urlscan.io logo urlscan.io
SecurityTrails logo

chefgbf.r.af.d.sendibt2.com Open in urlscan Pro
185.107.232.244  Public Scan

Go To Rescan Add Verdict Report
URL: https://chefgbf.r.af.d.sendibt2.com/tr/cl/pEwqG8OgQLnynYPLXKb7hpEWpJZ9QmnP8kRiz0FEw1Dt3NjxgPfCwwFedzNJr1tLvaoMvODkTFMg8aIxeNkmerAnMz...
Submission: On March 12 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 4 HTTP transactions. The main IP is 185.107.232.244, located in France and belongs to SENDINBLUE-ASN, FR. The main domain is chefgbf.r.af.d.sendibt2.com.
TLS certificate: Issued by R3 on February 7th 2021. Valid for: 3 months.
This is the only time chefgbf.r.af.d.sendibt2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.107.232.244 200484 (SENDINBLU...)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 185.107.232.249 200484 (SENDINBLU...)
4 4
Domain Requested by
1 in-automate.sendinblue.com sibautomation.com
1 sibautomation.com chefgbf.r.af.d.sendibt2.com
1 chefgbf.r.af.d.sendibt2.com
0 flythehype.com Failed chefgbf.r.af.d.sendibt2.com
4 4

This site contains no links.

Subject Issuer Validity Valid
*.r.af.d.sendibt2.com
R3		 2021-02-07 -
2021-05-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-10 -
2021-08-10		 a year crt.sh
*.sendinblue.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-07 -
2021-12-12		 a year crt.sh

This page contains 2 frames:

Frame: https://flythehype.com/cinvestor/dutch?dom=transferclicks.com&cep=EtPzweduIz3OCWzwbCn6EY4bgWqp2un5dJISXisd71ND9Qs0GZNvzeNZOG_F0D0iNgqYED_2rz42_oaO4e3lqOLHM30nMSNsRWdGDXcuwEc69PCE9_0rt8z_9ld9fc59bQnyroC_uAZIZdaPoB-2r26N8CXiSpBLG2_v4Tk9pKv-yW2e04IQaU68hIaOPoGhKLDQzQW8Rc-WoDU2qRC6aV6lmuz2npk_2kET_Aii9pMuaaIMTNgZsP525caVNUO9g2fNDJ8C7VgG0mZGWwcbfb1JC3Bc4vWjosK3qKbd0ZH_DNSZAQkZvmH7iXjtePfsozzD1lUy6A1QQ67heD7Ob0VD04gwCzIAXxdwIFTnu7JzcNfSJ2R5AUXS2bYXQPvyNW3w_5VY1qPF6u-nGJeVFBFfCRqcBQsJt1qBIfMh2aQ&lptoken=16991515548a49d9136b
Frame ID: 89102461CCAEFFCB128F8BA248C0BA3B
Requests: 2 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2745615
Frame ID: 390BE0F863119C68B06271C34E85B78D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

4
Requests

75 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

3 kB
Transfer

4 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://compte002915.page.link/qbvQ HTTP 302
  • https://transferclicks.com/666dddc4-cea8-4a42-8c19-e5512f7c9a21 HTTP 302
  • https://flythehype.com/cinvestor/dutch?dom=transferclicks.com&cep=EtPzweduIz3OCWzwbCn6EY4bgWqp2un5dJISXisd71ND9Qs0GZNvzeNZOG_F0D0iNgqYED_2rz42_oaO4e3lqOLHM30nMSNsRWdGDXcuwEc69PCE9_0rt8z_9ld9fc59bQnyroC_uAZIZdaPoB-2r26N8CXiSpBLG2_v4Tk9pKv-yW2e04IQaU68hIaOPoGhKLDQzQW8Rc-WoDU2qRC6aV6lmuz2npk_2kET_Aii9pMuaaIMTNgZsP525caVNUO9g2fNDJ8C7VgG0mZGWwcbfb1JC3Bc4vWjosK3qKbd0ZH_DNSZAQkZvmH7iXjtePfsozzD1lUy6A1QQ67heD7Ob0VD04gwCzIAXxdwIFTnu7JzcNfSJ2R5AUXS2bYXQPvyNW3w_5VY1qPF6u-nGJeVFBFfCRqcBQsJt1qBIfMh2aQ&lptoken=16991515548a49d9136b

