1002-nomini.com Open in urlscan Pro
94.242.228.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cl.nomini345.com/r/z7baryj0b
Effective URL:
https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e
Submission: On December 18 via manual (December 18th 2024, 2:24:32 am UTC) from CO — Scanned from IL

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 94.242.228.52, located in Luxembourg and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is 1002-nomini.com.
TLS certificate: Issued by WE1 on November 18th 2024. Valid for: 3 months.

This is the only time 1002-nomini.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	192.165.55.11 192.165.55.11	51747 (INTERNETB...) (INTERNETBOLAGET Internet Vikings International AB)
1 5	94.242.228.52 94.242.228.52	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
3	104.17.206.106 104.17.206.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3

2 192.165.55.11 (Chicago, United States) 2 redirects

ASN51747 (INTERNETBOLAGET Internet Vikings International AB, SE)

cl.nomini345.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 94.242.228.52 (Luxembourg) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

1002-nomini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.206.106 (None, )

ASN13335 (CLOUDFLARENET, US)

joxi.imgsrcdata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	1002-nomini.com 1 redirects 1002-nomini.com	13 KB
3	imgsrcdata.com joxi.imgsrcdata.com	93 KB
2	nomini345.com 2 redirects cl.nomini345.com	889 B
7	3

	Domain	Requested by
5	1002-nomini.com	1 redirects 1002-nomini.com
3	joxi.imgsrcdata.com	1002-nomini.com
2	cl.nomini345.com	2 redirects
7	3

This site contains no links.

Subject Issuer	Validity	Valid
1002-nomini.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
imgsrcdata.com WE1	`2024-12-07` - `2025-03-07`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e
Frame ID: 42105A966355856628E695F67D255B90
Requests: 6 HTTP requests in this frame

Frame: https://1002-nomini.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 2D52B30E4EDC8F1A92FA6D7AA92A8487
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cl.nomini345.com/r/z7baryj0b HTTP 307
https://cl.nomini345.com/r/z7baryj0b HTTP 307
http://cl.nomini345.com/r/z7baryj0b HTTP 301
https://cl.nomini345.com/r/z7baryj0b HTTP 302
https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e Page URL

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

105 kB
Transfer

137 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cl.nomini345.com/r/z7baryj0b HTTP 307
https://cl.nomini345.com/r/z7baryj0b HTTP 307
http://cl.nomini345.com/r/z7baryj0b HTTP 301
https://cl.nomini345.com/r/z7baryj0b HTTP 302
https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://1002-nomini.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://1002-nomini.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

7 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

Primary Request / Show response
1002-nomini.com/
Redirect Chain

http://cl.nomini345.com/r/z7baryj0b
https://cl.nomini345.com/r/z7baryj0b
http://cl.nomini345.com/r/z7baryj0b
https://cl.nomini345.com/r/z7baryj0b
https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e

10 KB
4 KB

1454ms
368ms

Document
text/html

94.242.228.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.228.52 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec148dd5646e121cd39e7b97e1ebcc6aba8eb8758d6a64646c70c74e17db0580

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8f3bb1f2c99e7d9b-TLV
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 18 Dec 2024 02:24:10 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Language: he-IL
Content-Length: 0
Date: Wed, 18 Dec 2024 02:24:07 GMT
Expires: 0
Location: https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e#deposit
Permissions-Policy: geolocation=(), microphone=()
Pragma: no-cache
Referrer-Policy: same-origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
X-Xss-Protection: 1; mode=block

GET
H3

200

main.js Show response
1002-nomini.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 2D52
Redirect Chain

https://1002-nomini.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://1002-nomini.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

8 KB
4 KB

86ms
85ms

Script
application/javascript

94.242.228.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://1002-nomini.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

Requested by

Host: 1002-nomini.com
URL: https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e

Protocol

Server

94.242.228.52 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f840790ddfd0ec2623de0e560de046f41896eb5ad6d30efd95420de019db76a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8f3bb1febc757d95-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 02:24:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
cf-ray: 8f3bb1fd2e1c7d9b-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 18 Dec 2024 02:24:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca93ea737537e6398f99b01f19098041c492f116b1e58f0b3cdbd3f6a67e8799

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 403.svg
joxi.imgsrcdata.com/nomini/ 19 KB
5 KB 448ms
169ms Image
image/svg+xml 104.17.206.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joxi.imgsrcdata.com/nomini/403.svg
Requested by: Host: 1002-nomini.com
URL: https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.206.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48b71b26ff7c25c26e91790c350f834f69949e1ff2b60d59fd9829e24a6bb2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1002-nomini.com/

Response headers

cache-control: max-age=1209600
content-encoding: gzip
cf-cache-status: HIT
etag: W/"645debf6-4b3f"
cf-ray: 8f3bb1fef893c22c-TLV
expires: Sun, 29 Dec 2024 13:49:08 GMT
date: Wed, 18 Dec 2024 02:24:12 GMT
content-type: image/svg+xml
last-modified: Fri, 12 May 2023 07:34:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Inter-Black.woff2
joxi.imgsrcdata.com/nomini/fonts/ 43 KB
43 KB 442ms
169ms Font
application/octet-stream 104.17.206.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joxi.imgsrcdata.com/nomini/fonts/Inter-Black.woff2
Requested by: Host: 1002-nomini.com
URL: https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.206.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be2fa8e6743e407e7dd40b3edfd1009f6021417eaa135b70bdf19f54546b0e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1002-nomini.com
Referer: https://1002-nomini.com/

