulto.com
foodconsulto.com
2 KB
9 5
Domain Requested by
4 r.redirekted.com 0redirc.com
r.redirekted.com
2 0redirc.com 1 redirects audiological.com
2 audiological.com foodconsulto.com
audiological.com
1 www.google-analytics.com r.redirekted.com
1 foodconsulto.com
9 5

This site contains no links.

Subject Issuer Validity Valid
camelliaculture.com
R3		 2022-02-04 -
2022-05-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://r.redirekted.com/redirect?redirect_id=29ac5b81084fe19132049e0188d1f7e8&request_id=061c659e9deb0a646e91e3838779c922
Frame ID: 64A3225308BD324F8A177A797E48BE78
Requests: 7 HTTP requests in this frame

Frame: http://r.redirekted.com/go?e=04mWWSFWjSTsbjKL9IFC94UXw0wX7RKB9gwVugFW8x0Xyj3L8gRBv13F9fwsytaF59Gr8RFW4EzXbjULdfQBWk3p481X-LFF-IPqYk3Bj9ysbLPF8IPBwglp15GsuMlL59Gr-RPX58IA3OKM7c0MVEwCajwZcx3B75GsUAQWa5mZ78IF9gRrW13p4DJsyDQL55GsQSPXxO2Z2uxCm8GssEmBsWTs6fFEeZ3WYImq4uTsYyaBdfQCVgFW4DJsYgFBdtPrtk3B8Z2XmqPCdHPqVgvCzRJs-bvF8uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Frame ID: 6B97F3E079259F9684389A2A4ED1C022
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://foodconsulto.com/responsibilityu.php?utm_source=2a0768&utm_content=0c19d Page URL
  2. https://audiological.com/ Page URL
  3. http://0redirc.com/jr.php?gz=l2GxFCQNQYc%2Fq1CaCEeIgk4%2Fj5O4zTOEnCQ%2FA2IiNUJiJkEyAQfQkoxaiE84... HTTP 302
    http://0redirc.com/jr.php?gz=l2GxFCQNQYc%2Fq1CaCEeIgk4%2Fj5O4zTOEnCQ%2FA2IiNUJiJkEyAQfQkoxaiE84... Page URL
  4. http://r.redirekted.com/redirect?redirect_id=29ac5b81084fe19132049e0188d1f7e8&request_id=061c659e9de... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Page Statistics

