papexe.novasphere.sc

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 3 HTTP transactions. The main IP is 2606:4700:3032::ac43:a825, located in and belongs to . The main domain is papexe.novasphere.sc.
TLS certificate: Issued by GTS CA 1P5 on August 6th 2023. Valid for: 3 months.

This is the only time papexe.novasphere.sc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:1971	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.36.47.115 34.36.47.115	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2606:4700:303... 2606:4700:3037::ac43:933b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:a825	() ()
3	2

1 2606:4700:3035::6815:1971 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bafcau.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.47.115 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.47.36.34.bc.googleusercontent.com

www.acgt18trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::ac43:933b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t1.goaafl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:a825 (None, )

ASN- ()

papexe.novasphere.sc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	goaafl.com 1 redirects t1.goaafl.com	19 KB
1	novasphere.sc papexe.novasphere.sc
1	acgt18trk.com 1 redirects www.acgt18trk.com	490 B
1	bafcau.us 1 redirects www.bafcau.us	692 B
3	4

	Domain	Requested by
3	t1.goaafl.com	1 redirects t1.goaafl.com
1	papexe.novasphere.sc	t1.goaafl.com
1	www.acgt18trk.com	1 redirects
1	www.bafcau.us	1 redirects
3	4

This site contains no links.

Subject Issuer	Validity	Valid
goaafl.com E1	`2023-07-24` - `2023-10-22`	3 months	crt.sh
novasphere.sc GTS CA 1P5	`2023-08-06` - `2023-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/index.php
Frame ID: 21AED80E82A1C114EC6C00DB5CF840B9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.bafcau.us/cd76s2D3r95SY86j11L1U711j6cfK22RgEFvsgD6fsitbiDbhEGsi7bQUndoe7kCK10VC6rAJ2ib... HTTP 302
https://www.acgt18trk.com/2BNX1Z5DN/345NX1B/?sub1=remote HTTP 302
https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea... Page URL
https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea... HTTP 302
https://papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

