urlscan.io logo urlscan.io
SecurityTrails logo

hal900024.redintelligence.net Open in urlscan Pro
138.201.84.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hal900024.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=7c67d0296f&subid=&uid=aee...
Effective URL: https://hal900024.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=7c67d0296f&subid=&uid=aee...
Submission: On February 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 138.201.84.252, located in Germany and belongs to HETZNER-AS, DE. The main domain is hal900024.redintelligence.net. The Cisco Umbrella rank of the primary domain is 201717.
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.
This is the only time hal900024.redintelligence.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 138.201.84.252 24940 (HETZNER-AS)
1 1
Apex Domain
Subdomains		 Transfer
1 redintelligence.net
hal900024.redintelligence.net — Cisco Umbrella Rank: 201717
1 KB
1 1
Domain Requested by
1 hal900024.redintelligence.net
1 1

This site contains no links.

Subject Issuer Validity Valid
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hal900024.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=7c67d0296f&subid=&uid=aee3a3a368cb8629&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cm7ybausKYqrIBc7t3wPTxJqQA4_g-IZT9aiLpMoM8C4QASCwyMAhYJWCgICwB8gBCakCQTjmeen4sj6oAwGqBOsBT9CnoTVpBeBsBqPzboo4Q0oJIZBIvm73t_GYJemD8t7_58mkQQXclC4wi2V3ib9Mlwia41J2YcuzD17EMRpuZgKeI6L2kF5bmaNx7uKcwQcErWnEa9eMtU_xWKX0D1rLRRbod83dd7IsNBVwR7n6gX6q48wsoiZfrRjJ5Pi44Z7c3P2VlAwguW_7LYZBuFS_Pixd_3rnU3UtVnTL7dRXWCyQrY06CD_yGm9hYSH8wlAHhcCbQFLhVr-JCQDEU2TtApEF7gooA7XdtqJGtBFrqdxlrbYEcKh56dEacf5JQNBu6kLRygVH427zO8AEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAASFeRoKwHsAZUBH6riuXAAK544LFdceQ&sig=AOD64_2cPfrOEe8-_LeVvuGM1QqTZWSprw&client=ca-pub-2697679518515886&dbm_c=AKAmf-ABwNxNd58DEATpKZzfJ_Mh5wUYWHXN4C5sFvJ_XeSfrS_5UVoo2f4gq0sxB3IWeJ_G1d4GUyHg6k6W1GiNWzgsVz4-bp7WUP7gwiXaNtYdU8kA6XwsBcl_uUWajL0SQGAVhzStemgBmXkGF7xchr2yC6A4-w&cry=1&dbm_d=AKAmf-AVhbjNWBcdmv2ofpAZAqNkV4HBzIHFO5NTgfjg1v7dOMtfb_3DX6735D0LadEPOgnuqYRKodDTziUxtm7AEq-jVgC4NznpsYd1G08XyAkni_g5zbzmX2XJER6S-dgxk99pQnBHhIGmfsW_3ANujhtXbDljA0d1KScy5KFpWY8ukEP8txiN4ICfdDouNrNu0BtsNwvc5cyjDtbZcRplt-SxkKdf2hq2yjpp4muXAVA3INzyCNMJYSy4J3hkd3WBooEMsy-crpfUZUY0KwOw62syV-XsVGG1Jx4MSSNeCeb9DwY3y7h2ykawXzVNiOQ_xE3LcJsIgN6Je64lZozRdo_pHDGhS3vRtoEKUAAoYJZsotKwUJ3r4wHniVgFKs_U2fSMfwfRLG4p0Na_GlQr224TpuGhVCitvJF07cV5c424YZRBC7DfH18CBLfiY77gKWKhFyH2ZzLJI6wIMn6_CrQpHJzKIw&adurl=&documentReferer=https://www.genealogy.com/&ancestorOrigins=https://www.genealogy.com&random=7142520022980&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1%27
Frame ID: D0CBAE3CED0D20BBC0331EE6AAD82393
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1 kB
Transfer

2 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request request.php
hal900024.redintelligence.net/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=7c67d0296f&subid=&uid=aee3a3a368cb8629&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cm7ybausKYqrIBc7t3wPTxJqQA4_g-IZT9aiLpMoM8C4QASCwyMAhYJWCgICwB8gBCakCQTjmeen4sj6oAwGqBOsBT9CnoTVpBeBsBqPzboo4Q0oJIZBIvm73t_GYJemD8t7_58mkQQXclC4wi2V3ib9Mlwia41J2YcuzD17EMRpuZgKeI6L2kF5bmaNx7uKcwQcErWnEa9eMtU_xWKX0D1rLRRbod83dd7IsNBVwR7n6gX6q48wsoiZfrRjJ5Pi44Z7c3P2VlAwguW_7LYZBuFS_Pixd_3rnU3UtVnTL7dRXWCyQrY06CD_yGm9hYSH8wlAHhcCbQFLhVr-JCQDEU2TtApEF7gooA7XdtqJGtBFrqdxlrbYEcKh56dEacf5JQNBu6kLRygVH427zO8AEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAASFeRoKwHsAZUBH6riuXAAK544LFdceQ&sig=AOD64_2cPfrOEe8-_LeVvuGM1QqTZWSprw&client=ca-pub-2697679518515886&dbm_c=AKAmf-ABwNxNd58DEATpKZzfJ_Mh5wUYWHXN4C5sFvJ_XeSfrS_5UVoo2f4gq0sxB3IWeJ_G1d4GUyHg6k6W1GiNWzgsVz4-bp7WUP7gwiXaNtYdU8kA6XwsBcl_uUWajL0SQGAVhzStemgBmXkGF7xchr2yC6A4-w&cry=1&dbm_d=AKAmf-AVhbjNWBcdmv2ofpAZAqNkV4HBzIHFO5NTgfjg1v7dOMtfb_3DX6735D0LadEPOgnuqYRKodDTziUxtm7AEq-jVgC4NznpsYd1G08XyAkni_g5zbzmX2XJER6S-dgxk99pQnBHhIGmfsW_3ANujhtXbDljA0d1KScy5KFpWY8ukEP8txiN4ICfdDouNrNu0BtsNwvc5cyjDtbZcRplt-SxkKdf2hq2yjpp4muXAVA3INzyCNMJYSy4J3hkd3WBooEMsy-crpfUZUY0KwOw62syV-XsVGG1Jx4MSSNeCeb9DwY3y7h2ykawXzVNiOQ_xE3LcJsIgN6Je64lZozRdo_pHDGhS3vRtoEKUAAoYJZsotKwUJ3r4wHniVgFKs_U2fSMfwfRLG4p0Na_GlQr224TpuGhVCitvJF07cV5c424YZRBC7DfH18CBLfiY77gKWKhFyH2ZzLJI6wIMn6_CrQpHJzKIw&adurl=&documentReferer=https://www.genealogy.com/&ancestorOrigins=https://www.genealogy.com&random=7142520022980&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1%27
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
2321da8c20f0c0ff64b0e315561c5351ae3e5fd79b103d9f5013f6c288cf9782

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 17 Feb 2022 19:06:13 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 17 Feb 2022 19:06:13 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-NEORY-SubId
82341000193240400710584011873024
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
896
Connection
close
Content-Type
application/x-javascript; charset=utf-8

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

1 Cookies

Domain/Path Name / Value
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 5de20196e9cde6a0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hal900024.redintelligence.net
138.201.84.252
2321da8c20f0c0ff64b0e315561c5351ae3e5fd79b103d9f5013f6c288cf9782