Response headers

cf-cache-status: HIT
etag: "645debf6-abd8"
cf-ray: 8f3bb1fefc9ac227-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43992
date: Wed, 18 Dec 2024 02:24:12 GMT
content-type: application/octet-stream
last-modified: Fri, 12 May 2023 07:34:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Inter-Medium.woff2
joxi.imgsrcdata.com/nomini/fonts/ 44 KB
44 KB 590ms
318ms Font
application/octet-stream 104.17.206.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joxi.imgsrcdata.com/nomini/fonts/Inter-Medium.woff2
Requested by: Host: 1002-nomini.com
URL: https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.206.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7805de7019f359187011dc80a9a78e635c22f1e34d0835f4c5187e39f1261cb6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1002-nomini.com
Referer: https://1002-nomini.com/

Response headers

cf-cache-status: HIT
etag: "645debf6-b068"
cf-ray: 8f3bb1fefc99c227-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45160
date: Wed, 18 Dec 2024 02:24:12 GMT
content-type: application/octet-stream
last-modified: Fri, 12 May 2023 07:34:14 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 200 8f3bb1f2c99e7d9b Show response
1002-nomini.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 2D52 0
700 B 110ms
84ms XHR
text/plain 94.242.228.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://1002-nomini.com/cdn-cgi/challenge-platform/h/b/jsd/r/8f3bb1f2c99e7d9b
Requested by: Host: 1002-nomini.com
URL: https://1002-nomini.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.228.52 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8f3bb203cf1b7d95-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Wed, 18 Dec 2024 02:24:13 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 403 favicon.ico
1002-nomini.com/ 9 KB
4 KB 142ms
142ms Other
text/html 94.242.228.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://1002-nomini.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.228.52 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bec939f1e21744281b0804e89d34ab2554e8641640b5e495fac207c702b2733

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e

Response headers

content-encoding: br
cf-ray: 8f3bb20858cb7d95-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 02:24:14 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| is403page string| visitorRegion

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.1002-nomini.com/	1970-01-21 01:48:10	Name: __cf_bm Value: nORP9xCUz2UkwMFQNPiAg9xFSz6Inicv.C1AYsNjl2w-1734488650-1.0.1.1-D3rdmYHGXVKY_uexBwy8m8.jCUU3Yhd5b0lX_4oyKmZ.ex.2YTiSVR0_sU8SXH5vQqzbF2le2_T8pfgsuvpGVQ
			.1002-nomini.com/	1970-01-21 10:33:44	Name: cf_clearance Value: cai5ngGnbVwD3U4hVDXIRqVC4MwhOLmlxeMV6DpUOZ4-1734488653-1.2.1.1-oTapz4QXP3FGS5.EiSL_3GuWcSa3O43Vb2uLjNZW7H8ELt3QIaHnOENm9PCi5XBVElB16CXXhPpM8JDEJUphm09SYCcyX0nuol2xJjjlU04FjQ_3U90apwzm4bvRPD.BJsgTcEG9FySbbHIhn.hVLaBYyxqNo0MznTNtYWAPfTmq.F2SbByoptLDUHJy52vi7lho_fev3.7Gz0trVVOL4NPOszr5Azln2c3Zpo5PGikVNaTW9fzTwfDnOGz5tfQYMP0hsG_r5.aQXnugxhZMov8kJVQN70VzxO7CvtWKkI77sMa.w87FbpV344bHZf4QkIteswiVIJgkA5Pkajf.taTh6kYGcEnL9wiZH9tsSL7vq7R.GgsKeEAQwYSirveF

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://1002-nomini.com/?c_uh=7edfde4e071706830289cb1e96cbcd45befec7f290751cca0e0a3a89f227d62e#deposit Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://1002-nomini.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1002-nomini.com
cl.nomini345.com
joxi.imgsrcdata.com
104.17.206.106
192.165.55.11
94.242.228.52
0bec939f1e21744281b0804e89d34ab2554e8641640b5e495fac207c702b2733
7805de7019f359187011dc80a9a78e635c22f1e34d0835f4c5187e39f1261cb6
8be2fa8e6743e407e7dd40b3edfd1009f6021417eaa135b70bdf19f54546b0e1
b48b71b26ff7c25c26e91790c350f834f69949e1ff2b60d59fd9829e24a6bb2b
ca93ea737537e6398f99b01f19098041c492f116b1e58f0b3cdbd3f6a67e8799
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec148dd5646e121cd39e7b97e1ebcc6aba8eb8758d6a64646c70c74e17db0580
f840790ddfd0ec2623de0e560de046f41896eb5ad6d30efd95420de019db76a1

1002-nomini.com Open in urlscan Pro 94.242.228.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

105 kBTransfer

137 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

1002-nomini.com Open in urlscan Pro
94.242.228.52 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

105 kB
Transfer

137 kB
Size

2
Cookies

7 HTTP transactions
1 data transactions