urlscan.io logo urlscan.io
SecurityTrails logo

194.xec2vqk.ru Open in urlscan Pro
172.67.156.151  Public Scan

Go To Rescan Add Verdict Report
URL: https://194.xec2vqk.ru/vl3c9xym?utm_source=sams-newsletter-b6afeb.beehiiv.com&utm_medium=newsletter&utm_campaign=new-post
Submission: On February 01 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 172.67.156.151, located in United States and belongs to CLOUDFLARENET, US. The main domain is 194.xec2vqk.ru.
TLS certificate: Issued by E1 on January 5th 2024. Valid for: 3 months.
This is the only time 194.xec2vqk.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 172.67.156.151 13335 (CLOUDFLAR...)
3 1
Apex Domain
Subdomains		 Transfer
4 xec2vqk.ru
194.xec2vqk.ru
6 KB
3 1
Domain Requested by
4 194.xec2vqk.ru 1 redirects 194.xec2vqk.ru
3 1

This site contains no links.

Subject Issuer Validity Valid
xec2vqk.ru
E1		 2024-01-05 -
2024-04-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://194.xec2vqk.ru/vl3c9xym?utm_source=sams-newsletter-b6afeb.beehiiv.com&utm_medium=newsletter&utm_campaign=new-post
Frame ID: 009B286D56F6B2ABED6196137D0FFA67
Requests: 1 HTTP requests in this frame

Frame: https://194.xec2vqk.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
Frame ID: B5160828F18E226D2EBA7E05A230BB44
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Not Found

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

6 kB
Transfer

9 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://194.xec2vqk.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://194.xec2vqk.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request vl3c9xym
194.xec2vqk.ru/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://194.xec2vqk.ru/vl3c9xym?utm_source=sams-newsletter-b6afeb.beehiiv.com&utm_medium=newsletter&utm_campaign=new-post
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.156.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7778f1f76d4e3189e4c34f06f8670f84a3a4dd12fb89101ae721df5c86462c96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, max-age=0
cf-cache-status
DYNAMIC
cf-ray
84e8fbfbbe3e384d-MAD
content-encoding
br
content-type
text/html
date
Thu, 01 Feb 2024 08:56:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNnEAtf0ntnKhmPfUqWc86tltiDrWY42tbH7VT%2FblCLH%2Bzk3mcD2nrwK7%2F99UBpU3%2BvWIsZRmj2EhRqOCVYaVg0P%2FaucZ5g9uRLsvCQatW03eYScsrkI%2Br0kneAWacElmw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
main.js
194.xec2vqk.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/ Frame B516
Redirect Chain
  • https://194.xec2vqk.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://194.xec2vqk.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://194.xec2vqk.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
Protocol
H2
Server
172.67.156.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7628af4e46ac4873189354bc552ce01cd2df33a12f2aa7de367c173e8622c25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 08:57:00 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOCyBFgwYDXHX%2FzhOu1x%2BRhl3MNDyGY73y7xRI4k92w43fjiLIMqxqK0NWBSCcXoAGp8AX1%2F06Epj%2BaTu%2BlBBnEq%2FaiFH1XEhdd%2BGHhFqACs5uGO5KO9V6G4RVbZ4Tw%2FIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
84e8fc045c1c384d-MAD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 01 Feb 2024 08:57:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTSYXnAmMxlNn0H9t40pODYlZ8k%2FLj11k9nePZJYFBdGPyi2JxYZxCj87dC9ypSihwYjsLM0IqNusu64s8lQh4ALn%2F%2Fy%2BfRsjGwlFEgZPWqRnKO1xP4RNpgloTqD3Jyu1g%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
84e8fc01af61384d-MAD
alt-svc
h3=":443"; ma=86400
84e8fbfbbe3e384d
194.xec2vqk.ru/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B516 		0
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://194.xec2vqk.ru/cdn-cgi/challenge-platform/h/b/jsd/r/84e8fbfbbe3e384d
Requested by
Host: 194.xec2vqk.ru
URL: https://194.xec2vqk.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.156.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Feb 2024 08:57:01 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoaPxWPbQl5LoImOukzv7A2R8uTCMoN%2Bb9d7CJq8W7MLyZoMquhPn4arDetHUkN4pp8JY3qwdmbtVFVRnU2j7Af%2FYIlsx9hkxLI%2BXUvD0B3kuoAr72YgNHYpwJvZAKkmzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
84e8fc0acd27384d-MAD
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
.xec2vqk.ru/ Name: cf_clearance
Value: DLMqRdbOquAGzGnL4f_qyx74kGiEzC_Ywt0BK2DgCac-1706777821-1-Aar7/ub/sx5Ndq0Cx3qgt8tku/3LxyzyvLHcbcL6jkOHgTrPltvIKs7i6rmpFXeq9HXPU42eRYHYmyM3suyfFtA=

1 Console Messages

Source Level URL
Text
network error URL: https://194.xec2vqk.ru/vl3c9xym?utm_source=sams-newsletter-b6afeb.beehiiv.com&utm_medium=newsletter&utm_campaign=new-post
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

194.xec2vqk.ru
172.67.156.151
7778f1f76d4e3189e4c34f06f8670f84a3a4dd12fb89101ae721df5c86462c96
c7628af4e46ac4873189354bc552ce01cd2df33a12f2aa7de367c173e8622c25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855