one.ndax.io
Open in
urlscan Pro
2606:4700:3108::ac42:2b9b
Public Scan
Effective URL: https://one.ndax.io/bfQhGK
Submission Tags: 0xscam
Submission: On March 08 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 3rd 2023. Valid for: a year.
This is the only time one.ndax.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN29873 (BIZLAND-SD, US)
PTR: 156.160.96.66.static.eigbox.net
gpgcrypto.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-34.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-29-143-243.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
ndax.io
1 redirects
one.ndax.io |
9 KB |
5 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 693 |
148 KB |
3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 375 |
14 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
243 KB |
2 |
reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1415 |
712 B |
2 |
redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1245 |
10 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
72 KB |
1 |
pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2797 |
974 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 100 |
185 B |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6744 |
408 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84 |
251 B |
1 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2656 |
251 B |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 788 |
7 KB |
1 |
gpgcrypto.com
gpgcrypto.com |
413 B |
30 | 14 |
Domain | Requested by | |
---|---|---|
7 | one.ndax.io |
1 redirects
one.ndax.io
static.cloudflareinsights.com |
5 | analytics.tiktok.com |
gpgcrypto.com
analytics.tiktok.com |
3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com one.ndax.io |
3 | www.googletagmanager.com |
one.ndax.io
www.googletagmanager.com |
2 | alb.reddit.com |
one.ndax.io
|
2 | www.redditstatic.com |
gpgcrypto.com
www.redditstatic.com |
2 | connect.facebook.net |
gpgcrypto.com
connect.facebook.net |
1 | analytics.pangle-ads.com |
analytics.tiktok.com
|
1 | www.facebook.com |
one.ndax.io
|
1 | www.google.de |
one.ndax.io
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | static.cloudflareinsights.com |
one.ndax.io
|
1 | gpgcrypto.com | |
30 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.gpgcrypto.com R3 |
2024-03-08 - 2024-06-06 |
3 months | crt.sh |
*.ndax.io Sectigo RSA Domain Validation Secure Server CA |
2023-05-03 - 2024-06-02 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
www.bing.com Microsoft Azure TLS Issuing CA 02 |
2024-01-21 - 2024-06-27 |
5 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-12-18 - 2024-03-17 |
3 months | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-01-08 - 2024-07-06 |
6 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-01-15 - 2024-07-13 |
6 months | crt.sh |
*.pangle-ads.com RapidSSL TLS ECC CA G1 |
2023-08-10 - 2024-09-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://one.ndax.io/bfQhGK
Frame ID: 3D6A60936CE9C143E32040F9811F410E
Requests: 28 HTTP requests in this frame
Frame:
https://one.ndax.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Frame ID: 2ECC8FA5C0EA37509E6BECD94D4AD41F
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
503 Service Temporarily UnavailablePage URL History Show full URLs
- https://gpgcrypto.com/ Page URL
- https://one.ndax.io/bfQhGK Page URL
Detected technologies
Cloudflare Browser Insights (Analytics) ExpandDetected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://gpgcrypto.com/ Page URL
- https://one.ndax.io/bfQhGK Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://one.ndax.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://one.ndax.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
gpgcrypto.com/ |
100 B 413 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
bfQhGK
one.ndax.io/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GaFuSPIRtxC28FvYRZACiA_i8oU.js
one.ndax.io/cdn-cgi/apps/head/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OlLP2NfNDj2uJ-9Gvljspl636Cw.js
one.ndax.io/cdn-cgi/apps/body/ |
447 B 634 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
one.ndax.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/ Frame 2ECC Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8615aed349183661
one.ndax.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 2ECC |
0 331 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
251 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
282 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
159 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
215 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.js
www.redditstatic.com/ads/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 251 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 251 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t2_hdfjtxxf_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ |
86 B 700 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rp.gif
alb.reddit.com/ |
42 B 637 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rp.gif
alb.reddit.com/ |
42 B 75 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
97023742.js
bat.bing.com/p/action/ |
0 118 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 287 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
240116466850513
connect.facebook.net/signals/config/ |
62 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MTE2NjEzZWI4MA.js
analytics.tiktok.com/i18n/pixel/static/ |
402 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify_efbb8.js
analytics.tiktok.com/i18n/pixel/static/ |
137 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pangle_pixel
analytics.pangle-ads.com/api/v2/ |
0 974 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 840 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
one.ndax.io/cdn-cgi/ |
0 138 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
act
analytics.tiktok.com/api/v2/pixel/ |
0 841 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| CloudflareApps object| __cfBeacon object| dataLayer object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq function| rdt function| onYouTubeIframeAPIReady object| gaGlobal object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| UET function| UET_init function| UET_push object| ueto_bad8aa3a25 object| uetq object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ndax.io/ | Name: cf_clearance Value: 3hmgRC5ZymygK6jTK35GtP_fJeeXkpuAwggTz8ajg6o-1709930873-1.0.1.1-G6rQn9dLxVsx_hBFYvyOBtImqo8a10s9kPjg7Y8EuhaVy9_9bIsHGcTnY8Jn5rQGVsC0O7QmKD9z7k6o_UHEuw |
|
.ndax.io/ | Name: _gcl_au Value: 1.1.1606101905.1709930874 |
|
.ndax.io/ | Name: _ga Value: GA1.1.769765152.1709930874 |
|
.ndax.io/ | Name: _ga_KBXHH6Z610 Value: GS1.1.1709930874.1.0.1709930874.60.0.0 |
|
.ndax.io/ | Name: _rdt_uuid Value: 1709930874284.71f941a8-c3dd-4f68-8bf2-93b5a4d89da0 |
|
.ndax.io/ | Name: _uetsid Value: 230ff8f0dd8d11ee989a6f50e7e13e76 |
|
.ndax.io/ | Name: _uetvid Value: 23100b90dd8d11ee83c4e1e8cd34f962 |
|
.tiktok.com/ | Name: _ttp Value: 2dQCNTmEMMq5UNhdQ0RA5rE3TJr |
|
.bing.com/ | Name: MUID Value: 2594BF4A63A16C9D3825AB76622A6DE7 |
|
.ndax.io/ | Name: _fbp Value: fb.1.1709930874711.1348509403 |
|
.ndax.io/ | Name: _tt_enable_cookie Value: 1 |
|
.ndax.io/ | Name: _ttp Value: YaZfe8Sd3ojuf5TevFaEfx-Lbtf |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alb.reddit.com
analytics.pangle-ads.com
analytics.tiktok.com
bat.bing.com
connect.facebook.net
gpgcrypto.com
one.ndax.io
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.facebook.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
151.101.65.140
184.29.143.243
2.19.96.34
2001:4860:4802:34::36
2606:4700:3108::ac42:2b9b
2606:4700::6810:3965
2620:1ec:c11::200
2a00:1450:4001:80e::2008
2a00:1450:4001:81c::2003
2a00:1450:400c:c0c::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::396
66.96.160.156
0b91cf5f2bf5a53300ac1636700bd3303afdec08da9c38bb29cf9e8e74f90e3b
1feb240dc8696acdcbe9c4fd36b3c3ee4691fb4573a5ce72d9d8a45b9c9037a6
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697
335750c5de24e485b630b91393e74f41356a4f036496995742eebabc97a47165
390eab52fdb60b66de1cdd8d64a62e1ff01affd71dc2c7f0d268130c90e57789
3f315a8794c23fdd4b996c4c48959055a35b6f08fbcae448761f5613155b873c
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
531a8857582e13d0628ee813402b43c2c11065cfe8d2b0557884fca99d86344e
5bc8e5ef45b27b417879303208f67e2ab8666c7e00869346a81dc91406cf182a
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
643fdf35b0422a02e8b39ddc48ddca72b3bdb3ef936271691cac9a7a3f7354d7
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
75985e4bc3b3c9d8987d694a9dac9f7ec8fe83b05f15abcbae5f5b7e37353840
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
d7248476bb114c5d075bde873bd9724f287597fd54c624ac9adf237f06a3bd6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d9cd2357fc394cbff9980aa646a12234b67d1d16976cef06049fd40f3d8d36
ff4e484dcc601253238e5523221520c40b436fb1771fadd58badc659ec1acf17