urlscan.io logo urlscan.io
SecurityTrails logo

pic.zmon.nyc.mn Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pic.zmon.nyc.mn/
Effective URL: https://pic.zmon.nyc.mn/login
Submission: On October 19 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is pic.zmon.nyc.mn.
TLS certificate: Issued by WE1 on October 19th 2024. Valid for: 3 months.
This is the only time pic.zmon.nyc.mn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 3 104.18.95.41 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 2602:fbf9::10 400283 (ENDLESS-G...)
5 4
Apex Domain
Subdomains		 Transfer
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
16 KB
2 nyc.mn
pic.zmon.nyc.mn
2 KB
1 endl.site
kdata.endl.site
10 KB
1 workers.dev
bed.k-1tu6re.workers.dev
263 KB
5 4
Domain Requested by
3 challenges.cloudflare.com 1 redirects pic.zmon.nyc.mn
challenges.cloudflare.com
2 pic.zmon.nyc.mn 1 redirects
1 kdata.endl.site
1 bed.k-1tu6re.workers.dev pic.zmon.nyc.mn
5 4

This site contains no links.

Subject Issuer Validity Valid
zmon.nyc.mn
WE1		 2024-10-19 -
2025-01-17		 3 months crt.sh
k-1tu6re.workers.dev
WE1		 2024-09-09 -
2024-12-08		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
kdata.endl.site
E5		 2024-09-16 -
2024-12-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://pic.zmon.nyc.mn/login
Frame ID: D364AE6EC312A7721A434816B7EFF2CA
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/7v72n/0x4AAAAAAAifk4CSnmhcVY71/auto/fbE/normal/auto/
Frame ID: ED78C315956DDA19574A21644E61F9A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Flux.1-AI文生图

Page URL History Show full URLs

  1. https://pic.zmon.nyc.mn/ HTTP 302
    https://pic.zmon.nyc.mn/login Page URL

Page Statistics

5
Requests

80 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

290 kB
Transfer

385 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pic.zmon.nyc.mn/ HTTP 302
    https://pic.zmon.nyc.mn/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
pic.zmon.nyc.mn/
Redirect Chain
  • https://pic.zmon.nyc.mn/
  • https://pic.zmon.nyc.mn/login
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pic.zmon.nyc.mn/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51728ec980ea708034edd2515d83408022fdd221ee1410757da15bcb549c7c1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8d546deaf8439f66-AMS
content-encoding
zstd
content-type
text/html
date
Sat, 19 Oct 2024 23:08:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iM3WgyU38E%2Fw55soUKNACvAkNBbuAKYW7PWEwUVNHWL3Cr%2FYB8iAmjDnhuLf6dY%2F6q6csi2oAwtuO1qHmoQjJ2lOj70RQt5eXh7svJVNaQKjae%2B7DOBmq0iVvI6pxXTx9vt%2FMkEIzYJaBpdL8w0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=15217&sent=9&recv=12&lost=0&retrans=0&sent_bytes=4549&recv_bytes=2438&delivery_rate=260546&cwnd=254&unsent_bytes=0&cid=9b0e53e8aa899e05&ts=69&x=0"
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-ray
8d546dead80e9f66-AMS
content-length
0
date
Sat, 19 Oct 2024 23:08:19 GMT
location
/login
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2BXvnj%2FRppyy2%2Blef%2FEm3WywaT0QSC9FeEqmW6HymoLT%2FXZe6mhZdAtlJMf0oDxYucS%2FfOFXGQitU8pKhIRm3W8n%2FgLuMlOut9TfNL0iAN2IMaEc1Tpzo8K4d5HiGA3wVMB6ZcoSx0LI%2BVr3lfg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=14939&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3975&recv_bytes=2351&delivery_rate=260546&cwnd=252&unsent_bytes=0&cid=9b0e53e8aa899e05&ts=44&x=0"
vary
Accept-Encoding
api.js
challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js
46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js
Requested by
Host: pic.zmon.nyc.mn
URL: https://pic.zmon.nyc.mn/login
Protocol
H3
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pic.zmon.nyc.mn/

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d546deb9ffe6646-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 23:08:19 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Oct 2024 14:19:56 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/62ec4f065604/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8d546deb6fd76646-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 19 Oct 2024 23:08:19 GMT
vary
Accept-Encoding
server
cloudflare
f05e4f3d6487387d06d62.jpg
bed.k-1tu6re.workers.dev/file/ 		271 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bed.k-1tu6re.workers.dev/file/f05e4f3d6487387d06d62.jpg
Requested by
Host: pic.zmon.nyc.mn
URL: https://pic.zmon.nyc.mn/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30aac6f19086682cbe83ca08fe629dbd3c08be8816a941792efcec271aac6acb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pic.zmon.nyc.mn/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"9e52e99febc14c9bf6817e67cd218cc13945daaa"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLrw2SKFvEsl2qfvdzOUv7SvrgH%2BWF3nHneox2CHUNHXm3UiRken%2FQ3Sc%2B50cyAtjB34GmdUeKmxppHdhNj6TbmUbn9PQM8ZITc3UiXut%2F6IajZkQo6A9IiUUgzULGngcLefBNozRYr2BRI%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 20 Oct 2024 02:08:19 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16306&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4161&recv_bytes=4426&delivery_rate=38117&cwnd=12000&unsent_bytes=0&cid=bfb08f27e1f5b592&ts=86&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 19 Oct 2024 23:08:19 GMT
content-type
image/jpeg
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=10800, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d546deb8fd428ac-AMS
accept-ranges
bytes
content-length
268362
server
cloudflare
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/7v72n/0x4AAAAAAAifk4CSnmhcVY71/auto/fbE/normal/auto/ Frame ED78 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/7v72n/0x4AAAAAAAifk4CSnmhcVY71/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer
https://pic.zmon.nyc.mn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d546debf8f49f99-AMS
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sat, 19 Oct 2024 23:08:19 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
605dc0ae423687b06047317fb260c4b4.ico
kdata.endl.site/view.php/ 		66 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kdata.endl.site/view.php/605dc0ae423687b06047317fb260c4b4.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2602:fbf9::10 , United States, ASN400283 (ENDLESS-GROUP, US),
Reverse DNS
Software
Apache/2 / PHP/7.4.30
Resource Hash
7152bffeaf7b74ea077b939335ab992049473021163cb58ee938fb86d56e791f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pic.zmon.nyc.mn/

Response headers

cache-control
max-age=2592000
content-encoding
gzip
pragma
cache
expires
Mon, 18 Nov 2024 23:08:20 GMT
content-length
9942
date
Sat, 19 Oct 2024 23:08:20 GMT
content-type
image/x-icon
x-powered-by
PHP/7.4.30
vary
Accept-Encoding,User-Agent
server
Apache/2

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| turnstile

0 Cookies

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://pic.zmon.nyc.mn/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o