9
Requests

22 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

40 kB
Transfer

78 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://foodconsulto.com/responsibilityu.php?utm_source=2a0768&utm_content=0c19d Page URL
  2. https://audiological.com/ Page URL
  3. http://0redirc.com/jr.php?gz=l2GxFCQNQYc%2Fq1CaCEeIgk4%2Fj5O4zTOEnCQ%2FA2IiNUJiJkEyAQfQkoxaiE84NnhDeO%2F%2B3YZaKJeX1enjOrtrTbbsTitgI%2BNXdTOIDs7uL%2BBb8qX%2BIkkyATcCbi92OfdMnNOrjvWD%2BwopUX1BzWGk8WNgnMRg7437It5iM4X4ujr7AkNwMUjkfJR6IWB8KED9itBGWq2T89I5q6pPyO37m1wZQ5xJkAOmWc1yesakRf4sBftAgXI1gWFU70Iz%2B0h%2FeGL5n0Vh23scIAHUKlhG1SguRzgZSIzTsKAf40VKBr4ndOktzQ69yg%2B%2B6B2XDpMMZ9hxcNcRTGmubPfRZyLJjA4zbgtFZ32nMwaJRvfX5kdhBcPiQWY0uVUfKK5KuaegqWQyomUZkCNppEeA5sP5HpFDxpAeen7Raek%2FgT8oKB4buYTjQ%2BWrGKXzJLGsFW3y7AEdykw5bFQ04MFRoXNs1ge2glAkGyL96LyXIR6R8oUUl1UIDeuwNYrGjsT7SneFiK9ZCHJsysL1Omfqfo6V9MlZI4WhTLU0NR%2BDU8hnlokCeQRTJRBwF5PQNpPJk08Ji9bhCYwUp3RW0iuFo94Nuv7BWJCMoPzR0cKE92tWnKgwQ69jk9naG3Vs81gzWQE35Fiu4TVtMhTToBp%2BnC%2F2wvsrkWCruzx8y8xDs%2B18KTwEaaii0R2O7anVbROvLx4%2FuBZg9Lk90OxvBFFKDsq73LBvaZ3Xl6P2%2FA9t9PzYEo2UQE0CwNWxNu6MONDNGX%2Bt&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
    http://0redirc.com/jr.php?gz=l2GxFCQNQYc%2Fq1CaCEeIgk4%2Fj5O4zTOEnCQ%2FA2IiNUJiJkEyAQfQkoxaiE84NnhDeO%2F%2B3YZaKJeX1enjOrtrTbbsTitgI%2BNXdTOIDs7uL%2BBb8qX%2BIkkyATcCbi92OfdMnNOrjvWD%2BwopUX1BzWGk8WNgnMRg7437It5iM4X4ujr7AkNwMUjkfJR6IWB8KED9itBGWq2T89I5q6pPyO37m1wZQ5xJkAOmWc1yesakRf4sBftAgXI1gWFU70Iz%2B0h%2FeGL5n0Vh23scIAHUKlhG1SguRzgZSIzTsKAf40VKBr4ndOktzQ69yg%2B%2B6B2XDpMMZ9hxcNcRTGmubPfRZyLJjA4zbgtFZ32nMwaJRvfX5kdhBcPiQWY0uVUfKK5KuaegqWQyomUZkCNppEeA5sP5HpFDxpAeen7Raek%2FgT8oKB4buYTjQ%2BWrGKXzJLGsFW3y7AEdykw5bFQ04MFRoXNs1ge2glAkGyL96LyXIR6R8oUUl1UIDeuwNYrGjsT7SneFiK9ZCHJsysL1Omfqfo6V9MlZI4WhTLU0NR%2BDU8hnlokCeQRTJRBwF5PQNpPJk08Ji9bhCYwUp3RW0iuFo94Nuv7BWJCMoPzR0cKE92tWnKgwQ69jk9naG3Vs81gzWQE35Fiu4TVtMhTToBp%2BnC%2F2wvsrkWCruzx8y8xDs%2B18KTwEaaii0R2O7anVbROvLx4%2FuBZg9Lk90OxvBFFKDsq73LBvaZ3Xl6P2%2FA9t9PzYEo2UQE0CwNWxNu6MONDNGX%2Bt&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&ckReS=1644826936.4351029 Page URL
  4. http://r.redirekted.com/redirect?redirect_id=29ac5b81084fe19132049e0188d1f7e8&request_id=061c659e9deb0a646e91e3838779c922 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://0redirc.com/jr.php?gz=l2GxFCQNQYc%2Fq1CaCEeIgk4%2Fj5O4zTOEnCQ%2FA2IiNUJiJkEyAQfQkoxaiE84NnhDeO%2F%2B3YZaKJeX1enjOrtrTbbsTitgI%2BNXdTOIDs7uL%2BBb8qX%2BIkkyATcCbi92OfdMnNOrjvWD%2BwopUX1BzWGk8WNgnMRg7437It5iM4X4ujr7AkNwMUjkfJR6IWB8KED9itBGWq2T89I5q6pPyO37m1wZQ5xJkAOmWc1yesakRf4sBftAgXI1gWFU70Iz%2B0h%2FeGL5n0Vh23scIAHUKlhG1SguRzgZSIzTsKAf40VKBr4ndOktzQ69yg%2B%2B6B2XDpMMZ9hxcNcRTGmubPfRZyLJjA4zbgtFZ32nMwaJRvfX5kdhBcPiQWY0uVUfKK5KuaegqWQyomUZkCNppEeA5sP5HpFDxpAeen7Raek%2FgT8oKB4buYTjQ%2BWrGKXzJLGsFW3y7AEdykw5bFQ04MFRoXNs1ge2glAkGyL96LyXIR6R8oUUl1UIDeuwNYrGjsT7SneFiK9ZCHJsysL1Omfqfo6V9MlZI4WhTLU0NR%2BDU8hnlokCeQRTJRBwF5PQNpPJk08Ji9bhCYwUp3RW0iuFo94Nuv7BWJCMoPzR0cKE92tWnKgwQ69jk9naG3Vs81gzWQE35Fiu4TVtMhTToBp%2BnC%2F2wvsrkWCruzx8y8xDs%2B18KTwEaaii0R2O7anVbROvLx4%2FuBZg9Lk90OxvBFFKDsq73LBvaZ3Xl6P2%2FA9t9PzYEo2UQE0CwNWxNu6MONDNGX%2Bt&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
  • http://0redirc.com/jr.php?gz=l2GxFCQNQYc%2Fq1CaCEeIgk4%2Fj5O4zTOEnCQ%2FA2IiNUJiJkEyAQfQkoxaiE84NnhDeO%2F%2B3YZaKJeX1enjOrtrTbbsTitgI%2BNXdTOIDs7uL%2BBb8qX%2BIkkyATcCbi92OfdMnNOrjvWD%2BwopUX1BzWGk8WNgnMRg7437It5iM4X4ujr7AkNwMUjkfJR6IWB8KED9itBGWq2T89I5q6pPyO37m1wZQ5xJkAOmWc1yesakRf4sBftAgXI1gWFU70Iz%2B0h%2FeGL5n0Vh23scIAHUKlhG1SguRzgZSIzTsKAf40VKBr4ndOktzQ69yg%2B%2B6B2XDpMMZ9hxcNcRTGmubPfRZyLJjA4zbgtFZ32nMwaJRvfX5kdhBcPiQWY0uVUfKK5KuaegqWQyomUZkCNppEeA5sP5HpFDxpAeen7Raek%2FgT8oKB4buYTjQ%2BWrGKXzJLGsFW3y7AEdykw5bFQ04MFRoXNs1ge2glAkGyL96LyXIR6R8oUUl1UIDeuwNYrGjsT7SneFiK9ZCHJsysL1Omfqfo6V9MlZI4WhTLU0NR%2BDU8hnlokCeQRTJRBwF5PQNpPJk08Ji9bhCYwUp3RW0iuFo94Nuv7BWJCMoPzR0cKE92tWnKgwQ69jk9naG3Vs81gzWQE35Fiu4TVtMhTToBp%2BnC%2F2wvsrkWCruzx8y8xDs%2B18KTwEaaii0R2O7anVbROvLx4%2FuBZg9Lk90OxvBFFKDsq73LBvaZ3Xl6P2%2FA9t9PzYEo2UQE0CwNWxNu6MONDNGX%2Bt&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&ckReS=1644826936.4351029
Request Chain 7
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
responsibilityu.php
foodconsulto.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://foodconsulto.com/responsibilityu.php?utm_source=2a0768&utm_content=0c19d
Protocol
HTTP/1.1
Server
148.66.136.56 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache / PHP/7.4.27
Resource Hash
a61f68efc121e01562b558c116b077ce603f7e27beb93eba7e655b0e3f63f5ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 14 Feb 2022 08:22:11 GMT
Server
Apache
X-Powered-By
PHP/7.4.27
Expires
Mon, 14 Feb 2022 07:52:12 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Pragma
no-cache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Last-Modified
Mon, 14 Feb 2022 07:22:12 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1979
Keep-Alive
timeout=5
Content-Type
text/html; charset=utf-8
/
audiological.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://audiological.com/
Requested by
Host: foodconsulto.com
URL: http://foodconsulto.com/responsibilityu.php?utm_source=2a0768&utm_content=0c19d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.224.182.252 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-252.above.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
749a6ee5192d9c88c55eebacacec2b97b4716e5454f582261998ecb023e895c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://foodconsulto.com/

Response headers

Date
Mon, 14 Feb 2022 08:22:15 GMT
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1754
Connection
close
Content-Type
text/html; charset=UTF-8
swfobject.js
audiological.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://audiological.com/js/swfobject.js
Requested by
Host: audiological.com
URL: https://audiological.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.224.182.252 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-252.above.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://audiological.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 08:22:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Dec 2018 05:51:46 GMT
Server
Apache/2.4.25 (Debian)
ETag
"27ef-57ccccb182cb1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3949
jr.php
0redirc.com/
Redirect Chain
  • http://0redirc.com/jr.php?gz=l2GxFCQNQYc%2Fq1CaCEeIgk4%2Fj5O4zTOEnCQ%2FA2IiNUJiJkEyAQfQkoxaiE84NnhDeO%2F%2B3YZaKJeX1enjOrtrTbbsTitgI%2BNXdTOIDs7uL%2BBb8qX%2BIkkyATcCbi92OfdMnNOrjvWD%2BwopUX1BzWGk8W...
  • http://0redirc.com/jr.php?gz=l2GxFCQNQYc%2Fq1CaCEeIgk4%2Fj5O4zTOEnCQ%2FA2IiNUJiJkEyAQfQkoxaiE84NnhDeO%2F%2B3YZaKJeX1enjOrtrTbbsTitgI%2BNXdTOIDs7uL%2BBb8qX%2BIkkyATcCbi92OfdMnNOrjvWD%2BwopUX1BzWGk8W...
470 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
http://0redirc.com/jr.php?gz=l2GxFCQNQYc%2Fq1CaCEeIgk4%2Fj5O4zTOEnCQ%2FA2IiNUJiJkEyAQfQkoxaiE84NnhDeO%2F%2B3YZaKJeX1enjOrtrTbbsTitgI%2BNXdTOIDs7uL%2BBb8qX%2BIkkyATcCbi92OfdMnNOrjvWD%2BwopUX1BzWGk8WNgnMRg7437It5iM4X4ujr7AkNwMUjkfJR6IWB8KED9itBGWq2T89I5q6pPyO37m1wZQ5xJkAOmWc1yesakRf4sBftAgXI1gWFU70Iz%2B0h%2FeGL5n0Vh23scIAHUKlhG1SguRzgZSIzTsKAf40VKBr4ndOktzQ69yg%2B%2B6B2XDpMMZ9hxcNcRTGmubPfRZyLJjA4zbgtFZ32nMwaJRvfX5kdhBcPiQWY0uVUfKK5KuaegqWQyomUZkCNppEeA5sP5HpFDxpAeen7Raek%2FgT8oKB4buYTjQ%2BWrGKXzJLGsFW3y7AEdykw5bFQ04MFRoXNs1ge2glAkGyL96LyXIR6R8oUUl1UIDeuwNYrGjsT7SneFiK9ZCHJsysL1Omfqfo6V9MlZI4WhTLU0NR%2BDU8hnlokCeQRTJRBwF5PQNpPJk08Ji9bhCYwUp3RW0iuFo94Nuv7BWJCMoPzR0cKE92tWnKgwQ69jk9naG3Vs81gzWQE35Fiu4TVtMhTToBp%2BnC%2F2wvsrkWCruzx8y8xDs%2B18KTwEaaii0R2O7anVbROvLx4%2FuBZg9Lk90OxvBFFKDsq73LBvaZ3Xl6P2%2FA9t9PzYEo2UQE0CwNWxNu6MONDNGX%2Bt&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&ckReS=1644826936.4351029
Requested by
Host: audiological.com
URL: https://audiological.com/
Protocol
HTTP/1.1
Server
70.32.1.32 Ashburn, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-70.32.1.32.hosted.by.gigenet.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
e81a1ebccea8b769b94fd26f90005e668f6777cc16996e0990870ec681603bd9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://audiological.com/

