tqnqt.tunnelbuilder.top
Open in
urlscan Pro
104.21.22.198
Public Scan
Effective URL: https://tqnqt.tunnelbuilder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&hash=7hu7_abZg_tfMKUt_n27pg&exp=1686849688
Submission Tags: falconsandbox
Submission: On June 15 via api from US — Scanned from SG
Summary
TLS certificate: Issued by E1 on May 25th 2023. Valid for: 3 months.
This is the only time tqnqt.tunnelbuilder.top was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 184.168.102.96 184.168.102.96 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 | 91.238.104.193 91.238.104.193 | 50321 (BYTES-AS) (BYTES-AS) | |
1 4 | 2.59.222.113 2.59.222.113 | 209155 (ONEHOSTPL...) (ONEHOSTPLANET) | |
1 3 | 134.209.192.77 134.209.192.77 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 1 | 104.21.22.161 104.21.22.161 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 104.21.22.198 104.21.22.198 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.67.192.33 172.67.192.33 | () () | |
20 | 7 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 96.102.168.184.host.secureserver.net
morgenhealthcare.in |
ASN209155 (ONEHOSTPLANET, CZ)
block.descriptionscripts.com | |
fire.descriptionscripts.com |
ASN14061 (DIGITALOCEAN-ASN, US)
desirebluestock.com | |
0.desirebluestock.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
tunnelbuilder.top
tqnqt.tunnelbuilder.top |
28 KB |
4 |
descriptionscripts.com
1 redirects
block.descriptionscripts.com fire.descriptionscripts.com Failed |
4 KB |
3 |
desirebluestock.com
desirebluestock.com Failed 0.desirebluestock.com |
105 KB |
2 |
morgenhealthcare.in
1 redirects
morgenhealthcare.in |
1 KB |
1 |
streampsh.top
js.streampsh.top |
2 KB |
1 |
rigelbetelgeuse.top
1 redirects
tqnqt.rigelbetelgeuse.top |
693 B |
1 |
clickandanalytics.com
click.clickandanalytics.com |
648 B |
0 |
js2json.com
Failed
js2json.com Failed |
|
20 | 8 |
Domain | Requested by | |
---|---|---|
6 | tqnqt.tunnelbuilder.top |
morgenhealthcare.in
tqnqt.tunnelbuilder.top |
2 | 0.desirebluestock.com |
1 redirects
morgenhealthcare.in
|
2 | fire.descriptionscripts.com |
block.descriptionscripts.com
|
2 | block.descriptionscripts.com |
morgenhealthcare.in
block.descriptionscripts.com |
2 | morgenhealthcare.in | 1 redirects |
1 | js.streampsh.top |
tqnqt.tunnelbuilder.top
js.streampsh.top |
1 | tqnqt.rigelbetelgeuse.top | 1 redirects |
1 | desirebluestock.com |
fire.descriptionscripts.com
|
1 | click.clickandanalytics.com |
morgenhealthcare.in
|
0 | js2json.com Failed |
tqnqt.tunnelbuilder.top
|
20 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
morgenhealthcare.in Sectigo RSA Domain Validation Secure Server CA |
2022-11-07 - 2023-11-07 |
a year | crt.sh |
click.clickandanalytics.com R3 |
2023-05-21 - 2023-08-19 |
3 months | crt.sh |
block.descriptionscripts.com R3 |
2023-04-28 - 2023-07-27 |
3 months | crt.sh |
fire.descriptionscripts.com R3 |
2023-04-21 - 2023-07-20 |
3 months | crt.sh |
desirepurplestock.com R3 |
2023-05-11 - 2023-08-09 |
3 months | crt.sh |
tunnelbuilder.top E1 |
2023-05-25 - 2023-08-23 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-25 - 2024-03-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://tqnqt.tunnelbuilder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&hash=7hu7_abZg_tfMKUt_n27pg&exp=1686849688
Frame ID: EE1489A2D9119FD9FAAB908148AF4534
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Press “Allow” to verify, that you are not a robotPage URL History Show full URLs
-
https://morgenhealthcare.in/qucu/?1
HTTP 302
https://morgenhealthcare.in/ Page URL
-
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463
HTTP 302
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463&kid=lonely Page URL
- https://desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=tiny Page URL
- https://0.desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=tiny Page URL
-
https://0.desirebluestock.com/?auf=hbrwkodege5diojygyxtqmbrgixtemzpge3dqnrygq4tgobx&s=1&sub1=&sub2=tiny&su...
