URL: https://turtle.nigga.hair/
Submission: On November 21 via api from US — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 5.75.156.180, located in Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is turtle.nigga.hair.
TLS certificate: Issued by R11 on November 20th 2024. Valid for: 3 months.
This is the only time turtle.nigga.hair was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 5.75.156.180 24940 (HETZNER-A...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2
Apex Domain
Subdomains
Transfer
3 nigga.hair
turtle.nigga.hair
5 KB
2 solanatracker.io
data.solanatracker.io
4 KB
5 2
Domain Requested by
3 turtle.nigga.hair turtle.nigga.hair
2 data.solanatracker.io turtle.nigga.hair
5 2

This site contains no links.

Subject Issuer Validity Valid
turtle.nigga.hair
R11
2024-11-20 -
2025-02-18
3 months crt.sh
solanatracker.io
WE1
2024-10-25 -
2025-01-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://turtle.nigga.hair/
Frame ID: CD329EFE883C8A03B8A6A0F4618039BC
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Solana Balance Tracker

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

9 kB
Transfer

25 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
turtle.nigga.hair/
7 KB
2 KB
Document
General
Full URL
https://turtle.nigga.hair/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.156.180 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.180.156.75.5.clients.your-server.de
Software
nginx/1.27.2 /
Resource Hash
b6c7528da55bccea93f681f86793469f8249713cf97db6d5f9c70a226daa7d72

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
zstd
content-length
1979
content-type
text/html
date
Thu, 21 Nov 2024 06:49:15 GMT
etag
"673e5b32-1a5f"
last-modified
Wed, 20 Nov 2024 21:57:06 GMT
server
nginx/1.27.2
vary
Accept-Encoding
balance-service.js
turtle.nigga.hair/
2 KB
804 B
Script
General
Full URL
https://turtle.nigga.hair/balance-service.js
Requested by
Host: turtle.nigga.hair
URL: https://turtle.nigga.hair/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.156.180 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.180.156.75.5.clients.your-server.de
Software
nginx/1.27.2 /
Resource Hash
8611d64b33d69c8311bc436b6480fb8a178a3261a3d9f7647517824f2140a22d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://turtle.nigga.hair
Referer
https://turtle.nigga.hair/

Response headers

content-encoding
zstd
etag
"673e5b32-92e"
accept-ranges
bytes
content-length
743
date
Thu, 21 Nov 2024 06:49:15 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 21:57:06 GMT
server
nginx/1.27.2
vary
Accept-Encoding
Eh9gqdQGux4dKqsx7hSF1mfLQuffVSyfhQtq3wNJ5pgK
data.solanatracker.io/wallet/
10 KB
4 KB
Fetch
General
Full URL
https://data.solanatracker.io/wallet/Eh9gqdQGux4dKqsx7hSF1mfLQuffVSyfhQtq3wNJ5pgK
Requested by
Host: turtle.nigga.hair
URL: https://turtle.nigga.hair/balance-service.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:743 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b599b36710ff471699c20efc18051337f3f9f0002a299678a73f3bc85f24b11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-api-key
5fac7313-3f05-4a73-923b-7e5de8422001
Referer
https://turtle.nigga.hair/

Response headers

access-control-expose-headers
host, connection, accept-encoding, user-agent, accept, origin, sec-fetch-mode, sec-fetch-dest, referer, accept-language, x-forwarded-for, cf-ray, x-forwarded-proto, cf-visitor, x-api-key, sec-fetch-site, priority, cf-connecting-ip, cdn-loop, cf-ipcountry
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U3eObzo3JxOj7MGrIHVrftttHFJORd4b2zhZ3zR6sV1pfqJobJNgmq3fBgYEHiSEAT2JYWh1OhQQJ8uKl0Fc3UFah2eHDJtVplBWVxNVS6N15oER6LvE1x%2Fd2CfkvC8XWbEiLiMWAwy9ZD4ZWO81TEYyNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5ebd22ab6ed2f3-FRA
access-control-allow-origin
https://turtle.nigga.hair
server-timing
cfL4;desc="?proto=TCP&rtt=37270&sent=9&recv=12&lost=0&retrans=0&sent_bytes=4924&recv_bytes=2505&delivery_rate=104991&cwnd=255&unsent_bytes=0&cid=6a5e83cf6d20e6a8&ts=439&x=0"
date
Thu, 21 Nov 2024 06:49:16 GMT
content-type
application/json;charset=utf-8
vary
*
server
cloudflare
access-control-allow-headers
host, connection, accept-encoding, user-agent, accept, origin, sec-fetch-mode, sec-fetch-dest, referer, accept-language, x-forwarded-for, cf-ray, x-forwarded-proto, cf-visitor, x-api-key, sec-fetch-site, priority, cf-connecting-ip, cdn-loop, cf-ipcountry
Eh9gqdQGux4dKqsx7hSF1mfLQuffVSyfhQtq3wNJ5pgK
data.solanatracker.io/wallet/
0
0
Preflight
General
Full URL
https://data.solanatracker.io/wallet/Eh9gqdQGux4dKqsx7hSF1mfLQuffVSyfhQtq3wNJ5pgK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:743 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://turtle.nigga.hair
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-api-key
access-control-allow-methods
GET
access-control-allow-origin
https://turtle.nigga.hair
access-control-expose-headers
host,connection,accept-encoding,accept,access-control-request-method,access-control-request-headers,origin,user-agent,sec-fetch-mode,sec-fetch-dest,referer,accept-language,x-forwarded-for,cf-ray,x-forwarded-proto,cf-visitor,sec-fetch-site,priority,cf-connecting-ip,cdn-loop,cf-ipcountry
access-control-max-age
5
cf-cache-status
DYNAMIC
cf-ray
8e5ebd223a86d2f3-FRA
content-length
0
date
Thu, 21 Nov 2024 06:49:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ih3qKqdNRgIxel%2F5CXyTNV%2F%2FvK31pyNw%2FtxzM%2F0Eibdw2vsuhMQnldWSuVOOBNryzPxXLlsnePA6622tBzf93%2FXXev9B1sanNxF3PcbXN2cTVt01QM3%2BJfKuhQAUeczEy1nCeoVMLc%2F7uZleuKFTu4weyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=37065&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4017&recv_bytes=2346&delivery_rate=104991&cwnd=253&unsent_bytes=0&cid=6a5e83cf6d20e6a8&ts=73&x=0"
vary
*
favicon.ico
turtle.nigga.hair/
7 KB
2 KB
Other
General
Full URL
https://turtle.nigga.hair/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.156.180 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.180.156.75.5.clients.your-server.de
Software
nginx/1.27.2 /
Resource Hash
b6c7528da55bccea93f681f86793469f8249713cf97db6d5f9c70a226daa7d72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://turtle.nigga.hair/

Response headers

content-encoding
zstd
etag
"673e5b32-1a5f"
accept-ranges
bytes
content-length
1979
date
Thu, 21 Nov 2024 06:49:15 GMT
content-type
text/html
last-modified
Wed, 20 Nov 2024 21:57:06 GMT
server
nginx/1.27.2
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| changeWallet function| setStartBalance function| setManualPNL function| resetPNL

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

data.solanatracker.io
turtle.nigga.hair
2606:4700:20::681a:743
5.75.156.180
4b599b36710ff471699c20efc18051337f3f9f0002a299678a73f3bc85f24b11
8611d64b33d69c8311bc436b6480fb8a178a3261a3d9f7647517824f2140a22d
b6c7528da55bccea93f681f86793469f8249713cf97db6d5f9c70a226daa7d72