department.limited - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 136.243.81.39, located in Germany and belongs to HETZNER-AS, DE. The main domain is department.limited.
TLS certificate: Issued by R3 on December 7th 2020. Valid for: 3 months.

This is the only time department.limited was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	174.138.104.214 174.138.104.214	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	109.206.168.5 109.206.168.5	50245 (SERVEREL-AS) (SERVEREL-AS)
4	136.243.81.39 136.243.81.39	24940 (HETZNER-AS) (HETZNER-AS)
5	3

1 174.138.104.214 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

load03.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.168.5 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.168.5.serverel.net

idelv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.81.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.81.243.136.clients.your-server.de

department.limited	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	department.limited department.limited	65 KB
1	idelv.net idelv.net	1 KB
1	load03.biz 1 redirects load03.biz	466 B
5	3

	Domain	Requested by
4	department.limited	idelv.net department.limited
1	idelv.net
1	load03.biz	1 redirects
5	3

This site contains no links.

Subject Issuer	Validity	Valid
idelv.net R3	`2021-01-04` - `2021-04-04`	3 months	crt.sh
department.limited R3	`2020-12-07` - `2021-03-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://department.limited/index.php?key=x4hhatwl5yg365uoka6d&price=0.13000000&SOURCE_ID=21113558424800&CAMPAIGN_ID=4784
Frame ID: B0987BD29E6F1FE951074961AB9CBC2E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://load03.biz/?cc=5b030a55-8bfd-4330-928e-342b44317072&sid=6oyafd HTTP 302
https://idelv.net/b2/c/c/redir?eid=653&nid=1&sid=3387317497BWyQauwH&ts=1612510503&ttl=172000&v... Page URL
https://department.limited/index.php?key=x4hhatwl5yg365uoka6d&price=0.13000000&SOURCE_ID=21113558424800... Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

66 kB
Transfer

193 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://load03.biz/?cc=5b030a55-8bfd-4330-928e-342b44317072&sid=6oyafd HTTP 302
https://idelv.net/b2/c/c/redir?eid=653&nid=1&sid=3387317497BWyQauwH&ts=1612510503&ttl=172000&v=v3.3.2 Page URL
https://department.limited/index.php?key=x4hhatwl5yg365uoka6d&price=0.13000000&SOURCE_ID=21113558424800&CAMPAIGN_ID=4784 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://load03.biz/?cc=5b030a55-8bfd-4330-928e-342b44317072&sid=6oyafd HTTP 302
https://idelv.net/b2/c/c/redir?eid=653&nid=1&sid=3387317497BWyQauwH&ts=1612510503&ttl=172000&v=v3.3.2

5 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

redir Show response
idelv.net/b2/c/c/
Redirect Chain

https://load03.biz/?cc=5b030a55-8bfd-4330-928e-342b44317072&sid=6oyafd
https://idelv.net/b2/c/c/redir?eid=653&nid=1&sid=3387317497BWyQauwH&ts=1612510503&ttl=172000&v=v3.3.2

1 KB
1 KB

125ms
50ms

Document
text/html

109.206.168.5
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://idelv.net/b2/c/c/redir?eid=653&nid=1&sid=3387317497BWyQauwH&ts=1612510503&ttl=172000&v=v3.3.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.168.5 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.168.5.serverel.net
Software: dspclick-v3.0.17 /
Resource Hash: b212d8121c026875abdf267499d0dca6151b94929a99968a1705c699f6583c57

Request headers

:method: GET
:authority: idelv.net
:scheme: https
:path: /b2/c/c/redir?eid=653&nid=1&sid=3387317497BWyQauwH&ts=1612510503&ttl=172000&v=v3.3.2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: dspclick-v3.0.17
date: Fri, 05 Feb 2021 07:44:09 GMT
content-type: text/html
content-length: 1418

Redirect headers

server: nginx
date: Fri, 05 Feb 2021 07:44:10 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=a4212616-9f0b-4766-b92d-07d6a03f0f82; expires=Sun, 07-Mar-2021 07:44:10 GMT; Max-Age=2592000; path=/; domain=load03.biz hash=5b030a55-8bfd-4330-928e-342b44317072%2B6oyafd; expires=Sun, 07-Mar-2021 07:44:10 GMT; Max-Age=2592000; path=/; domain=load03.biz
location: https://idelv.net/b2/c/c/redir?eid=653&nid=1&sid=3387317497BWyQauwH&ts=1612510503&ttl=172000&v=v3.3.2
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests

GET
H2 200 Primary Request index.php Show response
department.limited/ 46 KB
21 KB 166ms
73ms Document
text/html 136.243.81.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://department.limited/index.php?key=x4hhatwl5yg365uoka6d&price=0.13000000&SOURCE_ID=21113558424800&CAMPAIGN_ID=4784

Requested by

Host: idelv.net
URL: https://idelv.net/b2/c/c/redir?eid=653&nid=1&sid=3387317497BWyQauwH&ts=1612510503&ttl=172000&v=v3.3.2

