nirvanatech.cloud - urlscan.io

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 65.109.92.221, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is nirvanatech.cloud.
TLS certificate: Issued by R3 on March 5th 2024. Valid for: 3 months.

This is the only time nirvanatech.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	65.109.92.221 65.109.92.221	24940 (HETZNER-AS) (HETZNER-AS)
1 4	104.26.2.214 104.26.2.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
6	4

1 65.109.92.221 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: copper.scnservers.net

nirvanatech.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.26.2.214 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hosting.sitecountry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	sitecountry.com 1 redirects hosting.sitecountry.com	102 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	981 B
1	nirvanatech.cloud nirvanatech.cloud	443 B
6	4

	Domain	Requested by
4	hosting.sitecountry.com	1 redirects nirvanatech.cloud hosting.sitecountry.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	hosting.sitecountry.com
1	nirvanatech.cloud
6	4

This site contains no links.

Subject Issuer	Validity	Valid
nirvanatech.cloud R3	`2024-03-05` - `2024-06-03`	3 months	crt.sh
sitecountry.com GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://nirvanatech.cloud/
Frame ID: 66F26E6D120B4CD5B0CC1EB631C98BEB
Requests: 1 HTTP requests in this frame

Frame: https://hosting.sitecountry.com/welcome.html
Frame ID: 7189E5F6804A8285E6C3B07622983558
Requests: 3 HTTP requests in this frame

Frame: https://hosting.sitecountry.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Frame ID: 38D20D517DE98B58D30F4AA6291378ED
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to SiteCountry!

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

118 kB
Transfer

302 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://hosting.sitecountry.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://hosting.sitecountry.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nirvanatech.cloud/ 319 B
443 B 1084ms
154ms Document
text/html 65.109.92.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nirvanatech.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.109.92.221 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: copper.scnservers.net
Software: LiteSpeed /
Resource Hash: 84d9d192cfda3b09de9c44216fef45b2f0d759645802c0826b8e595278e1a150

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 153
content-type: text/html
date: Tue, 05 Mar 2024 12:27:38 GMT
etag: "13f-63a64483-a7105d32095693d4;br"
last-modified: Sat, 24 Dec 2022 00:14:59 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent

GET
H2 200 welcome.html Show response
hosting.sitecountry.com/ Frame 7189 278 KB
97 KB 1046ms
328ms Document
text/html 104.26.2.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.sitecountry.com/welcome.html
Requested by: Host: nirvanatech.cloud
URL: https://nirvanatech.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd0a22c62bbeb50cc2e99a88f3ba91ff97587af8c786f2c074bf01f66d49d584

Request headers

Referer: https://nirvanatech.cloud/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 85fa19f46d045b90-VIE
content-encoding: br
content-type: text/html
date: Tue, 05 Mar 2024 12:27:39 GMT
last-modified: Sun, 20 Nov 2022 21:52:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BFxx1fL2h1guNOIKNDE8XJczLC9AClFmezPpGS2dM7eQsbmEDJWitwRyNKjjRHDEgm%2F65iJWdepOlPfJyg9z9Amaa3yhZ2Zv0KnJCmsAI3%2FVlje%2FKZVGJCM6AMYwn5DLR956vAYixWc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET
H2 200 css2
fonts.googleapis.com/ Frame 7189 2 KB
981 B 640ms
152ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap

Requested by

Host: hosting.sitecountry.com
URL: https://hosting.sitecountry.com/welcome.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://hosting.sitecountry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 12:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 11:30:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 12:27:40 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 7189 15 KB
15 KB 642ms
143ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

sffe /

Resource Hash

9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hosting.sitecountry.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:49:53 GMT
x-content-type-options: nosniff
age: 13068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15072
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:49:53 GMT

GET
H2

200

main.js Show response
hosting.sitecountry.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/ Frame 38D2
Redirect Chain

https://hosting.sitecountry.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://hosting.sitecountry.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

8 KB
4 KB

208ms
208ms

Script
application/javascript

104.26.2.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hosting.sitecountry.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

Requested by

Host: hosting.sitecountry.com
URL: https://hosting.sitecountry.com/welcome.html

Protocol

H2

Server

104.26.2.214 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247081554e30be689d32e00acb1d6851c770510c2d2d3429af6ce4c8b648343f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:27:40 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPz6dopqpyjC3EHjLGvYZQcMWWMJWD3bfzEYO8VtnKs3I2USwLm0CWpMvaSdb5V%2FjM%2FARfyc5IaixU%2FHQfhZ1%2FggLQ1Mlmnlx0hee%2FeMifI9su1vmLKSx5GQjS2LqzrZSnTFPCVPHYdu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85fa19fcfa485b90-VIE

Redirect headers

date: Tue, 05 Mar 2024 12:27:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMmSPMYR0IXQu9o3OIPbZVbqDmv4tVpoilUfnlDFIanpE0N5J5Xc5WUs%2B5nuxrpj6ArMJx7p9pwqLk%2BBY7QXNlNY0ary8hU%2FHUQP7KCVV3GPm8HT25vAjYAIj1GsPVY5%2BypAVGKDun7E"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 85fa19fbdf0f5b90-VIE

POST
H2 200 85fa19f46d045b90 Show response
hosting.sitecountry.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 38D2 0
521 B 157ms
157ms XHR
text/plain 104.26.2.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.sitecountry.com/cdn-cgi/challenge-platform/h/g/jsd/r/85fa19f46d045b90
Requested by: Host: hosting.sitecountry.com
URL: https://hosting.sitecountry.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 12:27:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85fa19fe6db35b90-VIE
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dNPG2f0n4Eg%2B0TPkAV6JuNL3tYCjcJ8utC%2FLE%2B7XEgL%2FAsr1PJTRcVZqWFvuL1CoBmwPwhCiPbjpdGB3kG9KcZTa9JKMkRlSWtBlsRVz8XAQUrd36g%2BVea1RLYupLEAhln%2F8d9638%2Bw"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sitecountry.com/	1970-01-21 03:39:37	Name: cf_clearance Value: .Vp54LaoKIHt0souZrtuX7QaVviuellKGgDUoD.8jU8-1709641661-1.0.1.1-PiJcBEXDkOr4__ltLPK20kUc3HJefblQjKnYCtlpkOh_edLBvJcEI3H8Tjpe4zicV8sKoGu8jDfuk7cQJRq9hg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://nirvanatech.cloud/#ce Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hosting.sitecountry.com
nirvanatech.cloud
104.26.2.214
142.250.186.106
216.58.206.35
65.109.92.221
247081554e30be689d32e00acb1d6851c770510c2d2d3429af6ce4c8b648343f
56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8
84d9d192cfda3b09de9c44216fef45b2f0d759645802c0826b8e595278e1a150
9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43
cd0a22c62bbeb50cc2e99a88f3ba91ff97587af8c786f2c074bf01f66d49d584
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

nirvanatech.cloud Open in urlscan Pro 65.109.92.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

118 kBTransfer

302 kBSize

1 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

nirvanatech.cloud Open in urlscan Pro
65.109.92.221 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

118 kB
Transfer

302 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions