click.belonnanotservice.ga Open in urlscan Pro
45.9.150.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bigdesign.top/v.php?redacted
Effective URL:
https://click.belonnanotservice.ga/job.php
Submission Tags: falconsandbox
Submission: On August 27 via api (August 27th 2021, 5:25:43 am UTC) from US

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 45.9.150.63, located in Switzerland and belongs to NICEIT, DM. The main domain is click.belonnanotservice.ga.
TLS certificate: Issued by R3 on July 1st 2021. Valid for: 3 months.

This is the only time click.belonnanotservice.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	120.78.225.45 120.78.225.45	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7 15	45.9.150.63 45.9.150.63	49447 (NICEIT) (NICEIT)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
20	5

3 120.78.225.45 (Shenzhen, China) 2 redirects

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

bigdesign.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 45.9.150.63 (Switzerland) 7 redirects

ASN49447 (NICEIT, DM)

click.driverfortnigtly.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
click.belonnanotservice.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	driverfortnigtly.ga 7 redirects click.driverfortnigtly.ga	3 KB
3	bigdesign.top 2 redirects bigdesign.top	8 KB
1	belonnanotservice.ga click.belonnanotservice.ga Failed	136 B
1	doubleclick.net googleads.g.doubleclick.net	5 KB
1	googlesyndication.com pagead2.googlesyndication.com	49 KB
20	5

	Domain	Requested by
14	click.driverfortnigtly.ga	7 redirects bigdesign.top
3	bigdesign.top	2 redirects bigdesign.top
1	click.belonnanotservice.ga	click.driverfortnigtly.ga
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	pagead2.googlesyndication.com	bigdesign.top pagead2.googlesyndication.com
20	5

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
click.driverfortnigtly.ga R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
click.belonnanotservice.ga R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://click.belonnanotservice.ga/job.php
Frame ID: 56E5A47E840C4A48DE10787F15D40822
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html
Frame ID: 0E46602CCD4E73E15B395800979D00F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bigdesign.top/v.php?redacted HTTP 301
http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/index.php HTTP 301
http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/ Page URL
https://click.belonnanotservice.ga/job.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

50 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

62 kB
Transfer

180 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bigdesign.top/v.php?redacted HTTP 301
http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/index.php HTTP 301
http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/ Page URL
https://click.belonnanotservice.ga/job.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bigdesign.top/v.php?redacted HTTP 301
http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/index.php HTTP 301
http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/

Request Chain 2

http://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5 HTTP 301
https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5

Request Chain 3

http://click.driverfortnigtly.ga/GMtCh34S/wp-content/themes/Avada/assets/css/style.min.css?ver=6.1.2 HTTP 301
https://click.driverfortnigtly.ga/GMtCh34S/wp-content/themes/Avada/assets/css/style.min.css?ver=6.1.2

Request Chain 4

http://click.driverfortnigtly.ga/GMtCh34S/wp-content/uploads/fusion-styles/c458ac5ca609704bbe1ae764b53958ab.min.css?ver=2.1.2 HTTP 301
https://click.driverfortnigtly.ga/GMtCh34S/wp-content/uploads/fusion-styles/c458ac5ca609704bbe1ae764b53958ab.min.css?ver=2.1.2

Request Chain 5

http://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP 301
https://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Request Chain 6

http://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP 301
https://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Request Chain 7

http://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP 301
https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0

Request Chain 8

http://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5 HTTP 301
https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

/ Show response
bigdesign.top/hfdyjcj/yjyerxsdpjcb/
Redirect Chain

http://bigdesign.top/v.php?redacted
http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/index.php
http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/

30 KB
7 KB

2402ms
2401ms

Document
text/html

120.78.225.45
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/
Protocol: HTTP/1.1
Server: 120.78.225.45 Shenzhen, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: b07d5760a799f6882648bd523710dfb494ba50688d2c5b0838c92323ed517dc1

Request headers

Host: bigdesign.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 05:25:22 GMT
Server: Apache
Vary: Accept-Encoding,Cookie,User-Agent
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://click.driverfortnigtly.ga/GMtCh34S/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Content-Length: 7070
Keep-Alive: timeout=15, max=298
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 27 Aug 2021 05:25:21 GMT
Server: Apache
Vary: Accept-Encoding,Cookie,User-Agent
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 33ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bigdesign.top
URL: http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

221489efba5eb3e4c59612e9e563bf967c8f399e2afcef2eaa1be6e48ca9c1c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bigdesign.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 05:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49998
x-xss-protection: 0
server: cafe
etag: 6335602564762238188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 05:25:24 GMT

