6vxzu.decments-su.ru
Open in
urlscan Pro
2606:4700:20::ac43:46ea
Public Scan
Effective URL: https://6vxzu.decments-su.ru/Mjmcglaughlin@koniag.com
Submission: On March 22 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on March 17th 2023. Valid for: 3 months.
This is the only time 6vxzu.decments-su.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 192.30.31.89 192.30.31.89 | 14153 (EDGECAST) (EDGECAST) | |
1 | 41.185.8.159 41.185.8.159 | 36943 (ZA-1-Grid) (ZA-1-Grid) | |
5 | 2606:4700:20:... 2606:4700:20::ac43:46ea | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700::68... 2606:4700::6812:7b9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 4 |
ASN36943 (ZA-1-Grid, ZA)
PTR: srv87.hostserv.co.za
jmcglaughlin.bri-shel.co.za |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
decments-su.ru
6vxzu.decments-su.ru |
121 KB |
3 |
verizon.com
www.verizon.com — Cisco Umbrella Rank: 11756 |
5 KB |
2 |
cloudflare.com
1 redirects
challenges.cloudflare.com — Cisco Umbrella Rank: 4950 |
5 KB |
1 |
bri-shel.co.za
jmcglaughlin.bri-shel.co.za |
433 B |
10 | 4 |
Domain | Requested by | |
---|---|---|
5 | 6vxzu.decments-su.ru |
jmcglaughlin.bri-shel.co.za
6vxzu.decments-su.ru |
3 | www.verizon.com |
www.verizon.com
|
2 | challenges.cloudflare.com |
1 redirects
6vxzu.decments-su.ru
|
1 | jmcglaughlin.bri-shel.co.za |
www.verizon.com
|
10 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.verizon.com DigiCert SHA2 Extended Validation Server CA |
2022-09-09 - 2023-10-10 |
a year | crt.sh |
*.decments-su.ru GTS CA 1P5 |
2023-03-17 - 2023-06-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://6vxzu.decments-su.ru/Mjmcglaughlin@koniag.com
Frame ID: B1B5E8D6B5D36EE66DF9E2F999F5182B
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Loading...Page URL History Show full URLs
- https://www.verizon.com/econtact/ecrm/includes/html/vzfwdNew.html?app_nm=MSGCTR&env=PROD&destination... Page URL
- http://jmcglaughlin.bri-shel.co.za/jmcglaughlin/jmcglaughlin@koniag.com//Verizon Page URL
- https://6vxzu.decments-su.ru/Mjmcglaughlin@koniag.com Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.verizon.com/econtact/ecrm/includes/html/vzfwdNew.html?app_nm=MSGCTR&env=PROD&destination=http%3A%2F%2Fjmcglaughlin.bri-shel.co.za%2Fjmcglaughlin%2Fjmcglaughlin%40koniag.com%2F%2FVerizon&txid=B20200331_1488798683&lid=18207&tid=121811&vno=5<id=498307 Page URL
- http://jmcglaughlin.bri-shel.co.za/jmcglaughlin/jmcglaughlin@koniag.com//Verizon Page URL
- https://6vxzu.decments-su.ru/Mjmcglaughlin@koniag.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
- https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
vzfwdNew.html
www.verizon.com/econtact/ecrm/includes/html/ |
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webtoolkit.url.js
www.verizon.com/econtact/ecrm/includes/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
LinkTrackingServlet.serv
www.verizon.com/econtact/ecrm/linktrack/ |
2 B 322 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Verizon
jmcglaughlin.bri-shel.co.za/jmcglaughlin/jmcglaughlin@koniag.com// |
191 B 433 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Mjmcglaughlin@koniag.com
6vxzu.decments-su.ru/ |
7 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
6vxzu.decments-su.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ |
149 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
6vxzu.decments-su.ru/cdn-cgi/images/trace/managed/js/ |
42 B 220 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/g/db880165/ Redirect Chain
|
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
fc6855436da49b4
6vxzu.decments-su.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/421837031:1679508669:JGLoKK_lgMHCw5TI8m0WEOYOisibPrVdiJLhzc39EmI/7ac088292f513a61/ |
117 KB 62 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kPPZf3SW-UxBkEy
6vxzu.decments-su.ru/cdn-cgi/challenge-platform/h/g/img/7ac088292f513a61/1679510099640/ |
61 B 354 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| _cf_chl_opt function| sendRequest function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| _cf_chl_turnstile_l function| SHA256 function| __cf_md5 object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.verizon.com/ | Name: AkaSTrackingID Value: eb1eec7a63d6dc43f1ec87337f8b108e |
|
www.verizon.com/ | Name: NSC_xxx22_fdpoubdu_mcw Value: ffffffff8f64858c45525d5f4f58455e445a4a4229a2 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
6vxzu.decments-su.ru
challenges.cloudflare.com
jmcglaughlin.bri-shel.co.za
www.verizon.com
192.30.31.89
2606:4700:20::ac43:46ea
2606:4700::6812:7b9
41.185.8.159
03f0457c57ca2e914fa05e0c091b6367ec5e97e3ec09122e96fd247bcf32ffaa
2fbc175cea565bcd7c3e5e959138ebe5ecfa239a11d010f397206957542a9ea3
59de0fc5199fd335c1f9f5e37e048e0005b6b96cfce75f1e3b3140d86f08667a
806334923d3dd4dd371568a1be1083994ed931e16c8980a1aa92cfba8d9dc2b0
8e45fa1150d1b6fa0dacba14ce5ba248e9d9ffbb259ca00a13094d44525892c5
9fedeb039fb63dd4516e028d91975770412912af3f4ef8a926c4ba62db286bc6
d395cc53363e6e22c75f73de0d4de7355ed844b65b8f0d149664ec06facd2d8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f92ebf721cedd80f2370f31111e654b437e06e6af44c004b523bd199e56f3522