www.itcosmetics.com
Open in
urlscan Pro
2606:4700:4400::6812:2bb7
Public Scan
Effective URL: https://www.itcosmetics.com/itgirlsuperheroes?utm_campaign=Milestone%3A_Sharer&utm_medium=X&utm_source=SocialToaster
Submission Tags: 0xscam
Submission: On November 30 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on October 12th 2024. Valid for: 3 months.
This is the only time www.itcosmetics.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 45.223.28.115 45.223.28.115 | 19551 (INCAPSULA) (INCAPSULA) | |
2 2 | 34.117.33.22 34.117.33.22 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 6 | 2606:4700:440... 2606:4700:4400::6812:2bb7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.18.94.41 104.18.94.41 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.18.95.41 104.18.95.41 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 5 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.33.117.34.bc.googleusercontent.com
my.socialtoaster.com |
ASN13335 (CLOUDFLARENET, US)
itcosmetics.com | |
www.itcosmetics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
itcosmetics.com
1 redirects
itcosmetics.com — Cisco Umbrella Rank: 442859 www.itcosmetics.com — Cisco Umbrella Rank: 661842 |
63 KB |
3 |
sot.ag
sot.ag |
99 KB |
2 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147 |
16 KB |
2 |
socialtoaster.com
2 redirects
my.socialtoaster.com — Cisco Umbrella Rank: 595445 |
611 B |
13 | 4 |
Domain | Requested by | |
---|---|---|
5 | www.itcosmetics.com |
sot.ag
www.itcosmetics.com |
3 | sot.ag |
sot.ag
|
2 | challenges.cloudflare.com |
www.itcosmetics.com
challenges.cloudflare.com |
2 | my.socialtoaster.com | 2 redirects |
1 | itcosmetics.com | 1 redirects |
13 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cloudflare.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q3 |
2024-09-19 - 2025-03-18 |
6 months | crt.sh |
itcosmetics.com WE1 |
2024-10-12 - 2025-01-10 |
3 months | crt.sh |
challenges.cloudflare.com WE1 |
2024-11-03 - 2025-02-01 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.itcosmetics.com/itgirlsuperheroes?utm_campaign=Milestone%3A_Sharer&utm_medium=X&utm_source=SocialToaster
Frame ID: 86874B9D6E2F91E15CFD8BA99E6825BB
Requests: 10 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cfq86/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: B795D2757C9DE342AC153EEF20329BC7
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Nur einen Moment…Page URL History Show full URLs
-
http://sot.ag/4Qzky
HTTP 307
https://sot.ag/4Qzky Page URL
-
https://my.socialtoaster.com/4Qzky/bypass/
HTTP 302
http://my.socialtoaster.com/splash/4Qzky/ HTTP 307
https://my.socialtoaster.com/splash/4Qzky/ HTTP 302
http://itcosmetics.com/itgirlsuperheroes?utm_campaign=Milestone%3A_Sharer&utm_medium=X&utm_source=S... HTTP 307
https://itcosmetics.com/itgirlsuperheroes?utm_campaign=Milestone%3A_Sharer&utm_medium=X&utm_source=S... HTTP 301
https://www.itcosmetics.com/itgirlsuperheroes?utm_campaign=Milestone%3A_Sharer&utm_medium=X&utm_source=S... Page URL
Detected technologies
Imperva (Security) ExpandDetected patterns
- /_Incapsula_Resource
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Cloudflare
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://sot.ag/4Qzky
HTTP 307
https://sot.ag/4Qzky Page URL
-
https://my.socialtoaster.com/4Qzky/bypass/
HTTP 302
http://my.socialtoaster.com/splash/4Qzky/ HTTP 307
https://my.socialtoaster.com/splash/4Qzky/ HTTP 302
http://itcosmetics.com/itgirlsuperheroes?utm_campaign=Milestone%3A_Sharer&utm_medium=X&utm_source=SocialToaster HTTP 307
https://itcosmetics.com/itgirlsuperheroes?utm_campaign=Milestone%3A_Sharer&utm_medium=X&utm_source=SocialToaster HTTP 301
https://www.itcosmetics.com/itgirlsuperheroes?utm_campaign=Milestone%3A_Sharer&utm_medium=X&utm_source=SocialToaster Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://sot.ag/4Qzky HTTP 307
- https://sot.ag/4Qzky
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
4Qzky
sot.ag/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kippill-put-at-the-Eyes-Thancould-wer-Fraid-thei
sot.ag/ |
241 KB 78 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Incapsula_Resource
sot.ag/ |
80 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
itgirlsuperheroes
www.itcosmetics.com/ Redirect Chain
|
9 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
kippill-put-at-the-Eyes-Thancould-wer-Fraid-thei
sot.ag/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
www.itcosmetics.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ |
101 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0d73df72-f245-479e-bab4-e538c726d106
https://www.itcosmetics.com/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/ |
47 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.itcosmetics.com/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
XYTO0yYebSRyT2LnZLQIyGI4FJkjKXwZ8sSj916y.dg-1732963807-1.2.1.1-.Uyb5SOyuqiwW9..gfABtYMEX.jCbkr0yffi1I.DT8Anhlh7tUaKB5ZBPrOX9eHn
www.itcosmetics.com/cdn-cgi/challenge-platform/h/b/flow/ov1/828250607:1732961700:tHrp-Irrp0dybDoYOEvY-qQmf5fYMQI5ZaMk8aQTATs/8eaa4655cd435c92/ |
13 KB 9 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.itcosmetics.com/ |
9 KB 6 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
8dddf512-5d6e-493e-8ff8-f436711c31c7
https://www.itcosmetics.com/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cfq86/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame B795 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sot.ag
- URL
- https://sot.ag/kippill-put-at-the-Eyes-Thancould-wer-Fraid-thei?d=sot.ag
- Domain
- www.itcosmetics.com
- URL
- blob:https://www.itcosmetics.com/0d73df72-f245-479e-bab4-e538c726d106
- Domain
- www.itcosmetics.com
- URL
- blob:https://www.itcosmetics.com/8dddf512-5d6e-493e-8ff8-f436711c31c7
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _cf_chl_opt function| sLNwD4 boolean| YlpT0 function| tfuh3 function| dYcI7 function| Hccvv8 function| LCNDU2 object| TpWxk7 object| unnYa3 function| UguGN4 function| LnvX8 function| NxVm3 object| EwpyK3 number| iDah3 object| angular object| uQyOK5 object| turnstile boolean| fTUn6 function| _ string| IXFVy3 boolean| QkNZe08 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sot.ag/ | Name: sessionid Value: kep0dhjqac487eerr5canic2jmrqm3ew |
|
.sot.ag/ | Name: visid_incap_2433984 Value: BNV51+4oQdyLEbAxxLVCbN3tSmcAAAAAQUIPAAAAAADDYO/Ru6zzxzHQ4riJKQxc |
|
.sot.ag/ | Name: nlbi_2433984 Value: Y0Q5de4OvBkdUI6jMs1AiwAAAABiuZ9j1tBhiZqv7rUQVC2h |
|
.sot.ag/ | Name: incap_ses_1849_2433984 Value: m504JXusTQrwzg2Ey/eoGd3tSmcAAAAAlCYmMTkEg5No74WoBSrgZQ== |
|
.sot.ag/ | Name: nlbi_2433984_2147483392 Value: 0jEtFS4fBxWX7Z5uMs1AiwAAAACXj8Vlw2hLvUvbY+Ly/Vx7 |
|
my.socialtoaster.com/ | Name: sessionid Value: wrolw18debif9ku9f6u17k3l4uo1nwpr |
|
my.socialtoaster.com/ | Name: li_id_OTU4 Value: 4Qzky |
|
.itcosmetics.com/ | Name: __cf_bm Value: gEDftfYi4UrcURT5e3fIisfZqMSaf2hNaMGP6o4xAdI-1732963807-1.0.1.1-sfcHrCjCCaHpgSDqDH1EvkK2hY4nZJQw.epdIpxCrD63SuCJ90_cu9bIoUxryTTE4dsKapUbW2b3eB4F.8eGnw |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
itcosmetics.com
my.socialtoaster.com
sot.ag
www.itcosmetics.com
sot.ag
www.itcosmetics.com
104.18.94.41
104.18.95.41
2606:4700:4400::6812:2bb7
34.117.33.22
45.223.28.115
833ed6dcd7a92884c36103f4f5e735f1bc3a75d20ffc351acfc3f9b5401428d8
a62d67341fab03110504713f469295c490ec5238ec665b626bb18cb242134887
b7a8955ae0962bb94ccd2a42666b0148bd5fbaa7fea6fc98f4808c2b5c47f92d
c25cf864082d9730890a247315287be03500c622c06f191b696704a2a9b83242
c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2
e7f86be1e51500228aa45c4532fbe1dea4340c7f30985e9f08de01b63184d58b