nordicbuddy.ru
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://nordicbuddy.ru/investissement_fr/?MPC_4=357908668&MPC_3=7783&so=BitcoinFrance&sub=KARIM&ai=2958136&ci=160&gi=148
Submission: On February 20 via manual from FR — Scanned from FR
Summary
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.
This is the only time nordicbuddy.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.76.189.27 34.76.189.27 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 35.205.251.103 35.205.251.103 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
27 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 2 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 27.189.76.34.bc.googleusercontent.com
directfwd-2.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.251.205.35.bc.googleusercontent.com
tracy-track.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
nordicbuddy.ru
1 redirects
nordicbuddy.ru |
1 MB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257 |
69 KB |
1 |
tracy-track.com
1 redirects
tracy-track.com |
782 B |
1 |
directfwd-2.com
1 redirects
directfwd-2.com |
289 B |
28 | 4 |
Domain | Requested by | |
---|---|---|
28 | nordicbuddy.ru |
1 redirects
nordicbuddy.ru
|
1 | cdnjs.cloudflare.com |
nordicbuddy.ru
|
1 | tracy-track.com | 1 redirects |
1 | directfwd-2.com | 1 redirects |
28 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nordicbuddy.ru GTS CA 1P5 |
2024-01-02 - 2024-04-01 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://nordicbuddy.ru/investissement_fr/?MPC_4=357908668&MPC_3=7783&so=BitcoinFrance&sub=KARIM&ai=2958136&ci=160&gi=148
Frame ID: 11EE03C1FB27D24D1D0DF389DBF8D613
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Le dernier investissement de Karim Benzema a mis les experts sous pression et a effrayƩ les grandes banquesPage URL History Show full URLs
-
https://directfwd-2.com/?a=7783&oc=15501&c=42805&m=3&s1=&s2=273&s3=FR_all_cleanundefined
HTTP 302
https://tracy-track.com/?a=7783&oc=15501&c=42805&m=3&s1=&s2=273&s3=FR_all_cleanundefined&ckmguid=1bc... HTTP 302
http://nordicbuddy.ru/investissement_fr/?MPC_4=357908668&MPC_3=7783&so=BitcoinFrance&sub=KARIM&ai=... HTTP 301
https://nordicbuddy.ru/investissement_fr/?MPC_4=357908668&MPC_3=7783&so=BitcoinFrance&sub=KARIM&ai=... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://directfwd-2.com/?a=7783&oc=15501&c=42805&m=3&s1=&s2=273&s3=FR_all_cleanundefined
HTTP 302
https://tracy-track.com/?a=7783&oc=15501&c=42805&m=3&s1=&s2=273&s3=FR_all_cleanundefined&ckmguid=1bcf63c7-a30b-4bb5-b4c6-ef52d3088d4f HTTP 302
http://nordicbuddy.ru/investissement_fr/?MPC_4=357908668&MPC_3=7783&so=BitcoinFrance&sub=KARIM&ai=2958136&ci=160&gi=148 HTTP 301
https://nordicbuddy.ru/investissement_fr/?MPC_4=357908668&MPC_3=7783&so=BitcoinFrance&sub=KARIM&ai=2958136&ci=160&gi=148 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
nordicbuddy.ru/investissement_fr/ Redirect Chain
|
48 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4c6a182dc59a48f5721285fe5fab0a7e.css
nordicbuddy.ru/investissement_fr/assets/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
froala_style.css
nordicbuddy.ru/investissement_fr/assets/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
282 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lemonde.png
nordicbuddy.ru/investissement_fr/assets/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3bc22eeed3c6f52cb0df735dc03dbf32.png
nordicbuddy.ru/investissement_fr/assets/ |
120 B 422 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
04c66e1dbf81fe9f9b9b21dd11c3541c.png
nordicbuddy.ru/investissement_fr/assets/ |
49 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7757487ddeba79ea4fdc8314898861ca.jpg
nordicbuddy.ru/investissement_fr/assets/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
073e801e8a61608405201c87a8b37314.jpg
nordicbuddy.ru/investissement_fr/assets/ |
72 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bd7e54305254f0a3a5c14edf4e12b83e.jpg
nordicbuddy.ru/investissement_fr/assets/ |
83 KB 84 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cad7388d7cd11cc36c455f99540b76ab.jpg
nordicbuddy.ru/investissement_fr/assets/ |
68 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7b33e95597337435fc4ab50261990958.jpg
nordicbuddy.ru/investissement_fr/assets/ |
75 KB 76 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
017b7171a83c0a80d41706da446b52fa.jpg
nordicbuddy.ru/investissement_fr/assets/ |
94 KB 95 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
71c56a95df3d1961eb543ee299ff61ee.jpg
nordicbuddy.ru/investissement_fr/assets/ |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f51c6e85025ab1b4bad5bf356227a94c1.jpg
nordicbuddy.ru/investissement_fr/assets/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
step_1_bitcoinfrance.jpg
nordicbuddy.ru/investissement_fr/assets/ |
92 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
45bf908df2ccf0ac1ee61d87bca4a511.jpg
nordicbuddy.ru/investissement_fr/assets/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6c0b99e9f4dfbae02bcc8fed25e979c4.jpg
nordicbuddy.ru/investissement_fr/assets/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1fb17c9d5f35246d6898ec0ce58e3419.png
nordicbuddy.ru/investissement_fr/assets/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ad1cdd20ee16286c6af5785eba95ddf4.jpg
nordicbuddy.ru/investissement_fr/assets/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9dae10832e1c12c1d6cad787a3d10a23.png
nordicbuddy.ru/investissement_fr/assets/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4229ee7bc09fe625d5e755276cf2f536.png
nordicbuddy.ru/investissement_fr/assets/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
318501c870459554d9d029457ec141ca.png
nordicbuddy.ru/investissement_fr/assets/ |
89 KB 90 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
15b21cb6ce6acaf4f5171848aa6ffe9f.png
nordicbuddy.ru/investissement_fr/assets/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4ebb6eff57e4f83d77f4ce71e87a6b49.png
nordicbuddy.ru/investissement_fr/assets/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
63eca4469d1bb55c30f38def240f54f0.jpg
nordicbuddy.ru/investissement_fr/assets/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
46b27218c7bfd299a7b1d7e58fb604d51.jpg
nordicbuddy.ru/investissement_fr/assets/ |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
in_css_8269ebe205e427b201d4cf19f33784aa.static.png
nordicbuddy.ru/investissement_fr/assets/ |
341 B 820 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| dayNames object| monthNames object| now3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tracy-track.com/ | Name: som Value: M6HyAAa5XfMUbGHDtKGOMAkb+IRkYCveIrCDYHKCbVOXC5moDoHksw== |
|
.tracy-track.com/ | Name: ti Value: eYHlyJ5pAHhVk67sXj7aRAkb+IRkYCveIrCDYHKCbVOXC5moDoHksw== |
|
.tracy-track.com/ | Name: c15449 Value: M6HyAAa5XfODreBbnApZC/UYyKA7ZnmmpBEXM/D590XzXgdJa6NZpA== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
directfwd-2.com
nordicbuddy.ru
tracy-track.com
2606:4700::6811:190e
2a06:98c1:3120::3
2a06:98c1:3121::3
34.76.189.27
35.205.251.103
1094f57e0ffb6a122b4e3ef1f78c22248d54848a90c13a17f63d6ded2b93c5ee
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
21f2b514ab17c04c324748453cb105f9ceb2a97f900c3827d441dfecf429f673
408735b05739bdfab258449cb0c64011d29482217c14c53c84b981bcc1cef15d
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
594053c5c44154c60e8f311cc1acb08d9d7f172b442c9a56e4d77f294c195424
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f
7051b02a6f2c6ecc87234f671ffccc626dd0b89da568081636128aa80ea0dc11
72be80b9ca71295c47aef160c477ac732c34b68cabd3a6f5734534f0bd0e31ef
8d09ab88e6dc20b39f942acb53c6df9826301393fada45cf8c832083d31b848f
906f3647b16d60e2940205d86b2f67c2201ebb06d7c7a3ae36a5093e6d7f6ed5
93f105444b8a6f806d0897a21ffa1e2f729daa55d9189cef3e9adf3bbcf29141
a98833c325b1d2c95542a5a80a0d658bc964d7311406f777559efae55c796de9
b6e69714f944862030de3c40808b241e7079a65c4651bf1040dcdf007eca6b05
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
c553c33df7ab23ba5736c51512c3ae15cc9366fb3ffc1e1da2717bb59a4b7cef
cf0de059e93245c13e45e15d309d6d8e96f489e2ee93a15fe9092116ffcf2911
da01e9a46552fd6d37587a558476dc69cf4409bb40d6927e805edfc33533b507
e327f817fab651fd575d94b86e5f8407b95d80d8502c9eca1d8269de9c03f7c4
e5b1b28bb880980e8acb9ee730afed25c76ef3fd16c09b3a97482ea26d0ca971
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
eefe0d71e6e317e5627d0167ba7d8e07dfd5c77baf02e8dc8031992957d8822c
f12c82e9a7cc5372554561367d68a8b4c185b29469322e7bff91eed65e7d2620
f75f06b40f71d0df2bf60358f7d081c9d1ef944bcf5a9a8ba3ac949f3422f8d5
fe5dac3f5c5d7a8699b81ffcfa4f03272e3f324fb749bb139f554d31fe2f8c16