Response headers

Date
Mon, 14 Feb 2022 08:22:16 GMT
Server
Apache/2.4.25 (Debian)
X-JR-Code
s
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
268
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 14 Feb 2022 08:22:16 GMT
Server
Apache/2.4.25 (Debian)
Location
jr.php?gz=l2GxFCQNQYc%2Fq1CaCEeIgk4%2Fj5O4zTOEnCQ%2FA2IiNUJiJkEyAQfQkoxaiE84NnhDeO%2F%2B3YZaKJeX1enjOrtrTbbsTitgI%2BNXdTOIDs7uL%2BBb8qX%2BIkkyATcCbi92OfdMnNOrjvWD%2BwopUX1BzWGk8WNgnMRg7437It5iM4X4ujr7AkNwMUjkfJR6IWB8KED9itBGWq2T89I5q6pPyO37m1wZQ5xJkAOmWc1yesakRf4sBftAgXI1gWFU70Iz%2B0h%2FeGL5n0Vh23scIAHUKlhG1SguRzgZSIzTsKAf40VKBr4ndOktzQ69yg%2B%2B6B2XDpMMZ9hxcNcRTGmubPfRZyLJjA4zbgtFZ32nMwaJRvfX5kdhBcPiQWY0uVUfKK5KuaegqWQyomUZkCNppEeA5sP5HpFDxpAeen7Raek%2FgT8oKB4buYTjQ%2BWrGKXzJLGsFW3y7AEdykw5bFQ04MFRoXNs1ge2glAkGyL96LyXIR6R8oUUl1UIDeuwNYrGjsT7SneFiK9ZCHJsysL1Omfqfo6V9MlZI4WhTLU0NR%2BDU8hnlokCeQRTJRBwF5PQNpPJk08Ji9bhCYwUp3RW0iuFo94Nuv7BWJCMoPzR0cKE92tWnKgwQ69jk9naG3Vs81gzWQE35Fiu4TVtMhTToBp%2BnC%2F2wvsrkWCruzx8y8xDs%2B18KTwEaaii0R2O7anVbROvLx4%2FuBZg9Lk90OxvBFFKDsq73LBvaZ3Xl6P2%2FA9t9PzYEo2UQE0CwNWxNu6MONDNGX%2Bt&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&ckReS=1644826936.4351029
X-JR-Code
cr
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
Primary Request redirect
r.redirekted.com/ 		834 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://r.redirekted.com/redirect?redirect_id=29ac5b81084fe19132049e0188d1f7e8&request_id=061c659e9deb0a646e91e3838779c922
Requested by
Host: 0redirc.com
URL: http://0redirc.com/jr.php?gz=l2GxFCQNQYc%2Fq1CaCEeIgk4%2Fj5O4zTOEnCQ%2FA2IiNUJiJkEyAQfQkoxaiE84NnhDeO%2F%2B3YZaKJeX1enjOrtrTbbsTitgI%2BNXdTOIDs7uL%2BBb8qX%2BIkkyATcCbi92OfdMnNOrjvWD%2BwopUX1BzWGk8WNgnMRg7437It5iM4X4ujr7AkNwMUjkfJR6IWB8KED9itBGWq2T89I5q6pPyO37m1wZQ5xJkAOmWc1yesakRf4sBftAgXI1gWFU70Iz%2B0h%2FeGL5n0Vh23scIAHUKlhG1SguRzgZSIzTsKAf40VKBr4ndOktzQ69yg%2B%2B6B2XDpMMZ9hxcNcRTGmubPfRZyLJjA4zbgtFZ32nMwaJRvfX5kdhBcPiQWY0uVUfKK5KuaegqWQyomUZkCNppEeA5sP5HpFDxpAeen7Raek%2FgT8oKB4buYTjQ%2BWrGKXzJLGsFW3y7AEdykw5bFQ04MFRoXNs1ge2glAkGyL96LyXIR6R8oUUl1UIDeuwNYrGjsT7SneFiK9ZCHJsysL1Omfqfo6V9MlZI4WhTLU0NR%2BDU8hnlokCeQRTJRBwF5PQNpPJk08Ji9bhCYwUp3RW0iuFo94Nuv7BWJCMoPzR0cKE92tWnKgwQ69jk9naG3Vs81gzWQE35Fiu4TVtMhTToBp%2BnC%2F2wvsrkWCruzx8y8xDs%2B18KTwEaaii0R2O7anVbROvLx4%2FuBZg9Lk90OxvBFFKDsq73LBvaZ3Xl6P2%2FA9t9PzYEo2UQE0CwNWxNu6MONDNGX%2Bt&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&ckReS=1644826936.4351029
Protocol
HTTP/1.1
Server
66.165.243.160 -, , ASN (),
Reverse DNS
Software
nginx/1.21.5 / PHP/8.0.14
Resource Hash
4f1d8d4f3ef99ec32108451d7d12c25cb3d322c7e3db8aa0c2ac5822e00b7442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://0redirc.com/

