urlscan.io logo urlscan.io
SecurityTrails logo

nstz05.cc Open in urlscan Pro
212.24.127.129  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nsml01.cc/
Effective URL: https://nstz05.cc/
Submission: On December 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 212.24.127.129, located in and belongs to . The main domain is nstz05.cc.
TLS certificate: Issued by R3 on December 18th 2023. Valid for: 3 months.
This is the only time nstz05.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 212.24.127.19 3223 (VOXILITY)
2 185.213.240.143 3223 (VOXILITY)
1 212.24.127.129 ()
3 2
Apex Domain
Subdomains		 Transfer
3 nsml01.cc
nsml01.cc
7 KB
1 nstz05.cc
nstz05.cc
3 2
Domain Requested by
3 nsml01.cc 1 redirects nsml01.cc
1 nstz05.cc nsml01.cc
3 2

This site contains no links.

Subject Issuer Validity Valid
nsml01.cc
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
nstz05.cc
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nstz05.cc/
Frame ID: DE7B15DB2F2F57EABC377A3E6E601F5C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://nsml01.cc/ HTTP 301
    https://nsml01.cc/ Page URL
  2. https://nstz05.cc/ Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

6 kB
Transfer

23 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nsml01.cc/ HTTP 301
    https://nsml01.cc/ Page URL
  2. https://nstz05.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://nsml01.cc/ HTTP 301
  • https://nsml01.cc/

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nsml01.cc/
Redirect Chain
  • http://nsml01.cc/
  • https://nsml01.cc/
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nsml01.cc/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.213.240.143 Frankfurt (Oder), Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
**** /
Resource Hash
473a7d6e2ba6fa3136cf0fa149af20db096384d69acf26a31e7ef0e72e95f03d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 18 Dec 2023 16:18:39 GMT
ETag
W/"65800dcf-2933"
Last-Modified
Mon, 18 Dec 2023 09:15:59 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
BYPASS
X-Request-Id
6fa56b892e3e77d3415750c7d4dfa390
server
****

Redirect headers

Connection
keep-alive
Content-Length
160
Content-Type
text/html
Date
Mon, 18 Dec 2023 16:18:38 GMT
Location
https://nsml01.cc:443/
X-Request-Id
5020a1965fe50731a467b1e3a9f586f9
server
****
tj.js
nsml01.cc/static/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsml01.cc/static/js/tj.js
Requested by
Host: nsml01.cc
URL: https://nsml01.cc/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.213.240.143 Frankfurt (Oder), Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
**** /
Resource Hash
b61c9a8c26bf3239602125ae89b5d0b6f8b801a976534e062e9d9432c2d28be9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nsml01.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 16:18:39 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Sep 2023 03:49:04 GMT
server
****
ETag
W/"64f2b0b0-cd3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
EXPIRED
Cache-Control
max-age=1800
Connection
keep-alive
X-Request-Id
608726a3c694b6bbfaed1ecef85eaee9
Expires
Tue, 19 Dec 2023 04:18:39 GMT
Primary Request /
nstz05.cc/ 		9 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://nstz05.cc/
Requested by
Host: nsml01.cc
URL: https://nsml01.cc/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.129 -, , ASN (),
Reverse DNS
Software
**** /
Resource Hash

Request headers

Referer
https://nsml01.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 18 Dec 2023 16:18:43 GMT
ETag
W/"65800de7-2588"
Last-Modified
Mon, 18 Dec 2023 09:16:23 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
BYPASS
X-Request-Id
a3702d1bdf272bd124c6edaea0481257
server
****

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

2 Cookies

Domain/Path Name / Value
nsml01.cc/ Name: session_sslproxy_server
Value: 40ea6c3f-a1a6-40dab1abe535a006247df02b773210e367d6
nsml01.cc/ Name: _CLTJ_faa4
Value: DZe2TzjmBT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nsml01.cc
nstz05.cc
185.213.240.143
212.24.127.129
212.24.127.19
473a7d6e2ba6fa3136cf0fa149af20db096384d69acf26a31e7ef0e72e95f03d
b61c9a8c26bf3239602125ae89b5d0b6f8b801a976534e062e9d9432c2d28be9