urlscan.io logo urlscan.io
SecurityTrails logo

fuyici.otandord.ru Open in urlscan Pro
2606:4700:3037::ac43:caa7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://brandequity.economictimes.indiatimes.com/etl.php?url=//pks-kotatangerang.org/7718/Ripple/%23Y2hyaXNAcmlwcGxlLmNvbQ==/utm_source=promotions
Effective URL: https://fuyici.otandord.ru/uskylega/
Submission: On March 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3037::ac43:caa7, located in United States and belongs to CLOUDFLARENET, US. The main domain is fuyici.otandord.ru.
TLS certificate: Issued by GTS CA 1P5 on March 6th 2024. Valid for: 3 months.
This is the only time fuyici.otandord.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 3
Domain Requested by
2 brandequity.economictimes.indiatimes.com 2 redirects
1 fuyici.otandord.ru pks-kotatangerang.org
1 pks-kotatangerang.org
0 769y7.xtpoen.ru Failed fuyici.otandord.ru
0 ripple.com Failed pks-kotatangerang.org
4 5

This site contains no links.

Subject Issuer Validity Valid
pks-kotatangerang.org
E1		 2024-02-05 -
2024-05-05		 3 months crt.sh
otandord.ru
GTS CA 1P5		 2024-03-06 -
2024-06-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fuyici.otandord.ru/uskylega/
Frame ID: DBC77BEA483327DC18297D3A06C45A95
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://brandequity.economictimes.indiatimes.com/etl.php?url=//pks-kotatangerang.org/7718/Ripple/%23Y2hyaXNAcmlwcGxlLmNvbQ==/... HTTP 302
    https://brandequity.economictimes.indiatimes.com/etlr.php?url=//pks-kotatangerang.org/7718/Ripple/%23Y2hyaXNAcmlwcGxlLmNvbQ==... HTTP 302
    https://pks-kotatangerang.org/7718/Ripple/ Page URL
  2. https://fuyici.otandord.ru/uskylega/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

4
Requests

50 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

7 kB
Transfer

14 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://brandequity.economictimes.indiatimes.com/etl.php?url=//pks-kotatangerang.org/7718/Ripple/%23Y2hyaXNAcmlwcGxlLmNvbQ==/utm_source=promotions HTTP 302
    https://brandequity.economictimes.indiatimes.com/etlr.php?url=//pks-kotatangerang.org/7718/Ripple/%23Y2hyaXNAcmlwcGxlLmNvbQ==/utm_source=promotions HTTP 302
    https://pks-kotatangerang.org/7718/Ripple/ Page URL
  2. https://fuyici.otandord.ru/uskylega/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://brandequity.economictimes.indiatimes.com/etl.php?url=//pks-kotatangerang.org/7718/Ripple/%23Y2hyaXNAcmlwcGxlLmNvbQ==/utm_source=promotions HTTP 302
  • https://brandequity.economictimes.indiatimes.com/etlr.php?url=//pks-kotatangerang.org/7718/Ripple/%23Y2hyaXNAcmlwcGxlLmNvbQ==/utm_source=promotions HTTP 302
  • https://pks-kotatangerang.org/7718/Ripple/

