promodirect.client.redpanda.systems Open in urlscan Pro
24.234.149.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://promodirect.client.redpanda.systems/
Submission: On September 27 via automatic, source certstream-suspicious (September 27th 2023, 1:41:57 am UTC) — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 24.234.149.42, located in Henderson, United States and belongs to ASN-CXA-ALL-CCI-22773-RDC, US. The main domain is promodirect.client.redpanda.systems.
TLS certificate: Issued by R3 on September 27th 2023. Valid for: 3 months.

This is the only time promodirect.client.redpanda.systems was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	24.234.149.42 24.234.149.42		22773 (ASN-CXA-A...) (ASN-CXA-ALL-CCI-22773-RDC)
9	1

9 24.234.149.42 (Henderson, United States)

ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US)
PTR: mail.nigrodevelopment.net

promodirect.client.redpanda.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	redpanda.systems promodirect.client.redpanda.systems	1 MB
9	1

	Domain	Requested by
9	promodirect.client.redpanda.systems	promodirect.client.redpanda.systems
9	1

This site contains no links.

Subject Issuer	Validity	Valid
promodirect.client.redpanda.systems R3	`2023-09-27` - `2023-12-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://promodirect.client.redpanda.systems/
Frame ID: 56009CFA27106873DE6F8B62C5C86F17
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

COMET

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1432 kB
Transfer

5607 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
promodirect.client.redpanda.systems/ 1 KB
670 B 608ms
195ms Document
text/html 24.234.149.42
ASN-CXA-ALL-CCI-2...

General

Check archive.org

Show headers Download Go to

Full URL

https://promodirect.client.redpanda.systems/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

24.234.149.42 Henderson, United States, ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US),

Reverse DNS

mail.nigrodevelopment.net

Software

cometd/23.8.1 /

Resource Hash

62ebe8be59b6220c624c8866a3e8b080ad2d3c92cd8eacf68fb79128e79722d9

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 492
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 01:41:51 GMT
expires: 0
last-modified: Wed, 27 Sep 2023 01:39:49 GMT
pragma: no-cache
server: cometd/23.8.1
x-frame-options: DENY

GET
H2 200 vendor.646b2046d39a1b3fb4e6.css
promodirect.client.redpanda.systems/ 3 KB
1 KB 193ms
192ms Stylesheet
text/css 24.234.149.42
ASN-CXA-ALL-CCI-2...

General

Check archive.org

Show headers Download Go to

Full URL

https://promodirect.client.redpanda.systems/vendor.646b2046d39a1b3fb4e6.css

Requested by

Host: promodirect.client.redpanda.systems
URL: https://promodirect.client.redpanda.systems/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

24.234.149.42 Henderson, United States, ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US),

Reverse DNS

mail.nigrodevelopment.net

Software

cometd/23.8.1 /

Resource Hash

8f3eb6d19fb72a8118481c9e573131e1bbae8b2e95cc9ac4a70d49673f16d421

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://promodirect.client.redpanda.systems/
Origin: https://promodirect.client.redpanda.systems
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 01:41:51 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 01:39:49 GMT
server: cometd/23.8.1
x-frame-options: DENY
content-type: text/css; charset=utf-8
accept-ranges: bytes
content-length: 979

GET
H2 200 app.646b2046d39a1b3fb4e6.css
promodirect.client.redpanda.systems/ 1 MB
100 KB 195ms
194ms Stylesheet
text/css 24.234.149.42
ASN-CXA-ALL-CCI-2...

General

Check archive.org

Show headers Download Go to

Full URL

https://promodirect.client.redpanda.systems/app.646b2046d39a1b3fb4e6.css

Requested by

Host: promodirect.client.redpanda.systems
URL: https://promodirect.client.redpanda.systems/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

24.234.149.42 Henderson, United States, ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US),

Reverse DNS

mail.nigrodevelopment.net

Software

cometd/23.8.1 /

Resource Hash

d939150f025b17d7b31e92e51b4fb2f481bdaade1ea1e8c427c27f03b13dda3f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://promodirect.client.redpanda.systems/
Origin: https://promodirect.client.redpanda.systems
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 01:41:51 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 01:39:49 GMT
server: cometd/23.8.1
accept-ranges: bytes
x-frame-options: DENY
content-type: text/css; charset=utf-8

GET
H2 200 vendor.646b2046d39a1b3fb4e6.js Show response
promodirect.client.redpanda.systems/ 2 MB
407 KB 581ms
581ms Script
application/javascript 24.234.149.42
ASN-CXA-ALL-CCI-2...

General

Check archive.org

Show headers Download Go to

Full URL

https://promodirect.client.redpanda.systems/vendor.646b2046d39a1b3fb4e6.js

Requested by

Host: promodirect.client.redpanda.systems
URL: https://promodirect.client.redpanda.systems/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

24.234.149.42 Henderson, United States, ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US),

Reverse DNS

mail.nigrodevelopment.net

Software

cometd/23.8.1 /

Resource Hash

d8e9dc4b951f205800438e3ccd31d28af0c8723ca94758dd0f3becebfd845529

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://promodirect.client.redpanda.systems/
Origin: https://promodirect.client.redpanda.systems
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 01:41:51 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 01:39:49 GMT
server: cometd/23.8.1
accept-ranges: bytes
x-frame-options: DENY
content-type: application/javascript

GET
H2 200 app.646b2046d39a1b3fb4e6.js Show response
promodirect.client.redpanda.systems/ 2 MB
427 KB 190ms
189ms Script
application/javascript 24.234.149.42
ASN-CXA-ALL-CCI-2...

General

Check archive.org

Show headers Download Go to

Full URL

https://promodirect.client.redpanda.systems/app.646b2046d39a1b3fb4e6.js

Requested by

Host: promodirect.client.redpanda.systems
URL: https://promodirect.client.redpanda.systems/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

24.234.149.42 Henderson, United States, ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US),

Reverse DNS

mail.nigrodevelopment.net

Software

cometd/23.8.1 /

Resource Hash

cf42e6254fc221084f82202ee6dcb0f9172b169af151b0533c5cb198b0a52198

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://promodirect.client.redpanda.systems/
Origin: https://promodirect.client.redpanda.systems
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 01:41:52 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 01:39:49 GMT
server: cometd/23.8.1
accept-ranges: bytes
x-frame-options: DENY
content-type: application/javascript

GET
H2 200 branding.props Show response
promodirect.client.redpanda.systems/gen/ 260 B
272 B 190ms
190ms XHR
application/json 24.234.149.42
ASN-CXA-ALL-CCI-2...

General

Check archive.org

Show headers Download Go to

Full URL: https://promodirect.client.redpanda.systems/gen/branding.props
Requested by: Host: promodirect.client.redpanda.systems
URL: https://promodirect.client.redpanda.systems/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.234.149.42 Henderson, United States, ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US),
Reverse DNS: mail.nigrodevelopment.net
Software: cometd/23.8.1 /
Resource Hash: 8352e70ce74af854c3a602fb603e7d7c5375b6b214c58f4402c9b3ad3e295ed2

Request headers

Accept: */*
Referer: https://promodirect.client.redpanda.systems/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 01:41:53 GMT
content-encoding: gzip
server: cometd/23.8.1
content-length: 206
content-type: application/json

GET
H2 200 logo.img
promodirect.client.redpanda.systems/gen/ 8 KB
8 KB 190ms
190ms Image
image/svg+xml 24.234.149.42
ASN-CXA-ALL-CCI-2...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promodirect.client.redpanda.systems/gen/logo.img?v=23.8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.234.149.42 Henderson, United States, ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US),
Reverse DNS: mail.nigrodevelopment.net
Software: cometd/23.8.1 /
Resource Hash: d31a77bae005a6f2f2de6f51c7052b432b51c55103b4da33c3bd9208e31f162f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promodirect.client.redpanda.systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 01:41:53 GMT
last-modified: Wed, 27 Sep 2023 01:39:49 GMT
server: cometd/23.8.1
accept-ranges: bytes
content-length: 7823
content-type: image/svg+xml

GET
H2 200 iconsax.woff2
promodirect.client.redpanda.systems/fonts/ 225 KB
218 KB 190ms
190ms Font
application/octet-stream 24.234.149.42
ASN-CXA-ALL-CCI-2...

