urlscan.io logo urlscan.io
SecurityTrails logo

t2lgo.com Open in urlscan Pro
46.229.167.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s1.snc.com.ru/
Effective URL: http://t2lgo.com/KnE2Q?sid5=nk81yp5tms&pub_account_id=XPyztzKWghCpafzYU4AtflxgNWlij1EV4LhE4ou-oH5vKjH70ZsTyWdmN4e...
Submission: On January 31 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 7 HTTP transactions. The main IP is 46.229.167.130, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is t2lgo.com.
This is the only time t2lgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 188.166.133.163 14061 (DIGITALOC...)
1 4 46.229.167.130 39572 (ADVANCEDH...)
1 1 64.111.192.97 23393 (NUCDN)
7 5
1    2606:4700:3036::681b:95a1 (United States)

ASN13335 (CLOUDFLARENET, US)
s1.snc.com.ru
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    188.166.133.163 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
loders.club
4    46.229.167.130 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
t2lgo.com
1    64.111.192.97 (Warner, United States)

ASN23393 (NUCDN, US)
feston.pro
Apex Domain
Subdomains		 Transfer
4 t2lgo.com
t2lgo.com
29 KB
1 feston.pro
feston.pro
349 B
1 loders.club
loders.club
15 KB
1 jquery.com
code.jquery.com
30 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com
21 KB
1 com.ru
s1.snc.com.ru
1 KB
7 6
Domain Requested by
4 t2lgo.com 1 redirects s1.snc.com.ru
t2lgo.com
1 feston.pro 1 redirects
1 loders.club s1.snc.com.ru
1 code.jquery.com s1.snc.com.ru
1 stackpath.bootstrapcdn.com s1.snc.com.ru
1 s1.snc.com.ru
7 6

This site contains no links.

Subject Issuer Validity Valid
sni147325.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-14 -
2020-03-22		 6 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
7.lifecontext.me
Let's Encrypt Authority X3		 2020-01-16 -
2020-04-15		 3 months crt.sh
t2lgo.com
COMODO RSA Domain Validation Secure Server CA		 2017-04-05 -
2020-04-04		 3 years crt.sh

This page contains 1 frames:

Primary Page: http://t2lgo.com/KnE2Q?sid5=nk81yp5tms&pub_account_id=XPyztzKWghCpafzYU4AtflxgNWlij1EV4LhE4ou-oH5vKjH70ZsTyWdmN4eMe1DRkiZ325qE3h4___
Frame ID: 4A03FE51E525BFEA559A9B7EBDD51FFB
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://s1.snc.com.ru/ Page URL
  2. https://t2lgo.com/V9wTX?sid1=repeat&pass[filename]=archive.zip Page URL
  3. https://t2lgo.com/hss/ HTTP 302
    http://feston.pro/?group_id=3&ext_click_id=prnsi9gsmi&pub_account_id=XPyztzKWghCpafzYU4AtflxgN... HTTP 302
    http://t2lgo.com/KnE2Q?sid5=nk81yp5tms&pub_account_id=XPyztzKWghCpafzYU4AtflxgNWlij1EV4LhE4ou... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

7
Requests

86 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

96 kB
Transfer

269 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s1.snc.com.ru/ Page URL
  2. https://t2lgo.com/V9wTX?sid1=repeat&pass[filename]=archive.zip Page URL
  3. https://t2lgo.com/hss/ HTTP 302
    http://feston.pro/?group_id=3&ext_click_id=prnsi9gsmi&pub_account_id=XPyztzKWghCpafzYU4AtflxgNWlij1EV4LhE4ou-oH5vKjH70ZsTyWdmN4eMe1DRkiZ325qE3h4___&ext_pub_account_id=&h=3366bf334c6c0f26356d6b41909774b4&fn=archive.zip HTTP 302
    http://t2lgo.com/KnE2Q?sid5=nk81yp5tms&pub_account_id=XPyztzKWghCpafzYU4AtflxgNWlij1EV4LhE4ou-oH5vKjH70ZsTyWdmN4eMe1DRkiZ325qE3h4___ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
s1.snc.com.ru/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s1.snc.com.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d3f3256752e2a5a53bf8b106ab554d1b9c53cbcd9df9fdb76f7fa6719de1d4

Request headers

:method
GET
:authority
s1.snc.com.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Fri, 31 Jan 2020 17:27:31 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df969e3155d1d7cb39472236dcddcd9901580491651; expires=Sun, 01-Mar-20 17:27:31 GMT; path=/; domain=.snc.com.ru; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55dd6595fbe663e9-FRA
content-encoding
br
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: s1.snc.com.ru
URL: https://s1.snc.com.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://s1.snc.com.ru/
Origin
https://s1.snc.com.ru

Response headers

date
Fri, 31 Jan 2020 17:27:31 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:11 GMT
access-control-allow-origin
*
etag
"1544639651"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
21050
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: s1.snc.com.ru
URL: https://s1.snc.com.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://s1.snc.com.ru/
Origin
https://s1.snc.com.ru

Response headers

Date
Fri, 31 Jan 2020 17:27:31 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1538f"
Vary
Accept-Encoding
X-HW
1580491651.dop136.fr8.shc,1580491651.dop136.fr8.t,1580491651.cds057.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30288
/
loders.club/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loders.club/?pu=gnrwmzdbmm5ha3ddf43danq&ver=2
Requested by
Host: s1.snc.com.ru
URL: https://s1.snc.com.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.133.163 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
042e09bc9c2cf8114065d8d6bd04ff1e0b69d1ca72b6b5c3e9ceb6b71de1d6cc
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s1.snc.com.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Fri, 31 Jan 2020 17:27:31 GMT
server
nginx
access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
Cookie set V9wTX
t2lgo.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t2lgo.com/V9wTX?sid1=repeat&pass[filename]=archive.zip
Requested by
Host: s1.snc.com.ru
URL: https://s1.snc.com.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.229.167.130 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
da6b9dec552dffb84b57cfa8813cc313bff8cb1a61cc8f435126edd6feeb9cb6

Request headers

Host
t2lgo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://s1.snc.com.ru/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://s1.snc.com.ru/

Response headers

Server
nginx
Date
Fri, 31 Jan 2020 17:27:34 GMT
Content-Type
text/html; charset=utf-8
Content-Length
753
Connection
keep-alive
Referrer-Policy
no-referrer
Set-Cookie
SID=6b5dsuhhco9q3h86eab6r375s1; path=/ r=YUhSMGNEb3ZMMlpsYzNSdmJpNXdjbTh2UDJkeWIzVndYMmxrUFRNbVpYaDBYMk5zYVdOclgybGtQWEJ5Ym5OcE9XZHpiV2ttY0hWaVgyRmpZMjkxYm5SZmFXUTlXRkI1ZW5SNlMxZG5hRU53WVdaNldWVTBRWFJtYkhoblRsZHNhV294UlZZMFRHaEZORzkxTFc5SU5YWkxha2czTUZwelZIbFhaRzFPTkdWTlpURkVVbXRwV2pNeU5YRkZNMmcwWDE5ZkptVjRkRjl3ZFdKZllXTmpiM1Z1ZEY5cFpEMG1hRDB6TXpZMlltWXpNelJqTm1Nd1pqSTJNelUyWkRaaU5ERTVNRGszTnpSaU5DWm1iajFoY21Ob2FYWmxMbnBwY0E9PQ%3D%3D; expires=Fri, 31-Jan-2020 17:28:04 GMT; Max-Age=30; httponly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
loader.gif
t2lgo.com/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2lgo.com/loader.gif
Requested by
Host: t2lgo.com
URL: https://t2lgo.com/V9wTX?sid1=repeat&pass[filename]=archive.zip
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.229.167.130 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2423a99fefd0b1b95aa1630a44177830655e465b423af2af13a7ce74566011c1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Fri, 31 Jan 2020 17:27:34 GMT
Last-Modified
Fri, 13 Jul 2018 17:12:12 GMT
Server
nginx
ETag
"4e159d-6ab8-570e494a13300"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27320
Primary Request KnE2Q
t2lgo.com/
Redirect Chain
  • https://t2lgo.com/hss/
  • http://feston.pro/?group_id=3&ext_click_id=prnsi9gsmi&pub_account_id=XPyztzKWghCpafzYU4AtflxgNWlij1EV4LhE4ou-oH5vKjH70ZsTyWdmN4eMe1DRkiZ325qE3h4___&ext_pub_account_id=&h=3366bf334c6c0f26356d6b41909...
  • http://t2lgo.com/KnE2Q?sid5=nk81yp5tms&pub_account_id=XPyztzKWghCpafzYU4AtflxgNWlij1EV4LhE4ou-oH5vKjH70ZsTyWdmN4eMe1DRkiZ325qE3h4___
44 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
http://t2lgo.com/KnE2Q?sid5=nk81yp5tms&pub_account_id=XPyztzKWghCpafzYU4AtflxgNWlij1EV4LhE4ou-oH5vKjH70ZsTyWdmN4eMe1DRkiZ325qE3h4___
Requested by
Host: t2lgo.com
URL: https://t2lgo.com/V9wTX?sid1=repeat&pass[filename]=archive.zip
Protocol
HTTP/1.1
Server
46.229.167.130 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
dfd9d53ef227bbc71331eeae46e79f07cc1417213b849d437992015364f934fd