GET
H2

200

rs6.css
click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/css/
Redirect Chain

http://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5

132 B
242 B

213ms
88ms

Stylesheet
application/javascript

45.9.150.63
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
Requested by: Host: bigdesign.top
URL: http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.9.150.63 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software: nginx /
Resource Hash: 59a14f9da1edbc7941e54bd85687df9152c9a0d20a94766bc7904a54ada2f964

Request headers

Referer: http://bigdesign.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 05:25:25 GMT
content-encoding: gzip
server: nginx
content-length: 125
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

Redirect headers

Location: https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
Date: Fri, 27 Aug 2021 05:25:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

style.min.css
click.driverfortnigtly.ga/GMtCh34S/wp-content/themes/Avada/assets/css/
Redirect Chain

http://click.driverfortnigtly.ga/GMtCh34S/wp-content/themes/Avada/assets/css/style.min.css?ver=6.1.2
https://click.driverfortnigtly.ga/GMtCh34S/wp-content/themes/Avada/assets/css/style.min.css?ver=6.1.2

132 B
242 B

214ms
87ms

Stylesheet
application/javascript

45.9.150.63
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://click.driverfortnigtly.ga/GMtCh34S/wp-content/themes/Avada/assets/css/style.min.css?ver=6.1.2
Requested by: Host: bigdesign.top
URL: http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.9.150.63 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software: nginx /
Resource Hash: 59a14f9da1edbc7941e54bd85687df9152c9a0d20a94766bc7904a54ada2f964

Request headers

Referer: http://bigdesign.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 05:25:25 GMT
content-encoding: gzip
server: nginx
content-length: 125
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

Redirect headers

Location: https://click.driverfortnigtly.ga/GMtCh34S/wp-content/themes/Avada/assets/css/style.min.css?ver=6.1.2
Date: Fri, 27 Aug 2021 05:25:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

c458ac5ca609704bbe1ae764b53958ab.min.css
click.driverfortnigtly.ga/GMtCh34S/wp-content/uploads/fusion-styles/
Redirect Chain

http://click.driverfortnigtly.ga/GMtCh34S/wp-content/uploads/fusion-styles/c458ac5ca609704bbe1ae764b53958ab.min.css?ver=2.1.2
https://click.driverfortnigtly.ga/GMtCh34S/wp-content/uploads/fusion-styles/c458ac5ca609704bbe1ae764b53958ab.min.css?ver=2.1.2

132 B
243 B

213ms
87ms

Stylesheet
application/javascript

45.9.150.63
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://click.driverfortnigtly.ga/GMtCh34S/wp-content/uploads/fusion-styles/c458ac5ca609704bbe1ae764b53958ab.min.css?ver=2.1.2
Requested by: Host: bigdesign.top
URL: http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.9.150.63 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software: nginx /
Resource Hash: 59a14f9da1edbc7941e54bd85687df9152c9a0d20a94766bc7904a54ada2f964

Request headers

Referer: http://bigdesign.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 05:25:25 GMT
content-encoding: gzip
server: nginx
content-length: 125
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

Redirect headers

Location: https://click.driverfortnigtly.ga/GMtCh34S/wp-content/uploads/fusion-styles/c458ac5ca609704bbe1ae764b53958ab.min.css?ver=2.1.2
Date: Fri, 27 Aug 2021 05:25:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

jquery.js
click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/
Redirect Chain

http://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
https://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

132 B
242 B

214ms
89ms

Script
application/javascript

45.9.150.63
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: bigdesign.top
URL: http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.9.150.63 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://bigdesign.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 05:25:25 GMT
content-encoding: gzip
server: nginx
content-length: 125
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

Redirect headers

Location: https://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Date: Fri, 27 Aug 2021 05:25:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

jquery-migrate.min.js
click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/
Redirect Chain

http://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
https://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

132 B
242 B

214ms
88ms

Script
application/javascript

45.9.150.63
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: bigdesign.top
URL: http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.9.150.63 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://bigdesign.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 05:25:25 GMT
content-encoding: gzip
server: nginx
content-length: 125
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

Redirect headers

Location: https://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Date: Fri, 27 Aug 2021 05:25:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

revolution.tools.min.js
click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/
Redirect Chain

http://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0

132 B
242 B

214ms
89ms

Script
application/javascript

45.9.150.63
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
Requested by: Host: bigdesign.top
URL: http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.9.150.63 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://bigdesign.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 05:25:25 GMT
content-encoding: gzip
server: nginx
content-length: 125
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

