nxdbku.cyttek.ru
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Effective URL: https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com
Submission: On June 09 via manual from IN — Scanned from FR
Summary
TLS certificate: Issued by E1 on May 30th 2023. Valid for: 3 months.
This is the only time nxdbku.cyttek.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 109.232.193.197 109.232.193.197 | 50234 (EULERIAN-AS) (EULERIAN-AS) | |
1 | 198.59.144.130 198.59.144.130 | 17378 (AS17378) (AS17378) | |
4 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700::68... 2606:4700::6812:7b9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 4 |
ASN50234 (EULERIAN-AS, FR)
PTR: vps.eulerian.net
eulerian.officiel-des-vacances.com |
ASN17378 (AS17378, US)
PTR: svgr317.serverneubox.com.mx
negociosverdes.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
cyttek.ru
nxdbku.cyttek.ru |
70 KB |
3 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5410 |
75 KB |
2 |
officiel-des-vacances.com
2 redirects
eulerian.officiel-des-vacances.com |
1 KB |
1 |
negociosverdes.org
negociosverdes.org |
244 B |
10 | 4 |
Domain | Requested by | |
---|---|---|
4 | nxdbku.cyttek.ru |
nxdbku.cyttek.ru
|
3 | challenges.cloudflare.com |
nxdbku.cyttek.ru
challenges.cloudflare.com |
2 | eulerian.officiel-des-vacances.com | 2 redirects |
1 | negociosverdes.org | |
10 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
negociosverdes.org R3 |
2023-06-04 - 2023-09-02 |
3 months | crt.sh |
cyttek.ru E1 |
2023-05-30 - 2023-08-28 |
3 months | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-18 - 2023-09-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com
Frame ID: DA7E823345847A9789364BDD5ABB7754
Requests: 7 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bdbbe/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 3FD57E12565C4AE0E828C7C689838EFE
Requests: 3 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-publisher=MREL&eml-name=mindbaz_retargeting_m4&eml-ctype=CTYPE&eemail=958c5e006c0d43c2ae3f77f528032e88&eurl=https%3A%2F%2Fnegociosverdes.org%2Fcss%2Fadmine%2Ffhbhb%2Fsf_rand_string_lowercase6%2F%2F%2F%2FZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ== HTTP 302
- https://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-publisher=MREL&eml-name=mindbaz_retargeting_m4&eml-ctype=CTYPE&eemail=958c5e006c0d43c2ae3f77f528032e88&eurl=https%3A%2F%2Fnegociosverdes.org%2Fcss%2Fadmine%2Ffhbhb%2Fsf_rand_string_lowercase6%2F%2F%2F%2FZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ== HTTP 302
- https://negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6////ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==?ectrans=1
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==
negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6//// Redirect Chain
|
0 244 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Memilykam@voguelaundry.com
nxdbku.cyttek.ru/ |
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ |
169 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
nxdbku.cyttek.ru/cdn-cgi/images/trace/managed/js/ |
42 B 221 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/b/5da7637f/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
beb412951573e45
nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/504990355:1686272810:eDEFG_83jaHXrxwjBNmr0U22M4VkULXNIj3WQNgFSOI/7d458b871f6d04a6/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
beb412951573e45
nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/504990355:1686272810:eDEFG_83jaHXrxwjBNmr0U22M4VkULXNIj3WQNgFSOI/7d458b871f6d04a6/ |
8 KB 6 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bdbbe/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 3FD5 |
24 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 3FD5 |
173 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
0c635af508b3bd2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/486313045:1686272999:o8Ml07edBih79At1wGGod-dDgpQlQN8gbxy8smSNJRU/7d458ba4b962f0d7/ Frame 3FD5 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- nxdbku.cyttek.ru
- URL
- https://nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/504990355:1686272810:eDEFG_83jaHXrxwjBNmr0U22M4VkULXNIj3WQNgFSOI/7d458b871f6d04a6/beb412951573e45
- Domain
- challenges.cloudflare.com
- URL
- https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/486313045:1686272999:o8Ml07edBih79At1wGGod-dDgpQlQN8gbxy8smSNJRU/7d458ba4b962f0d7/0c635af508b3bd2
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _cf_chl_opt function| _cf_chl_turnstile_l function| pKMxd4 function| SHA256 function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| bCjsOZCfgW object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.officiel-des-vacances.com/ | Name: etuix Value: f8NjyAsKAWmej7cJoF5lXEAL.wcxhzN3MEA5npskooLBliuMuSSVNA-- |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
eulerian.officiel-des-vacances.com
negociosverdes.org
nxdbku.cyttek.ru
challenges.cloudflare.com
nxdbku.cyttek.ru
109.232.193.197
198.59.144.130
2606:4700::6812:7b9
2a06:98c1:3121::3
139a37c9d2a62a91e11f73892e551bbadd2508d1898c32f444a6a3e15712bf4f
236d4e0577843cd5f12371f7302f2691632824e945befd36ef22658b653fdd99
2760f96d3b7629100aee1cb3ec7c47a3b6f0dee1152c339dc91a6fd67cb87887
6b2476b4ed40aff4409a280796876fd060b6ec5736a3dd1ecb0dc83368849173
b279ddecac3fbbef748a6c4c7d750eee412e56f7e83cd285ac6067fe5df6a174
ce9bc5ece9dcaff0600741640b2b99c2215e7998bb6b713de691d1773108a312
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629