urlscan.io logo urlscan.io
SecurityTrails logo

irugu.ningutengo.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://m.bolo2vas24.click/c/n/239191/0.41760086470356295
Effective URL: https://irugu.ningutengo.com/rc/736006a179?affclick=24J28065014A035679028631gRFfu&pubid=35679
Submission: On October 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 6 domains to perform 5 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is irugu.ningutengo.com.
TLS certificate: Issued by WE1 on September 26th 2024. Valid for: 3 months.
This is the only time irugu.ningutengo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 45.79.65.158 63949 (AKAMAI-LI...)
1 1 162.242.198.222 27357 (RACKSPACE)
2 68.183.246.137 14061 (DIGITALOC...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
5 4
2    45.79.65.158 (Fremont, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 45-79-65-158.ip.linodeusercontent.com
m.bolo2vas24.click
1    162.242.198.222 (United States)

ASN27357 (RACKSPACE, US)
go.doblevialatam.com
2    68.183.246.137 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)
c.adup.app
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
irugu.ningutengo.com
1    2606:4700:3034::6815:1362 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
Apex Domain
Subdomains		 Transfer
2 adup.app
c.adup.app
4 KB
2 bolo2vas24.click
m.bolo2vas24.click
638 B
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 504493
1 KB
1 ningutengo.com
irugu.ningutengo.com
1 KB
1 doblevialatam.com
go.doblevialatam.com
256 B
0 linksprf.com Failed
r.linksprf.com — Cisco Umbrella Rank: 155135 Failed
5 6
Domain Requested by
2 c.adup.app c.adup.app
2 m.bolo2vas24.click 2 redirects
1 cdn.addlnk.com irugu.ningutengo.com
1 irugu.ningutengo.com c.adup.app
1 go.doblevialatam.com 1 redirects
0 r.linksprf.com Failed irugu.ningutengo.com
5 6

This site contains links to these domains. Also see Links.

Domain
track.serveonsite.com
Subject Issuer Validity Valid
adup.app
E5		 2024-09-30 -
2024-12-29		 3 months crt.sh
ningutengo.com
WE1		 2024-09-26 -
2024-12-25		 3 months crt.sh
addlnk.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh

This page contains 1 frames:

Frame: https://r.linksprf.com/v2/go?t=et.pl%3Ae%2Fowu.-wtn..woF%2F%25w2lAc%25.thh%3Fpim%3Dc0s2l%26tdr1m3l6%3D%26tlec8r0f5%3D2070f0f05684d2b6b7f21e9174-3aa0200b00b0020aa3%264l1cer2f7%3D6729416f0b0b0d08%3D5cfaf870251498d%260wbr8v4344f051a3d25e5636e1k1i1c35216939f88f939612535151d1a656fe424381b004d39v124e8k%26ixcr6g4a4o%3Dsiy8e2.2od%26m%3Dptppk3i%25cFa2mwcw1aipaawtwt%2Fisetdh&e=1&ai=81a32dcf21d643ce8cc92b507794bbc0&sct=0&ct=1730078480019&cu=2e667621e1114332a6230f08b90901a5&sr=1&cs=9d2944e16605b9fa02a6973f0ed9b9b6
Frame ID: FECC0006B154E8E2E0A5A83576B972ED
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading....

Page URL History Show full URLs

  1. http://m.bolo2vas24.click/c/n/239191/0.41760086470356295 HTTP 307
    https://m.bolo2vas24.click/c/n/239191/0.41760086470356295 HTTP 302
    https://m.bolo2vas24.click/c/c/159/145?__m2888__=1&sc=239191_0&__ot__=0 HTTP 302
    https://go.doblevialatam.com/1659727137?aff_source=145_239191_0&aff_token=ca39d58a8ed14e92911cb0cffc1fb974 HTTP 307
    https://c.adup.app/35679?token=b92bae3040c1ffc7bfbed7c2&subid=0001-6cdb4ef0e2 Page URL
  2. https://irugu.ningutengo.com/rc/736006a179?affclick=24J28065014A035679028631gRFfu&pubid=35679 Page URL

Page Statistics

5
Requests

80 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

4
IPs

4
Countries

6 kB
Transfer

6 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://m.bolo2vas24.click/c/n/239191/0.41760086470356295 HTTP 307
    https://m.bolo2vas24.click/c/n/239191/0.41760086470356295 HTTP 302
    https://m.bolo2vas24.click/c/c/159/145?__m2888__=1&sc=239191_0&__ot__=0 HTTP 302
    https://go.doblevialatam.com/1659727137?aff_source=145_239191_0&aff_token=ca39d58a8ed14e92911cb0cffc1fb974 HTTP 307
    https://c.adup.app/35679?token=b92bae3040c1ffc7bfbed7c2&subid=0001-6cdb4ef0e2 Page URL
  2. https://irugu.ningutengo.com/rc/736006a179?affclick=24J28065014A035679028631gRFfu&pubid=35679 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://m.bolo2vas24.click/c/n/239191/0.41760086470356295 HTTP 307
  • https://m.bolo2vas24.click/c/n/239191/0.41760086470356295 HTTP 302
  • https://m.bolo2vas24.click/c/c/159/145?__m2888__=1&sc=239191_0&__ot__=0 HTTP 302
  • https://go.doblevialatam.com/1659727137?aff_source=145_239191_0&aff_token=ca39d58a8ed14e92911cb0cffc1fb974 HTTP 307
  • https://c.adup.app/35679?token=b92bae3040c1ffc7bfbed7c2&subid=0001-6cdb4ef0e2
Request Chain 3
  • https://track.serveonsite.com/sl?id=653a6c25a95dd971064a9566&pid=930&sub1=pubfa1b397ec8cf489192e7c0be63e030cc&sub2=f0fc7601_35679 HTTP 302
  • https://t2.autumnoceanwhispers.com/l.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=671ee70c7d7b510001e446ca&s=930_f0fc7601_35679 HTTP 302
  • https://go.splashandsunshine.com/redirect?feed=488122&url=https%3A%2F%2Fwww.gamblingnews.xyz%2F&subid=930_f0fc7601_35679.de.linux.chrome&query=&pub_clickid=671ee70dc6e9387eb81ee871&default_url=https%3A%2F%2Ft1.hightid.com%2Fr.php%3Fp%3Dc%3As_8942pgf_9qrwlx0%26d%3D653c9411464a4419c012ddb2%26s%3D%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D HTTP 302
  • https://desalzo.com/07229fc2-0b6e-4090-960d-5454ea0dc936?banner=6652144&pubfeed=568190&siteid=488122&cost=0.00012&conversion=QRTLa3sp5o0 HTTP 302
  • https://atropias.com/info/?info=https://r.linksprf.com/v1/redirect?type=linkId&id=913eaa5856d34671b21c33672c4c45ac&api_key=f131d306519d357cfa7ccd0e5d186f64&site_id=5759d1af5bfb4d4885bf0fd792154088&dch=feed&ad_t=advertiser HTTP 302
  • https://r.linksprf.com/v1/redirect?type=linkId&id=913eaa5856d34671b21c33672c4c45ac&api_key=f131d306519d357cfa7ccd0e5d186f64&site_id=5759d1af5bfb4d4885bf0fd792154088&dch=feed&ad_t=advertiser HTTP 302
  • https://r.linksprf.com/v2/go?t=et.pl%3Ae%2Fowu.-wtn..woF%2F%25w2lAc%25.thh%3Fpim%3Dc0s2l%26tdr1m3l6%3D%26tlec8r0f5%3D2070f0f05684d2b6b7f21e9174-3aa0200b00b0020aa3%264l1cer2f7%3D6729416f0b0b0d08%3D5cfaf870251498d%260wbr8v4344f051a3d25e5636e1k1i1c35216939f88f939612535151d1a656fe424381b004d39v124e8k%26ixcr6g4a4o%3Dsiy8e2.2od%26m%3Dptppk3i%25cFa2mwcw1aipaawtwt%2Fisetdh&e=1&ai=81a32dcf21d643ce8cc92b507794bbc0&sct=0&ct=1730078480019&cu=2e667621e1114332a6230f08b90901a5&sr=1&cs=9d2944e16605b9fa02a6973f0ed9b9b6

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
35679
c.adup.app/
Redirect Chain
  • http://m.bolo2vas24.click/c/n/239191/0.41760086470356295
  • https://m.bolo2vas24.click/c/n/239191/0.41760086470356295
  • https://m.bolo2vas24.click/c/c/159/145?__m2888__=1&sc=239191_0&__ot__=0
  • https://go.doblevialatam.com/1659727137?aff_source=145_239191_0&aff_token=ca39d58a8ed14e92911cb0cffc1fb974
  • https://c.adup.app/35679?token=b92bae3040c1ffc7bfbed7c2&subid=0001-6cdb4ef0e2
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adup.app/35679?token=b92bae3040c1ffc7bfbed7c2&subid=0001-6cdb4ef0e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.183.246.137 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
e890a54d6a1615baeb941896458feec1453c92ec20878caf18811acf61230964

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-length
3820
content-type
text/html; charset=utf-8
date
Mon, 28 Oct 2024 01:20:14 GMT
etag
W/"eec-ZeLzbEQOpIHM1jjYOtmOUmQOiwY"
expires
0
pragma
no-cache
surrogate-control
no-store
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 28 Oct 2024 01:21:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://c.adup.app/35679?token=b92bae3040c1ffc7bfbed7c2&subid=0001-6cdb4ef0e2
pragma
no-cache
server
nginx/1.12.2
x-powered-by
PHP/7.3.17
24J28065014A035679028631gRFfu
c.adup.app/c/ 		1 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adup.app/c/24J28065014A035679028631gRFfu
Requested by
Host: c.adup.app
URL: https://c.adup.app/35679?token=b92bae3040c1ffc7bfbed7c2&subid=0001-6cdb4ef0e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.183.246.137 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://c.adup.app/35679?token=b92bae3040c1ffc7bfbed7c2&subid=0001-6cdb4ef0e2

Response headers

surrogate-control
no-store
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
etag
W/"1-NWoZK3kTsExUV00Ywo1G5jlUKKs"
expires
0
content-length
1
date
Mon, 28 Oct 2024 01:21:16 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
vary
Accept-Encoding
Primary Request 736006a179
irugu.ningutengo.com/rc/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://irugu.ningutengo.com/rc/736006a179?affclick=24J28065014A035679028631gRFfu&pubid=35679
Requested by
Host: c.adup.app
URL: https://c.adup.app/35679?token=b92bae3040c1ffc7bfbed7c2&subid=0001-6cdb4ef0e2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4866b9480229c3b18d75060e7a233a3ff3c8236c5735825f534437febf43cfa

Request headers

Referer
https://c.adup.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d971babee1d3a7a-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 28 Oct 2024 01:21:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4ZHn17%2FIJZBkiVpSz%2FgqkIEBQ4QrtPW3%2FfzYeGOYxdJ8rbiOstoVrMDoLDJ14gRUjUr9BioLopwfoqqX5kyt%2Bx1YMqxoDA8Et1JOwoVkoZcBF0%2BnwkZSxdL3E9fGdjL9D1WTxGZpK3UjfUK3DahOmDQiw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=34120&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4212&recv_bytes=4533&delivery_rate=523&cwnd=12000&unsent_bytes=0&cid=83d1742f6fcbafdf&ts=248&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: irugu.ningutengo.com
URL: https://irugu.ningutengo.com/rc/736006a179?affclick=24J28065014A035679028631gRFfu&pubid=35679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
age
4281
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ArsGMm7u1PWpXmCXpY%2FOkRc5vWjg3p2mOd%2B9kNGgOJIs14YmmdWYB7UU2ClHoGDVs2BW2Xnq1ul2v%2BDyipBCXUNPwzywTG5j0wgKyL9CkPOcL5jwZ11Vtl8Kq%2Fg0D%2BYJiWVH8zPkTdBHcWmzDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=32387&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3992&recv_bytes=2202&delivery_rate=131035&cwnd=252&unsent_bytes=0&cid=2ba87a0122d59056&ts=62&x=0"
date
Mon, 28 Oct 2024 01:21:16 GMT
content-type
text/css
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
vary
Accept-Encoding
x-amz-id-2
SayS+jVTfEcNCIODT3BtZmcYqfJzGO/PiOXuzS6Ct9tWx4JkT2nz8HaUSt1NyW7E7vdW0PiulHU=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2EK1H535N85XZZ90
cf-ray
8d971baddd8c1b36-FRA
server
cloudflare
go
r.linksprf.com/v2/
Redirect Chain
  • https://track.serveonsite.com/sl?id=653a6c25a95dd971064a9566&pid=930&sub1=pubfa1b397ec8cf489192e7c0be63e030cc&sub2=f0fc7601_35679
  • https://t2.autumnoceanwhispers.com/l.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=671ee70c7d7b510001e446ca&s=930_f0fc7601_35679
  • https://go.splashandsunshine.com/redirect?feed=488122&url=https%3A%2F%2Fwww.gamblingnews.xyz%2F&subid=930_f0fc7601_35679.de.linux.chrome&query=&pub_clickid=671ee70dc6e9387eb81ee871&default_url=http...
  • https://desalzo.com/07229fc2-0b6e-4090-960d-5454ea0dc936?banner=6652144&pubfeed=568190&siteid=488122&cost=0.00012&conversion=QRTLa3sp5o0
  • https://atropias.com/info/?info=https://r.linksprf.com/v1/redirect?type=linkId&id=913eaa5856d34671b21c33672c4c45ac&api_key=f131d306519d357cfa7ccd0e5d186f64&site_id=5759d1af5bfb4d4885bf0fd792154088&...
  • https://r.linksprf.com/v1/redirect?type=linkId&id=913eaa5856d34671b21c33672c4c45ac&api_key=f131d306519d357cfa7ccd0e5d186f64&site_id=5759d1af5bfb4d4885bf0fd792154088&dch=feed&ad_t=advertiser
  • https://r.linksprf.com/v2/go?t=et.pl%3Ae%2Fowu.-wtn..woF%2F%25w2lAc%25.thh%3Fpim%3Dc0s2l%26tdr1m3l6%3D%26tlec8r0f5%3D2070f0f05684d2b6b7f21e9174-3aa0200b00b0020aa3%264l1cer2f7%3D6729416f0b0b0d08%3D5...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
r.linksprf.com
URL
https://r.linksprf.com/v2/go?t=et.pl%3Ae%2Fowu.-wtn..woF%2F%25w2lAc%25.thh%3Fpim%3Dc0s2l%26tdr1m3l6%3D%26tlec8r0f5%3D2070f0f05684d2b6b7f21e9174-3aa0200b00b0020aa3%264l1cer2f7%3D6729416f0b0b0d08%3D5cfaf870251498d%260wbr8v4344f051a3d25e5636e1k1i1c35216939f88f939612535151d1a656fe424381b004d39v124e8k%26ixcr6g4a4o%3Dsiy8e2.2od%26m%3Dptppk3i%25cFa2mwcw1aipaawtwt%2Fisetdh&e=1&ai=81a32dcf21d643ce8cc92b507794bbc0&sct=0&ct=1730078480019&cu=2e667621e1114332a6230f08b90901a5&sr=1&cs=9d2944e16605b9fa02a6973f0ed9b9b6

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Domain/Path Name / Value
.bolo2vas24.click/ Name: uk
Value: b1ea1a89a906445890e4fc2f23646a80
go.doblevialatam.com/ Name: PHPSESSID
Value: ivv1s5rmov8c84h5bbpijcc1sa
track.serveonsite.com/ Name: afclick
Value: 671ee70c7d7b510001e446ca
.desalzo.com/ Name: 07229fc2-0b6e-4090-960d-5454ea0dc936-v4
Value: cfDKEqb1_XA_p-sVLaU81gcTwWqUp--sRjdGc7n27ko
.desalzo.com/ Name: cc-v4
Value: Ul2pOrOWZEbcvLDqaDDcNZYDkaPjk5CPZuKM8uC3xyhYS4Ppi7rziD7iHqsGSpiB%2BcCW%2FZYTtn69E1KC%2BKZ5huSIVpvtIYkRIv7vEVDpi9%2BpxLXWTTiwB8q3gqTbXISR5ptwU%2FfrfSe27%2B6v5ttRqw%3D%3D
.linksprf.com/ Name: ykuid
Value: 9d8419f886744e85900cee403abfea5b
r.linksprf.com/ Name: JSESSIONID
Value: 3EEFA9DD77243BE972506A74C293A7CC

1 Console Messages

Source Level URL
Text
rendering error URL: https://c.adup.app/35679?token=b92bae3040c1ffc7bfbed7c2&subid=0001-6cdb4ef0e2(Line 1)
Message:
Failed to set referrer policy: The value 'no-referer' is not one of 'always', 'default', 'never', 'origin-when-crossorigin', 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.