Redirect headers

Location: https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
Date: Fri, 27 Aug 2021 05:25:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

rs6.min.js
click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/
Redirect Chain

http://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5

132 B
0

213ms
88ms

Script
application/javascript

45.9.150.63
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
Requested by: Host: bigdesign.top
URL: http://bigdesign.top/hfdyjcj/yjyerxsdpjcb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.9.150.63 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://bigdesign.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 05:25:25 GMT
content-encoding: gzip
server: nginx
content-length: 125
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

Redirect headers

Location: https://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
Date: Fri, 27 Aug 2021 05:25:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET bigdesign-logo2-65.gif
bigdesign.top/wp-content/uploads/2020/01/ 0
0

GET bigdesign-logo-65.gif
bigdesign.top/wp-content/uploads/2020/01/ 0
0

GET bigdesign-logo-180.png
click.driverfortnigtly.ga/GMtCh34S/wp-content/uploads/2020/01/ 0
0

GET scripts.js
click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/contact-form-7/includes/js/ 0
0

GET 5e6550ed10b33f8d1381dec399576b7e.min.js
click.driverfortnigtly.ga/GMtCh34S/wp-content/uploads/fusion-scripts/ 0
0

GET wp-embed.min.js
click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/ 0
0

GET wp-emoji-release.min.js
click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/ 0
0

GET show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 0
0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/ Frame 0E46 10 KB
5 KB 7ms
5ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210824/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://bigdesign.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: http://bigdesign.top/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 26 Aug 2021 23:06:59 GMT
expires: Thu, 09 Sep 2021 23:06:59 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 22706
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET job.php
click.belonnanotservice.ga/ 0
0

GET
H2 404 Primary Request job.php Show response
click.belonnanotservice.ga/ 16 B
136 B 176ms
39ms Document
text/html 45.9.150.63
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://click.belonnanotservice.ga/job.php
Requested by: Host: click.driverfortnigtly.ga
URL: http://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.9.150.63 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software: nginx /
Resource Hash: 8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41

Request headers

:method: GET
:authority: click.belonnanotservice.ga
:scheme: https
:path: /job.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://bigdesign.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: http://bigdesign.top/

Response headers

server: nginx
date: Fri, 27 Aug 2021 05:25:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bigdesign.top
URL: http://bigdesign.top/wp-content/uploads/2020/01/bigdesign-logo2-65.gif

Domain: bigdesign.top
URL: http://bigdesign.top/wp-content/uploads/2020/01/bigdesign-logo-65.gif

Domain: click.driverfortnigtly.ga
URL: https://click.driverfortnigtly.ga/GMtCh34S/wp-content/uploads/2020/01/bigdesign-logo-180.png

Domain: click.driverfortnigtly.ga
URL: http://click.driverfortnigtly.ga/GMtCh34S/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6

Domain: click.driverfortnigtly.ga
URL: http://click.driverfortnigtly.ga/GMtCh34S/wp-content/uploads/fusion-scripts/5e6550ed10b33f8d1381dec399576b7e.min.js?ver=2.1.2

Domain: click.driverfortnigtly.ga
URL: http://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/wp-embed.min.js?ver=5.3.8

Domain: click.driverfortnigtly.ga
URL: http://click.driverfortnigtly.ga/GMtCh34S/wp-includes/js/wp-emoji-release.min.js?ver=5.3.8

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9092940622343022&plah=bigdesign.top

Domain: click.belonnanotservice.ga
URL: https://click.belonnanotservice.ga/job.php

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bigdesign.top
click.belonnanotservice.ga
click.driverfortnigtly.ga
googleads.g.doubleclick.net
pagead2.googlesyndication.com
bigdesign.top
click.belonnanotservice.ga
click.driverfortnigtly.ga
pagead2.googlesyndication.com
120.78.225.45
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
45.9.150.63
221489efba5eb3e4c59612e9e563bf967c8f399e2afcef2eaa1be6e48ca9c1c7
59a14f9da1edbc7941e54bd85687df9152c9a0d20a94766bc7904a54ada2f964
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
b07d5760a799f6882648bd523710dfb494ba50688d2c5b0838c92323ed517dc1
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

click.belonnanotservice.ga Open in urlscan Pro 45.9.150.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

50 %HTTPS

50 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

62 kBTransfer

180 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Indicators

click.belonnanotservice.ga Open in urlscan Pro
45.9.150.63 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

50 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

62 kB
Transfer

180 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions