urlscan.io logo urlscan.io
SecurityTrails logo

teonarco.tftpd.net Open in urlscan Pro
193.143.1.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cuty.io/kfKgd9u
Effective URL: https://teonarco.tftpd.net/
Submission Tags: @phish_report
Submission: On June 27 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 8 HTTP transactions. The main IP is 193.143.1.69, located in Moscow, Russian Federation and belongs to PROTON66, RU. The main domain is teonarco.tftpd.net.
TLS certificate: Issued by R11 on June 19th 2024. Valid for: 3 months.
This is the only time teonarco.tftpd.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.139.32 13335 (CLOUDFLAR...)
1 1 18.211.218.206 14618 (AMAZON-AES)
2 193.143.1.69 198953 (PROTON66)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 104.19.229.21 13335 (CLOUDFLAR...)
4 104.19.230.21 13335 (CLOUDFLAR...)
8 4
1    172.67.139.32 (United States)

ASN13335 (CLOUDFLARENET, US)
cuty.io
1    18.211.218.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-218-206.compute-1.amazonaws.com
rb.gy
2    193.143.1.69 (Moscow, Russian Federation)

ASN198953 (PROTON66, RU)
teonarco.tftpd.net
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    104.19.229.21 (None, )

ASN13335 (CLOUDFLARENET, US)
www.hcaptcha.com
4    104.19.230.21 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
Apex Domain
Subdomains		 Transfer
5 hcaptcha.com
www.hcaptcha.com — Cisco Umbrella Rank: 49866
newassets.hcaptcha.com — Cisco Umbrella Rank: 7135
111 KB
2 tftpd.net
teonarco.tftpd.net
1 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3406
27 KB
1 rb.gy
rb.gy — Cisco Umbrella Rank: 115364
162 B
1 cuty.io
cuty.io — Cisco Umbrella Rank: 443119
1 KB
8 5
Domain Requested by
4 newassets.hcaptcha.com www.hcaptcha.com
2 teonarco.tftpd.net
1 www.hcaptcha.com teonarco.tftpd.net
1 stackpath.bootstrapcdn.com teonarco.tftpd.net
1 rb.gy 1 redirects
1 cuty.io 1 redirects
8 6

This site contains no links.

Subject Issuer Validity Valid
teonarco.tftpd.net
R11		 2024-06-19 -
2024-09-17		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
hcaptcha.com
E1		 2024-05-12 -
2024-08-10		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://teonarco.tftpd.net/
Frame ID: 97C6C009AE78B35FED8F529E313A87E2
Requests: 6 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/fe048ce/static/hcaptcha.html
Frame ID: CAC692CC2CE3F5A91F1DB1DCE5F01124
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/fe048ce/static/hcaptcha.html
Frame ID: CA271EE30316CE5BD046EAD805DFD5F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cuty.io/kfKgd9u HTTP 302
    https://rb.gy/169jgv HTTP 301
    https://teonarco.tftpd.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

140 kB
Transfer

552 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cuty.io/kfKgd9u HTTP 302
    https://rb.gy/169jgv HTTP 301
    https://teonarco.tftpd.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
teonarco.tftpd.net/
Redirect Chain
  • https://cuty.io/kfKgd9u
  • https://rb.gy/169jgv
  • https://teonarco.tftpd.net/
1 KB
860 B 		Document
General
Check archive.org
Download Go to
Full URL
https://teonarco.tftpd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.69 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash
cd9f12c422ffac40d7a95ce650ee39f572623085b2727481aaed064b2f8f2ac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 07:59:33 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store
content-length
0
date
Thu, 27 Jun 2024 07:59:32 GMT
engine
Rebrandly.redirect, version 2.1
expires
-1
location
https://teonarco.tftpd.net/
strict-transport-security
max-age=15552000
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: teonarco.tftpd.net
URL: https://teonarco.tftpd.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://teonarco.tftpd.net/
Origin
https://teonarco.tftpd.net
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 27 Jun 2024 07:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1055
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
03/18/2024 12:46:56
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1e6a1a8696689196dfc2d82c1d84c0c0
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
89a3e5f92e50d90a-HEL
cdn-requestpullsuccess
True
api.js
www.hcaptcha.com/1/ 		380 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hcaptcha.com/1/api.js
Requested by
Host: teonarco.tftpd.net
URL: https://teonarco.tftpd.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bade5518ddce15a90721b2e5f10db2b69df4a19f452cd3d13f95df066f8e7d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://teonarco.tftpd.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 27 Jun 2024 07:59:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"772bf10b82ea4c88d947e6f4d87dd977"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
cf-ray
89a3e5f93f204e10-HEL
expires
Wed, 10 Jul 2024 12:39:55 GMT
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/fe048ce/static/ Frame CAC6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/fe048ce/static/hcaptcha.html
Requested by
Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://teonarco.tftpd.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
89a3e5fb1ffd8d7c-HEL
content-encoding
br
content-type
text/html
date
Thu, 27 Jun 2024 07:59:33 GMT
expires
Thu, 11 Jul 2024 07:59:33 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Origin
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/fe048ce/static/ Frame CA27 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/fe048ce/static/hcaptcha.html
Requested by
Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://teonarco.tftpd.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
89a3e5fb1ffd8d7c-HEL
content-encoding
br
content-type
text/html
date
Thu, 27 Jun 2024 07:59:33 GMT
expires
Thu, 11 Jul 2024 07:59:33 GMT
server
cloudflare
vary
Accept-Encoding Origin
x-content-type-options
nosniff
fi.json
newassets.hcaptcha.com/captcha/v1/fe048ce/static/i18n/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/fe048ce/static/i18n/fi.json
Requested by
Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4c9afac040e2b0a6d41ec0cc3853b8ea3dc25ab449883f0ea803fb3792a7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://teonarco.tftpd.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 27 Jun 2024 07:59:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
content-length
3456
server
cloudflare
etag
"c85eea96f9f2220bcf13dac3e4297a6d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=1209600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
89a3e5fb1c428d67-HEL
expires
Thu, 11 Jul 2024 07:59:33 GMT
fi.json
newassets.hcaptcha.com/captcha/v1/fe048ce/static/i18n/ 		9 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/fe048ce/static/i18n/fi.json
Requested by
Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4c9afac040e2b0a6d41ec0cc3853b8ea3dc25ab449883f0ea803fb3792a7d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://teonarco.tftpd.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 27 Jun 2024 07:59:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
3456
server
cloudflare
etag
"c85eea96f9f2220bcf13dac3e4297a6d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=1209600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
89a3e5fb1c428d67-HEL
expires
Thu, 11 Jul 2024 07:59:33 GMT
favicon.ico
teonarco.tftpd.net/ 		146 B
210 B 		Other
General
Check archive.org
Download Go to
Full URL
https://teonarco.tftpd.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.69 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://teonarco.tftpd.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 27 Jun 2024 07:59:33 GMT
server
nginx
content-length
146
content-type
text/html

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage function| callback object| Raven object| hcaptcha object| grecaptcha

3 Cookies

Domain/Path Name / Value
cuty.io/ Name: origin
Value: cuty
cuty.io/ Name: XSRF-TOKEN
Value: eyJpdiI6IkhHbmpDcmdXRDNvbFVWdzFKWnRHQ0E9PSIsInZhbHVlIjoiOEdLQklTczFudHRabkd5RkRuazcyb3Z1Ky9SaE1pSWd1NExUb3g2alFKU1dHMlVYOW1oSXgwc2N5VkVQdFRqMjJlNFc3YzE2OGkzRTl0V293UWMzMVV4ZlZxd0ljU0g0VU5JV3ZlWUV5YStCUkMwYzJxbmc0RHhsUWhTZG1VYnEiLCJtYWMiOiJhN2I4OTAxYjNlZTNlZThlNzYzYzEzZjIyZDVhN2Y5YjEwNTcyYjgyZDBhNjg4OGEwYjU2ZjhjOTFhZWNhYzRkIiwidGFnIjoiIn0%3D
cuty.io/ Name: cutyio_session
Value: eyJpdiI6IlBPWmU3eW0weTU5ZGwzaGJxaG5oUEE9PSIsInZhbHVlIjoiTmV2VHFuUkZka1Roc2h0eU9qSVhFZ3Nuc3Zuazl1Q29Xckp6OUJjTWZHNVU4UnR1YTlBeHlYNjVGTjg0bS9RYTYwcGpDbjdIRTBVdUhXUUxiT1VWM0Mwc1p5OTY0OVJOM0JMNDRPdG5vMTJmRG9WL1Rnb2kzblFTVWE0WUpYdTEiLCJtYWMiOiJmMWU5YTk1NjYyNzljYmZlMTMyYTMzMTI5NzhhN2U1MTM1ZDliNTg0MzEyN2NlOTJmOWJiY2M0OTlkMjg4NWY0IiwidGFnIjoiIn0%3D

1 Console Messages

Source Level URL
Text
network error URL: https://teonarco.tftpd.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000