secure.um-bredirect.com
Open in
urlscan Pro
95.217.83.245
Public Scan
Effective URL: https://secure.um-bredirect.com/click.php?key=n2ebxlr2nhxa3dh97395&clickid=M6885518571976262407&bid=0&pub=1263&pid=1263-755caf48...
Submission: On October 20 via api from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 2nd 2020. Valid for: 3 months.
This is the only time secure.um-bredirect.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 144.217.171.217 144.217.171.217 | 16276 (OVH) (OVH) | |
1 1 | 109.234.162.107 109.234.162.107 | 50474 (O2SWITCH) (O2SWITCH) | |
1 1 | 185.66.200.220 185.66.200.220 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
1 | 185.66.201.34 185.66.201.34 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200e | 15169 (GOOGLE) (GOOGLE) | |
1 3 | 99.198.106.194 99.198.106.194 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c04::9a | 15169 (GOOGLE) (GOOGLE) | |
1 | 95.217.83.245 95.217.83.245 | 24940 (HETZNER-AS) (HETZNER-AS) | |
8 | 7 |
ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu
buleor.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
offer.mntzr-january2019.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.245.83.217.95.clients.your-server.de
secure.um-bredirect.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
mntzr-january2019.com
1 redirects
offer.mntzr-january2019.com |
5 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
1 |
um-bredirect.com
secure.um-bredirect.com Failed |
632 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
459 B |
1 |
emula.net
emula.net |
840 B |
1 |
buleor.com
1 redirects
buleor.com |
837 B |
1 |
riftv.net
1 redirects
riftv.net |
354 B |
1 |
berhilpress.info
1 redirects
berhilpress.info |
280 B |
8 | 8 |
Domain | Requested by | |
---|---|---|
3 | offer.mntzr-january2019.com |
1 redirects
emula.net
offer.mntzr-january2019.com |
2 | www.google-analytics.com |
emula.net
www.google-analytics.com |
1 | secure.um-bredirect.com |
offer.mntzr-january2019.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | emula.net | |
1 | buleor.com | 1 redirects |
1 | riftv.net | 1 redirects |
1 | berhilpress.info | 1 redirects |
8 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
emula.net Let's Encrypt Authority X3 |
2020-09-01 - 2020-11-30 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
offer.mntzr-january2019.com Let's Encrypt Authority X3 |
2020-09-19 - 2020-12-18 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
secure.um-bredirect.com Let's Encrypt Authority X3 |
2020-10-02 - 2020-12-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://secure.um-bredirect.com/click.php?key=n2ebxlr2nhxa3dh97395&clickid=M6885518571976262407&bid=0&pub=1263&pid=1263-755caf48-d4335e54&subid=M6885518571976262407&app_name=unknown
Frame ID: 6BADD4D4ABD36B2FEB595C919AB63017
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://berhilpress.info/r.php?v=dD1jJmQ9OTI1NiZsPTc5OCZjPTU3MDc2MQ==
HTTP 302
https://riftv.net/dYzmv?sub1=1&sub2=9256&sub3=12318&sub4=798&sub5=570761 HTTP 301
https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XGiCAArrdGAiZCdikZZpC... Page URL
- https://offer.mntzr-january2019.com/?utm_medium=cd6c753757753ff83d9978f700b37ec4ef37cc2a&utm_campaign=adult&1=1&... Page URL
- https://offer.mntzr-january2019.com/?utm_term=6885518571976262407&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
-
https://offer.mntzr-january2019.com/proc.php?07e4f3cdae1709f69b083217c2eb47f540b6997c
HTTP 302
https://secure.um-bredirect.com/click.php?key=n2ebxlr2nhxa3dh97395&clickid=M6885518571976262407&bid=0&pub=12... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://berhilpress.info/r.php?v=dD1jJmQ9OTI1NiZsPTc5OCZjPTU3MDc2MQ==
HTTP 302
https://riftv.net/dYzmv?sub1=1&sub2=9256&sub3=12318&sub4=798&sub5=570761 HTTP 301
https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XGiCAArrdGAiZCdikZZpCpCjZNrxZNrjNrrpCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_19674&adApiR=loaded_string_8767632d537bf4439c9e23cb09958ff63cbb6_2290232_1603159721.1665_60667&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f Page URL
- https://offer.mntzr-january2019.com/?utm_medium=cd6c753757753ff83d9978f700b37ec4ef37cc2a&utm_campaign=adult&1=1&2=2&3=3&4=4&5=5&cid=90affC1603159721affe2b0665c36481a457a825 Page URL
- https://offer.mntzr-january2019.com/?utm_term=6885518571976262407&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d Page URL
-
https://offer.mntzr-january2019.com/proc.php?07e4f3cdae1709f69b083217c2eb47f540b6997c
HTTP 302
https://secure.um-bredirect.com/click.php?key=n2ebxlr2nhxa3dh97395&clickid=M6885518571976262407&bid=0&pub=1263&pid=1263-755caf48-d4335e54&subid=M6885518571976262407&app_name=unknown Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://berhilpress.info/r.php?v=dD1jJmQ9OTI1NiZsPTc5OCZjPTU3MDc2MQ== HTTP 302
- https://riftv.net/dYzmv?sub1=1&sub2=9256&sub3=12318&sub4=798&sub5=570761 HTTP 301
- https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
- https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XGiCAArrdGAiZCdikZZpCpCjZNrxZNrjNrrpCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_19674&adApiR=loaded_string_8767632d537bf4439c9e23cb09958ff63cbb6_2290232_1603159721.1665_60667&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
- https://offer.mntzr-january2019.com/proc.php?07e4f3cdae1709f69b083217c2eb47f540b6997c HTTP 302
- https://secure.um-bredirect.com/click.php?key=n2ebxlr2nhxa3dh97395&clickid=M6885518571976262407&bid=0&pub=1263&pid=1263-755caf48-d4335e54&subid=M6885518571976262407&app_name=unknown
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
emula.net/70715d1a00/bc5ff2967e/ Redirect Chain
|
999 B 840 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
offer.mntzr-january2019.com/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 425 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 459 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
offer.mntzr-january2019.com/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
click.php
secure.um-bredirect.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
click.php
secure.um-bredirect.com/ Redirect Chain
|
559 B 632 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- secure.um-bredirect.com
- URL
- https://secure.um-bredirect.com/click.php?key=n2ebxlr2nhxa3dh97395&clickid=M6885518571976262407&bid=0&pub=1263&pid=1263-755caf48-d4335e54&subid=M6885518571976262407&app_name=unknown
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| pm_appKey function| pm_denyAction string| pm_tag function| pm_allowAction1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
offer.mntzr-january2019.com/ | Name: u Value: 950148c0e7a5d230735a7dda29cad09f |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
berhilpress.info
buleor.com
emula.net
offer.mntzr-january2019.com
riftv.net
secure.um-bredirect.com
stats.g.doubleclick.net
www.google-analytics.com
secure.um-bredirect.com
109.234.162.107
144.217.171.217
185.66.200.220
185.66.201.34
2a00:1450:4001:809::200e
2a00:1450:4001:824::200e
2a00:1450:400c:c04::9a
95.217.83.245
99.198.106.194
002b9143bb8ef9570b2eb2b823f7b90d78d2870e2e8709ae1dfd9ecdc304bde1
460621884ac28bad9dac9274d9ff8f843571b13b868e99c8f1f2421bb0ee29de
aee7fe13b3915419b528c68e680e1fb3b1db3cdb174ab1fcb9e225406d2eea05
ea850ab78d7b84198a1d64d97e69cffa9862346942143c36684236737c1271df