Response headers

Server
nginx/1.21.5
Date
Mon, 14 Feb 2022 08:22:17 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/8.0.14
adren.css
r.redirekted.com/css/ 		243 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://r.redirekted.com/css/adren.css?n=1721489575
Requested by
Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=29ac5b81084fe19132049e0188d1f7e8&request_id=061c659e9deb0a646e91e3838779c922
Protocol
HTTP/1.1
Server
66.165.243.160 -, , ASN (),
Reverse DNS
Software
nginx/1.21.5 /
Resource Hash
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://r.redirekted.com/redirect?redirect_id=29ac5b81084fe19132049e0188d1f7e8&request_id=061c659e9deb0a646e91e3838779c922
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 08:22:17 GMT
Last-Modified
Sat, 03 Jul 2021 05:46:18 GMT
Server
nginx/1.21.5
ETag
"60dff9aa-f3"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
243
adren.min.js
r.redirekted.com/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://r.redirekted.com/js/adren.min.js?n=1721489575
Requested by
Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=29ac5b81084fe19132049e0188d1f7e8&request_id=061c659e9deb0a646e91e3838779c922
Protocol
HTTP/1.1
Server
66.165.243.160 -, , ASN (),
Reverse DNS
Software
nginx/1.21.5 /
Resource Hash
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://r.redirekted.com/redirect?redirect_id=29ac5b81084fe19132049e0188d1f7e8&request_id=061c659e9deb0a646e91e3838779c922
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 08:22:17 GMT
Last-Modified
Sat, 03 Jul 2021 05:46:18 GMT
Server
nginx/1.21.5
ETag
"60dff9aa-1d68"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7528
go
r.redirekted.com/ Frame 6B97 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://r.redirekted.com/go?e=04mWWSFWjSTsbjKL9IFC94UXw0wX7RKB9gwVugFW8x0Xyj3L8gRBv13F9fwsytaF59Gr8RFW4EzXbjULdfQBWk3p481X-LFF-IPqYk3Bj9ysbLPF8IPBwglp15GsuMlL59Gr-RPX58IA3OKM7c0MVEwCajwZcx3B75GsUAQWa5mZ78IF9gRrW13p4DJsyDQL55GsQSPXxO2Z2uxCm8GssEmBsWTs6fFEeZ3WYImq4uTsYyaBdfQCVgFW4DJsYgFBdtPrtk3B8Z2XmqPCdHPqVgvCzRJs-bvF8uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Requested by
Host: r.redirekted.com
URL: http://r.redirekted.com/js/adren.min.js?n=1721489575
Protocol
HTTP/1.1
Server
66.165.243.160 -, , ASN (),
Reverse DNS
Software
nginx/1.21.5 / PHP/8.0.14
Resource Hash
398434fb1e0b415da5ede153cade7924fd6a41df4392efd7b9d8c15230682da9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://r.redirekted.com/redirect?redirect_id=29ac5b81084fe19132049e0188d1f7e8&request_id=061c659e9deb0a646e91e3838779c922

Response headers

Server
nginx/1.21.5
Date
Mon, 14 Feb 2022 08:22:17 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/8.0.14
analytics.js
www.google-analytics.com/ Frame 6B97
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=04mWWSFWjSTsbjKL9IFC94UXw0wX7RKB9gwVugFW8x0Xyj3L8gRBv13F9fwsytaF59Gr8RFW4EzXbjULdfQBWk3p481X-LFF-IPqYk3Bj9ysbLPF8IPBwglp15GsuMlL59Gr-RPX58IA3OKM7c0MVEwCajwZcx3B75GsUAQWa5mZ78IF9gRrW13p4DJsyDQL55GsQSPXxO2Z2uxCm8GssEmBsWTs6fFEeZ3WYImq4uTsYyaBdfQCVgFW4DJsYgFBdtPrtk3B8Z2XmqPCdHPqVgvCzRJs-bvF8uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Protocol
H2
Server
2a00:1450:4001:810::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://r.redirekted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2843
date
Mon, 14 Feb 2022 07:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 14 Feb 2022 09:34:54 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

2 Cookies

Domain/Path Name / Value
audiological.com/ Name: __tad
Value: 1644826935.2226771
0redirc.com/ Name: __tad
Value: 1644826936.4351029