itredir1.me
Open in
urlscan Pro
104.248.199.158
Public Scan
Effective URL: https://itredir1.me/go/my4wcntdmi5dgmjsgi?sub1=goopodsk
Submission: On July 19 via manual from IN
Summary
TLS certificate: Issued by R3 on July 18th 2021. Valid for: 3 months.
This is the only time itredir1.me was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 2606:4700:303... 2606:4700:3033::6815:2174 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700:303... 2606:4700:3030::ac43:a254 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.248.199.158 104.248.199.158 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
12 | 4 |
ASN13335 (CLOUDFLARENET, US)
btk.aeroview780g.pw | |
aeroview780g.pw |
ASN13335 (CLOUDFLARENET, US)
btk.aeroview780g.pw | |
aeroview780g.pw |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
aeroview780g.pw
btk.aeroview780g.pw aeroview780g.pw |
94 KB |
1 |
itredir1.me
itredir1.me |
53 KB |
0 |
gravatar.com
Failed
1.gravatar.com Failed |
|
12 | 3 |
Domain | Requested by | |
---|---|---|
5 | aeroview780g.pw |
btk.aeroview780g.pw
|
2 | btk.aeroview780g.pw |
btk.aeroview780g.pw
|
1 | itredir1.me |
btk.aeroview780g.pw
|
0 | 1.gravatar.com Failed |
btk.aeroview780g.pw
|
12 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-02-02 - 2022-02-01 |
a year | crt.sh |
brop1.com R3 |
2021-07-18 - 2021-10-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://itredir1.me/go/my4wcntdmi5dgmjsgi?sub1=goopodsk
Frame ID: 491833CBCBCAF6A4C699DD10F500D1CE
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://btk.aeroview780g.pw/faysal-bank-installment-plan.html Page URL
- https://itredir1.me/go/my4wcntdmi5dgmjsgi?sub1=goopodsk Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://btk.aeroview780g.pw/faysal-bank-installment-plan.html Page URL
- https://itredir1.me/go/my4wcntdmi5dgmjsgi?sub1=goopodsk Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
faysal-bank-installment-plan.html
btk.aeroview780g.pw/ |
27 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
aeroview780g.pw/wp-includes/css/dist/block-library/ |
40 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
aeroview780g.pw/wp-content/themes/arkhe/dist/css/ |
52 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
faysal-bank-installment-plan-3.jpg
btk.aeroview780g.pw/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
faysal-bank-installment-plan-2.jpg
btk.aeroview780g.pw/img/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wp-emoji-release.min.js
aeroview780g.pw/wp-includes/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
faysal-bank-installment-plan.jpg
btk.aeroview780g.pw/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1cb1c39857f5eef49897f849251861a9
1.gravatar.com/avatar/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
lazysizes.js
aeroview780g.pw/wp-content/themes/arkhe/dist/js/plugin/ |
12 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
main.js
aeroview780g.pw/wp-content/themes/arkhe/dist/js/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
wp-embed.min.js
aeroview780g.pw/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
my4wcntdmi5dgmjsgi
itredir1.me/go/ |
52 KB 53 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- btk.aeroview780g.pw
- URL
- https://btk.aeroview780g.pw/img/faysal-bank-installment-plan-3.jpg
- Domain
- aeroview780g.pw
- URL
- http://aeroview780g.pw/wp-includes/js/wp-emoji-release.min.js?ver=5.3
- Domain
- btk.aeroview780g.pw
- URL
- https://btk.aeroview780g.pw/img/faysal-bank-installment-plan.jpg
- Domain
- 1.gravatar.com
- URL
- https://1.gravatar.com/avatar/1cb1c39857f5eef49897f849251861a9?s=100&d=mm&r=g
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| languages function| text string| relevanteLang string| lang boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| textr function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array function| j4ee function| L0zz boolean| j string| title string| holder function| before_redirect_block1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.itredir1.me/ | Name: uuid Value: cc5a37f4-0adb-458b-bce9-5cd7d6e84f5e |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1.gravatar.com
aeroview780g.pw
btk.aeroview780g.pw
itredir1.me
1.gravatar.com
aeroview780g.pw
btk.aeroview780g.pw
104.248.199.158
2606:4700:3030::ac43:a254
2606:4700:3033::6815:2174
0509206da76473900f74f44904d075ea07084868512183594ef97eaf06fa950b
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
c2f8ee8dd9cb88ae446d07816a02f774a294889f7331aff38cf011ab58a0bb4a