urlscan.io logo urlscan.io
SecurityTrails logo

wick.nabur.org Open in urlscan Pro
44.225.81.229  Public Scan

Go To Rescan Add Verdict Report
URL: https://wick.nabur.org/
Submission Tags: phishingrod
Submission: On December 30 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 44.225.81.229, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is wick.nabur.org.
TLS certificate: Issued by R3 on December 30th 2023. Valid for: 3 months.
This is the only time wick.nabur.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 44.225.81.229 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 34.120.195.249 396982 (GOOGLE-CL...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
24 7
9    44.225.81.229 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-81-229.us-west-2.compute.amazonaws.com
wick.nabur.org
wick-server.nabur.org
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:3030::6815:41c3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.lr-in-prod.com
2    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o4503920793944064.ingest.sentry.io
3    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
Apex Domain
Subdomains		 Transfer
9 nabur.org
wick.nabur.org
wick-server.nabur.org
1 MB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
406 B
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4165
onesignal.com — Cisco Umbrella Rank: 1473
73 KB
2 sentry.io
o4503920793944064.ingest.sentry.io
423 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
152 KB
1 lr-in-prod.com
cdn.lr-in-prod.com — Cisco Umbrella Rank: 17893
r.lr-in-prod.com Failed
164 KB
24 6
Domain Requested by
5 wick-server.nabur.org wick.nabur.org
4 region1.google-analytics.com wick.nabur.org
4 wick.nabur.org wick.nabur.org
2 cdn.onesignal.com wick.nabur.org
cdn.onesignal.com
2 o4503920793944064.ingest.sentry.io wick.nabur.org
2 www.googletagmanager.com wick.nabur.org
www.googletagmanager.com
1 onesignal.com cdn.onesignal.com
1 cdn.lr-in-prod.com wick.nabur.org
0 r.lr-in-prod.com Failed wick.nabur.org
24 9

This site contains no links.

Subject Issuer Validity Valid
wick.nabur.org
R3		 2023-12-30 -
2024-03-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-13 -
2024-03-12		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
wick-server.nabur.org
R3		 2023-11-05 -
2024-02-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://wick.nabur.org/
Frame ID: 74B44DCDA8961C7A44F4750786E45842
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NABUR

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

24
Requests

88 %
HTTPS

67 %
IPv6

6
Domains

9
Subdomains

7
IPs

2
Countries

1533 kB
Transfer

5741 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wick.nabur.org/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wick.nabur.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.81.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-81-229.us-west-2.compute.amazonaws.com
Software
nginx/1.15.12 /
Resource Hash
8c189e93d519d928d926e4956c18ff14070d81e58b154f40ef73f422666d8d80

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 30 Dec 2023 11:58:22 GMT
etag
W/"64f0f2ee-92e"
last-modified
Thu, 31 Aug 2023 20:07:10 GMT
server
nginx/1.15.12
index.e171e6ee.js
wick.nabur.org/assets/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://wick.nabur.org/assets/index.e171e6ee.js
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.81.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-81-229.us-west-2.compute.amazonaws.com
Software
nginx/1.15.12 /
Resource Hash
15780e02737286fe3bbed4a1b5428d56a4b92e0b7ede7eeb6fd1ae67e9d170b2

Request headers

Referer
https://wick.nabur.org/
Origin
https://wick.nabur.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:58:23 GMT
content-encoding
gzip
last-modified
Thu, 31 Aug 2023 20:07:10 GMT
server
nginx/1.15.12
etag
W/"64f0f2ee-389591"
content-type
application/javascript
index.66099dbd.css
wick.nabur.org/assets/ 		99 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wick.nabur.org/assets/index.66099dbd.css
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.81.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-81-229.us-west-2.compute.amazonaws.com
Software
nginx/1.15.12 /
Resource Hash
66099dbdce18f3df85d4c9fae258c0cb73dfa341f419be2a2d3ea8c2c41df083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wick.nabur.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:58:23 GMT
last-modified
Thu, 31 Aug 2023 20:07:10 GMT
server
nginx/1.15.12
accept-ranges
bytes
etag
"64f0f2ee-18a7c"
content-length
100988
content-type
text/css
gtm.js
www.googletagmanager.com/ 		187 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PWR5R77
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b503dcbc5e7e83387b573ae1318efa6dd355bfaaca7213cb78c1ae6919e91ab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wick.nabur.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:58:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68498
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 Dec 2023 11:58:23 GMT
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQNS0YFKNP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWR5R77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a87c1af711b1c50181b9a20cc2ad785ff36d3925ca153910521188482e7c495b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wick.nabur.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:58:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86189
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Dec 2023 11:58:23 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-78S3XGC9B3&gtm=45je3bt0v890396882z8890256766&_p=1703937503096&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=697600279.1703937503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703937503&sct=1&seg=0&dl=https%3A%2F%2Fwick.nabur.org%2F&dt=NABUR&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=736
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wick.nabur.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 11:58:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wick.nabur.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VQNS0YFKNP&gtm=45je3bt0v890396882z8890256766&_p=1703937503096&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=697600279.1703937503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703937503&sct=1&seg=0&dl=https%3A%2F%2Fwick.nabur.org%2F&dt=NABUR&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=736
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wick.nabur.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 11:58:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wick.nabur.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger-1.min.js
cdn.lr-in-prod.com/ 		827 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-in-prod.com/logger-1.min.js
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/assets/index.e171e6ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8576d905876b01f12d1dfee3edc169e764bbde61f2bdc3735b83d5a19624a8ee
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wick.nabur.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:58:24 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 28 Dec 2023 20:13:46 GMT
server
cloudflare
x-timer
S1703794675.772648,VS0,VE1
etag
W/"e5765d0c1691f5d04da24456a3e3e5b7ccf243c59788c1e333df33467a1b6ca7"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WK6qYwtUy5uJJxB21%2BIf0yLR7U3vyl9cfi6r%2FqzDC%2FO0P3jEkjuhrDRvScc1XeWxDZfGuJpJNRPAAgOsYBkLZBpUiE%2FB382cCKwkM5FyKCA%2Fw%2BWTXk4phdnO9k4Ei450oiN8HZxUv%2F2m5wofjubP7Yc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
83da1c5b0add3617-FRA
x-cache-hits
1
/
o4503920793944064.ingest.sentry.io/api/4503924547321856/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4503920793944064.ingest.sentry.io/api/4503924547321856/envelope/?sentry_key=feb02f7a3419447286c3e56891c8d18c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.12.1
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://wick.nabur.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 30 Dec 2023 11:58:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/assets/index.e171e6ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wick.nabur.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:58:24 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
677
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83da1c5b8da61976-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 02 Jan 2024 11:58:24 GMT
web.3df7df46.js
wick.nabur.org/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wick.nabur.org/assets/web.3df7df46.js
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/assets/index.e171e6ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.81.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-81-229.us-west-2.compute.amazonaws.com
Software
nginx/1.15.12 /
Resource Hash
6e3614911c62c87cf922649b4b7d6d321aceb0f2b430e15640f06d4dae2f70df

Request headers

Referer
https://wick.nabur.org/assets/index.e171e6ee.js
Origin
https://wick.nabur.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:58:24 GMT
content-encoding
gzip
last-modified
Thu, 31 Aug 2023 20:07:10 GMT
server
nginx/1.15.12
etag
W/"64f0f2ee-988"
content-type
application/javascript
9805c531-1921-4e6a-b37d-464caffedd18
https://wick.nabur.org/ 		461 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wick.nabur.org/9805c531-1921-4e6a-b37d-464caffedd18
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52e0dcb7253dca4573b37151d41f2d6afed7cd6051fb7862914196733a3d810f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
471638
Content-Type
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wick.nabur.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:58:24 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
677
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83da1c5bddf71976-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 02 Jan 2024 11:58:24 GMT
web
onesignal.com/api/v1/sync/90e682a5-e977-42c7-83d3-8361e48d1a78/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/90e682a5-e977-42c7-83d3-8361e48d1a78/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c05f326023671db4843956161436ce0f7b9376fcbb878ca728744ae239ac43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wick.nabur.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:58:24 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a9e53f83-4000-46d7-8875-16bae0d4ac8d
x-runtime
0.032079
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"64c05f326023671db4843956161436ce"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
83da1c5c1e521976-FRA
access-control-allow-headers
SDK-Version
expires
Sat, 30 Dec 2023 12:58:24 GMT
/
wick-server.nabur.org/token/ 		592 B
673 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wick-server.nabur.org/token/
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/assets/index.e171e6ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.81.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-81-229.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
0b4281a4db8dfaf5753340210551b06352b205ffd1f4e79ab41a28ce36743e63

Request headers

Referer
https://wick.nabur.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 30 Dec 2023 11:58:25 GMT
etag
W/"250-6site2ctwWCSpm/BiaRlRq4Q5Ys"
x-powered-by
Express
content-length
592
content-type
application/json; charset=utf-8
/
wick-server.nabur.org/token/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wick-server.nabur.org/token/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.81.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-81-229.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wick.nabur.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-length
0
date
Sat, 30 Dec 2023 11:58:25 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
/
o4503920793944064.ingest.sentry.io/api/4503924547321856/envelope/ 		41 B
99 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4503920793944064.ingest.sentry.io/api/4503924547321856/envelope/?sentry_key=feb02f7a3419447286c3e56891c8d18c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.12.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8b386d883786cc646478a72d1367400905bf04730557f43e1039a5c13a3b3551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://wick.nabur.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 30 Dec 2023 11:58:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
graphql
wick-server.nabur.org/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wick-server.nabur.org/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.81.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-81-229.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://wick.nabur.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-length
0
date
Sat, 30 Dec 2023 11:58:25 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
graphql
wick-server.nabur.org/ 		268 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wick-server.nabur.org/graphql
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/assets/index.e171e6ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.81.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-81-229.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
ca8a477e466b85753e8aeaf5cf24abca248c619b94e9e555a81e9cc8981652be

Request headers

accept
*/*
Referer
https://wick.nabur.org/
accept-language
de-DE,de;q=0.9
authorization
bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI0MzRmZjU4MC01MzM0LTQyNWYtYWRkYS01ZDc2NzQ3MmM5MmUiLCJpYXQiOjE3MDM5Mzc1MDYsInN1YiI6IjY1OTAwNWUxOTUzODkyZjBhZmJiNjdmNCIsInVzZXIiOnsiaWQiOiI2NTkwMDVlMTk1Mzg5MmYwYWZiYjY3ZjQiLCJyb2xlcyI6W10sInN0YXRlIjoiR1VFU1QiLCJlbWFpbCI6bnVsbCwiaXNJbnZpdGVkIjpmYWxzZSwiaXNQcm9maWxlQ29tcGxldGUiOmZhbHNlfX0.m2tJKo759acmGsTKUv2hZq27J_9f_GTU3YaE58AymPU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 30 Dec 2023 11:58:25 GMT
etag
W/"10c-b0gA8o+zrXmn3FNs4nlbcPwILgA"
x-powered-by
Express
content-length
268
content-type
application/json; charset=utf-8
graphql
wick-server.nabur.org/ 		0
0
graphql
wick-server.nabur.org/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wick-server.nabur.org/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.81.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-81-229.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://wick.nabur.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-length
0
date
Sat, 30 Dec 2023 11:58:26 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
i
r.lr-in-prod.com/ 		0
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-78S3XGC9B3&gtm=45je3bt0v890396882&_p=1703937503096&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=697600279.1703937503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703937503&sct=1&seg=0&dl=https%3A%2F%2Fwick.nabur.org%2F&dt=NABUR&en=scroll&epn.percent_scrolled=90&_et=6&tfd=5744
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wick.nabur.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 11:58:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wick.nabur.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VQNS0YFKNP&gtm=45je3bt0v890396882&_p=1703937503096&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=697600279.1703937503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703937503&sct=1&seg=0&dl=https%3A%2F%2Fwick.nabur.org%2F&dt=NABUR&en=scroll&epn.percent_scrolled=90&_et=6&tfd=5744
Requested by
Host: wick.nabur.org
URL: https://wick.nabur.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wick.nabur.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 11:58:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wick.nabur.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wick-server.nabur.org
URL
https://wick-server.nabur.org/graphql
Domain
r.lr-in-prod.com
URL
https://r.lr-in-prod.com/i?a=ezxicd%2Fnabur&r=5-28df1897-69ac-4919-9440-f7e7acecfb94&t=1f2fbd0b-9f1c-4c60-9cd4-cd51f5a99f59&s=0&rs=0%2Cu&u=50085b5c-9b9f-415b-baf9-a112c5a82893&is=1

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| CapacitorPlatforms object| Capacitor object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| _lrMutationObserver function| _lr_surl_cb object| __SDKCONFIG__ object| __SENTRY__ object| plugins function| _lrXMLHttpRequest object| Ionic function| _LRLogger boolean| _lr_loaded function| OneSignal number| __oneSignalSdkLoadCount function| __jp0

6 Cookies

Domain/Path Name / Value
.nabur.org/ Name: _ga
Value: GA1.1.697600279.1703937503
.nabur.org/ Name: _ga_VQNS0YFKNP
Value: GS1.1.1703937503.1.0.1703937503.0.0.0
.onesignal.com/ Name: __cf_bm
Value: e0oxDourjyuaVg9cAGw5l50JABuw.qfLgNb1B_4XtZI-1703937504-1-AUnHWBWC/9iH8/CB9aFxr2uXyCxTcjZy7wLUUUAEGNKPxir69L4STIRElzNnwAKC0REmEgcTlwQGHPb4x9mxs7Y=
wick.nabur.org/ Name: _lr_tabs_-ezxicd%2Fnabur
Value: {%22sessionID%22:0%2C%22recordingID%22:%225-28df1897-69ac-4919-9440-f7e7acecfb94%22%2C%22webViewID%22:null%2C%22lastActivity%22:1703937504597}
wick.nabur.org/ Name: _lr_hb_-ezxicd%2Fnabur
Value: {%22heartbeat%22:1703937504598}
wick.nabur.org/ Name: _lr_uf_-ezxicd
Value: a3194d13-b083-4acb-933d-29f9e82c1198

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.lr-in-prod.com
cdn.onesignal.com
o4503920793944064.ingest.sentry.io
onesignal.com
r.lr-in-prod.com
region1.google-analytics.com
wick-server.nabur.org
wick.nabur.org
www.googletagmanager.com
r.lr-in-prod.com
wick-server.nabur.org
2001:4860:4802:34::36
2606:4700:3030::6815:41c3
2606:4700::6812:d63b
2a00:1450:4001:82b::2008
34.120.195.249
44.225.81.229
0b4281a4db8dfaf5753340210551b06352b205ffd1f4e79ab41a28ce36743e63
15780e02737286fe3bbed4a1b5428d56a4b92e0b7ede7eeb6fd1ae67e9d170b2
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
52e0dcb7253dca4573b37151d41f2d6afed7cd6051fb7862914196733a3d810f
64c05f326023671db4843956161436ce0f7b9376fcbb878ca728744ae239ac43
66099dbdce18f3df85d4c9fae258c0cb73dfa341f419be2a2d3ea8c2c41df083
6e3614911c62c87cf922649b4b7d6d321aceb0f2b430e15640f06d4dae2f70df
8576d905876b01f12d1dfee3edc169e764bbde61f2bdc3735b83d5a19624a8ee
8b386d883786cc646478a72d1367400905bf04730557f43e1039a5c13a3b3551
8c189e93d519d928d926e4956c18ff14070d81e58b154f40ef73f422666d8d80
a87c1af711b1c50181b9a20cc2ad785ff36d3925ca153910521188482e7c495b
b503dcbc5e7e83387b573ae1318efa6dd355bfaaca7213cb78c1ae6919e91ab3
ca8a477e466b85753e8aeaf5cf24abca248c619b94e9e555a81e9cc8981652be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a