wick.nabur.org
Open in
urlscan Pro
44.225.81.229
Public Scan
Submission Tags: phishingrod
Submission: On December 30 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 30th 2023. Valid for: 3 months.
This is the only time wick.nabur.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 44.225.81.229 44.225.81.229 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:82b::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:303... 2606:4700:3030::6815:41c3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 34.120.195.249 34.120.195.249 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
3 | 2606:4700::68... 2606:4700::6812:d63b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 7 |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-81-229.us-west-2.compute.amazonaws.com
wick.nabur.org | |
wick-server.nabur.org |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o4503920793944064.ingest.sentry.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
nabur.org
wick.nabur.org wick-server.nabur.org |
1 MB |
4 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189 |
406 B |
3 |
onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4165 onesignal.com — Cisco Umbrella Rank: 1473 |
73 KB |
2 |
sentry.io
o4503920793944064.ingest.sentry.io |
423 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
152 KB |
1 |
lr-in-prod.com
cdn.lr-in-prod.com — Cisco Umbrella Rank: 17893 r.lr-in-prod.com Failed |
164 KB |
24 | 6 |
Domain | Requested by | |
---|---|---|
5 | wick-server.nabur.org |
wick.nabur.org
|
4 | region1.google-analytics.com |
wick.nabur.org
|
4 | wick.nabur.org |
wick.nabur.org
|
2 | cdn.onesignal.com |
wick.nabur.org
cdn.onesignal.com |
2 | o4503920793944064.ingest.sentry.io |
wick.nabur.org
|
2 | www.googletagmanager.com |
wick.nabur.org
www.googletagmanager.com |
1 | onesignal.com |
cdn.onesignal.com
|
1 | cdn.lr-in-prod.com |
wick.nabur.org
|
0 | r.lr-in-prod.com Failed |
wick.nabur.org
|
24 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wick.nabur.org R3 |
2023-12-30 - 2024-03-29 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-13 - 2024-03-12 |
a year | crt.sh |
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-02 - 2024-12-02 |
a year | crt.sh |
wick-server.nabur.org R3 |
2023-11-05 - 2024-02-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://wick.nabur.org/
Frame ID: 74B44DCDA8961C7A44F4750786E45842
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
NABURDetected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
OneSignal (Marketing automation) Expand
Detected patterns
- cdn\.onesignal\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
wick.nabur.org/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.e171e6ee.js
wick.nabur.org/assets/ |
4 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.66099dbd.css
wick.nabur.org/assets/ |
99 KB 99 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
187 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
244 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 253 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logger-1.min.js
cdn.lr-in-prod.com/ |
827 KB 164 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
o4503920793944064.ingest.sentry.io/api/4503924547321856/envelope/ |
2 B 324 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web.3df7df46.js
wick.nabur.org/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9805c531-1921-4e6a-b37d-464caffedd18
https://wick.nabur.org/ |
461 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ |
284 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web
onesignal.com/api/v1/sync/90e682a5-e977-42c7-83d3-8361e48d1a78/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
wick-server.nabur.org/token/ |
592 B 673 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
wick-server.nabur.org/token/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
o4503920793944064.ingest.sentry.io/api/4503924547321856/envelope/ |
41 B 99 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
graphql
wick-server.nabur.org/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
wick-server.nabur.org/ |
268 B 327 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
graphql
wick-server.nabur.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
graphql
wick-server.nabur.org/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
i
r.lr-in-prod.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 45 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- wick-server.nabur.org
- URL
- https://wick-server.nabur.org/graphql
- Domain
- r.lr-in-prod.com
- URL
- https://r.lr-in-prod.com/i?a=ezxicd%2Fnabur&r=5-28df1897-69ac-4919-9440-f7e7acecfb94&t=1f2fbd0b-9f1c-4c60-9cd4-cd51f5a99f59&s=0&rs=0%2Cu&u=50085b5c-9b9f-415b-baf9-a112c5a82893&is=1
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| CapacitorPlatforms object| Capacitor object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| _lrMutationObserver function| _lr_surl_cb object| __SDKCONFIG__ object| __SENTRY__ object| plugins function| _lrXMLHttpRequest object| Ionic function| _LRLogger boolean| _lr_loaded function| OneSignal number| __oneSignalSdkLoadCount function| __jp06 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nabur.org/ | Name: _ga Value: GA1.1.697600279.1703937503 |
|
.nabur.org/ | Name: _ga_VQNS0YFKNP Value: GS1.1.1703937503.1.0.1703937503.0.0.0 |
|
.onesignal.com/ | Name: __cf_bm Value: e0oxDourjyuaVg9cAGw5l50JABuw.qfLgNb1B_4XtZI-1703937504-1-AUnHWBWC/9iH8/CB9aFxr2uXyCxTcjZy7wLUUUAEGNKPxir69L4STIRElzNnwAKC0REmEgcTlwQGHPb4x9mxs7Y= |
|
wick.nabur.org/ | Name: _lr_tabs_-ezxicd%2Fnabur Value: {%22sessionID%22:0%2C%22recordingID%22:%225-28df1897-69ac-4919-9440-f7e7acecfb94%22%2C%22webViewID%22:null%2C%22lastActivity%22:1703937504597} |
|
wick.nabur.org/ | Name: _lr_hb_-ezxicd%2Fnabur Value: {%22heartbeat%22:1703937504598} |
|
wick.nabur.org/ | Name: _lr_uf_-ezxicd Value: a3194d13-b083-4acb-933d-29f9e82c1198 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.lr-in-prod.com
cdn.onesignal.com
o4503920793944064.ingest.sentry.io
onesignal.com
r.lr-in-prod.com
region1.google-analytics.com
wick-server.nabur.org
wick.nabur.org
www.googletagmanager.com
r.lr-in-prod.com
wick-server.nabur.org
2001:4860:4802:34::36
2606:4700:3030::6815:41c3
2606:4700::6812:d63b
2a00:1450:4001:82b::2008
34.120.195.249
44.225.81.229
0b4281a4db8dfaf5753340210551b06352b205ffd1f4e79ab41a28ce36743e63
15780e02737286fe3bbed4a1b5428d56a4b92e0b7ede7eeb6fd1ae67e9d170b2
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
52e0dcb7253dca4573b37151d41f2d6afed7cd6051fb7862914196733a3d810f
64c05f326023671db4843956161436ce0f7b9376fcbb878ca728744ae239ac43
66099dbdce18f3df85d4c9fae258c0cb73dfa341f419be2a2d3ea8c2c41df083
6e3614911c62c87cf922649b4b7d6d321aceb0f2b430e15640f06d4dae2f70df
8576d905876b01f12d1dfee3edc169e764bbde61f2bdc3735b83d5a19624a8ee
8b386d883786cc646478a72d1367400905bf04730557f43e1039a5c13a3b3551
8c189e93d519d928d926e4956c18ff14070d81e58b154f40ef73f422666d8d80
a87c1af711b1c50181b9a20cc2ad785ff36d3925ca153910521188482e7c495b
b503dcbc5e7e83387b573ae1318efa6dd355bfaaca7213cb78c1ae6919e91ab3
ca8a477e466b85753e8aeaf5cf24abca248c619b94e9e555a81e9cc8981652be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a