Submitted URL: https://justclick.ru/track/0/anons/0/https%253A%252F%252Fjustclick.ru%252Ftrack%252F0%252Fanons%252F0%252Fhttp%25253A...
Effective URL: http://87.251.68.6/2
Tags: falconsandbox
Submission: On January 20 via api from US

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 6 HTTP transactions. The main IP is 87.251.68.6, located in Russian Federation and belongs to STK-AS, RU. The main domain is 87.251.68.6.
This is the only time 87.251.68.6 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 178.248.232.100 197068 (QRATOR)
1 87.251.68.6 20803 (STK-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 151.80.99.143 16276 (OVH)
6 4
Domain
Subdomains
Transfer
2 pstpgn.ru
image.pstpgn.ru
10 KB
2 justclick.ru
.justclick.ru
321 B
1 postpigeon.ru
.postpigeon.ru
0 B
1 68.6
87.251.68.6
13 KB
0 global-waveprofits1.life Failed
.global-waveprofits1.life Failed
0 B
6 5
Domain Requested by
2 image.pstpgn.ru 87.251.68.6
2 justclick.ru 2 redirects
1 postpigeon.ru 87.251.68.6
1 87.251.68.6
0 global-waveprofits1.life Failed 87.251.68.6
6 5

This site contains no links.

Subject Issuer Validity Valid
*.pstpgn.ru
R3
2020-12-17 -
2021-03-17
3 months crt.sh
postpigeon.ru
Let's Encrypt Authority X3
2020-11-02 -
2021-01-31
3 months crt.sh

This page contains 1 frames:

Frame: https://global-waveprofits1.life/?u=647wrk1&o=umqpuzp&m=1&t=15.11
Frame ID: 5824AB411B741BC42EF266A68F8D3ABC
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://justclick.ru/track/0/anons/0/https%253A%252F%252Fjustclick.ru%252Ftrack%252F0%252Fanons%2... HTTP 302
    https://justclick.ru/track/0/anons/0/http%3A%2F%2F87.251.68.6%2F2 HTTP 302
    http://87.251.68.6/2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

50 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

23 kB
Transfer

22 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://justclick.ru/track/0/anons/0/https%253A%252F%252Fjustclick.ru%252Ftrack%252F0%252Fanons%252F0%252Fhttp%25253A%25252F%25252F87.251.68.6%25252F2?_hash=RFdSTn%2FdSWQgru%2By%2BSH2cTg54PaTA1JLUbAjscFynaA%3D HTTP 302
    https://justclick.ru/track/0/anons/0/http%3A%2F%2F87.251.68.6%2F2 HTTP 302
    http://87.251.68.6/2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 2
87.251.68.6/
Redirect Chain
  • https://justclick.ru/track/0/anons/0/https%253A%252F%252Fjustclick.ru%252Ftrack%252F0%252Fanons%252F0%252Fhttp%25253A%25252F%25252F87.251.68.6%25252F2?_hash=RFdSTn%2FdSWQgru%2By%2BSH2cTg54PaTA1JLUb...
  • https://justclick.ru/track/0/anons/0/http%3A%2F%2F87.251.68.6%2F2
  • http://87.251.68.6/2
13 KB
13 KB
Document
General
Full URL
http://87.251.68.6/2
Protocol
HTTP/1.1
Server
87.251.68.6 , Russian Federation, ASN20803 (STK-AS, RU),
Reverse DNS
pepper-bruise-fast.ru
Software
nginx/1.10.3 / PHP/7.3.15
Resource Hash

Request headers

Host
87.251.68.6
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.10.3
Date
Wed, 20 Jan 2021 04:42:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.15

Redirect headers

server
openresty
date
Wed, 20 Jan 2021 04:41:02 GMT
content-type
text/html; charset=UTF-8
cache-control
private, must-revalidate
location
http://87.251.68.6/2
pragma
no-cache
expires
-1
b8kSBvu22dLfuN2qtGQpWqzkKEay.png
image.pstpgn.ru/
46 B
46 B
Image
General
Full URL
https://image.pstpgn.ru/b8kSBvu22dLfuN2qtGQpWqzkKEay.png
Requested by
Host: 87.251.68.6
URL: http://87.251.68.6/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:959d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://87.251.68.6/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 04:41:03 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8K03VIEHevm%2FC4c1RVacLbV%2ByFWmiarrsE7o%2BjcnBDFQZWqYZzovhgDvkWkKESgCqXa%2Ff9yxPGRHewCtUEHv0cJskHn%2B8mlkrOdTZszh%2B0Dymcq11xcIKT0KuGo%3D"}]}
content-type
text/html
cache-control
max-age=14400
cf-ray
61461ef1ef9a0625-FRA
cf-request-id
07bfb1ab2e00000625d8382000000001
cf7fc080beee1825556889fb06f4e26f.png
image.pstpgn.ru/static/6f/e2/
10 KB
10 KB
Image
General
Full URL
https://image.pstpgn.ru/static/6f/e2/cf7fc080beee1825556889fb06f4e26f.png
Requested by
Host: 87.251.68.6
URL: http://87.251.68.6/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:959d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://87.251.68.6/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 04:41:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3931
content-length
9848
cf-request-id
07bfb1ab2e000006258d2c8000000001
last-modified
Mon, 07 Nov 2016 13:20:19 GMT
server
cloudflare
etag
"58207f93-2678"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2OLxTFsfiHV%2BAbuuy59rSTQT9Y04NQytgWGblpOjP2N4RKLvdq1xM4zxedVh3iJPMO6cWKcwIbTlWjIN9kXMk1I%2B4ieRY8sVKS7i5QrK7bvSdXV6mN1Jy8O7uBc%3D"}]}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61461ef1ef9b0625-FRA
MZ0rTgXyYTRb0Stl4hQjOaSOwHt.P3fefUDX0snunY-qoz0SjZPZdMivLc5J8x20A1lTXgw
postpigeon.ru/
0
0
Image
General
Full URL
https://postpigeon.ru/MZ0rTgXyYTRb0Stl4hQjOaSOwHt.P3fefUDX0snunY-qoz0SjZPZdMivLc5J8x20A1lTXgw
Requested by
Host: 87.251.68.6
URL: http://87.251.68.6/2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
151.80.99.143 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
postpigeon.ru
Software
/
Resource Hash

Request headers

Referer
http://87.251.68.6/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

?u=647wrk1&o=umqpuzp&m=1&t=15.11
global-waveprofits1.life/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
global-waveprofits1.life
URL
https://global-waveprofits1.life/?u=647wrk1&o=umqpuzp&m=1&t=15.11

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

87.251.68.6
global-waveprofits1.life
image.pstpgn.ru
justclick.ru
postpigeon.ru
global-waveprofits1.life
151.80.99.143
178.248.232.100
2606:4700:3031::ac43:959d
87.251.68.6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855