nomedigasadios.ga
Open in
urlscan Pro
66.198.240.39
Malicious Activity!
Public Scan
Effective URL: http://nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/
Submission: On September 01 via manual from IT
Summary
This is the only time nomedigasadios.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer) Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 66.198.240.39 66.198.240.39 | 55293 (A2HOSTING) (A2HOSTING) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0c::9c | 15169 (GOOGLE) (GOOGLE) | |
1 | 23.21.42.216 23.21.42.216 | 14618 (AMAZON-AES) (AMAZON-AES) | |
21 | 9 |
ASN55293 (A2HOSTING, US)
PTR: a2ss50.a2hosting.com
nomedigasadios.ga |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-42-216.compute-1.amazonaws.com
api.ipify.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
nomedigasadios.ga
nomedigasadios.ga |
320 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
1 |
ipify.org
api.ipify.org |
255 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
84 B |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
35 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
21 | 8 |
Domain | Requested by | |
---|---|---|
14 | nomedigasadios.ga |
nomedigasadios.ga
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
1 | api.ipify.org |
ajax.googleapis.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | ajax.googleapis.com |
nomedigasadios.ga
|
1 | code.jquery.com |
nomedigasadios.ga
|
1 | www.googletagmanager.com |
nomedigasadios.ga
|
0 | truncated Failed |
nomedigasadios.ga
|
21 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.ipify.org COMODO RSA Domain Validation Secure Server CA |
2018-01-24 - 2021-01-23 |
3 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/
Frame ID: A81EE3984FB27A0EFD28E239A71B3735
Requests: 21 HTTP requests in this frame
Frame:
http://nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/Shfdfd.mp3
Frame ID: ACCA7E0FEBC3DEF98B5E2AFE85303066
Requests: 2 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
146 KB 82 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
119 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alert.css
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
87 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.js
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft.png
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
def.gif
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
166 KB 166 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
x.png
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
628 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.js
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 65 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 84 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.ipify.org/ |
22 B 255 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
truncated
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
239 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Funk.ogg
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
0 0 |
Media
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
err.mp3
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
96 KB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Shfdfd.mp3
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ |
16 KB 16 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Shfdfd.mp3
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ Frame ACCA |
0 0 |
Document
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Shfdfd.mp3
nomedigasadios.ga/win9090_jp1088.nbf/TChsfsdfjdsfjdsfjVXRD/ Frame ACCA |
16 KB 16 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- truncated
- URL
- data:truncated
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer) Generic (Online)44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| gtag object| dataLayer function| getURLParameter string| gourl object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| move function| pop function| PopIt function| UnPopIt object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery function| formatAMPM string| stroka function| toggleFullScreen number| idleTime function| timerIncrement boolean| is_chrome undefined| isChromium string| vendorName boolean| isOpera function| alertCall function| alertTimed function| alertLoop function| addEvent function| ajay function| openMultipleTabs function| poponload string| link_redirect undefined| ignoreHashChange object| msgAudioEl number| playMsgInt function| nocontextmenu function| norightclick function| reloadIFrame object| modal object| btn object| span0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api.ipify.org
code.jquery.com
nomedigasadios.ga
stats.g.doubleclick.net
truncated
www.google-analytics.com
www.googletagmanager.com
truncated
2001:4de0:ac19::1:b:3b
23.21.42.216
2a00:1450:4001:800::200e
2a00:1450:4001:801::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:81f::2008
2a00:1450:400c:c0c::9c
66.198.240.39
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2
5c8450e11602890fa79b9e1ba51e93305115192651b9da05b32a6cb0aaacd65c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
80cbc41c1a530eeb197217238124801000ff39d1ce583d1d5ebd497a061cc350
81517d473bbb65d5a67afb5e702995a50315864a8c9f579520004f126ed51ed7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8e1bd621116d93b8f13fe931d69575e4570bc2e455b5c26591837f0f77e7b397
a4b2b465b45b670914e799ffc44f0a237e59b0a8957b20c7c95f77bc81212b6b
a57f01ab5541bd32ac17e515c89539811c4ccc254180897b0bec4f97b1c07fe0
abbb8724a9c69848de604e65aad7a5f6ae3fd7ef2c071b84b41b9cabfabbf2a4
b3a3a1066a9857409123d91b75148a0f6b0e2c1abfa53da652a1828b9105450c
b42923fc9518ea2d25e5cca6ed7c42edb8f0cc616be2a91af980627913af142a
bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af