papexe.novasphere.sc
Open in
urlscan Pro
2606:4700:3032::ac43:a825
Public Scan
Effective URL: https://papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/index.php
Submission: On August 30 via manual from BD — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on August 6th 2023. Valid for: 3 months.
This is the only time papexe.novasphere.sc was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3035::6815:1971 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 34.36.47.115 34.36.47.115 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 3 | 2606:4700:303... 2606:4700:3037::ac43:933b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3032::ac43:a825 | () () | |
3 | 2 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.47.36.34.bc.googleusercontent.com
www.acgt18trk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
goaafl.com
1 redirects
t1.goaafl.com |
19 KB |
1 |
novasphere.sc
papexe.novasphere.sc |
|
1 |
acgt18trk.com
1 redirects
www.acgt18trk.com |
490 B |
1 |
bafcau.us
1 redirects
www.bafcau.us |
692 B |
3 | 4 |
Domain | Requested by | |
---|---|---|
3 | t1.goaafl.com |
1 redirects
t1.goaafl.com
|
1 | papexe.novasphere.sc |
t1.goaafl.com
|
1 | www.acgt18trk.com | 1 redirects |
1 | www.bafcau.us | 1 redirects |
3 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
goaafl.com E1 |
2023-07-24 - 2023-10-22 |
3 months | crt.sh |
novasphere.sc GTS CA 1P5 |
2023-08-06 - 2023-11-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/index.php
Frame ID: 21AED80E82A1C114EC6C00DB5CF840B9
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.bafcau.us/cd76s2D3r95SY86j11L1U711j6cfK22RgEFvsgD6fsitbiDbhEGsi7bQUndoe7kCK10VC6rAJ2ib...
HTTP 302
https://www.acgt18trk.com/2BNX1Z5DN/345NX1B/?sub1=remote HTTP 302
https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea... Page URL
-
https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea...
HTTP 302
https://papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/index.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.bafcau.us/cd76s2D3r95SY86j11L1U711j6cfK22RgEFvsgD6fsitbiDbhEGsi7bQUndoe7kCK10VC6rAJ2ib/ministers-minimized
HTTP 302
https://www.acgt18trk.com/2BNX1Z5DN/345NX1B/?sub1=remote HTTP 302
https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239 Page URL
-
https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239&view=d2333a872d27121e92a3d8678fe09e82_0
HTTP 302
https://papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.bafcau.us/cd76s2D3r95SY86j11L1U711j6cfK22RgEFvsgD6fsitbiDbhEGsi7bQUndoe7kCK10VC6rAJ2ib/ministers-minimized HTTP 302
- https://www.acgt18trk.com/2BNX1Z5DN/345NX1B/?sub1=remote HTTP 302
- https://t1.goaafl.com/aff_c?offer_id=437&aff_id=1547&aff_sub=disneyplus&aff_sub2=49aa2db02ac4417ea34b006cec538887&aff_sub3=651239
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
aff_c
t1.goaafl.com/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads.js
t1.goaafl.com/js/ |
31 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
papexe.novasphere.sc/dimiyu/zozi/dipigi/megu/ Redirect Chain
|
1 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.acgt18trk.com/ | Name: uniqueClick_345NX1B Value: 6a12b5d7-65be-4eb1-aa7b-a98e0fe43097:1693354677 |
|
www.acgt18trk.com/ | Name: transaction_id Value: 49aa2db02ac4417ea34b006cec538887 |
|
t1.goaafl.com/ | Name: C Value: d2ee55ec7d7d927125e8f8c1fb18f2de |
|
t1.goaafl.com/ | Name: fe9ecf68-6582-48ba-8fd6-8415647123fe-v4 Value: YrzXkz4K1hnh6qinLsgpSz0U47ov9Opqhe-mcdDPFTA |
|
t1.goaafl.com/ | Name: cep-v4 Value: HE5Je2A20HiZE11AxvlIUGjSL-qRR1XZcJF0uYTgS39Yp7v0wbh9vVVSVeje1cl0traaxuklUUEW4nEqRX0RdCG-Ig_3TMW99LmlKguoDcU7LDP5L-0VyfD16vfvWWVXByTLo4HzQaL7MUhdUwb6F8BYO2whZEKWNLWpNdos5p2T2tKsFR61oB9E_pIFL9bgbg89gHzlloU4XgKk4SNUVNNwnGMUs8RmGCw835SGEPisof1b9pk2bKp5UC-RU_j-A5XtunePfdCUV1TAttoGPelcBHpld_dgSkMKW-9y5IcGgFTSRDMBW8YTDQkwzJEL3Ibooim91Z4XZKBH7HUxcWfloLKHJMhzKEveNbV7ZuqRlv1XRPWjR348eFQE0mV-oHbkblsVx3o0l2UHPpR0z78dgTBG793TfGsqfSvv-uxCu-fSBBk8YGjjbcpFilsTDs8DOj3fvHpKHbHRfIxkKCO8YWyZ5lTngRD6--5oSg-WXn2Ysl8M0o2tvOdCnBOMvPb1HvAW0q6SFG4KWcx9qdYn8E41j3ntyf7iqHjbjOyg5l6MenwZJYl6Z8bd-Sp4Ik6awPtMJlx9bVp57bZpBjJ2JVIW8DCYoGSBP_-Bf3Ep8jT6U0Gb1d9J2B76j3STtApKDXCNx_VUATGZj408j2w5LeXlzBoKlP-PYjW-JoyBAA75uTs83u_YfQaU78W6tpRz-oRNzFc08_cke7cD-ttFGfpZEmuEpMtcw2J5HzRxTjjugqDHptx7kle2joiFMgWBhQt4v64gtxUV46BEta3xU2ZrmoRM0TUmKTPbsn3TkXQZvgzPaPBk6p7NSZYwTOpdQc_BfvG0z9W6jgJwTko-NT1TTWN9qYn3cOXsjVZ6BMBuN-LNPM4KaYhIyDvGjt2lQptgswd47ntX9wZJxRHEhEKhCqvmsaWXIL6FpF_oMj9po1_UifWFBzb14ySHeLBaMZOw3wXjPZnc8gPuWG4yb7ze99XTwZJyVPW9OfyjSxoHSQLzbQ_LyFyazXhD7_B8NSiB9THNfDjkByI2C0z6pvafevCvyjtDkovz6jEs6x9D5ANuMtLkVw3JaGINOPK45rv6mBnSRYjthzCfZt9pGJC_61qQ-B7aBoLelWL8OpNZ-8rfY9Sdyf1YTcwB197ZYdM9o0eQDvJWg6rL1KeIl0VoSq8kQ7Zl4jFB3v7WjJAhiOzyT1mrRMJ5-6riHR6C7PWAF63ipYXQddVvyeDy-i6heCDZdqYwWbXImtg |
|
t1.goaafl.com/ | Name: PHPSESSID Value: 3n7rfuer6lo6k6i0f2ktktt9ej |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
papexe.novasphere.sc
t1.goaafl.com
www.acgt18trk.com
www.bafcau.us
2606:4700:3032::ac43:a825
2606:4700:3035::6815:1971
2606:4700:3037::ac43:933b
34.36.47.115
86cf05d546e6604dd5cd5d5d5684fe14f6f9af9f1c56235eddd223941b168f0f
d88c72596233ee490491b90016b2949657136d29762153ea2284ac1926adf3a5