trk84.nundori.xyz
Open in
urlscan Pro
172.64.140.31
Public Scan
Effective URL: https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_
Submission Tags: falconsandbox
Submission: On January 11 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2020. Valid for: a year.
This is the only time trk84.nundori.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.248.219.100 13.248.219.100 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 2606:4700:303... 2606:4700:3032::681f:5a37 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 4 | 18.185.3.153 18.185.3.153 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 104.26.11.73 104.26.11.73 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 104.27.130.164 104.27.130.164 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3031::ac43:bf4c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 172.64.140.31 172.64.140.31 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2 |
ASN16509 (AMAZON-02, US)
PTR: abaa834e320054d4d.awsglobalaccelerator.com
rb.gy |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-3-153.eu-central-1.compute.amazonaws.com
xpma.2track.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
2track.info
1 redirects
xpma.2track.info |
19 KB |
2 |
nundori.xyz
trk84.nundori.xyz |
12 KB |
1 |
topictraff.com
1 redirects
topictraff.com |
596 B |
1 |
armorads.com
1 redirects
tracking.armorads.com |
964 B |
1 |
ads.gold
1 redirects
ads.gold |
626 B |
1 |
t.ly
1 redirects
t.ly |
915 B |
1 |
rb.gy
1 redirects
rb.gy |
225 B |
5 | 7 |
Domain | Requested by | |
---|---|---|
4 | xpma.2track.info |
1 redirects
xpma.2track.info
|
2 | trk84.nundori.xyz |
xpma.2track.info
|
1 | topictraff.com | 1 redirects |
1 | tracking.armorads.com | 1 redirects |
1 | ads.gold | 1 redirects |
1 | t.ly | 1 redirects |
1 | rb.gy | 1 redirects |
5 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.2track.info Sectigo RSA Domain Validation Secure Server CA |
2020-02-20 - 2021-02-19 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-06-27 - 2021-06-27 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_&code=06Y3VvBDU7MTE2Mzc8MjM2PDcFc3NlBG10AHdndQU3NgFrZ2UGMTICc3B5AU1rcXl9IHk6OWM7NAF2ZmwGAGp5BDU7MDECbGwGMTMyMwRmdwIzOTQ1AGJqBDU3MDECd34GLTcyA2Z6aWUDA2dwZQIzA2dwYwIyA3N3bnUDA3pzZAJJcnNsbGYiTHJoLgFqdmpoAXV0eGkFZnNvBGpmbHRnA3lmAU5xfW1xbGIxODI1IClPZGdubnVxdmxAIEpwd2lxIE5jZiRUUyFaIzU1XzI2YjkuIEJyc3BqV2ZkTm15LzY1OjI4NiEqTkxZTU0uI3Bua2YiSmloa3ArI0dtcnBvaDM9My8yMTg2MDQwOTUlU2JoZHZuLzY1OjI4NgFjeQU9AGVvBDwFYTU1BDQ1MTEyMwRmNDUDMzQFc2cDMzQ1MAFoaQU1MTECZmxpATECaXB7AWdjb3dqAGRqcAU2MTICb3JsATIyMzQFc3V0agU2MTIzNDU1AHB1ZnR6AQFydWh4dWMDNTQ1MzEzMzsFZXducQU4MwF0aGoGAHNkZmcGMTE0ODU2NTQCZnJ5cAICenJyAQF5anB7ATECZmhsATIzNDU2MTIzMzQ1MTIzNDQ2MTIzNDU2MTIzNDU2MTIzMzU2MTIzNDU2MTIzMzU2MTIzNDU2MTIzNDU2MTIzMzUFY2p3BDU2MTIzNDU2MTIzNDU1MTIyNDQ2MTIzNAR8dXUDejI1O3gwXDpbVjx5MXY5bm9wcT98Lm02cXJzbjx5MXg7dTx5MUlQbTlYA29xbmgDaHIyVVQCdXh5ATECb2V0AQFqb3cGMAFwdwU2MTEzNDU1MTECemgGMTIzZTYFY3N6BAR4Y2UDNTgFc3FmBDY5AGVydQU2AG9lZwU.LjQCcHh1ATI3&_tdf=15
Frame ID: 554C798CB8AA62F46AD995BC9A0B16E6
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://rb.gy/mjs4gw
HTTP 301
https://t.ly/BP5W HTTP 301
http://xpma.2track.info/?source=san1 HTTP 308
https://xpma.2track.info/?source=san1 Page URL
-
https://ads.gold/c/e54c3e1b-9482-11e6-93c9-0279a6a6ea5f?click_id=0001ee2ea01e-d010-4177-ac16-...
HTTP 302
http://tracking.armorads.com/sl?id=5fae8910127bd6bcbd272052&pid=122&sub8=e54c3e1b-9482-11e6-93c9-0279a6a6... HTTP 302
https://topictraff.com/l/27002045fb66300bcb76?sub=5ffccf8ad402c000012e2769&source=122_ HTTP 302
https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://rb.gy/mjs4gw
HTTP 301
https://t.ly/BP5W HTTP 301
http://xpma.2track.info/?source=san1 HTTP 308
https://xpma.2track.info/?source=san1 Page URL
-
https://ads.gold/c/e54c3e1b-9482-11e6-93c9-0279a6a6ea5f?click_id=0001ee2ea01e-d010-4177-ac16-eef1aba03d07&pubid=8308
HTTP 302
http://tracking.armorads.com/sl?id=5fae8910127bd6bcbd272052&pid=122&sub8=e54c3e1b-9482-11e6-93c9-0279a6a6ea5f HTTP 302
https://topictraff.com/l/27002045fb66300bcb76?sub=5ffccf8ad402c000012e2769&source=122_ HTTP 302
https://trk84.nundori.xyz/l/27002045fb66300bcb76.js?sub=5ffccf8ad402c000012e2769&source=122_ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://rb.gy/mjs4gw HTTP 301
- https://t.ly/BP5W HTTP 301
- http://xpma.2track.info/?source=san1 HTTP 308
- https://xpma.2track.info/?source=san1
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
xpma.2track.info/ Redirect Chain
|
621 B 896 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-82678cda9863caa8591333ab2acb279b.js
xpma.2track.info/js/ |
49 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
data
xpma.2track.info/post/ |
0 291 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
27002045fb66300bcb76.js
trk84.nundori.xyz/l/ Redirect Chain
|
36 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
27002045fb66300bcb76.js
trk84.nundori.xyz/l/ |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| Y6VV number| r4nnnn number| l4nnnn number| t6u function| EKm8V1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nundori.xyz/ | Name: __cfduid Value: d3d93d09e257419bd57496c5cd1d478471610403722 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.gold
rb.gy
t.ly
topictraff.com
tracking.armorads.com
trk84.nundori.xyz
xpma.2track.info
104.26.11.73
104.27.130.164
13.248.219.100
172.64.140.31
18.185.3.153
2606:4700:3031::ac43:bf4c
2606:4700:3032::681f:5a37
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a
5755f9c24eb920032eb4496f5e79f3caca9e982b42af2bb50a7c262088772bf6
5bccdc112e476c480b826163183d81410a4c6a85ef05a90376618c2054c1ed59