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pEwqG8OgQLnynYPLXKb7hpEWpJZ9QmnP8kRiz0FEw1Dt3NjxgPfCwwFedzNJr1tLvaoMvODkTFMg8aIxeNkmerAnMz5qtL0_hhQjOwjSA0FNtxHIWtO-snq7jHFOaJba5v3JXku5W4ZDMzpWjrpho0CcC7C_3gD_ai3XCV2rlPLzbl5L-1ybq4E_dwmoOlWBbCki_...
chefgbf.r.af.d.sendibt2.com/tr/cl/ 		658 B
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://chefgbf.r.af.d.sendibt2.com/tr/cl/pEwqG8OgQLnynYPLXKb7hpEWpJZ9QmnP8kRiz0FEw1Dt3NjxgPfCwwFedzNJr1tLvaoMvODkTFMg8aIxeNkmerAnMz5qtL0_hhQjOwjSA0FNtxHIWtO-snq7jHFOaJba5v3JXku5W4ZDMzpWjrpho0CcC7C_3gD_ai3XCV2rlPLzbl5L-1ybq4E_dwmoOlWBbCki_ou4FE5Af1cWqA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.107.232.244 , France, ASN200484 (SENDINBLUE-ASN, FR),
Reverse DNS
Software
/
Resource Hash
2b9807e9a898b268917354dea1c0b2558f93f6b209c62aa218157e377f98244e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Host
chefgbf.r.af.d.sendibt2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
658
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Mar 2021 09:58:33 GMT
X-Content-Type-Options
nosniff
X-Sib-Server
SENDINBLUE-red1-2
X-Xss-Protection
1
cm.html
sibautomation.com/ Frame 390B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=2745615
Requested by
Host: chefgbf.r.af.d.sendibt2.com
URL: https://chefgbf.r.af.d.sendibt2.com/tr/cl/pEwqG8OgQLnynYPLXKb7hpEWpJZ9QmnP8kRiz0FEw1Dt3NjxgPfCwwFedzNJr1tLvaoMvODkTFMg8aIxeNkmerAnMz5qtL0_hhQjOwjSA0FNtxHIWtO-snq7jHFOaJba5v3JXku5W4ZDMzpWjrpho0CcC7C_3gD_ai3XCV2rlPLzbl5L-1ybq4E_dwmoOlWBbCki_ou4FE5Af1cWqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
0a5e2fe61f8181dc941518136c8b5ac2e05a7378720ccd5af9fa9ddd76cd96f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
sibautomation.com
:scheme
https
:path
/cm.html?id=2745615
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://chefgbf.r.af.d.sendibt2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://chefgbf.r.af.d.sendibt2.com/

Response headers

date
Fri, 12 Mar 2021 09:58:33 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d43eab2e4b647d8d1444fe2c594b750f51615543113; expires=Sun, 11-Apr-21 09:58:33 GMT; path=/; domain=.sibautomation.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-apo-via
origin,host
cf-request-id
08c778b075000005e42911b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by
Sails <sailsjs.com>
access-control-allow-origin
*
x-sib-server
SENDINBLUE-web2-3
x-content-type-options
nosniff
x-xss-protection
1
cache-control
max-age=7200
cf-cache-status
HIT
age
15460
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xinqWbhUntaV9uavKg8aY1KsIKoUM4bOJw%2FV2Ggv58oTFc5jsrVWJGSt%2BDmM2TWKNvbNBF93bi%2FzWGSvTa1pQ7XZzrd3hCPMSO4jz8C%2B9Imv4ezDkcvSQkUI0x%2Fh2Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
62ec2a2d88ab05e4-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cm
in-automate.sendinblue.com/ Frame 390B 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-automate.sendinblue.com/cm?uuid=c3a84a34-ea39-476d-be7a-aab00cbc537e&key=wvjty2lvymwo8w3xfay6z1z4&trans=1&message_id=3ad21156-57ac-496c-a220-d9e5092aed03
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=2745615
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.107.232.249 , France, ASN200484 (SENDINBLUE-ASN, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Mar 2021 09:58:33 GMT
Cache-Control
no-cache
X-Content-Type-Options
nosniff
X-XSS-Protection
1
X-Sib-Server
SENDINBLUE-srv-pr-rancher-worker-1
dutch
flythehype.com/cinvestor/
Redirect Chain
  • https://compte002915.page.link/qbvQ
  • https://transferclicks.com/666dddc4-cea8-4a42-8c19-e5512f7c9a21
  • https://flythehype.com/cinvestor/dutch?dom=transferclicks.com&cep=EtPzweduIz3OCWzwbCn6EY4bgWqp2un5dJISXisd71ND9Qs0GZNvzeNZOG_F0D0iNgqYED_2rz42_oaO4e3lqOLHM30nMSNsRWdGDXcuwEc69PCE9_0rt8z_9ld9fc59bQn...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
flythehype.com
URL
https://flythehype.com/cinvestor/dutch?dom=transferclicks.com&cep=EtPzweduIz3OCWzwbCn6EY4bgWqp2un5dJISXisd71ND9Qs0GZNvzeNZOG_F0D0iNgqYED_2rz42_oaO4e3lqOLHM30nMSNsRWdGDXcuwEc69PCE9_0rt8z_9ld9fc59bQnyroC_uAZIZdaPoB-2r26N8CXiSpBLG2_v4Tk9pKv-yW2e04IQaU68hIaOPoGhKLDQzQW8Rc-WoDU2qRC6aV6lmuz2npk_2kET_Aii9pMuaaIMTNgZsP525caVNUO9g2fNDJ8C7VgG0mZGWwcbfb1JC3Bc4vWjosK3qKbd0ZH_DNSZAQkZvmH7iXjtePfsozzD1lUy6A1QQ67heD7Ob0VD04gwCzIAXxdwIFTnu7JzcNfSJ2R5AUXS2bYXQPvyNW3w_5VY1qPF6u-nGJeVFBFfCRqcBQsJt1qBIfMh2aQ&lptoken=16991515548a49d9136b

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chefgbf.r.af.d.sendibt2.com
flythehype.com
in-automate.sendinblue.com
sibautomation.com
flythehype.com
185.107.232.244
185.107.232.249
2606:4700:e4::ac40:a324
0a5e2fe61f8181dc941518136c8b5ac2e05a7378720ccd5af9fa9ddd76cd96f8
2b9807e9a898b268917354dea1c0b2558f93f6b209c62aa218157e377f98244e