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
pks-kotatangerang.org/7718/Ripple/
Redirect Chain
  • https://brandequity.economictimes.indiatimes.com/etl.php?url=//pks-kotatangerang.org/7718/Ripple/%23Y2hyaXNAcmlwcGxlLmNvbQ==/utm_source=promotions
  • https://brandequity.economictimes.indiatimes.com/etlr.php?url=//pks-kotatangerang.org/7718/Ripple/%23Y2hyaXNAcmlwcGxlLmNvbQ==/utm_source=promotions
  • https://pks-kotatangerang.org/7718/Ripple/
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pks-kotatangerang.org/7718/Ripple/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
863d2e4a5dce2c73-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 15:50:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDtke7XI8aQ4gNNzUShHZaGLP1MOLNEZ3dR4Rpqk6kp%2BOLnMZFf%2FjiCamPH0ABIk62f1k2k1HZJCQx8gz%2FN1gDxjcKPhn80AJBCz7otmQBxR87XaHvXyf%2Fpb%2BcCPahEmN4ViCzae9mJJq0M5VOEnpW%2FfABg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-language
en
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 15:50:38 GMT
expires
Wed, 13 Mar 2024 15:50:38 GMT
location
//pks-kotatangerang.org/7718/Ripple/#Y2hyaXNAcmlwcGxlLmNvbQ==/utm_source=promotions#Y2hyaXNAcmlwcGxlLmNvbQ==/utm_source=promotions?utm_source=promotions&utm_medium=email&utm_campaign=
pragma
no-cache
server
Bhoot
strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
x-cool
22.55
x-frame-options
sameorigin SAMEORIGIN
x-xss-protection
1; mode=block
/
ripple.com/ 		0
0
Primary Request /
fuyici.otandord.ru/uskylega/ 		7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fuyici.otandord.ru/uskylega/
Requested by
Host: pks-kotatangerang.org
URL: https://pks-kotatangerang.org/7718/Ripple/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:caa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93a3423b8ad9fc2d4a280746a1bade391759ed5a8d55873e591c2b0faa94a937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pks-kotatangerang.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
863d2e4e3a14bbda-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 15:50:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IQN8y7JIS2rEWRnN81vEpavXUCJWzaaL7%2BDEbMdJKKaqkfGkDDpSpX%2FmPcFHvQcT5EaN6EDPVr0ewPl9qD4r%2FB3TakVdcl2n6bU9ukh%2FMp9ywN2O1ohJIdXmFku"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
beoyrsmssdxllykignpHddwpiOIVQMNYIRAHLBEUPMKZQSRPVP
769y7.xtpoen.ru/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ripple.com
URL
http://chris@ripple.com/
Domain
769y7.xtpoen.ru
URL
https://769y7.xtpoen.ru/beoyrsmssdxllykignpHddwpiOIVQMNYIRAHLBEUPMKZQSRPVP

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
brandequity.economictimes.indiatimes.com/ Name: PHPSESSID
Value: fcdfbfc5180c2882b9089f95a54bc894
brandequity.economictimes.indiatimes.com/ Name: pmUsr
Value: 1710345037
brandequity.economictimes.indiatimes.com/ Name: brandequity_subscription_source
Value: email
fuyici.otandord.ru/ Name: XSRF-TOKEN
Value: eyJpdiI6ImJ5VWUzcGRLdC9oeU9HbXJVRXVteXc9PSIsInZhbHVlIjoiOE9nczZvUzRmakxYSjQyZWwzb3h1bDlxS0wwazNOeVp4R0Y1eGxtWFhDQ1BKOCs5NVlSN0VYaUI5aFd4NVNHN3dieVNtRUczeW84N3YreVRDeDk5RnJyanlTcHg2bW5kQnZKUXplS204Smc4ZWhUSkh0ZndLVEpNQkNrUDFSTUkiLCJtYWMiOiI3NzdhN2EyZGQ0ZTBiOGUwNTg0ODlkNzk4MjE2Zjc4MmNhZTNhYWNiYThjYTIxZDcyMjdkYWM1NmYyN2I0NjNlIiwidGFnIjoiIn0%3D
fuyici.otandord.ru/ Name: laravel_session
Value: eyJpdiI6InBqbE55SlZsUjZmWjduNUxMd0FDMXc9PSIsInZhbHVlIjoiZW1USVZVZnFjUk9OZUl1bjd6Z0ZJaThSNU1LUldOcU9yckY3N0xYNkF4bTlQRmNuOS9zTloxclNKaUZNSWRrUXdqakc4MTF5THJxQ1VlRVNpY1NFaWI2VHFEclpUNlIyUU9YSDYzYlpTMWZ3cUZBNjBGempwMDdjNmRLeURsb3giLCJtYWMiOiJhZDIxYTI0MjJjNWJmMWQ0MzllNTRkYzEzMzk5NjZlYjI3NmRlZTZmOTgyNTJkYWMzNmIxNDEyMGY0ZmUxYjU2IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

769y7.xtpoen.ru
brandequity.economictimes.indiatimes.com
fuyici.otandord.ru
pks-kotatangerang.org
ripple.com
769y7.xtpoen.ru
ripple.com
2606:4700:3037::ac43:caa7
2a02:26f0:3100:58f::3126
2a06:98c1:3121::3
93a3423b8ad9fc2d4a280746a1bade391759ed5a8d55873e591c2b0faa94a937