urlscan.io logo urlscan.io
SecurityTrails logo

cool.eyjafjallajokulll.com Open in urlscan Pro
5.149.248.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://cool.eyjafjallajokulll.com/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?gid=84cf1037-a594-11ee-ad1f-12...
Submission: On December 28 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 5.149.248.80, located in Amsterdam, Netherlands and belongs to HZ-EU-AS, BG. The main domain is cool.eyjafjallajokulll.com.
TLS certificate: Issued by R3 on November 17th 2023. Valid for: 3 months.
This is the only time cool.eyjafjallajokulll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Sharingan Theme Cool launcher.apk 2 MB application/zip
MIME: Zip archive data, at least v2.0 to extract
Size: 2 MB (2104893 bytes, 100% done)
Downloaded from: https://top3.goglemp4player.com/download/2/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?dtp=1&network=507&sclid=&p1=&name=File_133311&add_extra_params=&extAdk=&rotator_uid=84cf1037-a594-11ee-ad1f-121254d6a232&rlid=&dwlt=3&refLink=&cfr=
Sharingan Theme Cool launcher.apk 2 MB application/zip
MIME: Zip archive data, at least v2.0 to extract
Size: 2 MB (2104893 bytes, 100% done)
Downloaded from: https://top3.goglemp4player.com/download/2/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?dtp=1&network=507&sclid=&p1=&name=File_133312&add_extra_params=&extAdk=&rotator_uid=84cf1037-a594-11ee-ad1f-121254d6a232&rlid=&dwlt=1&refLink=&cfr=

Domain & IP information

IP Address AS Autonomous System
3 5.149.248.80 59711 (HZ-EU-AS)
2 51.254.44.192 16276 (OVH)
5 2
Apex Domain
Subdomains		 Transfer
3 eyjafjallajokulll.com
cool.eyjafjallajokulll.com
9 KB
2 goglemp4player.com
top3.goglemp4player.com — Cisco Umbrella Rank: 323458
5 2
Domain Requested by
3 cool.eyjafjallajokulll.com cool.eyjafjallajokulll.com
2 top3.goglemp4player.com cool.eyjafjallajokulll.com
5 2

This site contains no links.

Subject Issuer Validity Valid
*.eyjafjallajokulll.com
R3		 2023-11-17 -
2024-02-15		 3 months crt.sh
*.goglemp4player.com
R3		 2023-10-29 -
2024-01-27		 3 months crt.sh

This page contains 1 frames:

Frame: https://top3.goglemp4player.com/download/2/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?dtp=1&network=507&sclid=&p1=&name=File_133312&add_extra_params=&extAdk=&rotator_uid=84cf1037-a594-11ee-ad1f-121254d6a232&rlid=&dwlt=1&refLink=&cfr=
Frame ID: 18FCDF588DE8748CEDFD72581D989893
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download file

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

9 kB
Transfer

21 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cool.eyjafjallajokulll.com/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cool.eyjafjallajokulll.com/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?gid=84cf1037-a594-11ee-ad1f-121254d6a232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.149.248.80 Amsterdam, Netherlands, ASN59711 (HZ-EU-AS, BG),
Reverse DNS
Software
nginx /
Resource Hash
d0840d606b9976a6e11a51bcc6dc77de2e6131152a2d32dd00cc048f3822ae90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Dec 2023 15:19:44 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
file.png
cool.eyjafjallajokulll.com/lands/gate_line_loader_nik/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cool.eyjafjallajokulll.com/lands/gate_line_loader_nik/file.png
Requested by
Host: cool.eyjafjallajokulll.com
URL: https://cool.eyjafjallajokulll.com/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?gid=84cf1037-a594-11ee-ad1f-121254d6a232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.149.248.80 Amsterdam, Netherlands, ASN59711 (HZ-EU-AS, BG),
Reverse DNS
Software
nginx /
Resource Hash
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cool.eyjafjallajokulll.com/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?gid=84cf1037-a594-11ee-ad1f-121254d6a232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 15:19:44 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 30 Nov 2022 10:05:20 GMT
Server
nginx
ETag
"63872ae0-750"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1872
lut.js
cool.eyjafjallajokulll.com/lands/common/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cool.eyjafjallajokulll.com/lands/common/js/lut.js?v=16
Requested by
Host: cool.eyjafjallajokulll.com
URL: https://cool.eyjafjallajokulll.com/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?gid=84cf1037-a594-11ee-ad1f-121254d6a232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.149.248.80 Amsterdam, Netherlands, ASN59711 (HZ-EU-AS, BG),
Reverse DNS
Software
nginx /
Resource Hash
8303ed6d0330feb5b806e73cb254c526bc22b50d09a78ab0d531a456782bba87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cool.eyjafjallajokulll.com/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?gid=84cf1037-a594-11ee-ad1f-121254d6a232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 15:19:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Wed, 02 Aug 2023 15:48:49 GMT
Server
nginx
ETag
W/"64ca7ae1-18eb"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
/
top3.goglemp4player.com/download/2/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://top3.goglemp4player.com/download/2/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?dtp=1&network=507&sclid=&p1=&name=File_133311&add_extra_params=&extAdk=&rotator_uid=84cf1037-a594-11ee-ad1f-121254d6a232&rlid=&dwlt=3&refLink=&cfr=
Requested by
Host: cool.eyjafjallajokulll.com
URL: https://cool.eyjafjallajokulll.com/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?gid=84cf1037-a594-11ee-ad1f-121254d6a232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.254.44.192 , France, ASN16276 (OVH, FR),
Reverse DNS
setup-ovh-fr-01.itroot.it
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cool.eyjafjallajokulll.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
none
Connection
keep-alive
Content-Description
File Transfer
Content-Disposition
attachment; filename="Sharingan Theme Cool launcher.apk"
Content-Length
2104893
Content-Transfer-Encoding
binary
Content-Type
application/vnd.android.package-archive
Date
Thu, 28 Dec 2023 15:19:45 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000
/
top3.goglemp4player.com/download/2/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://top3.goglemp4player.com/download/2/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?dtp=1&network=507&sclid=&p1=&name=File_133312&add_extra_params=&extAdk=&rotator_uid=84cf1037-a594-11ee-ad1f-121254d6a232&rlid=&dwlt=1&refLink=&cfr=
Requested by
Host: cool.eyjafjallajokulll.com
URL: https://cool.eyjafjallajokulll.com/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ==/?gid=84cf1037-a594-11ee-ad1f-121254d6a232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.254.44.192 , France, ASN16276 (OVH, FR),
Reverse DNS
setup-ovh-fr-01.itroot.it
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cool.eyjafjallajokulll.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
none
Connection
keep-alive
Content-Description
File Transfer
Content-Disposition
attachment; filename="Sharingan Theme Cool launcher.apk"
Content-Length
2104893
Content-Transfer-Encoding
binary
Content-Type
application/vnd.android.package-archive
Date
Thu, 28 Dec 2023 15:19:46 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| apk_names number| apkNamesLength boolean| needNameFromArray boolean| needRandomName string| smartlink number| leaveAction string| backlink boolean| needAutoLoad number| autoLoadDelay number| clickCounterNeedRecycle string| clickId string| extAdk string| gid string| p1 string| extra string| rlid string| refLink string| adk string| domain string| cfr string| postback_id string| dtp number| dwlt string| apk_url object| selectedIndexes function| updateAPKURL function| getRandomUniqIntInclusive object| LUT function| glTapClick number| backCount boolean| firstClick boolean| useIframe function| openNewWindow function| setDownloadTimeout function| doLeaveWork number| scoreTimer

4 Cookies

Domain/Path Name / Value
top3.goglemp4player.com/download/2/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ== Name: dccn
Value: 88409749-a594-11ee-9dc1-5a9008839534
cool.eyjafjallajokulll.com/ZWMwMDBhMDZiMTAwMzJhMjAwMDAzMmFmMDAzMmFmMDAzMmFmMDk1YmFhNDc5ZQ== Name: luid
Value: 3712044765529768264
cool.eyjafjallajokulll.com/ Name: click_counter
Value: 1
cool.eyjafjallajokulll.com/ Name: apk_counter
Value: 2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cool.eyjafjallajokulll.com
top3.goglemp4player.com
5.149.248.80
51.254.44.192
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
8303ed6d0330feb5b806e73cb254c526bc22b50d09a78ab0d531a456782bba87
d0840d606b9976a6e11a51bcc6dc77de2e6131152a2d32dd00cc048f3822ae90