Request headers

Host
t2lgo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
SID=6b5dsuhhco9q3h86eab6r375s1; r=YUhSMGNEb3ZMMlpsYzNSdmJpNXdjbTh2UDJkeWIzVndYMmxrUFRNbVpYaDBYMk5zYVdOclgybGtQWEJ5Ym5OcE9XZHpiV2ttY0hWaVgyRmpZMjkxYm5SZmFXUTlXRkI1ZW5SNlMxZG5hRU53WVdaNldWVTBRWFJtYkhoblRsZHNhV294UlZZMFRHaEZORzkxTFc5SU5YWkxha2czTUZwelZIbFhaRzFPTkdWTlpURkVVbXRwV2pNeU5YRkZNMmcwWDE5ZkptVjRkRjl3ZFdKZllXTmpiM1Z1ZEY5cFpEMG1hRDB6TXpZMlltWXpNelJqTm1Nd1pqSTJNelUyWkRaaU5ERTVNRGszTnpSaU5DWm1iajFoY21Ob2FYWmxMbnBwY0E9PQ%3D%3D
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server
nginx
Date
Fri, 31 Jan 2020 17:27:35 GMT
Content-Type
text/html; charset=utf-8
Content-Length
63
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 31 Jan 2020 17:27:35 GMT
Content-Type
text/html; charset=utf-8
Content-Length
20
Connection
keep-alive
Location
http://t2lgo.com/KnE2Q?sid5=nk81yp5tms&pub_account_id=XPyztzKWghCpafzYU4AtflxgNWlij1EV4LhE4ou-oH5vKjH70ZsTyWdmN4eMe1DRkiZ325qE3h4___
Vary
Accept-Encoding
Content-Encoding
gzip

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Domain/Path Name / Value
t2lgo.com/ Name: r
Value: YUhSMGNEb3ZMMlpsYzNSdmJpNXdjbTh2UDJkeWIzVndYMmxrUFRNbVpYaDBYMk5zYVdOclgybGtQWEJ5Ym5OcE9XZHpiV2ttY0hWaVgyRmpZMjkxYm5SZmFXUTlXRkI1ZW5SNlMxZG5hRU53WVdaNldWVTBRWFJtYkhoblRsZHNhV294UlZZMFRHaEZORzkxTFc5SU5YWkxha2czTUZwelZIbFhaRzFPTkdWTlpURkVVbXRwV2pNeU5YRkZNMmcwWDE5ZkptVjRkRjl3ZFdKZllXTmpiM1Z1ZEY5cFpEMG1hRDB6TXpZMlltWXpNelJqTm1Nd1pqSTJNelUyWkRaaU5ERTVNRGszTnpSaU5DWm1iajFoY21Ob2FYWmxMbnBwY0E9PQ%3D%3D
t2lgo.com/ Name: SID
Value: 6b5dsuhhco9q3h86eab6r375s1

1 Console Messages

Source Level URL
Text
console-api error URL: https://loders.club/?pu=gnrwmzdbmm5ha3ddf43danq&ver=2(Line 167)
Message:
Error: Browser is not suitable for subscriptions