3
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

15 kB
Transfer

37 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bafcau.us/cd76s2D3r95SY86j11L1U711j6cfK22RgEFvsgD6fsitbiDbhEGsi7bQUndoe7kCK10VC6rAJ2ib/ministers-minimized HTTP 302
https://www.acgt18trk.com/2BNX1Z5DN/345NX1B/?sub1=remote HTTP 302
https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239 Page URL
https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239&view=d2333a872d27121e92a3d8678fe09e82_0 HTTP 302
https://papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.bafcau.us/cd76s2D3r95SY86j11L1U711j6cfK22RgEFvsgD6fsitbiDbhEGsi7bQUndoe7kCK10VC6rAJ2ib/ministers-minimized HTTP 302
https://www.acgt18trk.com/2BNX1Z5DN/345NX1B/?sub1=remote HTTP 302
https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	aff_c Show response t1.goaafl.com/ Redirect Chain http://www.bafcau.us/cd76s2D3r95SY86j11L1U711j6cfK22RgEFvsgD6fsitbiDbhEGsi7bQUndoe7kCK10VC6rAJ2ib/ministers-minimized https://www.acgt18trk.com/2BNX1Z5DN/345NX1B/?sub1=remote https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239	5 KB 2 KB	823ms 732ms	Document text/html	2606:4700:3037::ac43:933b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:933b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `86cf05d546e6604dd5cd5d5d5684fe14f6f9af9f1c56235eddd223941b168f0f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7fe8da8f0d17dac9-MIA content-encoding br content-type text/html date Wed, 30 Aug 2023 00:17:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1D0MVL0HF%2BGIp2fK4GazfTwA6%2FHuWgVe9rh3c8mYcAUSxdbXCDWR%2FQ0Fk0iIcO2FuHrYrL7x4wBMl5n4AlzBSjQh6Hxm0eerJfvm1JQOM6r4jjevcukxhNV76kSur0BT%2BDWk7ksBgSgoIWS"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers accept-ch Sec-Ch-Ua-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 168 content-type text/html; charset=utf-8 date Wed, 30 Aug 2023 00:17:57 GMT location https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239 server nginx vary Origin via 1.1 google x-eflow-request-id 10dd2680-988d-454e-9b5d-e02e3946094d
GET H2	200	ads.js Show response t1.goaafl.com/js/	31 KB 13 KB	48ms 47ms	Script application/javascript	2606:4700:3037::ac43:933b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t1.goaafl.com/js/ads.js Requested by Host: t1.goaafl.com URL: https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:933b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d88c72596233ee490491b90016b2949657136d29762153ea2284ac1926adf3a5` Request headers accept-language en-US,en;q=0.9 Referer https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 30 Aug 2023 00:17:58 GMT content-encoding br cf-cache-status HIT last-modified Thu, 05 May 2022 12:29:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3231 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byy2naNCtG9910NJmjYzcCLQYQ5fDekcK7CWilAgyXzFWBikKtqMQwZodI%2Bh8rbJXf2A9aRudmi2xM86ytaty5sDPpChwu%2BDmH3f8XISSGc0uTK%2FkSqq3W3aw7A0DIYOpYC%2FAQkaC4KUdieV"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7fe8da939d91dac9-MIA alt-svc h3=":443"; ma=86400
GET H2	200	Primary Request index.php papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/ Redirect Chain https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239&view=d2333a872d27121e92a3d8678fe09e82_0 https://papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/index.php	1 KB 0	3756ms 3652ms	Document text/html	2606:4700:3032::ac43:a825
