urlscan.io logo urlscan.io
SecurityTrails logo

trk84.nundori.xyz Open in urlscan Pro
172.64.140.31  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rb.gy/mjs4gw
Effective URL: https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_
Submission Tags: falconsandbox
Submission: On January 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 7 domains to perform 5 HTTP transactions. The main IP is 172.64.140.31, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk84.nundori.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2020. Valid for: a year.
This is the only time trk84.nundori.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.248.219.100 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 18.185.3.153 16509 (AMAZON-02)
1 1 104.26.11.73 13335 (CLOUDFLAR...)
1 1 104.27.130.164 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 172.64.140.31 13335 (CLOUDFLAR...)
5 2
1    13.248.219.100 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: abaa834e320054d4d.awsglobalaccelerator.com
rb.gy
1    2606:4700:3032::681f:5a37 (United States)

ASN13335 (CLOUDFLARENET, US)
t.ly
4    18.185.3.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-3-153.eu-central-1.compute.amazonaws.com
xpma.2track.info
1    104.26.11.73 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.gold
1    104.27.130.164 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.armorads.com
1    2606:4700:3031::ac43:bf4c (United States)

ASN13335 (CLOUDFLARENET, US)
topictraff.com
2    172.64.140.31 (United States)

ASN13335 (CLOUDFLARENET, US)
trk84.nundori.xyz
Apex Domain
Subdomains		 Transfer
4 2track.info
xpma.2track.info
19 KB
2 nundori.xyz
trk84.nundori.xyz
12 KB
1 topictraff.com
topictraff.com
596 B
1 armorads.com
tracking.armorads.com
964 B
1 ads.gold
ads.gold
626 B
1 t.ly
t.ly
915 B
1 rb.gy
rb.gy
225 B
5 7
Domain Requested by
4 xpma.2track.info 1 redirects xpma.2track.info
2 trk84.nundori.xyz xpma.2track.info
1 topictraff.com 1 redirects
1 tracking.armorads.com 1 redirects
1 ads.gold 1 redirects
1 t.ly 1 redirects
1 rb.gy 1 redirects
5 7

This site contains no links.

Subject Issuer Validity Valid
*.2track.info
Sectigo RSA Domain Validation Secure Server CA		 2020-02-20 -
2021-02-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-27 -
2021-06-27		 a year crt.sh

This page contains 1 frames:

Frame: https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_&code=06Y3VvBDU7MTE2Mzc8MjM2PDcFc3NlBG10AHdndQU3NgFrZ2UGMTICc3B5AU1rcXl9IHk6OWM7NAF2ZmwGAGp5BDU7MDECbGwGMTMyMwRmdwIzOTQ1AGJqBDU3MDECd34GLTcyA2Z6aWUDA2dwZQIzA2dwYwIyA3N3bnUDA3pzZAJJcnNsbGYiTHJoLgFqdmpoAXV0eGkFZnNvBGpmbHRnA3lmAU5xfW1xbGIxODI1IClPZGdubnVxdmxAIEpwd2lxIE5jZiRUUyFaIzU1XzI2YjkuIEJyc3BqV2ZkTm15LzY1OjI4NiEqTkxZTU0uI3Bua2YiSmloa3ArI0dtcnBvaDM9My8yMTg2MDQwOTUlU2JoZHZuLzY1OjI4NgFjeQU9AGVvBDwFYTU1BDQ1MTEyMwRmNDUDMzQFc2cDMzQ1MAFoaQU1MTECZmxpATECaXB7AWdjb3dqAGRqcAU2MTICb3JsATIyMzQFc3V0agU2MTIzNDU1AHB1ZnR6AQFydWh4dWMDNTQ1MzEzMzsFZXducQU4MwF0aGoGAHNkZmcGMTE0ODU2NTQCZnJ5cAICenJyAQF5anB7ATECZmhsATIzNDU2MTIzMzQ1MTIzNDQ2MTIzNDU2MTIzNDU2MTIzMzU2MTIzNDU2MTIzMzU2MTIzNDU2MTIzNDU2MTIzMzUFY2p3BDU2MTIzNDU2MTIzNDU1MTIyNDQ2MTIzNAR8dXUDejI1O3gwXDpbVjx5MXY5bm9wcT98Lm02cXJzbjx5MXg7dTx5MUlQbTlYA29xbmgDaHIyVVQCdXh5ATECb2V0AQFqb3cGMAFwdwU2MTEzNDU1MTECemgGMTIzZTYFY3N6BAR4Y2UDNTgFc3FmBDY5AGVydQU2AG9lZwU.LjQCcHh1ATI3&_tdf=15
Frame ID: 554C798CB8AA62F46AD995BC9A0B16E6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://rb.gy/mjs4gw HTTP 301
    https://t.ly/BP5W HTTP 301
    http://xpma.2track.info/?source=san1 HTTP 308
    https://xpma.2track.info/?source=san1 Page URL
  2. https://ads.gold/c/e54c3e1b-9482-11e6-93c9-0279a6a6ea5f?click_id=0001ee2ea01e-d010-4177-ac16-... HTTP 302
    http://tracking.armorads.com/sl?id=5fae8910127bd6bcbd272052&pid=122&sub8=e54c3e1b-9482-11e6-93c9-0279a6a6... HTTP 302
    https://topictraff.com/l/27002045fb66300bcb76?sub=5ffccf8ad402c000012e2769&source=122_ HTTP 302
    https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

2
IPs

2
Countries

31 kB
Transfer

86 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rb.gy/mjs4gw HTTP 301
    https://t.ly/BP5W HTTP 301
    http://xpma.2track.info/?source=san1 HTTP 308
    https://xpma.2track.info/?source=san1 Page URL
  2. https://ads.gold/c/e54c3e1b-9482-11e6-93c9-0279a6a6ea5f?click_id=0001ee2ea01e-d010-4177-ac16-eef1aba03d07&pubid=8308 HTTP 302
    http://tracking.armorads.com/sl?id=5fae8910127bd6bcbd272052&pid=122&sub8=e54c3e1b-9482-11e6-93c9-0279a6a6ea5f HTTP 302
    https://topictraff.com/l/27002045fb66300bcb76?sub=5ffccf8ad402c000012e2769&source=122_ HTTP 302
    https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://rb.gy/mjs4gw HTTP 301
  • https://t.ly/BP5W HTTP 301
  • http://xpma.2track.info/?source=san1 HTTP 308
  • https://xpma.2track.info/?source=san1

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xpma.2track.info/
Redirect Chain
  • http://rb.gy/mjs4gw
  • https://t.ly/BP5W
  • http://xpma.2track.info/?source=san1
  • https://xpma.2track.info/?source=san1
621 B
896 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xpma.2track.info/?source=san1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.185.3.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-3-153.eu-central-1.compute.amazonaws.com
Software
nginx/1.15.6 /
Resource Hash
5755f9c24eb920032eb4496f5e79f3caca9e982b42af2bb50a7c262088772bf6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
xpma.2track.info
:scheme
https
:path
/?source=san1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx/1.15.6
date
Mon, 11 Jan 2021 22:22:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
cross-origin-window-policy
deny
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
24f611147e027b7bfbb53c8b038a35a9
x-xss-protection
1; mode=block
set-cookie
client_uid=b50996aa-2f75-4018-91f2-2a000809728c; path=/; HttpOnly sub_id=143081; path=/; HttpOnly visit=0001ee2ea01e-d010-4177-ac16-eef1aba03d07; path=/; HttpOnly
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip

Redirect headers

Server
nginx/1.15.6
Date
Mon, 11 Jan 2021 22:22:01 GMT
Content-Type
text/html
Content-Length
171
Connection
keep-alive
Location
https://xpma.2track.info/?source=san1
app-82678cda9863caa8591333ab2acb279b.js
xpma.2track.info/js/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xpma.2track.info/js/app-82678cda9863caa8591333ab2acb279b.js?vsn=d
Requested by
Host: xpma.2track.info
URL: https://xpma.2track.info/?source=san1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.185.3.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-3-153.eu-central-1.compute.amazonaws.com
Software
nginx/1.15.6 /
Resource Hash
5bccdc112e476c480b826163183d81410a4c6a85ef05a90376618c2054c1ed59
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://xpma.2track.info/?source=san1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 22:22:01 GMT
cache-control
public, max-age=31536000
vary
Accept-Encoding
server
nginx/1.15.6
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
data
xpma.2track.info/post/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xpma.2track.info/post/data
Requested by
Host: xpma.2track.info
URL: https://xpma.2track.info/js/app-82678cda9863caa8591333ab2acb279b.js?vsn=d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.185.3.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-3-153.eu-central-1.compute.amazonaws.com
Software
nginx/1.15.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xpma.2track.info/?source=san1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 11 Jan 2021 22:22:02 GMT
x-content-type-options
nosniff
server
nginx/1.15.6
cross-origin-window-policy
deny
x-download-options
noopen
strict-transport-security
max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies
none
cache-control
max-age=0, private, must-revalidate
content-length
0
x-xss-protection
1; mode=block
x-request-id
bf10c5c213ef7142e9c689f93d5a5745
Primary Request 27002045fb66300bcb76.js
trk84.nundori.xyz/l/
Redirect Chain
  • https://ads.gold/c/e54c3e1b-9482-11e6-93c9-0279a6a6ea5f?click_id=0001ee2ea01e-d010-4177-ac16-eef1aba03d07&pubid=8308
  • http://tracking.armorads.com/sl?id=5fae8910127bd6bcbd272052&pid=122&sub8=e54c3e1b-9482-11e6-93c9-0279a6a6ea5f
  • https://topictraff.com/l/27002045fb66300bcb76?sub=5ffccf8ad402c000012e2769&source=122_
  • https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_
36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_
Requested by
Host: xpma.2track.info
URL: https://xpma.2track.info/js/app-82678cda9863caa8591333ab2acb279b.js?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.140.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

:method
GET
:authority
trk84.nundori.xyz
:scheme
https
:path
/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://xpma.2track.info/?source=san1

Response headers

date
Mon, 11 Jan 2021 22:22:02 GMT
content-type
text/html
set-cookie
__cfduid=d3d93d09e257419bd57496c5cd1d478471610403722; expires=Wed, 10-Feb-21 22:22:02 GMT; path=/; domain=.nundori.xyz; HttpOnly; SameSite=Lax
last-modified
Thu, 08 Oct 2020 11:15:02 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-cache-status
HIT
age
8441
cf-request-id
079523ccae00004c377f0fa000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l8SeIG5Z9Cc9QdCqp8HIq1J4tQCrW0aF9A331fyr24GKPXyzZaUt%2BX%2B58G980XhGBJ4jhRrOCSrl4aG3ANI9qPxy2ZEtPKLU68s96Tcglcl%2BLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
610208c1193d4c37-AMS
content-encoding
br

Redirect headers

date
Mon, 11 Jan 2021 22:22:02 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_
cf-request-id
079523cc1700004a6d4b2cd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3VXpbB2fVVZrMFMhv48CQWZJKDyS0p77DnW3Ag6c%2F2ay0whUMqWQmb%2BaYOf5lIVu%2FlxejfNWtPd5H45N4yy8%2FDAEF9FxQgwf71SCPmeQNfasy2P1wWiUYx7dRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
610208c02e514a6d-FRA
27002045fb66300bcb76.js
trk84.nundori.xyz/l/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_&code=06Y3VvBDU7MTE2Mzc8MjM2PDcFc3NlBG10AHdndQU3NgFrZ2UGMTICc3B5AU1rcXl9IHk6OWM7NAF2ZmwGAGp5BDU7MDECbGwGMTMyMwRmdwIzOTQ1AGJqBDU3MDECd34GLTcyA2Z6aWUDA2dwZQIzA2dwYwIyA3N3bnUDA3pzZAJJcnNsbGYiTHJoLgFqdmpoAXV0eGkFZnNvBGpmbHRnA3lmAU5xfW1xbGIxODI1IClPZGdubnVxdmxAIEpwd2lxIE5jZiRUUyFaIzU1XzI2YjkuIEJyc3BqV2ZkTm15LzY1OjI4NiEqTkxZTU0uI3Bua2YiSmloa3ArI0dtcnBvaDM9My8yMTg2MDQwOTUlU2JoZHZuLzY1OjI4NgFjeQU9AGVvBDwFYTU1BDQ1MTEyMwRmNDUDMzQFc2cDMzQ1MAFoaQU1MTECZmxpATECaXB7AWdjb3dqAGRqcAU2MTICb3JsATIyMzQFc3V0agU2MTIzNDU1AHB1ZnR6AQFydWh4dWMDNTQ1MzEzMzsFZXducQU4MwF0aGoGAHNkZmcGMTE0ODU2NTQCZnJ5cAICenJyAQF5anB7ATECZmhsATIzNDU2MTIzMzQ1MTIzNDQ2MTIzNDU2MTIzNDU2MTIzMzU2MTIzNDU2MTIzMzU2MTIzNDU2MTIzNDU2MTIzMzUFY2p3BDU2MTIzNDU2MTIzNDU1MTIyNDQ2MTIzNAR8dXUDejI1O3gwXDpbVjx5MXY5bm9wcT98Lm02cXJzbjx5MXg7dTx5MUlQbTlYA29xbmgDaHIyVVQCdXh5ATECb2V0AQFqb3cGMAFwdwU2MTEzNDU1MTECemgGMTIzZTYFY3N6BAR4Y2UDNTgFc3FmBDY5AGVydQU2AG9lZwU.LjQCcHh1ATI3&_tdf=15
Requested by
Host: xpma.2track.info
URL: https://xpma.2track.info/?source=san1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.140.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
trk84.nundori.xyz
:scheme
https
:path
/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_&code=06Y3VvBDU7MTE2Mzc8MjM2PDcFc3NlBG10AHdndQU3NgFrZ2UGMTICc3B5AU1rcXl9IHk6OWM7NAF2ZmwGAGp5BDU7MDECbGwGMTMyMwRmdwIzOTQ1AGJqBDU3MDECd34GLTcyA2Z6aWUDA2dwZQIzA2dwYwIyA3N3bnUDA3pzZAJJcnNsbGYiTHJoLgFqdmpoAXV0eGkFZnNvBGpmbHRnA3lmAU5xfW1xbGIxODI1IClPZGdubnVxdmxAIEpwd2lxIE5jZiRUUyFaIzU1XzI2YjkuIEJyc3BqV2ZkTm15LzY1OjI4NiEqTkxZTU0uI3Bua2YiSmloa3ArI0dtcnBvaDM9My8yMTg2MDQwOTUlU2JoZHZuLzY1OjI4NgFjeQU9AGVvBDwFYTU1BDQ1MTEyMwRmNDUDMzQFc2cDMzQ1MAFoaQU1MTECZmxpATECaXB7AWdjb3dqAGRqcAU2MTICb3JsATIyMzQFc3V0agU2MTIzNDU1AHB1ZnR6AQFydWh4dWMDNTQ1MzEzMzsFZXducQU4MwF0aGoGAHNkZmcGMTE0ODU2NTQCZnJ5cAICenJyAQF5anB7ATECZmhsATIzNDU2MTIzMzQ1MTIzNDQ2MTIzNDU2MTIzNDU2MTIzMzU2MTIzNDU2MTIzMzU2MTIzNDU2MTIzNDU2MTIzMzUFY2p3BDU2MTIzNDU2MTIzNDU1MTIyNDQ2MTIzNAR8dXUDejI1O3gwXDpbVjx5MXY5bm9wcT98Lm02cXJzbjx5MXg7dTx5MUlQbTlYA29xbmgDaHIyVVQCdXh5ATECb2V0AQFqb3cGMAFwdwU2MTEzNDU1MTECemgGMTIzZTYFY3N6BAR4Y2UDNTgFc3FmBDY5AGVydQU2AG9lZwU.LjQCcHh1ATI3&_tdf=15
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d3d93d09e257419bd57496c5cd1d478471610403722
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_

Response headers

date
Mon, 11 Jan 2021 22:22:02 GMT
set-cookie
BSESSID=trk1cc459d5-6f8f-4d55-a3d6-fe382158c774; Max-Age=63072000; Expires=Wed, 11 Jan 2023 22:22:02 GMT; Path=/
cf-cache-status
DYNAMIC
cf-request-id
079523cd1500004c37d29f0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fl8VgM6sDnpaXJ%2BldWn4cUCJa4s8B%2FsU9hQWF1TjxuUFhL4ZtwZaQpk92eVDCCcT7%2FFoWRFVlYLG3mCjfpMhk7wi%2BLWUaGKUSxFHxdKnLY49MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
610208c1ba8d4c37-AMS

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| Y6VV number| r4nnnn number| l4nnnn number| t6u function| EKm8V

1 Cookies

Domain/Path Name / Value
.nundori.xyz/ Name: __cfduid
Value: d3d93d09e257419bd57496c5cd1d478471610403722

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block