tqnqt.tunnelbuilder.top
Open in
urlscan Pro
172.67.206.228
Public Scan
Effective URL: https://tqnqt.tunnelbuilder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&hash=EmWEb1AqNevwC5KKYoaQsg&exp=1686849623
Submission Tags: falconsandbox
Submission: On June 15 via api from US — Scanned from SG
Summary
TLS certificate: Issued by E1 on May 25th 2023. Valid for: 3 months.
This is the only time tqnqt.tunnelbuilder.top was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 184.168.102.96 184.168.102.96 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 | 91.238.104.193 91.238.104.193 | 50321 (BYTES-AS) (BYTES-AS) | |
1 4 | 2.59.222.113 2.59.222.113 | 209155 (ONEHOSTPL...) (ONEHOSTPLANET) | |
1 3 | 134.209.192.77 134.209.192.77 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 1 | 104.21.22.161 104.21.22.161 | () () | |
1 | 172.67.206.228 172.67.206.228 | () () | |
18 | 6 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 96.102.168.184.host.secureserver.net
morgenhealthcare.in |
ASN209155 (ONEHOSTPLANET, CZ)
block.descriptionscripts.com | |
fire.descriptionscripts.com |
ASN14061 (DIGITALOCEAN-ASN, US)
desirebluestock.com | |
0.desirebluestock.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
descriptionscripts.com
1 redirects
block.descriptionscripts.com fire.descriptionscripts.com Failed |
4 KB |
3 |
desirebluestock.com
desirebluestock.com Failed 0.desirebluestock.com |
70 KB |
2 |
morgenhealthcare.in
1 redirects
morgenhealthcare.in |
1 KB |
1 |
tunnelbuilder.top
tqnqt.tunnelbuilder.top |
|
1 |
rigelbetelgeuse.top
1 redirects
tqnqt.rigelbetelgeuse.top |
689 B |
1 |
clickandanalytics.com
click.clickandanalytics.com |
648 B |
0 |
js2json.com
Failed
js2json.com Failed |
|
0 |
streampsh.top
Failed
js.streampsh.top Failed |
|
18 | 8 |
Domain | Requested by | |
---|---|---|
2 | 0.desirebluestock.com |
1 redirects
morgenhealthcare.in
|
2 | fire.descriptionscripts.com |
block.descriptionscripts.com
|
2 | block.descriptionscripts.com |
morgenhealthcare.in
block.descriptionscripts.com |
2 | morgenhealthcare.in | 1 redirects |
1 | tqnqt.tunnelbuilder.top |
morgenhealthcare.in
tqnqt.tunnelbuilder.top |
1 | tqnqt.rigelbetelgeuse.top | 1 redirects |
1 | desirebluestock.com |
fire.descriptionscripts.com
|
1 | click.clickandanalytics.com |
morgenhealthcare.in
|
0 | js2json.com Failed |
tqnqt.tunnelbuilder.top
|
0 | js.streampsh.top Failed |
tqnqt.tunnelbuilder.top
|
18 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
morgenhealthcare.in Sectigo RSA Domain Validation Secure Server CA |
2022-11-07 - 2023-11-07 |
a year | crt.sh |
click.clickandanalytics.com R3 |
2023-05-21 - 2023-08-19 |
3 months | crt.sh |
block.descriptionscripts.com R3 |
2023-04-28 - 2023-07-27 |
3 months | crt.sh |
fire.descriptionscripts.com R3 |
2023-04-21 - 2023-07-20 |
3 months | crt.sh |
desirepurplestock.com R3 |
2023-05-11 - 2023-08-09 |
3 months | crt.sh |
tunnelbuilder.top E1 |
2023-05-25 - 2023-08-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://tqnqt.tunnelbuilder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&hash=EmWEb1AqNevwC5KKYoaQsg&exp=1686849623
Frame ID: 63A510B99267F11019EB0DB077CFCE32
Requests: 19 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://morgenhealthcare.in/qucu/?1
HTTP 302
https://morgenhealthcare.in/ Page URL
-
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463
HTTP 302
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463&kid=Taurus Page URL
- https://desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=lonely Page URL
- https://0.desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=lonely Page URL
-
https://0.desirebluestock.com/?auf=ga4gcnzrmu5diojygyxtqmbrgixtemzpge3dqnrygq4tgmrs&s=1&sub1=&sub2=lonely&...
HTTP 302
https://tqnqt.rigelbetelgeuse.top/?pl=jPYNfiJs70uLjptRAgGw_A HTTP 302
https://tqnqt.tunnelbuilder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&hash=EmWEb1AqNevwC5KKYoa... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://morgenhealthcare.in/qucu/?1
HTTP 302
https://morgenhealthcare.in/ Page URL
-
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463
HTTP 302
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463&kid=Taurus Page URL
- https://desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=lonely Page URL
- https://0.desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=lonely Page URL
-
https://0.desirebluestock.com/?auf=ga4gcnzrmu5diojygyxtqmbrgixtemzpge3dqnrygq4tgmrs&s=1&sub1=&sub2=lonely&sub3=&sub4=&cpc=0&cpm=0
HTTP 302
https://tqnqt.rigelbetelgeuse.top/?pl=jPYNfiJs70uLjptRAgGw_A HTTP 302
https://tqnqt.tunnelbuilder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&hash=EmWEb1AqNevwC5KKYoaQsg&exp=1686849623 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://morgenhealthcare.in/qucu/?1 HTTP 302
- https://morgenhealthcare.in/
- https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463 HTTP 302
- https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463&kid=Taurus
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
morgenhealthcare.in/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
take
click.clickandanalytics.com/ |
0 648 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
path.js
block.descriptionscripts.com/scripts/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
block.descriptionscripts.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
get.php
fire.descriptionscripts.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get.php
fire.descriptionscripts.com/ Redirect Chain
|
845 B 574 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
desirebluestock.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
desirebluestock.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
desirebluestock.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
desirebluestock.com/ |
18 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
0.desirebluestock.com/ |
52 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
tqnqt.tunnelbuilder.top/eyes-robot/ Redirect Chain
|
1 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
trls.js
tqnqt.tunnelbuilder.top/eyes-robot/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.css
tqnqt.tunnelbuilder.top/eyes-robot/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1.png
tqnqt.tunnelbuilder.top/eyes-robot/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2.png
tqnqt.tunnelbuilder.top/eyes-robot/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pl.js
js.streampsh.top/ps/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
script.js
js2json.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fire.descriptionscripts.com
- URL
- https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463
- Domain
- desirebluestock.com
- URL
- https://desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=lonely
- Domain
- desirebluestock.com
- URL
- https://desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=lonely
- Domain
- desirebluestock.com
- URL
- https://desirebluestock.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=lonely
- Domain
- tqnqt.tunnelbuilder.top
- URL
- https://tqnqt.tunnelbuilder.top/eyes-robot/assets/trls.js
- Domain
- tqnqt.tunnelbuilder.top
- URL
- https://tqnqt.tunnelbuilder.top/eyes-robot/assets/style.css
- Domain
- tqnqt.tunnelbuilder.top
- URL
- https://tqnqt.tunnelbuilder.top/eyes-robot/assets/1.png
- Domain
- tqnqt.tunnelbuilder.top
- URL
- https://tqnqt.tunnelbuilder.top/eyes-robot/assets/2.png
- Domain
- js.streampsh.top
- URL
- https://js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
- Domain
- js2json.com
- URL
- https://js2json.com/script.js
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
morgenhealthcare.in/ | Name: wpcurrentimes Value: 1 |
|
.desirebluestock.com/ | Name: uuid Value: 116c4814-31af-41b6-a438-700f50ad8554 |
|
.0.desirebluestock.com/ | Name: uuid Value: 116c4814-31af-41b6-a438-700f50ad8554 |
|
0.desirebluestock.com/ | Name: uuid Value: 116c4814-31af-41b6-a438-700f50ad8554 |
|
.0.desirebluestock.com/ | Name: ccid Value: %5B170878%5D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0.desirebluestock.com
block.descriptionscripts.com
click.clickandanalytics.com
desirebluestock.com
fire.descriptionscripts.com
js.streampsh.top
js2json.com
morgenhealthcare.in
tqnqt.rigelbetelgeuse.top
tqnqt.tunnelbuilder.top
desirebluestock.com
fire.descriptionscripts.com
js.streampsh.top
js2json.com
tqnqt.tunnelbuilder.top
104.21.22.161
134.209.192.77
172.67.206.228
184.168.102.96
2.59.222.113
91.238.104.193
427bb9a7938a54dce4ce088f2650e3eea2ed7ceb3cbe104077cd3b805a1fdede
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
73a3195d9570ffc6ab9d2488eb93144017f76a0c6e8d5afd66f16035a068db47
d3e3c47c12024d5bf483b959525d54593fc31b39867b46745f8c3fc96d88c9b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eff63dd9d5f2c70ea92afa0ff631be1c254e46a1b85a917ab27967a6efbfa48d