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

136.243.81.39 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.39.81.243.136.clients.your-server.de

Software

nginx /

Resource Hash

0c5695a4d8c6bf874059cd78ba36efe562e4879c0c40d250e7745cbb8768118d

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: department.limited
:scheme: https
:path: /index.php?key=x4hhatwl5yg365uoka6d&price=0.13000000&SOURCE_ID=21113558424800&CAMPAIGN_ID=4784
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://idelv.net/b2/c/c/redir?eid=653&nid=1&sid=3387317497BWyQauwH&ts=1612510503&ttl=172000&v=v3.3.2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://idelv.net/b2/c/c/redir?eid=653&nid=1&sid=3387317497BWyQauwH&ts=1612510503&ttl=172000&v=v3.3.2

Response headers

server: nginx
date: Fri, 05 Feb 2021 07:44:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: uclick=17e8p2gh0; expires=Sat, 06-Feb-2021 07:44:10 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=17e8p2gh0-17e8p2gh0-gx9l-ustl-8r1z-ussybl-1ne8-65c143; expires=Sat, 06-Feb-2021 07:44:10 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-encoding: gzip

GET
H2 200 jquery-ui.css
department.limited/landers/8a83b21f17/ 41 KB
10 KB 43ms
43ms Stylesheet
text/css 136.243.81.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://department.limited/landers/8a83b21f17/jquery-ui.css

Requested by

Host: department.limited
URL: https://department.limited/index.php?key=x4hhatwl5yg365uoka6d&price=0.13000000&SOURCE_ID=21113558424800&CAMPAIGN_ID=4784

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

136.243.81.39 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.39.81.243.136.clients.your-server.de

Software

nginx /

Resource Hash

116937b0f1a4fcc6454cf031b7cfe3ff4671855362c231d953e070d83e631d8d

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 07:44:10 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 10:51:26 GMT
server: nginx
etag: W/"5fd0ac2e-a552"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sun, 07 Mar 2021 07:44:10 GMT

GET
H2 200 jquery.min.js Show response
department.limited/landers/8a83b21f17/ 85 KB
33 KB 50ms
49ms Script
application/javascript 136.243.81.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://department.limited/landers/8a83b21f17/jquery.min.js

Requested by

Host: department.limited
URL: https://department.limited/index.php?key=x4hhatwl5yg365uoka6d&price=0.13000000&SOURCE_ID=21113558424800&CAMPAIGN_ID=4784

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

136.243.81.39 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.39.81.243.136.clients.your-server.de

Software

nginx /

Resource Hash

6287f5480ba6c2612c3517ad4ac934bdd9983e497adcc3c4bfbc2e1d27d29279

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 07:44:10 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 10:51:26 GMT
server: nginx
etag: W/"5fd0ac2e-153c9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 05 Feb 2021 09:44:10 GMT

GET
H2 200 app.js Show response
department.limited/landers/8a83b21f17/ 71 B
376 B 59ms
59ms Script
application/javascript 136.243.81.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://department.limited/landers/8a83b21f17/app.js

Requested by

Host: department.limited
URL: https://department.limited/index.php?key=x4hhatwl5yg365uoka6d&price=0.13000000&SOURCE_ID=21113558424800&CAMPAIGN_ID=4784

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

136.243.81.39 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.39.81.243.136.clients.your-server.de

Software

nginx /

Resource Hash

160d2a8f3c6c20657b51de353ee2ce6360657d3abb9883ed65885b9f78e23edf

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 07:44:10 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 10:51:26 GMT
server: nginx
etag: W/"5fd0ac2e-47"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 05 Feb 2021 09:44:10 GMT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6678fbb34f3ef18c5649c7cfc1302c671ff5b1c8e9f4365fb51f3d629dab2924

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			department.limited/	1970-01-19 15:56:37	Name: uclickhash Value: 17e8p2gh0-17e8p2gh0-gx9l-ustl-8r1z-ussybl-1ne8-65c143
			department.limited/	1970-01-19 15:56:37	Name: uclick Value: 17e8p2gh0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

department.limited
idelv.net
load03.biz
109.206.168.5
136.243.81.39
174.138.104.214
0c5695a4d8c6bf874059cd78ba36efe562e4879c0c40d250e7745cbb8768118d
116937b0f1a4fcc6454cf031b7cfe3ff4671855362c231d953e070d83e631d8d
160d2a8f3c6c20657b51de353ee2ce6360657d3abb9883ed65885b9f78e23edf
6287f5480ba6c2612c3517ad4ac934bdd9983e497adcc3c4bfbc2e1d27d29279
6678fbb34f3ef18c5649c7cfc1302c671ff5b1c8e9f4365fb51f3d629dab2924
b212d8121c026875abdf267499d0dca6151b94929a99968a1705c699f6583c57

department.limited Open in urlscan Pro 136.243.81.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

66 kBTransfer

193 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

Indicators

department.limited Open in urlscan Pro
136.243.81.39 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

66 kB
Transfer

193 kB
Size

2
Cookies

5 HTTP transactions
1 data transactions