app.nostra.finance Open in urlscan Pro
199.36.158.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.wwwjxc88.nostratrack.xyz/
Effective URL:
https://app.nostra.finance/points
Submission: On June 05 via automatic, source certstream-suspicious (June 5th 2024, 7:24:18 pm UTC) — Scanned from DE

Summary HTTP 17 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 7 domains to perform 17 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is app.nostra.finance.
TLS certificate: Issued by GTS CA 1D4 on April 11th 2024. Valid for: 3 months.

This is the only time app.nostra.finance was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	190.115.18.109 190.115.18.109	59692 (IQWEB) (IQWEB)
4	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	18.189.126.175 18.189.126.175	16509 (AMAZON-02) (AMAZON-02)
5	3.18.245.15 3.18.245.15	16509 (AMAZON-02) (AMAZON-02)
1	18.203.107.43 18.203.107.43	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	5.39.72.91 5.39.72.91	16276 (OVH) (OVH)
17	7

1 190.115.18.109 (Belize) 1 redirects

ASN59692 (IQWEB, AE)

www.wwwjxc88.nostratrack.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

app.nostra.finance	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.189.126.175 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-126-175.us-east-2.compute.amazonaws.com

rpc.nostra.finance	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.18.245.15 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-245-15.us-east-2.compute.amazonaws.com

us-east-2.aws.data.mongodb-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.107.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-107-43.eu-west-1.compute.amazonaws.com

starknet.api.avnu.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.39.72.91 (France)

ASN16276 (OVH, FR)
PTR: ns3006422.ip-5-39-72.eu

api.starknet.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	nostra.finance app.nostra.finance rpc.nostra.finance	951 KB
5	mongodb-api.com us-east-2.aws.data.mongodb-api.com	2 KB
2	starknet.id api.starknet.id	685 B
1	gstatic.com fonts.gstatic.com	30 KB
1	avnu.fi starknet.api.avnu.fi	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	843 B
1	nostratrack.xyz 1 redirects www.wwwjxc88.nostratrack.xyz	246 B
17	7

	Domain	Requested by
5	us-east-2.aws.data.mongodb-api.com	app.nostra.finance
4	app.nostra.finance	app.nostra.finance
3	rpc.nostra.finance	app.nostra.finance
2	api.starknet.id	app.nostra.finance
1	fonts.gstatic.com	fonts.googleapis.com
1	starknet.api.avnu.fi	app.nostra.finance
1	fonts.googleapis.com	app.nostra.finance
1	www.wwwjxc88.nostratrack.xyz	1 redirects
17	8

This site contains links to these domains. Also see Links.

Domain
nostra.finance
discord.gg
twitter.com
docs.nostra.finance

Subject Issuer	Validity	Valid
alpha.nostra.finance GTS CA 1D4	`2024-04-11` - `2024-07-10`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
rpc.nostra.finance R3	`2024-04-26` - `2024-07-25`	3 months	crt.sh
data.mongodb-api.com R3	`2024-05-12` - `2024-08-10`	3 months	crt.sh
starknet.api.avnu.fi Amazon RSA 2048 M02	`2024-04-09` - `2025-05-09`	a year	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
api.starknet.id R3	`2024-04-18` - `2024-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app.nostra.finance/points
Frame ID: 1BFAF18A1D57EA6CCA2FDA0A42EF0CBA
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nostra - Lend, borrow, swap, and bridge your crypto on Starknet

Page URL History Show full URLs

https://www.wwwjxc88.nostratrack.xyz/ HTTP 302
https://app.nostra.finance/points Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

7
IPs

5
Countries

989 kB
Transfer

2728 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://nostra.finance/terms
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://nostra.finance/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://discord.gg/nostrafinance

Search URL Search Domain Scan URL

URL: https://twitter.com/nostrafinance

Search URL Search Domain Scan URL

URL: https://docs.nostra.finance/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.wwwjxc88.nostratrack.xyz/ HTTP 302
https://app.nostra.finance/points Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request points Show response
app.nostra.finance/
Redirect Chain

https://www.wwwjxc88.nostratrack.xyz/
https://app.nostra.finance/points

2 KB
903 B

159ms
41ms

Document
text/html

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.nostra.finance/points

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f9fe50a3829b42301332e6a5f2b33e05f594418c2902c81fb639933a009b5689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 555
content-type: text/html; charset=utf-8
date: Wed, 05 Jun 2024 19:24:12 GMT
etag: "31ece86df52379d1d137a783a959edd28940f910532ea46b9006c9de5376fe35-br"
last-modified: Wed, 05 Jun 2024 10:04:05 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220069-FRA
x-timer: S1717615452.352452,VS0,VE1