HTTP 302
https://tqnqt.rigelbetelgeuse.top/?pl=jPYNfiJs70uLjptRAgGw_A HTTP 302
https://tqnqt.tunnelbuilder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&hash=7hu7_abZg_tfMKUt_n2... Page URL
Detected technologies
Nuxt.js (JavaScript Frameworks) ExpandDetected patterns
- <div [^>]*id="__nuxt"
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://morgenhealthcare.in/qucu/?1
HTTP 302
https://morgenhealthcare.in/ Page URL
-
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463
HTTP 302
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463&kid=lonely Page URL
- https://desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=tiny Page URL
- https://0.desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=tiny Page URL
-
https://0.desirebluestock.com/?auf=hbrwkodege5diojygyxtqmbrgixtemzpge3dqnrygq4tgobx&s=1&sub1=&sub2=tiny&sub3=&sub4=&cpc=0&cpm=0
HTTP 302
https://tqnqt.rigelbetelgeuse.top/?pl=jPYNfiJs70uLjptRAgGw_A HTTP 302
https://tqnqt.tunnelbuilder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&hash=7hu7_abZg_tfMKUt_n27pg&exp=1686849688 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://morgenhealthcare.in/qucu/?1 HTTP 302
- https://morgenhealthcare.in/
- https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463 HTTP 302
- https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463&kid=lonely
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
morgenhealthcare.in/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
take
click.clickandanalytics.com/ |
0 648 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
path.js
block.descriptionscripts.com/scripts/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
block.descriptionscripts.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
get.php
fire.descriptionscripts.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get.php
fire.descriptionscripts.com/ Redirect Chain
|
839 B 572 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
desirebluestock.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
desirebluestock.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
desirebluestock.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
desirebluestock.com/ |
52 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
0.desirebluestock.com/ |
52 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
tqnqt.tunnelbuilder.top/eyes-robot/ Redirect Chain
|
1 KB 925 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trls.js
tqnqt.tunnelbuilder.top/eyes-robot/assets/ |
11 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
tqnqt.tunnelbuilder.top/eyes-robot/assets/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1.png
tqnqt.tunnelbuilder.top/eyes-robot/assets/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2.png
tqnqt.tunnelbuilder.top/eyes-robot/assets/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pl.js
js.streampsh.top/ps/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
script.js
js2json.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image.png
tqnqt.tunnelbuilder.top/eyes-robot/assets/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ps.js
js.streampsh.top/ps/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fire.descriptionscripts.com
- URL
- https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463
- Domain
- desirebluestock.com
- URL
- https://desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=tiny
- Domain
- desirebluestock.com
- URL
- https://desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=tiny
- Domain
- desirebluestock.com
- URL
- https://desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=tiny
- Domain
- js2json.com
- URL
- https://js2json.com/script.js
- Domain
- js.streampsh.top
- URL
- https://js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&click_id=&sub_id=&appspot=
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| translation object| rtlLangs string| browserLang string| siteLang number| extTpl function| detect_language function| replace_text function| translation_available function| translate function| getParameterByName function| docReady8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
morgenhealthcare.in/ | Name: wpcurrentimes Value: 1 |
|
.desirebluestock.com/ | Name: uuid Value: e15113ec-2000-44fa-8093-b36ca92563a8 |
|
.0.desirebluestock.com/ | Name: uuid Value: e15113ec-2000-44fa-8093-b36ca92563a8 |
|
0.desirebluestock.com/ | Name: uuid Value: e15113ec-2000-44fa-8093-b36ca92563a8 |
|
.0.desirebluestock.com/ | Name: ccid Value: %5B170878%5D |
|
tqnqt.rigelbetelgeuse.top/ | Name: jPYNfiJs70uLjptRAgGw_A Value: 5 |
|
tqnqt.rigelbetelgeuse.top/ | Name: __pl Value: b35a35ac-8ef7-43bd-a83e-a8f38ea64388 |
|
tqnqt.rigelbetelgeuse.top/ | Name: __cap Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0.desirebluestock.com
block.descriptionscripts.com
click.clickandanalytics.com
desirebluestock.com
fire.descriptionscripts.com
js.streampsh.top
js2json.com
morgenhealthcare.in
tqnqt.rigelbetelgeuse.top
tqnqt.tunnelbuilder.top
desirebluestock.com
fire.descriptionscripts.com
js.streampsh.top
js2json.com
104.21.22.161
104.21.22.198
134.209.192.77
172.67.192.33
184.168.102.96
2.59.222.113
91.238.104.193
049335476932d7ea96625777f9878ea9e84dde6fb33dea9b0d5a6018665371df
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
427bb9a7938a54dce4ce088f2650e3eea2ed7ceb3cbe104077cd3b805a1fdede
529dd8ea11d7b6bde9ede6752ee17c3975bea2947c471e38452cf8a2cf00f543
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
a9289a6d5d475cdbff4e9ec8518befde4aa7730ada5f2244aa9799e15230cc8d
daa69a5e86f32de4ab6cdac3ee241b8a3b7a30d60ecb335bfc20236fb675cbdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f