General Check archive.org Show headers Download Go to Full URL https://papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/index.php Requested by Host: t1.goaafl.com URL: https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a825 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://t1.goaafl.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7fe8da9cc9b5b3ef-MIA content-encoding br content-type text/html; charset=UTF-8 date Wed, 30 Aug 2023 00:18:00 GMT location https://papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/index.php?makecu=sakekowuzafozeli nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8HYbmUBTjIdhLfUe73qtbwDdPoX3mbrz37NWEssCVQTWJJwi08v90ovTdJVo%2F3TQpMjbus%2BIzTpaWSw8asR7%2BCcWE5DJswQpfEs0JUM6fveN0OZK3NMjH6zUY5NLe17HhDezlqExYXhW5PpjcB5BZsOiA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7fe8da94abb42260-MIA content-length 0 content-type text/plain; charset=utf-8; SameSite=None; Secure date Wed, 30 Aug 2023 00:17:59 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location https://papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/index.php#/dimiyu/zozi/dipigi/megu/index.php?rpclk=aL%2BUzAS7W39Tq9gZuvEn6Af6ACWKRVVU0BbgPL2rCipXbzc1Xm8XWlFhgUQYdJb6HP2KhWN10doqkGODQGf8UkrHnXm3MqdedYH5MZVigrxj1GDUZ%2F0O4VPACy3DtJrptflFML57muLqUj5quWqWkLc9IsXVKo2OKPFMrdVDovb%2BPX3wF7Zl20qzdqXAwYyYFH7ycwBwp%2F00KGjMjntKGJia%2FzUmuobYacAHRfdoW5c9KLLekTP0jHszR2ycfhCnibrzHXnVfeTy9SCBXJt%2FFQy8l9fgNRkAWsHmCwd0DDffs55KEZei0rDtMK8OT90h3y90cXwHPrLy1lNiQNiWZLMJ6NO13b%2F1PbMxuUfbyhExm3SxsJNvPo5uuGrjc1Wm2ghlZ0SfE1KKElxaxZ%2BUENKc0ap0mppHo9K19LqV%2BA925lEV1kBEgYIlN7S9kBLXpfRI%2BKyA0ObDHx5Eo7x%2FK%2BWwo%2BJeeBTAZfKYxV2rMsFvP8Fa8qyRzm2PMWBKwo376Ry5CCr8xHPH3My2VrGzcyqPF1QpqRVSbgV8Ul5Lg7Is3W9p6RvLKslIJNNxobexRswxzzrPWWpSCxrU8SEqCyZsUGHq7wIlyh%2BTuyHPUZYkl%2Fv9rGrt%2Fwa5xh2%2BvUFVphI0h3y992JFIH4Y1SICn1jpZOauwDB2oa4yl00LWqyaOF13kfQK3ES5zPCJTTuBBzksBYOGTWLSqMWQUThVlq6CnXJRfjDfnXGldwUjrmQXKmf7SKqVXvGVmZfBpryzFw%2FCox7pF5SVuZEYGAwyuD6AGU0Yw22p%2F2uIpDOvCn6iAiW5Iq5oNh1ACEgRv5uiSE5B5BfU50s6WWIZSxTBp2cARUhdGzOywR4lXoBxqie2ke9ZEIxb5aN33h3hIb5DOwAehCkjzin89LvbYf4bhSZgsEkH%2FUY3t4Gi2DEhZsKEutw%2Fa16RzKJvra4oCWEyJjYk4zGqvmpoSVc9CFLE5gHZc0IxXGJWl1O43jcZ7cWIJPT88MW8xVVLO3zpMJD5%2FxF94ypn3uWZUGqMQY1e9lAsGfvGvaxmu0vuEko9SGyhEbFkyKHXyJATDKOjcjMA791rM12O2EBNyQUG996pfjdnVBl9X%2BPmBqnqiBXkq386%2Bfw%2BrDA6Pb8%2Bb3VZXBO%2Fe%2BvfU6AWQ8rZzUGskoscVaLSzyio2C3VywYOdowiXOI27vccUgXRHCwFrSYAZbCJeUGwEpFhxCGKn1hRS%2BzvBHAA%2FBP3CMs2R7Rn%2BSyBnWnTO7rIaT9VzijJMcZ6GjsT%2FR7omkc3A7l7e2aEO0kJd0klSlHlLgL4UGwoqW7sgBLgbT3B5kErarOQi%2FS%2BbQbewt2zW3j%2BG9cv3eXICPWlqDaQhhAZxp%2F7TaA0%2Br7pdb14tkQadjEFqkqKat8vXc4iMSqMBYWpytigr17HBqwJtYofbDrWZyIcq0BSPsYzFpGa0W%2Blsh5tguMf8LsbnzvL5Y8yOLJl1nFjdxIz9D00%2F9T%2BSnEYVGI%2FQv6iNFI8qLMxhGgiUfVWJL1BA69NyYdwEMjeDvVRVQ5zDVCC8RGSnoAFzdEl%2BwdWLeG6EcGYMUuLm9tNP3GqjRlcDojovzHMMXCtsnL1bohhufZ%2B8boV3TJfqU0fRIi7xRllYlUuv8qXKD0Meo9k3o9Hkrghz48q00Oe%2BqXf7Uh3e4r2aQ9vmde8O7rjmY5qd81qFQzjTR9PwvA7Txyf6XftelhBcMYeAsct2YEiPj0stThw%2Bbe3SCwTBFvVpwucBSOrq7779T7D1VW9UR4UA9BhXk6stxoYflJTfZQRjiE%2Bck48fyummYOPrZSmWxPzR%2B5snaDVAhVo%2FjU%2BPlHGEgEEzBROJMr5TSrOA0i0s1LwU1iYHoFWku9UjlkgAVOHIz8lAs0KiCY94du3YcS0bt%2Bp0fE4VRrS3s4BR71Qm0fc1eNGElSy9KgZJcvRERTPASH4ptxEg6sGdERO%2FM8aSmBXpKg0UXzNSgYf2P7DNmjlK6bgUWiybGO5qdinc97leUOUp7bm5RxduV%2BU4XVljwe7lhjm8M55Xxe4WizyiuxjFHgXfbAg7XABjhE4d60INuWZLM1rOZtNeVpxcvYKAhUB6iMfpT7yebwQRV%2B5PGZxDkm2a8yc4JWJQr6nGzs%2BYCFUyWakM98UYltAgjnUoey7v23yUPGBIcU4UNqGwew%2BwuOGAz%2Bazen9QyZJZU0%2BiG8RV9Y5OiI0XEX1VDWpfqZMS8pt%2Bjnz2Blhi4PVccOrCFttzYzabTpmzpsG0hlIbEKOeP9nOYoy7omQ0yoHuAWxa6Ih2nFZWd6zSvLcNX9%2BOQatDLwl3z59oV%2FJ4sZUnQKl334ArgixCuiKOSPS7z6WHIPZEGgqNb1ufI%2FAaIPo6aMDgPrP3ny%2FTEqbWOeVt4ylpo6rN3N6EDFMnhML4J3nDzJApMAnPqAlpEd%2B0pGg5zT2anAjuUnigg3YOL3eOHRxNmQ%2BBsuBsNDvWGqNMHJQwhmEvJmX9B9nS3Z4Y0Zt3wCUl7EVShcybpWoZdO3gqqMxe76ofbAC2bc32RB8KmokScI4VB2GJ0gMcORmGc7XQMP4uHyVJfxNTvyBIQCaZT9DGTPrxkTCvWN%2FjP2NMvuI4qllgKvtg%3D%3D%3A%3A809e10e37720969b5347954d48b9f15c&p=BlDZg3iIIktyhxOs8c%2F6BJwlNUC8rA%3D%3D%3A%3A7b41993877507bffc8ea5467016c0ebc&oho=t1.goaafl.com&ptf=d2ee55ec7d7d927125e8f8c1fb18f2de nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} nrid 1971712160 pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DR6yPVS%2FNdVNvFfwE1PRgtw8wgX3sE29JmyGjaC4bWB6KdS0AuHw4vX4NwJ%2FJhbXUFE9NV0DdhxLoNQENbg%2FHITYEpxxy%2BdWQa69NGXPD1VsZCxyQu6HU76yHAod%2FhIvGZ698RPwFw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.acgt18trk.com/	1970-01-20 14:24:01	Name: uniqueClick_345NX1B Value: 6a12b5d7-65be-4eb1-aa7b-a98e0fe43097:1693354677
www.acgt18trk.com/	1970-01-20 16:32:10	Name: transaction_id Value: 49aa2db02ac4417ea34b006cec538887
t1.goaafl.com/	1969-12-31 23:59:59	Name: C Value: d2ee55ec7d7d927125e8f8c1fb18f2de
t1.goaafl.com/	1970-01-20 14:24:01	Name: fe9ecf68-6582-48ba-8fd6-8415647123fe-v4 Value: YrzXkz4K1hnh6qinLsgpSz0U47ov9Opqhe-mcdDPFTA
t1.goaafl.com/	1970-01-20 14:24:01	Name: cep-v4 Value: HE5Je2A20HiZE11AxvlIUGjSL-qRR1XZcJF0uYTgS39Yp7v0wbh9vVVSVeje1cl0traaxuklUUEW4nEqRX0RdCG-Ig_3TMW99LmlKguoDcU7LDP5L-0VyfD16vfvWWVXByTLo4HzQaL7MUhdUwb6F8BYO2whZEKWNLWpNdos5p2T2tKsFR61oB9E_pIFL9bgbg89gHzlloU4XgKk4SNUVNNwnGMUs8RmGCw835SGEPisof1b9pk2bKp5UC-RU_j-A5XtunePfdCUV1TAttoGPelcBHpld_dgSkMKW-9y5IcGgFTSRDMBW8YTDQkwzJEL3Ibooim91Z4XZKBH7HUxcWfloLKHJMhzKEveNbV7ZuqRlv1XRPWjR348eFQE0mV-oHbkblsVx3o0l2UHPpR0z78dgTBG793TfGsqfSvv-uxCu-fSBBk8YGjjbcpFilsTDs8DOj3fvHpKHbHRfIxkKCO8YWyZ5lTngRD6--5oSg-WXn2Ysl8M0o2tvOdCnBOMvPb1HvAW0q6SFG4KWcx9qdYn8E41j3ntyf7iqHjbjOyg5l6MenwZJYl6Z8bd-Sp4Ik6awPtMJlx9bVp57bZpBjJ2JVIW8DCYoGSBP_-Bf3Ep8jT6U0Gb1d9J2B76j3STtApKDXCNx_VUATGZj408j2w5LeXlzBoKlP-PYjW-JoyBAA75uTs83u_YfQaU78W6tpRz-oRNzFc08_cke7cD-ttFGfpZEmuEpMtcw2J5HzRxTjjugqDHptx7kle2joiFMgWBhQt4v64gtxUV46BEta3xU2ZrmoRM0TUmKTPbsn3TkXQZvgzPaPBk6p7NSZYwTOpdQc_BfvG0z9W6jgJwTko-NT1TTWN9qYn3cOXsjVZ6BMBuN-LNPM4KaYhIyDvGjt2lQptgswd47ntX9wZJxRHEhEKhCqvmsaWXIL6FpF_oMj9po1_UifWFBzb14ySHeLBaMZOw3wXjPZnc8gPuWG4yb7ze99XTwZJyVPW9OfyjSxoHSQLzbQ_LyFyazXhD7_B8NSiB9THNfDjkByI2C0z6pvafevCvyjtDkovz6jEs6x9D5ANuMtLkVw3JaGINOPK45rv6mBnSRYjthzCfZt9pGJC_61qQ-B7aBoLelWL8OpNZ-8rfY9Sdyf1YTcwB197ZYdM9o0eQDvJWg6rL1KeIl0VoSq8kQ7Zl4jFB3v7WjJAhiOzyT1mrRMJ5-6riHR6C7PWAF63ipYXQddVvyeDy-i6heCDZdqYwWbXImtg
t1.goaafl.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3n7rfuer6lo6k6i0f2ktktt9ej

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

papexe.novasphere.sc
t1.goaafl.com
www.acgt18trk.com
www.bafcau.us
2606:4700:3032::ac43:a825
2606:4700:3035::6815:1971
2606:4700:3037::ac43:933b
34.36.47.115
86cf05d546e6604dd5cd5d5d5684fe14f6f9af9f1c56235eddd223941b168f0f
d88c72596233ee490491b90016b2949657136d29762153ea2284ac1926adf3a5

papexe.novasphere.sc Open in urlscan Pro 2606:4700:3032::ac43:a825 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

2 IPs

1 Countries

15 kBTransfer

37 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

6 Cookies

Indicators

papexe.novasphere.sc Open in urlscan Pro
2606:4700:3032::ac43:a825 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

15 kB
Transfer

37 kB
Size

6
Cookies

3 HTTP transactions
0 data transactions