urlscan.io logo urlscan.io
SecurityTrails logo

interdeliveries.com Open in urlscan Pro
213.108.246.187  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3tGs27t
Effective URL: https://interdeliveries.com/dhl
Submission Tags: https://phish.report @phish_report Search All
Submission: On March 10 via api from FI — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 213.108.246.187, located in Amsterdam, Netherlands and belongs to SHOCK-1, US. The main domain is interdeliveries.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 8th 2022. Valid for: 3 months.
This is the only time interdeliveries.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 2 52.129.44.178 395092 (SHOCK-1)
1 213.108.246.187 395092 (SHOCK-1)
2 2
Apex Domain
Subdomains		 Transfer
2 bytt.pw
stock.bytt.pw
29 KB
1 interdeliveries.com
interdeliveries.com
971 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 3926
290 B
2 3
Domain Requested by
2 stock.bytt.pw 1 redirects
1 interdeliveries.com stock.bytt.pw
1 bit.ly 1 redirects
2 3

This site contains no links.

Subject Issuer Validity Valid
bytt.pw
R3		 2022-02-22 -
2022-05-23		 3 months crt.sh
interdeliveries.com
cPanel, Inc. Certification Authority		 2022-03-08 -
2022-06-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://interdeliveries.com/dhl
Frame ID: 0912BE2412DA2971AE069E82165647AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Not Found

Page URL History Show full URLs

  1. https://bit.ly/3tGs27t HTTP 301
    https://stock.bytt.pw/?3i0gLH=883822 Page URL
  2. https://stock.bytt.pw/?3i0gLH=883822 HTTP 302
    https://interdeliveries.com/dhl Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

30 kB
Transfer

73 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3tGs27t HTTP 301
    https://stock.bytt.pw/?3i0gLH=883822 Page URL
  2. https://stock.bytt.pw/?3i0gLH=883822 HTTP 302
    https://interdeliveries.com/dhl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3tGs27t HTTP 301
  • https://stock.bytt.pw/?3i0gLH=883822

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
stock.bytt.pw/
Redirect Chain
  • https://bit.ly/3tGs27t
  • https://stock.bytt.pw/?3i0gLH=883822
72 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stock.bytt.pw/?3i0gLH=883822
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.129.44.178 , United States, ASN395092 (SHOCK-1, US),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
378c3442460663b05c6aaa8eac8f5654f56d675a3aa05711934869d36f2ac53d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.17.10
date
Thu, 10 Mar 2022 08:55:44 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

server
nginx
date
Thu, 10 Mar 2022 08:55:43 GMT
content-type
text/html; charset=utf-8
content-length
123
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://stock.bytt.pw/?3i0gLH=883822
referrer-policy
unsafe-url
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Primary Request dhl
interdeliveries.com/
Redirect Chain
  • https://stock.bytt.pw/?3i0gLH=883822
  • https://interdeliveries.com/dhl
708 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://interdeliveries.com/dhl
Requested by
Host: stock.bytt.pw
URL: https://stock.bytt.pw/?3i0gLH=883822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.108.246.187 Amsterdam, Netherlands, ASN395092 (SHOCK-1, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://stock.bytt.pw/?3i0gLH=883822

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
content-type
text/html
content-length
708
date
Thu, 10 Mar 2022 08:55:46 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Redirect headers

server
nginx/1.17.10
date
Thu, 10 Mar 2022 08:55:46 GMT
content-type
text/html; charset=utf-8
location
https://interdeliveries.com/dhl
strict-transport-security
max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

2 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m2a8TH-aa349a7b7a4c4d7125-00v
.bytt.pw/ Name: __Z2Rz
Value: mJrTm5G_RCGBKWhYrp75Mg==

1 Console Messages

Source Level URL
Text
network error URL: https://interdeliveries.com/dhl
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
interdeliveries.com
stock.bytt.pw
213.108.246.187
52.129.44.178
67.199.248.11
378c3442460663b05c6aaa8eac8f5654f56d675a3aa05711934869d36f2ac53d
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa