trk39.onnur.xyz - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 2606:4700:3039::681f:860b, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk39.onnur.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2020. Valid for: a year.

This is the only time trk39.onnur.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:8523	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3039::681f:860b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	1

1 2606:4700:3031::ac43:8523 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bretterichardson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3039::681f:860b (United States)

ASN13335 (CLOUDFLARENET, US)

trk39.onnur.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	onnur.xyz trk39.onnur.xyz	11 KB
1	bretterichardson.com 1 redirects bretterichardson.com	662 B
2	2

	Domain	Requested by
2	trk39.onnur.xyz	trk39.onnur.xyz
1	bretterichardson.com	1 redirects
2	2

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-27` - `2021-06-27`	a year	crt.sh

This page contains 1 frames:

Frame: https://trk39.onnur.xyz/l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&iclick_id=b6c53a4162fda29825d7ed5e8e5a11de_1599510516&code=26Y3VvBDU6P0A9OjpDQEZGQUMRhYV3Fn.GGI9-jR1PVB.JhYMkVVYAcW53BVFvdX2BKoNEQ21FRBGGdnwWFoCPGktRTE0eiIgiU1VUVQBieQQ1OzY3CGpyDD0-Pj8QhYwUQUZIRxh7j4SAHh6Ci4YjVCSIa2QDMwR0eHV8CgqBenEPVn.AeX95NV.Fe0cag4.DgSCUk5eIJItybgNpZXF5bAh.awxZfIh4fH1zQklDRjdAZnt.hYuSjpOJXUNtk3RmbiNRZmknV1wqYyw.Pm5BRXFIPTVXh4iFf3KBf2mIlFBXVltTMzciK09NWlRUNSp3dXhzL1d2dX6DPjZagIuJiIFMVlJOUVBXVVUzLzg0JFhnbWl7czpBQEU9Q0cSdIoWThd8hhtTHH5SUiFRUlRUVTABYzc4BjY3CHxwDDw9Pj8Qd3gUREZGF3uBfhxMHYSLliKIhJCYZQFla3EGNzg5CXZ5cw4-P0BBEoaIh30YSUpLTE1OTh.PlIWTmSYAcXRnd3poCDo5Oj48Pj5GEHaIf4IWSUoYi3.BHR2QgYOEI1RUVzUyMzg3BWl1fHkLC4N7exAQiHl-ihZGF3t9gRxNTk9QUVJTVFRVMDIzNDU1Nzg5Ojs8PT4-QEFCQ0RFRkZISUpLTE1OT1BRUlJUVVYxMjM0NTY3ODk6Ozw9Pj5AEHR7iBVGR0hJSktMTU5PUFFSUlRVVTExMzQ1NjcHf35.DIM7Z0VmZ02KQodKhYaHiFaTS4pTjo.QkV.cLnU4eD98NExTdkJhDHh6fXcSd4FBamkXio2OHEwdioCPIiKLkJgBMQJxeAY3ODg6Ozw8Pj4Ph3UTREVGeEkYfIyTHR2RgoQiVFckmHBlAzU4BWp3ego7C3pwchBJP0gTgYmGGElO&_tdf=18
Frame ID: AAEE6071D6788F066EBBDCD670CD92C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bretterichardson.com/l/26997435f4616f161c90?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_... HTTP 302
https://trk39.onnur.xyz/l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_29... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

2
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

11 kB
Transfer

36 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bretterichardson.com/l/26997435f4616f161c90?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&iclick_id=b6c53a4162fda29825d7ed5e8e5a11de_1599510516 HTTP 302
https://trk39.onnur.xyz/l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&iclick_id=b6c53a4162fda29825d7ed5e8e5a11de_1599510516 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 26997435f4616f161c90.js Show response trk39.onnur.xyz/l/ Redirect Chain https://bretterichardson.com/l/26997435f4616f161c90?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_... https://trk39.onnur.xyz/l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12...	36 KB 11 KB	32ms 12ms	Document text/html	2606:4700:3039::681f:860b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk39.onnur.xyz/l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&iclick_id=b6c53a4162fda29825d7ed5e8e5a11de_1599510516 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3039::681f:860b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a` Request headers :method GET :authority trk39.onnur.xyz :scheme https :path /l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&iclick_id=b6c53a4162fda29825d7ed5e8e5a11de_1599510516 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Mon, 07 Sep 2020 20:34:09 GMT content-type text/html set-cookie __cfduid=d1ac19627ca7be6837a009fbd6e7933e91599510849; expires=Wed, 07-Oct-20 20:34:09 GMT; path=/; domain=.onnur.xyz; HttpOnly; SameSite=Lax last-modified Tue, 20 Aug 2019 14:25:20 GMT expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 cf-cache-status HIT age 16429 cf-request-id 050bdfc1010000324c7f259200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 5cf3357b3a60324c-FRA content-encoding br Redirect headers status 302 date Mon, 07 Sep 2020 20:34:09 GMT cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Thu, 01 Jan 1970 00:00:01 GMT location https://trk39.onnur.xyz/l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&iclick_id=b6c53a4162fda29825d7ed5e8e5a11de_1599510516 cf-request-id 050bdfc0d70000dfa5ad0f9200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" set-cookie __cf_bm=e8cc01074f49aaccba449988b171282eff028e2d-1599510849-1800-AYLs45YDS/xS8PVnso8soGd/20ZEBsttwU7dXdnaDRysTCU8fbqcBHHFgmDLEEN65ZeERhbvIQuksN4Ae+z6mOo=; path=/; expires=Mon, 07-Sep-20 21:04:09 GMT; domain=.bretterichardson.com; HttpOnly; Secure; SameSite=None vary Accept-Encoding server cloudflare cf-ray 5cf3357af96edfa5-FRA
GET H2	204	26997435f4616f161c90.js trk39.onnur.xyz/l/	0 0	32ms 32ms	Document text/plain	2606:4700:3039::681f:860b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk39.onnur.xyz/l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&iclick_id=b6c53a4162fda29825d7ed5e8e5a11de_1599510516&code=26Y3VvBDU6P0A9OjpDQEZGQUMRhYV3Fn.GGI9-jR1PVB.JhYMkVVYAcW53BVFvdX2BKoNEQ21FRBGGdnwWFoCPGktRTE0eiIgiU1VUVQBieQQ1OzY3CGpyDD0-Pj8QhYwUQUZIRxh7j4SAHh6Ci4YjVCSIa2QDMwR0eHV8CgqBenEPVn.AeX95NV.Fe0cag4.DgSCUk5eIJItybgNpZXF5bAh.awxZfIh4fH1zQklDRjdAZnt.hYuSjpOJXUNtk3RmbiNRZmknV1wqYyw.Pm5BRXFIPTVXh4iFf3KBf2mIlFBXVltTMzciK09NWlRUNSp3dXhzL1d2dX6DPjZagIuJiIFMVlJOUVBXVVUzLzg0JFhnbWl7czpBQEU9Q0cSdIoWThd8hhtTHH5SUiFRUlRUVTABYzc4BjY3CHxwDDw9Pj8Qd3gUREZGF3uBfhxMHYSLliKIhJCYZQFla3EGNzg5CXZ5cw4-P0BBEoaIh30YSUpLTE1OTh.PlIWTmSYAcXRnd3poCDo5Oj48Pj5GEHaIf4IWSUoYi3.BHR2QgYOEI1RUVzUyMzg3BWl1fHkLC4N7exAQiHl-ihZGF3t9gRxNTk9QUVJTVFRVMDIzNDU1Nzg5Ojs8PT4-QEFCQ0RFRkZISUpLTE1OT1BRUlJUVVYxMjM0NTY3ODk6Ozw9Pj5AEHR7iBVGR0hJSktMTU5PUFFSUlRVVTExMzQ1NjcHf35.DIM7Z0VmZ02KQodKhYaHiFaTS4pTjo.QkV.cLnU4eD98NExTdkJhDHh6fXcSd4FBamkXio2OHEwdioCPIiKLkJgBMQJxeAY3ODg6Ozw8Pj4Ph3UTREVGeEkYfIyTHR2RgoQiVFckmHBlAzU4BWp3ego7C3pwchBJP0gTgYmGGElO&_tdf=18 Requested by Host: trk39.onnur.xyz URL: https://trk39.onnur.xyz/l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&iclick_id=b6c53a4162fda29825d7ed5e8e5a11de_1599510516 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3039::681f:860b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority trk39.onnur.xyz :scheme https :path /l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&iclick_id=b6c53a4162fda29825d7ed5e8e5a11de_1599510516&code=26Y3VvBDU6P0A9OjpDQEZGQUMRhYV3Fn.GGI9-jR1PVB.JhYMkVVYAcW53BVFvdX2BKoNEQ21FRBGGdnwWFoCPGktRTE0eiIgiU1VUVQBieQQ1OzY3CGpyDD0-Pj8QhYwUQUZIRxh7j4SAHh6Ci4YjVCSIa2QDMwR0eHV8CgqBenEPVn.AeX95NV.Fe0cag4.DgSCUk5eIJItybgNpZXF5bAh.awxZfIh4fH1zQklDRjdAZnt.hYuSjpOJXUNtk3RmbiNRZmknV1wqYyw.Pm5BRXFIPTVXh4iFf3KBf2mIlFBXVltTMzciK09NWlRUNSp3dXhzL1d2dX6DPjZagIuJiIFMVlJOUVBXVVUzLzg0JFhnbWl7czpBQEU9Q0cSdIoWThd8hhtTHH5SUiFRUlRUVTABYzc4BjY3CHxwDDw9Pj8Qd3gUREZGF3uBfhxMHYSLliKIhJCYZQFla3EGNzg5CXZ5cw4-P0BBEoaIh30YSUpLTE1OTh.PlIWTmSYAcXRnd3poCDo5Oj48Pj5GEHaIf4IWSUoYi3.BHR2QgYOEI1RUVzUyMzg3BWl1fHkLC4N7exAQiHl-ihZGF3t9gRxNTk9QUVJTVFRVMDIzNDU1Nzg5Ojs8PT4-QEFCQ0RFRkZISUpLTE1OT1BRUlJUVVYxMjM0NTY3ODk6Ozw9Pj5AEHR7iBVGR0hJSktMTU5PUFFSUlRVVTExMzQ1NjcHf35.DIM7Z0VmZ02KQodKhYaHiFaTS4pTjo.QkV.cLnU4eD98NExTdkJhDHh6fXcSd4FBamkXio2OHEwdioCPIiKLkJgBMQJxeAY3ODg6Ozw8Pj4Ph3UTREVGeEkYfIyTHR2RgoQiVFckmHBlAzU4BWp3ego7C3pwchBJP0gTgYmGGElO&_tdf=18 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://trk39.onnur.xyz/l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&iclick_id=b6c53a4162fda29825d7ed5e8e5a11de_1599510516 accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=d1ac19627ca7be6837a009fbd6e7933e91599510849 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://trk39.onnur.xyz/l/26997435f4616f161c90.js?sub=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&source=MTY4MzE3Lg==_3359_2960&isubid=b6c53a4162fda29825d7ed5e8e5a11de_1599510516_2960_12684&iclick_id=b6c53a4162fda29825d7ed5e8e5a11de_1599510516 Response headers status 204 date Mon, 07 Sep 2020 20:34:09 GMT set-cookie BSESSID=trk95836897-41d4-4e3f-be66-b72a98d2a251; Max-Age=63072000; Expires=Wed, 7 Sep 2022 20:34:09 GMT; Path=/ cf-cache-status DYNAMIC cf-request-id 050bdfc1340000324c7f25a200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5cf3357b8b29324c-FRA

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.onnur.xyz/	1970-01-19 13:01:42	Name: __cfduid Value: d1ac19627ca7be6837a009fbd6e7933e91599510849

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bretterichardson.com
trk39.onnur.xyz
2606:4700:3031::ac43:8523
2606:4700:3039::681f:860b
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

trk39.onnur.xyz Open in urlscan Pro 2606:4700:3039::681f:860b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

2 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

11 kBTransfer

36 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

Indicators

trk39.onnur.xyz Open in urlscan Pro
2606:4700:3039::681f:860b Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

11 kB
Transfer

36 kB
Size

1
Cookies

2 HTTP transactions
0 data transactions