urlscan.io logo urlscan.io
SecurityTrails logo

karkiritish.com.np Open in urlscan Pro
2606:4700:3037::ac43:9bec  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clck.ru/QGM3B
Effective URL: https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
Submission Tags: phishing malicious Search All
Submission: On August 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3037::ac43:9bec, located in United States and belongs to CLOUDFLARENET, US. The main domain is karkiritish.com.np.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 21st 2020. Valid for: a year.
This is the only time karkiritish.com.np was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2a02:6b8::221 13238 (YANDEX)
2 2 2a02:6b8::232 13238 (YANDEX)
1 1 180.76.163.89 38365 (BAIDU Bei...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
7 2
Apex Domain
Subdomains		 Transfer
6 karkiritish.com.np
karkiritish.com.np
26 KB
2 yandex.net
sba.yandex.net
766 B
2 clck.ru
clck.ru
984 B
1 ynqrqy.com
www.ynqrqy.com
341 B
7 4
Domain Requested by
6 karkiritish.com.np karkiritish.com.np
2 sba.yandex.net 2 redirects
2 clck.ru 2 redirects
1 www.ynqrqy.com 1 redirects
7 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-21 -
2021-06-21		 a year crt.sh

This page contains 1 frames:

Frame: https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note&__cf_chl_jschl_tk__=75003f653602172c76c44b9dfd5654db56e30e79-1597434084-0-AVkKN2kTrc0_EQADTRmxh6fQG_fAAAHtLZXlOf79_RRxYeMNbBGG7bKYDBMs5qW2mtZXJK7RZ-kPLr4s5HdAofGHxHNHAhwAimeXWSq1_o09DxO0JZbAUl_jYVpeSOg3UXhHrG6PP71l8DVAlg_n6PcYzGdAX36cjjhE98XQ-SjhsDOAF4PTbrwj3DCOozymTuYCuRKioOQCjl0CPvIio1hZ-jrvkjfTTkqnE9C-9r7Na4gbqQ-W5l3gskNUaxcglvXaAWXJf2_8yF2V1ytZUSrG5lcumchgGvIKAmNRahRV_Gzkrpkib5n5ykkuv1TneApEZK6x8DfoVISiLPY39FcSxCZz8OK6VPoTtrADl_tItzr3xSl8xleWnB5dX6sPW158cF-rMWRvqx6GkxwjpCI
Frame ID: 3DFCD7BE8629C305E9800D3A5F3F0AEB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clck.ru/QGM3B HTTP 302
    https://sba.yandex.net/redirect?url=http%3A%2F%2Fwww.ynqrqy.com%2Fys.asp%3Fys%3D1%26url%3D%2568%257... HTTP 302
    http://www.ynqrqy.com/ys.asp?ys=1&url=%68%74%74%70%73%3a%2f%2f%63%6c%63%6b%2e%72%75%2f%51%46%6f%55... HTTP 302
    https://clck.ru/QFoUM HTTP 302
    https://sba.yandex.net/redirect?url=https%3A%2F%2Fkarkiritish.com.np%2Fsites%2Fcnwst%2Foptions-gene... HTTP 302
    https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

7
Requests

86 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

26 kB
Transfer

65 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clck.ru/QGM3B HTTP 302
    https://sba.yandex.net/redirect?url=http%3A%2F%2Fwww.ynqrqy.com%2Fys.asp%3Fys%3D1%26url%3D%2568%2574%2574%2570%2573%253a%252f%252f%2563%256c%2563%256b%252e%2572%2575%252f%2551%2546%256f%2555%254d%26NID%3D%23zxbqkspqdzzdswkqrrq&client=clck&sign=3e4e432df5d77e9286fff7d48c532507 HTTP 302
    http://www.ynqrqy.com/ys.asp?ys=1&url=%68%74%74%70%73%3a%2f%2f%63%6c%63%6b%2e%72%75%2f%51%46%6f%55%4d&NID= HTTP 302
    https://clck.ru/QFoUM HTTP 302
    https://sba.yandex.net/redirect?url=https%3A%2F%2Fkarkiritish.com.np%2Fsites%2Fcnwst%2Foptions-general%2Fwish_list%2Fcountries.php%3Fgreatest%3Dfb1fywa012d5cw%26table%3Dam%26special%3Dnote&client=clck&sign=b2ab0c92ddf9a84aa0e96cee362710d3 HTTP 302
    https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request countries.php
karkiritish.com.np/sites/cnwst/options-general/wish_list/
Redirect Chain
  • https://clck.ru/QGM3B
  • https://sba.yandex.net/redirect?url=http%3A%2F%2Fwww.ynqrqy.com%2Fys.asp%3Fys%3D1%26url%3D%2568%2574%2574%2570%2573%253a%252f%252f%2563%256c%2563%256b%252e%2572%2575%252f%2551%2546%256f%2555%254d%2...
  • http://www.ynqrqy.com/ys.asp?ys=1&url=%68%74%74%70%73%3a%2f%2f%63%6c%63%6b%2e%72%75%2f%51%46%6f%55%4d&NID=
  • https://clck.ru/QFoUM
  • https://sba.yandex.net/redirect?url=https%3A%2F%2Fkarkiritish.com.np%2Fsites%2Fcnwst%2Foptions-general%2Fwish_list%2Fcountries.php%3Fgreatest%3Dfb1fywa012d5cw%26table%3Dam%26special%3Dnote&client=c...
  • https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5d48fb060c3426b779f29c1a8af0ebbd9b013f23389044f2336403d1aa39de1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
karkiritish.com.np
:scheme
https
:path
/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
503
date
Fri, 14 Aug 2020 19:41:24 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da794cbe9d6835e97a1d08c8afe08e6ec1597434084; expires=Sun, 13-Sep-20 19:41:24 GMT; path=/; domain=.karkiritish.com.np; HttpOnly; SameSite=Lax; Secure
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
049016d5b3000064d3d9b80200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5c2d2735ef9564d3-FRA

Redirect headers

Content-Length
471
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Aug 2020 19:41:24 GMT
Location
https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
Strict-Transport-Security
max-age=3600; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
v1
karkiritish.com.np/cdn-cgi/challenge-platform/orchestrate/jsch/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://karkiritish.com.np/cdn-cgi/challenge-platform/orchestrate/jsch/v1
Requested by
Host: karkiritish.com.np
URL: https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50bdad9cd4ccee04116d8a41805fd7d386a271b597cb9e459097e5542182d02a

Request headers

Referer
https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 19:41:24 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cf-ray
5c2d27361fa864d3-FRA
cf-request-id
049016d5ce000064d3d9b82200000001
transparent.gif
karkiritish.com.np/cdn-cgi/images/trace/jschal/js/nocookie/ 		42 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karkiritish.com.np/cdn-cgi/images/trace/jschal/js/nocookie/transparent.gif?ray=5c2d2735ef9564d3
Requested by
Host: karkiritish.com.np
URL: https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 19:41:24 GMT
last-modified
Wed, 12 Aug 2020 15:26:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f340a32-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5c2d27361fa964d3-FRA
content-length
42
cf-request-id
049016d5cf000064d3d9b83200000001
expires
Fri, 14 Aug 2020 21:41:24 GMT
transparent.gif
karkiritish.com.np/cdn-cgi/images/trace/jschal/nojs/ 		42 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karkiritish.com.np/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=5c2d2735ef9564d3
Requested by
Host: karkiritish.com.np
URL: https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 19:41:24 GMT
last-modified
Wed, 12 Aug 2020 15:26:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f340a32-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5c2d27361fab64d3-FRA
content-length
42
cf-request-id
049016d5cf000064d3d9b84200000001
expires
Fri, 14 Aug 2020 21:41:24 GMT
3bba432840ec086
karkiritish.com.np/cdn-cgi/challenge-platform/generate/ov1/0.008763626870180712:1597431914:254aabec1a0f46b9130352303e25628b6a88e6f3b43242306645e3a7dc45ce78/5c2d2735ef9564d3/ 		23 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://karkiritish.com.np/cdn-cgi/challenge-platform/generate/ov1/0.008763626870180712:1597431914:254aabec1a0f46b9130352303e25628b6a88e6f3b43242306645e3a7dc45ce78/5c2d2735ef9564d3/3bba432840ec086
Requested by
Host: karkiritish.com.np
URL: https://karkiritish.com.np/cdn-cgi/challenge-platform/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a696a3aa3afb91a955775fa0184a1aad3ba306458b1e78bc2a210e10d4843c3

Request headers

Referer
https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
3bba432840ec086
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 14 Aug 2020 19:41:25 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5c2d2736b80564d3-FRA
cf-request-id
049016d630000064d3d9b8e200000001
truncated
/ 		160 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f054570f91ddc738845cc173f732b0a9ed0a0430338446ece5bbcf4cbdc83916

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
3bba432840ec086
karkiritish.com.np/cdn-cgi/challenge-platform/generate/ov1/0.008763626870180712:1597431914:254aabec1a0f46b9130352303e25628b6a88e6f3b43242306645e3a7dc45ce78/5c2d2735ef9564d3/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://karkiritish.com.np/cdn-cgi/challenge-platform/generate/ov1/0.008763626870180712:1597431914:254aabec1a0f46b9130352303e25628b6a88e6f3b43242306645e3a7dc45ce78/5c2d2735ef9564d3/3bba432840ec086
Requested by
Host: karkiritish.com.np
URL: https://karkiritish.com.np/cdn-cgi/challenge-platform/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f155ebc3eeb473c6ae668b71e245f293a1fca29a88fe8935a03133a0452257e

Request headers

Referer
https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
3bba432840ec086
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 14 Aug 2020 19:41:25 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5c2d2737f8b064d3-FRA
cf-request-id
049016d6fc000064d3d9b96200000001
countries.php
karkiritish.com.np/sites/cnwst/options-general/wish_list/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
karkiritish.com.np
URL
https://karkiritish.com.np/sites/cnwst/options-general/wish_list/countries.php?greatest=fb1fywa012d5cw&table=am&special=note&__cf_chl_jschl_tk__=75003f653602172c76c44b9dfd5654db56e30e79-1597434084-0-AVkKN2kTrc0_EQADTRmxh6fQG_fAAAHtLZXlOf79_RRxYeMNbBGG7bKYDBMs5qW2mtZXJK7RZ-kPLr4s5HdAofGHxHNHAhwAimeXWSq1_o09DxO0JZbAUl_jYVpeSOg3UXhHrG6PP71l8DVAlg_n6PcYzGdAX36cjjhE98XQ-SjhsDOAF4PTbrwj3DCOozymTuYCuRKioOQCjl0CPvIio1hZ-jrvkjfTTkqnE9C-9r7Na4gbqQ-W5l3gskNUaxcglvXaAWXJf2_8yF2V1ytZUSrG5lcumchgGvIKAmNRahRV_Gzkrpkib5n5ykkuv1TneApEZK6x8DfoVISiLPY39FcSxCZz8OK6VPoTtrADl_tItzr3xSl8xleWnB5dX6sPW158cF-rMWRvqx6GkxwjpCI

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
karkiritish.com.np/ Name: cf_chl_prog
Value: e
karkiritish.com.np/ Name: cf_chl_1
Value: 3bba432840ec086
.karkiritish.com.np/ Name: __cfduid
Value: da794cbe9d6835e97a1d08c8afe08e6ec1597434084

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN