Help
RSS
API
Feed
Maltego
Contact
Domain > redirect.zecure-product.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2024-12-06
104.18.7.119
(
ClassC
)
2025-01-27
104.18.6.119
(
ClassC
)
Port 80
HTTP/1.1 301 Moved PermanentlyDate: Fri, 06 Dec 2024 20:12:26 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveCache-Control: max-age3600Expires: Fri, 06 Dec 2024 21:12:26 GMTLocatio html>head>title>301 Moved Permanently/title>/head>body>center>h1>301 Moved Permanently/h1>/center>hr>center>cloudflare/center>/body>/html>
Port 443
HTTP/1.1 200 OKDate: Fri, 06 Dec 2024 20:12:27 GMTContent-Type: text/html; charsetutf-8Transfer-Encoding: chunkedConnection: keep-alivevary: Originvary: accept-encodingCache-Control: no-storex-powered !DOCTYPE html>html>body>h1>Redirect Service/h1>hr>h3>- /outbound/encoded-url/h3>p> The outbound route redirects traffic going out from parent site to 3rd party urls./p>ul>li>Get call referrer (req.get(Referrer))/li>li>Store referrer in a cookie on the tld as _redirectUrl/li>li>Decode & Redirect to decoded url parameter/li>/ul>p>Use below form to simulate an outbound redirect/p>form>a idoutboundhref href/outbound/>Outbound Url: /a>input typetext idoutbound placeholderOutbound Url autocompletetrue>button idgoBtn>GO/button>br>br>/form>span idpreview>/outbound//span>br>br>hr>h3>- /inbound/h3>p> The inbound route that redirects traffic coming in from 3rd parties to parent site./p>ul>li>Read cookie ( for _redirectUrl) on tld and get/decode stored url/li>li>Return html which redirects both document and top document location (for iframes)/li>li>window.top.location.href decodedUrl/li>li>If no cookie, fall back to tdl or base env with a redirect/li>/ul>p>Use below link to simulate an outbound redirect/p>p>a href/inbound idinboundhref>Inbound (Returning)/a>/p>p>span idinboundpreview>/span>/p>hr>/body>script typetext/javascript>var input document.getElementById(outbound);var btn document.getElementById(goBtn);var origin document.location.origindocument.getElementById(preview).innerHTML origin + /outbound/;var onChange function (e) { var encodedUrl encodeURIComponent(e.target.value) document.getElementById(outboundhref).href origin + /outbound/ + encodedUrl; document.getElementById(preview).innerHTML origin + /outbound/ + encodedUrl;}var onClick function (e) { e.preventDefault() document.getElementById(outboundhref).click()}btn.addEventListener(click, onClick, false);input.addEventListener(input, onChange, false);function getCookie(name) { const value `; ${document.cookie}`; const parts value.split(`; ${name}`); if (parts.length 2) return parts.pop().split(;).shift(); else return }var inboundpreview document.getElementById(inboundpreview)var redirectUrl getCookie(_redirectUrl)if (redirectUrl
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]