General

Check archive.org

Show headers Download Go to

Full URL

https://promodirect.client.redpanda.systems/fonts/iconsax.woff2

Requested by

Host: promodirect.client.redpanda.systems
URL: https://promodirect.client.redpanda.systems/app.646b2046d39a1b3fb4e6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

24.234.149.42 Henderson, United States, ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US),

Reverse DNS

mail.nigrodevelopment.net

Software

cometd/23.8.1 /

Resource Hash

09c23a0568ef9b810567b44c69f0b8272db10938e24048c2652a533619e54ef0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://promodirect.client.redpanda.systems/app.646b2046d39a1b3fb4e6.css
Origin: https://promodirect.client.redpanda.systems
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 01:41:53 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 01:39:49 GMT
server: cometd/23.8.1
accept-ranges: bytes
x-frame-options: DENY
content-type: application/octet-stream

GET
H2 200 materialdesignicons-webfont.woff2
promodirect.client.redpanda.systems/fonts/ 276 KB
270 KB 200ms
200ms Font
application/octet-stream 24.234.149.42
ASN-CXA-ALL-CCI-2...

General

Check archive.org

Show headers Download Go to

Full URL

https://promodirect.client.redpanda.systems/fonts/materialdesignicons-webfont.woff2

Requested by

Host: promodirect.client.redpanda.systems
URL: https://promodirect.client.redpanda.systems/app.646b2046d39a1b3fb4e6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

24.234.149.42 Henderson, United States, ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US),

Reverse DNS

mail.nigrodevelopment.net

Software

cometd/23.8.1 /

Resource Hash

e06fcbdadc0b72cf9cf8477bb3b1f1dfe22b59abdae824ecbb34fa7fd75f2e9f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://promodirect.client.redpanda.systems/app.646b2046d39a1b3fb4e6.css
Origin: https://promodirect.client.redpanda.systems
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 01:41:53 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 01:39:49 GMT
server: cometd/23.8.1
accept-ranges: bytes
x-frame-options: DENY
content-type: application/octet-stream

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

promodirect.client.redpanda.systems
24.234.149.42
09c23a0568ef9b810567b44c69f0b8272db10938e24048c2652a533619e54ef0
62ebe8be59b6220c624c8866a3e8b080ad2d3c92cd8eacf68fb79128e79722d9
8352e70ce74af854c3a602fb603e7d7c5375b6b214c58f4402c9b3ad3e295ed2
8f3eb6d19fb72a8118481c9e573131e1bbae8b2e95cc9ac4a70d49673f16d421
cf42e6254fc221084f82202ee6dcb0f9172b169af151b0533c5cb198b0a52198
d31a77bae005a6f2f2de6f51c7052b432b51c55103b4da33c3bd9208e31f162f
d8e9dc4b951f205800438e3ccd31d28af0c8723ca94758dd0f3becebfd845529
d939150f025b17d7b31e92e51b4fb2f481bdaade1ea1e8c427c27f03b13dda3f
e06fcbdadc0b72cf9cf8477bb3b1f1dfe22b59abdae824ecbb34fa7fd75f2e9f

promodirect.client.redpanda.systems Open in urlscan Pro 24.234.149.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1432 kBTransfer

5607 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

promodirect.client.redpanda.systems Open in urlscan Pro
24.234.149.42 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1432 kB
Transfer

5607 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions