fwnitro.caitsith2.com
Open in
urlscan Pro
172.67.135.75
Public Scan
Submission Tags: phishingrod
Submission: On May 08 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on March 12th 2024. Valid for: 3 months.
This is the only time fwnitro.caitsith2.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 172.67.135.75 172.67.135.75 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 2 | 151.101.65.21 151.101.65.21 | 54113 (FASTLY) (FASTLY) | |
2 | 192.229.221.25 192.229.221.25 | 15133 (EDGECAST) (EDGECAST) | |
15 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
caitsith2.com
fwnitro.caitsith2.com |
349 KB |
2 |
paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2599 |
3 KB |
2 |
paypal.com
2 redirects
www.paypal.com — Cisco Umbrella Rank: 2954 |
1 KB |
15 | 3 |
Domain | Requested by | |
---|---|---|
13 | fwnitro.caitsith2.com |
fwnitro.caitsith2.com
|
2 | www.paypalobjects.com |
fwnitro.caitsith2.com
|
2 | www.paypal.com | 2 redirects |
15 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
caitsith2.com GTS CA 1P5 |
2024-03-12 - 2024-06-10 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://fwnitro.caitsith2.com/
Frame ID: 32E32F5E399DC1C73AE389EB9CF5CBB6
Requests: 15 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.paypal.com/en_US/i/btn/x-click-but04.gif HTTP 301
- https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
- https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
- https://www.paypalobjects.com/en_US/i/scr/pixel.gif
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
fwnitro.caitsith2.com/ |
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x-click-but04.gif
www.paypalobjects.com/en_US/i/btn/ Redirect Chain
|
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
www.paypalobjects.com/en_US/i/scr/ Redirect Chain
|
43 B 442 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main%20menu.jpg
fwnitro.caitsith2.com/images/screen%20shots/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
config%20menu.JPG
fwnitro.caitsith2.com/images/screen%20shots/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wifi%20setting.jpg
fwnitro.caitsith2.com/images/screen%20shots/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
user%20preferences.jpg
fwnitro.caitsith2.com/images/screen%20shots/ |
33 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rtc%20setting.jpg
fwnitro.caitsith2.com/images/screen%20shots/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
alarm%20clock%20main.jpg
fwnitro.caitsith2.com/images/screen%20shots/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
alarm%20clock%20settings.jpg
fwnitro.caitsith2.com/images/screen%20shots/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
memory%20viewer.jpg
fwnitro.caitsith2.com/images/screen%20shots/ |
48 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
programming%20mode.jpg
fwnitro.caitsith2.com/images/screen%20shots/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mkds%20offline%20course%20hack.jpg
fwnitro.caitsith2.com/images/screen%20shots/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
card%20dumper.jpg
fwnitro.caitsith2.com/images/screen%20shots/ |
25 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
fwnitro.caitsith2.com/ |
1 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.paypal.com/ | Name: ts Value: vreXpYrS%3D1809744382%26vteXpYrS%3D1715138182%26vr%3D561847fe18f0a556008d0d24ffaa929a%26vt%3D561847fe18f0a556008d0d24ffaa9299%26vtyp%3Dnew |
|
.paypal.com/ | Name: ts_c Value: vr%3D561847fe18f0a556008d0d24ffaa929a%26vt%3D561847fe18f0a556008d0d24ffaa9299 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15552000; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fwnitro.caitsith2.com
www.paypal.com
www.paypalobjects.com
151.101.65.21
172.67.135.75
192.229.221.25
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
5158238c8385a1dbfbdfae38e1f9e753819fcd802f81db87958d3e4806527139
5640beb86484238fcbd5c7d9190463717238346b8842513e94a25a68d8a2611b
5ea25820408429e29133fa706451135aec8b500d4db8c795582c72960b58ae1d
9a3aa3f63693ce54b0256fcb57c17beb7cc55c37ca10308727103726d362a72a
a031dc5604035a30a416c810264c3298ee2e0a61f5f6a3a4bf49ac0c0872cc99
a8f36837d21e73e1a17fa2936ec161187b3d1e6b08c0335433aec8153cd41049
d581de48435826cf7d392f5a01a8fe19c1cf474198c015aa7142da8a7777c938
d608306174804a86c1bdd9d746169bdbe9bf11cdda0e956f3f60e1aab3f4e49c
d88741aa2bdebb21744ac70e684fc68723d96905fdc30a2ba341f6ebe608e475
d8eb7f25815165374ca1857a0e427e0d13e01cde59dcc55b691c1f33dda0a82f
df2242b147f154f7b1a67cf5c4c79098f8c1b3da35a3cae30d8a041a59209678
e7681ab07099de49b94d6db788009695c3dcb5d63ac81bc3e322b68a7db9d54e
f074ae0293d9691e6f5ff652c5998f38007c87c68d051757a87825a99500f78b