bhvwzglhbw9u.cretech.ru
Open in
urlscan Pro
141.95.99.203
Public Scan
Effective URL: https://bhvwzglhbw9u.cretech.ru/bHBwcHNw/
Submission: On July 06 via manual — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 23rd 2023. Valid for: 3 months.
This is the only time bhvwzglhbw9u.cretech.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 68.168.84.60 68.168.84.60 | 17378 (AS17378) (AS17378) | |
1 | 192.185.79.88 192.185.79.88 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
1 | 141.95.99.203 141.95.99.203 | 16276 (OVH) (OVH) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 8 | 2606:4700::68... 2606:4700::6811:3b8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:400... 2a04:4e42:400::485 | 54113 (FASTLY) (FASTLY) | |
14 | 6 |
ASN17378 (AS17378, US)
PTR: 60.84.168.68.static.dbsintl.net
www.nexxt.com |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: websol.ws
horseracingsystems.com.au |
ASN16276 (OVH, FR)
PTR: s614.fra6.mysecurecloudhost.com
bhvwzglhbw9u.cretech.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
cloudflare.com
1 redirects
challenges.cloudflare.com — Cisco Umbrella Rank: 5263 |
250 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368 |
25 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 749 |
30 KB |
1 |
cretech.ru
bhvwzglhbw9u.cretech.ru |
2 KB |
1 |
horseracingsystems.com.au
horseracingsystems.com.au |
122 B |
1 |
nexxt.com
1 redirects
www.nexxt.com — Cisco Umbrella Rank: 143019 |
1 KB |
14 | 6 |
Domain | Requested by | |
---|---|---|
8 | challenges.cloudflare.com |
1 redirects
bhvwzglhbw9u.cretech.ru
challenges.cloudflare.com |
1 | cdn.jsdelivr.net |
horseracingsystems.com.au
|
1 | code.jquery.com |
horseracingsystems.com.au
|
1 | bhvwzglhbw9u.cretech.ru | |
1 | horseracingsystems.com.au | |
1 | www.nexxt.com | 1 redirects |
14 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
horseracingsystems.com.au R3 |
2023-06-03 - 2023-09-01 |
3 months | crt.sh |
www.bhvwzglhbw9u.cretech.ru R3 |
2023-06-23 - 2023-09-21 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-18 - 2023-09-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://bhvwzglhbw9u.cretech.ru/bHBwcHNw/
Frame ID: BEAF3AB0D7E4B8F03F87F88FF3A47EC3
Requests: 6 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
Frame ID: 0480E4532D0326F642A323A190E7FE79
Requests: 9 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.nexxt.com/common/track/trackgeneral.asp?tcid=106ttid=2cid=146408910emid=18977&tv1=Unsubscribetl2=3Dsdtv2=30200224%2B14%3A08bydal=truesid=EFC4BF1A-2DD6-4735-A7FC-6285ED6C4AACintsti=&red=https%3A%2F%2Fhorseracingsystems.com.au%2Fnew%2Fauth%2FMpyc%2F%2F%2F%2FY2FyZWVyc0BjcnlvcG9ydC5jb20= HTTP 302
- https://horseracingsystems.com.au/new/auth/Mpyc////Y2FyZWVyc0BjcnlvcG9ydC5jb20=
- https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
- https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Y2FyZWVyc0BjcnlvcG9ydC5jb20=
horseracingsystems.com.au/new/auth/Mpyc//// Redirect Chain
|
0 122 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
bhvwzglhbw9u.cretech.ru/bHBwcHNw/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
130 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/g/19b997cb/ Redirect Chain
|
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ |
152 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/ Frame 0480 |
24 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 0480 |
177 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
daca04dc-e686-444f-abab-b280c8d0deff
https://challenges.cloudflare.com/ Frame 0480 |
0 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
08dbf2f6333ec96
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2099191363:1688674930:RRbh5rvY3IVvlCXbEwkDMgnptn9t36rLKpXfREGW8Zg/7e2ade715d1c9c00/ Frame 0480 |
216 KB 163 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
0b780697-b5eb-48f4-b445-63a9bf99e3aa
https://challenges.cloudflare.com/ Frame 0480 |
656 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
6ba8ee0d-2246-4d80-b611-156b2178b479
https://challenges.cloudflare.com/ Frame 0480 |
99 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mp0F2AbMeCw7hBe
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e2ade715d1c9c00/1688678187976/3ecd0ab88ff9f021f080e5d10b30902a6582a05933217e5fd44a785c0fda9665/ Frame 0480 |
1 B 628 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
e2sZH_CMxjba_ae
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7e2ade715d1c9c00/1688678187978/ Frame 0480 |
61 B 146 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
08dbf2f6333ec96
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2099191363:1688674930:RRbh5rvY3IVvlCXbEwkDMgnptn9t36rLKpXfREGW8Zg/7e2ade715d1c9c00/ Frame 0480 |
13 KB 10 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend string| nox function| $ function| jQuery function| x object| turnstile6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nexxt.com/ | Name: BeyondSessionId Value: rg76ngLXhPfmhUO9YR4jVMnoTiEaCDT%2bowjDHX2v8z8APaqWbFN03FBaa6B3H36q |
|
.nexxt.com/ | Name: UB Value: Key=4deefc9f-440c-4edb-bd2e-fbcc59e12a19 |
|
.nexxt.com/ | Name: Visitor Value: NewSessionID=02C407E7-7732-4B91-AA94-F9FAA07ABC3D&Tracked=183D6B5C-728D-488E-8534-20896943757D |
|
www.nexxt.com/ | Name: DidIPLkup Value: Y |
|
www.nexxt.com/ | Name: SERVERID Value: WFE2222 |
|
bhvwzglhbw9u.cretech.ru/ | Name: PHPSESSID Value: 2cgcad1394l72o392b13ilhvod |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bhvwzglhbw9u.cretech.ru
cdn.jsdelivr.net
challenges.cloudflare.com
code.jquery.com
horseracingsystems.com.au
www.nexxt.com
141.95.99.203
192.185.79.88
2001:4de0:ac18::1:a:2b
2606:4700::6811:3b8
2a04:4e42:400::485
68.168.84.60
3fec9b600fb8274f8ef382e39443376c7cf2c266ce89c62420f9ddc498122b0a
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7083e5b828b59dcaf3ced70df631f6d04b4bb8d5bbbf96baee05da8869ba068f
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7aaab694268416607c7dfcf6be423eaa85086ef0a29075afffd375ac82b8d74c
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
92ab242d0a86976755a3f9713908c9bed6df5edd50f838d85354688a76df93bd
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075
ced9e259025b0d5735fa81dbff6d131dc5d2dd7a84d83dfc15e15994a02d966c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
f247b8d42a7b0bc35a46517118d73961f22d245049d86ccb91d6cce6850c40eb
fb1a464e865d86918c6bca6b469c426092c219b6022098f021d526023da01274
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e