nxdbku.cyttek.ru
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Effective URL: https://nxdbku.cyttek.ru/Mrahat.kibria@aon.com
Submission: On June 09 via manual from IN — Scanned from FR
Summary
TLS certificate: Issued by E1 on May 30th 2023. Valid for: 3 months.
This is the only time nxdbku.cyttek.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 109.232.193.197 109.232.193.197 | 50234 (EULERIAN-AS) (EULERIAN-AS) | |
1 | 198.59.144.130 198.59.144.130 | 17378 (AS17378) (AS17378) | |
4 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700::68... 2606:4700::6812:6b9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 3 |
ASN50234 (EULERIAN-AS, FR)
PTR: vps.eulerian.net
eulerian.officiel-des-vacances.com |
ASN17378 (AS17378, US)
PTR: svgr317.serverneubox.com.mx
negociosverdes.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5410 |
218 KB |
4 |
cyttek.ru
nxdbku.cyttek.ru |
69 KB |
2 |
officiel-des-vacances.com
2 redirects
eulerian.officiel-des-vacances.com |
1 KB |
1 |
negociosverdes.org
negociosverdes.org |
239 B |
9 | 4 |
Domain | Requested by | |
---|---|---|
4 | challenges.cloudflare.com |
nxdbku.cyttek.ru
challenges.cloudflare.com |
4 | nxdbku.cyttek.ru |
nxdbku.cyttek.ru
|
2 | eulerian.officiel-des-vacances.com | 2 redirects |
1 | negociosverdes.org | |
9 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
negociosverdes.org R3 |
2023-06-04 - 2023-09-02 |
3 months | crt.sh |
cyttek.ru E1 |
2023-05-30 - 2023-08-28 |
3 months | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-18 - 2023-09-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://nxdbku.cyttek.ru/Mrahat.kibria@aon.com
Frame ID: 8E9F4C7D8564FAD2F5D3DEE60728A0C6
Requests: 6 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/yi6rl/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 266322E2FA52B7178CE041683FAB6500
Requests: 3 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-publisher=MREL&eml-name=mindbaz_retargeting_m4&eml-ctype=CTYPE&eemail=958c5e006c0d43c2ae3f77f528032e88&eurl=https%3A%2F%2Fnegociosverdes.org%2Fcss%2Fadmine%2Ffhbhb%2Fsf_rand_string_lowercase6%2F%2F%2F%2FcmFoYXQua2licmlhQGFvbi5jb20= HTTP 302
- https://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-publisher=MREL&eml-name=mindbaz_retargeting_m4&eml-ctype=CTYPE&eemail=958c5e006c0d43c2ae3f77f528032e88&eurl=https%3A%2F%2Fnegociosverdes.org%2Fcss%2Fadmine%2Ffhbhb%2Fsf_rand_string_lowercase6%2F%2F%2F%2FcmFoYXQua2licmlhQGFvbi5jb20= HTTP 302
- https://negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6////cmFoYXQua2licmlhQGFvbi5jb20=?ectrans=1
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
cmFoYXQua2licmlhQGFvbi5jb20=
negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6//// Redirect Chain
|
0 239 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Mrahat.kibria@aon.com
nxdbku.cyttek.ru/ |
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ |
164 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
nxdbku.cyttek.ru/cdn-cgi/images/trace/managed/js/ |
42 B 220 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/b/5da7637f/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7f51bd6b2d18eaf
nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/17983380:1686283654:TuHJzQ0UwSyT2HzqHqWgfj1I4bPYj3i3ieaDdwX2kqs/7d46d013be78d540/ |
8 KB 6 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/yi6rl/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 2663 |
24 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 2663 |
174 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
a6b7a0cbf175ca3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/324697494:1686283856:SkICn0TtHKVqaXXK6nz4to01HnmPMXnFM9oCYiSaijk/7d46d01b3ba7d5e9/ Frame 2663 |
199 KB 143 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _cf_chl_opt function| SHA256 function| bCjsOZCfgW function| pKMxd4 function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| _cf_chl_turnstile_l object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.officiel-des-vacances.com/ | Name: etuix Value: GVNTWACCDJ_EulVocRjKzjfCMzo2p3mfZGmHDmoIsMxTYMmV0vzN7Q-- |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
eulerian.officiel-des-vacances.com
negociosverdes.org
nxdbku.cyttek.ru
109.232.193.197
198.59.144.130
2606:4700::6812:6b9
2a06:98c1:3121::3
01de7a83b2e6ccbbcdf27cdf8e5b29e92e09041f3466cfef90a788e1ef624f7a
250c43d83453226fd4d97cbe0aa635487c430a9976cc00ba3199b9272cd9e0b3
2760f96d3b7629100aee1cb3ec7c47a3b6f0dee1152c339dc91a6fd67cb87887
582f96c081917c518a32a83a86daa5a835be731aaa70865ffc1c89cfca1dd05d
6067aac411e4ba52973d099c45bdd8e49d3dcfde50d138fcd79a74900b3ce24a
9d4c8cfb1a927ec337db2a3764536d8b43f8dc80a16080006c9259f88bb31856
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f299c348522c5d1e844d0aea3fd05112b595d452b2b71efff487624baf877266