Redirect headers

cache-control: no-store
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Wed, 05 Jun 2024 19:24:11 GMT
location: https://app.nostra.finance/points
server: ddos-guard
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 917 B
843 B 164ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Instrument+Sans:wght@400..700&display=swap

Requested by

Host: app.nostra.finance
URL: https://app.nostra.finance/points

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5b0d952cf28e9ae12762cc74aeac7b26145c1fe1166e59a8e4125f7c420c2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.nostra.finance/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Jun 2024 19:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 19:24:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Jun 2024 19:24:12 GMT

GET
H2 200 index-B6V2J_o5.js Show response
app.nostra.finance/assets/ 3 MB
937 KB 49ms
48ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.nostra.finance/assets/index-B6V2J_o5.js

Requested by

Host: app.nostra.finance
URL: https://app.nostra.finance/points

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6168d71e411b46b24a02dd4aea839690ac726177ce072bb224e3a5ca1e472271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.nostra.finance/points
Origin: https://app.nostra.finance
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220069-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Wed, 05 Jun 2024 19:24:12 GMT
last-modified: Wed, 05 Jun 2024 10:04:05 GMT
x-timer: S1717615452.427336,VS0,VE3
etag: "316e7c0faa7ab0a5056bfd6ec45e9e42da064547dcc4601d1c8eaa48a861ba49-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 959252
x-cache-hits: 1

GET
H2 200 index-DM_iJHTD.css
app.nostra.finance/assets/ 103 KB
11 KB 42ms
41ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.nostra.finance/assets/index-DM_iJHTD.css

Requested by

Host: app.nostra.finance
URL: https://app.nostra.finance/points

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

773d468a2d90a2b2f05d3b0d441fa4904186f4819e3598716c68e25a1c4b23fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.nostra.finance/points
Origin: https://app.nostra.finance
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220069-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Wed, 05 Jun 2024 19:24:12 GMT
last-modified: Wed, 05 Jun 2024 10:04:05 GMT
x-timer: S1717615452.427361,VS0,VE1
etag: "12a3f8d3b80cfc2cdd06f24313b07c908d4dc78e0c09b63f4f9ce90793a8ed58-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10890
x-cache-hits: 0

OPTIONS
H/1.1 204
No Content /
rpc.nostra.finance/ 0
0 406ms
132ms Preflight 18.189.126.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rpc.nostra.finance/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.189.126.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-126-175.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.nostra.finance
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Connection: keep-alive
Date: Wed, 05 Jun 2024 19:24:13 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 204 find
us-east-2.aws.data.mongodb-api.com/app/data-yqlpb/endpoint/data/v1/action/ 0
0 564ms
130ms Preflight 3.18.245.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://us-east-2.aws.data.mongodb-api.com/app/data-yqlpb/endpoint/data/v1/action/find

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.18.245.15 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-245-15.us-east-2.compute.amazonaws.com

Software

mdbws /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.nostra.finance
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://app.nostra.finance
content-encoding: gzip
date: Wed, 05 Jun 2024 19:24:13 GMT
server: mdbws
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-appservices-request-id: 6660bb5d58a40e293223373c
x-frame-options: DENY
x-xgen-up-proto: HTTP/2

POST
H/1.1 200
OK / Show response
rpc.nostra.finance/ 138 B
348 B 155ms
155ms Fetch
application/json 18.189.126.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rpc.nostra.finance/
Requested by: Host: app.nostra.finance
URL: https://app.nostra.finance/assets/index-B6V2J_o5.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.189.126.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-126-175.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 23d0fde44d626515c87f0056eebc49ac8669a0eceaa891f79ee25094df32b6c9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app.nostra.finance/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 Jun 2024 19:24:13 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 138
Vary: Origin
Content-Type: application/json

POST
H2 200 find Show response
us-east-2.aws.data.mongodb-api.com/app/data-yqlpb/endpoint/data/v1/action/ 7 KB
1 KB 377ms
377ms XHR
application/json 3.18.245.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://us-east-2.aws.data.mongodb-api.com/app/data-yqlpb/endpoint/data/v1/action/find

Requested by

Host: app.nostra.finance
URL: https://app.nostra.finance/assets/index-B6V2J_o5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.18.245.15 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-245-15.us-east-2.compute.amazonaws.com

Software

mdbws /

Resource Hash

7eef30e3a753cfd6c887ed588358d377f5a15a12a8354d8cd7abae53206a3685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.nostra.finance/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
date: Wed, 05 Jun 2024 19:24:13 GMT
server: mdbws
x-appservices-request-id: 6660bb5d39bd5fec48bac690
vary: Origin
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://app.nostra.finance
access-control-expose-headers: X-Stitch-Location, X-Baas-Location, Location
access-control-allow-credentials: true
x-xgen-up-proto: HTTP/2
content-length: 1274

GET
H3 200 favicon.svg
app.nostra.finance/ 271 B
521 B 38ms
38ms Other
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.nostra.finance/favicon.svg

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70efe259c555260e8f1ec20f3b1d8738ea4b7ba7383e656c7aec22da58c1fe8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.nostra.finance/points
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220068-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Wed, 05 Jun 2024 19:24:12 GMT
last-modified: Wed, 05 Jun 2024 10:04:05 GMT
x-timer: S1717615453.960806,VS0,VE1
etag: "3c37d217c7e288f22351b43e47dcc26f6228a4e209d078357e9155e4b74dff55-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 203
x-cache-hits: 0

OPTIONS
H2 204 findOne
us-east-2.aws.data.mongodb-api.com/app/data-yqlpb/endpoint/data/v1/action/ 0
0 562ms
131ms Preflight 3.18.245.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://us-east-2.aws.data.mongodb-api.com/app/data-yqlpb/endpoint/data/v1/action/findOne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.18.245.15 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-245-15.us-east-2.compute.amazonaws.com

Software

mdbws /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.nostra.finance
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://app.nostra.finance
content-encoding: gzip
date: Wed, 05 Jun 2024 19:24:13 GMT
server: mdbws
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-appservices-request-id: 6660bb5d8ba4e8042cff11cd
x-frame-options: DENY
x-xgen-up-proto: HTTP/2

POST
H2 200 findOne Show response
us-east-2.aws.data.mongodb-api.com/app/data-yqlpb/endpoint/data/v1/action/ 165 B
312 B 173ms
172ms XHR
application/json 3.18.245.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://us-east-2.aws.data.mongodb-api.com/app/data-yqlpb/endpoint/data/v1/action/findOne

Requested by

Host: app.nostra.finance
URL: https://app.nostra.finance/assets/index-B6V2J_o5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.18.245.15 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-245-15.us-east-2.compute.amazonaws.com

Software

mdbws /

Resource Hash

881e65331c6fd4b934a5a34438d5e001d719f283546e7359f64c21ba7eafff04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.nostra.finance/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
date: Wed, 05 Jun 2024 19:24:13 GMT
server: mdbws
x-appservices-request-id: 6660bb5dacdb42a1325bf476
vary: Origin
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://app.nostra.finance
access-control-expose-headers: X-Stitch-Location, X-Baas-Location, Location
access-control-allow-credentials: true
x-xgen-up-proto: HTTP/2
content-length: 147

GET
H2 200 tokens Show response
starknet.api.avnu.fi/swap/v1/ 5 KB
5 KB 197ms
61ms Fetch
application/json 18.203.107.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starknet.api.avnu.fi/swap/v1/tokens?
Requested by: Host: app.nostra.finance
URL: https://app.nostra.finance/assets/index-B6V2J_o5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.107.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-107-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 05e9dec73d019a33f1d8bee7e3110c19889301f0142877b0dd19b542f6f46ba2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.nostra.finance/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 05 Jun 2024 19:24:13 GMT
access-control-expose-headers: *
content-length: 4779
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 pxiTypc9vsFDm051Uf6KVwgkfoSxQ0GsQv8ToedPibnr0SZe1Q.woff2
fonts.gstatic.com/s/instrumentsans/v1/ 29 KB
30 KB 132ms
42ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/instrumentsans/v1/pxiTypc9vsFDm051Uf6KVwgkfoSxQ0GsQv8ToedPibnr0SZe1Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Instrument+Sans:wght@400..700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a50d6683916c714be16096899c4fd900ebe7ef7da0c6928a625fd90f2669619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://app.nostra.finance
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 14:45:34 GMT
x-content-type-options: nosniff
age: 535119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30044
x-xss-protection: 0
last-modified: Mon, 08 May 2023 22:56:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 May 2025 14:45:34 GMT

POST
H2 200 find Show response
us-east-2.aws.data.mongodb-api.com/app/data-yqlpb/endpoint/data/v1/action/ 651 B
334 B 174ms
170ms XHR
application/json 3.18.245.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://us-east-2.aws.data.mongodb-api.com/app/data-yqlpb/endpoint/data/v1/action/find

Requested by

Host: app.nostra.finance
URL: https://app.nostra.finance/assets/index-B6V2J_o5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.18.245.15 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-245-15.us-east-2.compute.amazonaws.com

Software

mdbws /

Resource Hash

428a8a5e99c739e6f42f51f60be4eaaf5124f27844b8fc692ee5f69a471a3411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.nostra.finance/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
date: Wed, 05 Jun 2024 19:24:13 GMT
server: mdbws
x-appservices-request-id: 6660bb5d27c5e887aed6ff7e
vary: Origin
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://app.nostra.finance
access-control-expose-headers: X-Stitch-Location, X-Baas-Location, Location
access-control-allow-credentials: true
x-xgen-up-proto: HTTP/2
content-length: 270

POST
H/1.1 200
OK / Show response
rpc.nostra.finance/ 391 B
601 B 912ms
912ms Fetch
application/json 18.189.126.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rpc.nostra.finance/
Requested by: Host: app.nostra.finance
URL: https://app.nostra.finance/assets/index-B6V2J_o5.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.189.126.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-126-175.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cfaab2523f6003c1b250ba05728a3d93913ce7779d1ca12f6e06709849b172ca

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app.nostra.finance/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 Jun 2024 19:24:14 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 391
Vary: Origin
Content-Type: application/json

POST
H2 200 addrs_to_domains Show response
api.starknet.id/ 525 B
685 B 85ms
85ms XHR
application/json 5.39.72.91
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.starknet.id/addrs_to_domains
Requested by: Host: app.nostra.finance
URL: https://app.nostra.finance/assets/index-B6V2J_o5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.39.72.91 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3006422.ip-5-39-72.eu
Software: openresty /
Resource Hash: 375bc0038b226e864ecd20973dacb82001ba5a23385627b3d9cd38730427822e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.nostra.finance/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 05 Jun 2024 19:24:15 GMT
server: openresty
content-length: 525
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json

OPTIONS
H2 200 addrs_to_domains
api.starknet.id/ 0
0 222ms
54ms Preflight 5.39.72.91
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.starknet.id/addrs_to_domains
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.39.72.91 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3006422.ip-5-39-72.eu
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.nostra.finance
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
allow: POST
content-length: 0
date: Wed, 05 Jun 2024 19:24:15 GMT
server: openresty
vary: origin access-control-request-method access-control-request-headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion object| __svelte

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nostratrack.xyz/	1970-01-21 05:52:31	Name: __ddg1_ Value: anh6MI7VI03Bn4uDu3p6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.starknet.id
app.nostra.finance
fonts.googleapis.com
fonts.gstatic.com
rpc.nostra.finance
starknet.api.avnu.fi
us-east-2.aws.data.mongodb-api.com
www.wwwjxc88.nostratrack.xyz
18.189.126.175
18.203.107.43
190.115.18.109
199.36.158.100
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
3.18.245.15
5.39.72.91
05e9dec73d019a33f1d8bee7e3110c19889301f0142877b0dd19b542f6f46ba2
23d0fde44d626515c87f0056eebc49ac8669a0eceaa891f79ee25094df32b6c9
375bc0038b226e864ecd20973dacb82001ba5a23385627b3d9cd38730427822e
428a8a5e99c739e6f42f51f60be4eaaf5124f27844b8fc692ee5f69a471a3411
5a50d6683916c714be16096899c4fd900ebe7ef7da0c6928a625fd90f2669619
6168d71e411b46b24a02dd4aea839690ac726177ce072bb224e3a5ca1e472271
70efe259c555260e8f1ec20f3b1d8738ea4b7ba7383e656c7aec22da58c1fe8a
773d468a2d90a2b2f05d3b0d441fa4904186f4819e3598716c68e25a1c4b23fc
7eef30e3a753cfd6c887ed588358d377f5a15a12a8354d8cd7abae53206a3685
881e65331c6fd4b934a5a34438d5e001d719f283546e7359f64c21ba7eafff04
a5b0d952cf28e9ae12762cc74aeac7b26145c1fe1166e59a8e4125f7c420c2e7
cfaab2523f6003c1b250ba05728a3d93913ce7779d1ca12f6e06709849b172ca
f9fe50a3829b42301332e6a5f2b33e05f594418c2902c81fb639933a009b5689

app.nostra.finance Open in urlscan Pro 199.36.158.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

25 %IPv6

7 Domains

8 Subdomains

7 IPs

5 Countries

989 kBTransfer

2728 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

app.nostra.finance Open in urlscan Pro
199.36.158.100 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

7
IPs

5
Countries

989 kB
Transfer

2728 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions