nxdbku.cyttek.ru
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Effective URL: https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com
Submission: On June 09 via manual from IN — Scanned from FR
Summary
TLS certificate: Issued by E1 on May 30th 2023. Valid for: 3 months.
This is the only time nxdbku.cyttek.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 109.232.193.197 109.232.193.197 | 50234 (EULERIAN-AS) (EULERIAN-AS) | |
1 | 198.59.144.130 198.59.144.130 | 17378 (AS17378) (AS17378) | |
4 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 2606:4700::68... 2606:4700::6812:6b9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 4 |
ASN50234 (EULERIAN-AS, FR)
PTR: vps.eulerian.net
eulerian.officiel-des-vacances.com |
ASN17378 (AS17378, US)
PTR: svgr317.serverneubox.com.mx
negociosverdes.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5410 |
212 KB |
4 |
cyttek.ru
nxdbku.cyttek.ru |
70 KB |
2 |
officiel-des-vacances.com
2 redirects
eulerian.officiel-des-vacances.com |
1 KB |
1 |
negociosverdes.org
negociosverdes.org |
244 B |
14 | 4 |
Domain | Requested by | |
---|---|---|
7 | challenges.cloudflare.com |
nxdbku.cyttek.ru
challenges.cloudflare.com |
4 | nxdbku.cyttek.ru |
nxdbku.cyttek.ru
|
2 | eulerian.officiel-des-vacances.com | 2 redirects |
1 | negociosverdes.org | |
14 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
negociosverdes.org R3 |
2023-06-04 - 2023-09-02 |
3 months | crt.sh |
cyttek.ru E1 |
2023-05-30 - 2023-08-28 |
3 months | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-18 - 2023-09-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com
Frame ID: CEBB9944C28E8EF1EE3EDC5D6984B721
Requests: 6 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 497A183574A5F89338682F4B971188EF
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-publisher=MREL&eml-name=mindbaz_retargeting_m4&eml-ctype=CTYPE&eemail=958c5e006c0d43c2ae3f77f528032e88&eurl=https%3A%2F%2Fnegociosverdes.org%2Fcss%2Fadmine%2Ffhbhb%2Fsf_rand_string_lowercase6%2F%2F%2F%2FZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ== HTTP 302
- https://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-publisher=MREL&eml-name=mindbaz_retargeting_m4&eml-ctype=CTYPE&eemail=958c5e006c0d43c2ae3f77f528032e88&eurl=https%3A%2F%2Fnegociosverdes.org%2Fcss%2Fadmine%2Ffhbhb%2Fsf_rand_string_lowercase6%2F%2F%2F%2FZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ== HTTP 302
- https://negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6////ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==?ectrans=1
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==
negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6//// Redirect Chain
|
0 244 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Memilykam@voguelaundry.com
nxdbku.cyttek.ru/ |
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ |
169 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
nxdbku.cyttek.ru/cdn-cgi/images/trace/managed/js/ |
42 B 220 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/b/5da7637f/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
816f055b62f59c2
nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/504990355:1686272810:eDEFG_83jaHXrxwjBNmr0U22M4VkULXNIj3WQNgFSOI/7d4596b0df03024f/ |
8 KB 6 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 497A |
24 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 497A |
176 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
3f88a5c305e48ac
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1418021780:1686272859:ns7i-APfejL3JwAMQkKO4yvIJ9FMHzjx-DFYZ2Tauw0/7d4596b318582a3f/ Frame 497A |
172 KB 127 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
SNulo15I9lUOa_X
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7d4596b318582a3f/1686274010391/caef303f9cace226b0838af8023c3688b1a6b7403ce5581079a39a242837d181/ Frame 497A |
1 B 626 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f0861563-fa25-45fd-b9d4-540d2161b9e1
https://challenges.cloudflare.com/ Frame 497A |
656 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Jno5QHJsffFIegw
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7d4596b318582a3f/1686274010395/ Frame 497A |
61 B 147 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
65a7fce2-07c6-44f0-892b-468612b77f58
https://challenges.cloudflare.com/ Frame 497A |
99 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
3f88a5c305e48ac
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1418021780:1686272859:ns7i-APfejL3JwAMQkKO4yvIJ9FMHzjx-DFYZ2Tauw0/7d4596b318582a3f/ Frame 497A |
13 KB 10 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _cf_chl_opt function| _cf_chl_turnstile_l function| pKMxd4 function| SHA256 function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| bCjsOZCfgW object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.officiel-des-vacances.com/ | Name: etuix Value: 1JJIxbEy_iX323Nplfb3IsXCrTecaUkDKZBRpbNhASKhqKIjdp0lAA-- |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
eulerian.officiel-des-vacances.com
negociosverdes.org
nxdbku.cyttek.ru
109.232.193.197
198.59.144.130
2606:4700::6812:6b9
2a06:98c1:3121::3
09ef94dbc70eb3cb78accceda4e871c45bf3b5facb010e0cde85dc2826e061d7
12852b43bf8a66c48640a9a36048148f2b1edaddbd018bc2c7425340202a7ed9
236d4e0577843cd5f12371f7302f2691632824e945befd36ef22658b653fdd99
2760f96d3b7629100aee1cb3ec7c47a3b6f0dee1152c339dc91a6fd67cb87887
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
705a3486c55dbb36ab2276191819a7067c991037a4644868aa20bc2c4dce6d49
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
aa641d08ba2de886467c7863501bdecc8fb131f646d7cf3b6ebe74455bd7c676
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
ecb81198ecdc821f2a308a620dcc0bf6027e335361fdb6cc47576e25ccce1d50
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7133c7470ab088168ed6f296980c23aad179d2906f0a0df788ec0c79c35ba05
fe78b4b1d91cc2633d7f8dae21749bf04bae2444a36acfd1acedd64934cb42f8