gvxzg.slutsforyou.net
Open in
urlscan Pro
2a05:d018:244:5200::ab
Public Scan
Effective URL: https://gvxzg.slutsforyou.net/c/da57dc555e50572d?s1=15181&s2=53363&click_id=wk94eggrm12c2cku1k953g2q&j3=1
Submission: On April 26 via api from DE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 14th 2020. Valid for: 3 months.
This is the only time gvxzg.slutsforyou.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:303... 2606:4700:3032::6812:22b3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 5 | 2606:4700:303... 2606:4700:3032::681b:b1a1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 35.156.152.207 35.156.152.207 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a05:d018:244... 2a05:d018:244:5200::ab | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2.16.186.99 2.16.186.99 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
11 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-152-207.eu-central-1.compute.amazonaws.com
arthyadtracker.info |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-99.deploy.static.akamaitechnologies.com
cdn-aimi.akamaized.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
akamaized.net
cdn-aimi.akamaized.net |
195 KB |
5 |
arthyredir.com
2 redirects
arthyredir.com |
13 KB |
2 |
riyadhbanks.com
2 redirects
riyadhbanks.com |
762 B |
1 |
slutsforyou.net
gvxzg.slutsforyou.net |
3 KB |
1 |
arthyadtracker.info
1 redirects
arthyadtracker.info |
868 B |
11 | 5 |
Domain | Requested by | |
---|---|---|
6 | cdn-aimi.akamaized.net |
gvxzg.slutsforyou.net
|
5 | arthyredir.com |
2 redirects
arthyredir.com
|
2 | riyadhbanks.com | 2 redirects |
1 | gvxzg.slutsforyou.net | |
1 | arthyadtracker.info | 1 redirects |
11 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-01-31 - 2020-10-09 |
8 months | crt.sh |
*.slutsforyou.net Let's Encrypt Authority X3 |
2020-04-14 - 2020-07-13 |
3 months | crt.sh |
a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2019-08-13 - 2020-08-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://gvxzg.slutsforyou.net/c/da57dc555e50572d?s1=15181&s2=53363&click_id=wk94eggrm12c2cku1k953g2q&j3=1
Frame ID: DC29E91C63A67275ECF3CA187ABD48AC
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://riyadhbanks.com/
HTTP 301
https://riyadhbanks.com/ HTTP 302
https://arthyredir.com/?src=298+50kwbalance+10x+xl+eucopy2+wn+1tt+std+noprot&dom=riyadhbanks.com Page URL
-
https://arthyredir.com/index2.php?src=298+50kwbalance+10x+xl+eucopy2+wn+1tt+std+noprot&dom=riyadhba...
HTTP 302
https://arthyredir.com/index3.php?src=298+50kwbalance+10x+xl+eucopy2+wn+1tt+std+noprot&dom=riyadhba... HTTP 302
https://arthyadtracker.info/c23eb44e-b0b9-474d-a768-83f8b5b29c9f?src=298+50kwbalance+10x+xl+eucopy2+wn+1... HTTP 302
https://gvxzg.slutsforyou.net/c/da57dc555e50572d?s1=15181&s2=53363&click_id=wk94eggrm12c2cku1k953g2q&j3=1 Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://riyadhbanks.com/
HTTP 301
https://riyadhbanks.com/ HTTP 302
https://arthyredir.com/?src=298+50kwbalance+10x+xl+eucopy2+wn+1tt+std+noprot&dom=riyadhbanks.com Page URL
-
https://arthyredir.com/index2.php?src=298+50kwbalance+10x+xl+eucopy2+wn+1tt+std+noprot&dom=riyadhbanks.com
HTTP 302
https://arthyredir.com/index3.php?src=298+50kwbalance+10x+xl+eucopy2+wn+1tt+std+noprot&dom=riyadhbanks.com HTTP 302
https://arthyadtracker.info/c23eb44e-b0b9-474d-a768-83f8b5b29c9f?src=298+50kwbalance+10x+xl+eucopy2+wn+1tt+std+noprot&dom=riyadhbanks.com HTTP 302
https://gvxzg.slutsforyou.net/c/da57dc555e50572d?s1=15181&s2=53363&click_id=wk94eggrm12c2cku1k953g2q&j3=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://riyadhbanks.com/ HTTP 301
- https://riyadhbanks.com/ HTTP 302
- https://arthyredir.com/?src=298+50kwbalance+10x+xl+eucopy2+wn+1tt+std+noprot&dom=riyadhbanks.com
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
arthyredir.com/ Redirect Chain
|
977 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
arthyredir.com/cdn-cgi/bm/cv/2172558837/ |
28 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
result
arthyredir.com/cdn-cgi/bm/cv/ |
0 269 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
da57dc555e50572d
gvxzg.slutsforyou.net/c/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
cdn-aimi.akamaized.net/landings/187651/1586189932/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.4.js
cdn-aimi.akamaized.net/landings/187651/1586189932/js/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.min.js
cdn-aimi.akamaized.net/landings/187651/1586189932/js/ |
23 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VO_API_PPL.js
cdn-aimi.akamaized.net/landings/187651/1586189932/js/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
translates.js
cdn-aimi.akamaized.net/landings/187651/1586189932/js/ |
68 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
cdn-aimi.akamaized.net/landings/187651/1586189932/images/ |
130 KB 131 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
TK3gWksYAxQ7jbsKcg8Enew.woff
cdn-aimi.akamaized.net/landings/187651/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn-aimi.akamaized.net
- URL
- https://cdn-aimi.akamaized.net/landings/187651/images/TK3gWksYAxQ7jbsKcg8Enew.woff
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery string| offerUrl string| hv string| s1 boolean| callbackUrl string| apiUrl function| getFormData function| getApiUrl function| goto function| apiCall function| getUrlParam object| langs boolean| exit string| k3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
gvxzg.slutsforyou.net/ | Name: scriptHash Value: 49415_15181_53363 |
|
gvxzg.slutsforyou.net/ | Name: unique_id Value: 5e5240853af04187753300 |
|
gvxzg.slutsforyou.net/ | Name: unique_2867186 Value: unique_2867186 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
arthyadtracker.info
arthyredir.com
cdn-aimi.akamaized.net
gvxzg.slutsforyou.net
riyadhbanks.com
cdn-aimi.akamaized.net
2.16.186.99
2606:4700:3032::6812:22b3
2606:4700:3032::681b:b1a1
2a05:d018:244:5200::ab
35.156.152.207
02dab963166670e3a7b664ea2808286668c39acece1fd6566aab3666634e1bbc
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
15b4f0c0c11cf6164e58032e5f2765a221b2bc295698d87a1c102a0d3d0859ae
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
3284813a99fad8916f421da0aa3bea6aacbab4de7314e6d248cebdb9a5a0fee5
3cc0e0a2435bb7bd3ef0ab11516a0d6ba2338baa7d326401390d2870ff373c98
5e418e240b6ba4dd5e1b275c6b348ce33d80c0ba929a6a76eb05a1dd8dc993c8
9cbcf9a39ed1734ea68274710723db580035a4b3474346817c08099b79e53a5e
e3b8570c24ed0ec0ec411f9cd85b6037c33f84038965974c8bee47cdb5b008d1