urlscan.io logo urlscan.io
SecurityTrails logo

kortatay.myz.info Open in urlscan Pro
85.132.91.141  Public Scan

Go To Rescan Add Verdict Report
URL: http://kortatay.myz.info/procx64.exe_
Submission: On November 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 10 HTTP transactions. The main IP is 85.132.91.141, located in Baku, Azerbaijan and belongs to DELTA-TELECOM-AS International Communication Operator, AZ. The main domain is kortatay.myz.info.
This is the only time kortatay.myz.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 85.132.91.141 29049 (DELTA-TEL...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 104.18.24.41 13335 (CLOUDFLAR...)
3 195.54.32.5 28753 (LEASEWEB-...)
1 104.17.214.66 13335 (CLOUDFLAR...)
10 5
3    85.132.91.141 (Baku, Azerbaijan)

ASN29049 (DELTA-TELECOM-AS International Communication Operator, AZ)
kortatay.myz.info
2    2606:4700:3033::6815:355c (United States)

ASN13335 (CLOUDFLARENET, US)
cnhv.co
2    104.18.24.41 (None, )

ASN13335 (CLOUDFLARENET, US)
www.troyhunt.com
3    195.54.32.5 (Frankfurt am Main, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: main.jetswap.com
go.jetswap.hs5.ru
1    104.17.214.66 (None, )

ASN13335 (CLOUDFLARENET, US)
troyhunt.report-uri.com
Domain Requested by
3 go.jetswap.hs5.ru kortatay.myz.info
go.jetswap.hs5.ru
3 kortatay.myz.info kortatay.myz.info
2 www.troyhunt.com kortatay.myz.info
2 cnhv.co 2 redirects
1 troyhunt.report-uri.com kortatay.myz.info
10 5

This site contains no links.

Subject Issuer Validity Valid
troyhunt.com
WE1		 2024-10-18 -
2025-01-16		 3 months crt.sh
report-uri.com
E5		 2024-09-18 -
2024-12-17		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://kortatay.myz.info/procx64.exe_
Frame ID: 79214CE3927C33B4DF27A61D87DC1961
Requests: 2 HTTP requests in this frame

Frame: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Frame ID: 86C2BF40DC2F4086C841DC3A08E2A7EB
Requests: 1 HTTP requests in this frame

Frame: http://kortatay.myz.info/jet.html
Frame ID: 9D7B357ACACC999C490FC42FCF70C8D1
Requests: 2 HTTP requests in this frame

Frame: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Frame ID: D8883683B4F4A56E33B6CA98282D1D57
Requests: 1 HTTP requests in this frame

Frame: http://kortatay.myz.info/jet.html
Frame ID: 59500F82A963F854EE190DCBA04AB47C
Requests: 2 HTTP requests in this frame

Frame: http://go.jetswap.hs5.ru/swap?user=smak15&a=1&v2=1&v3=1&v4=1&v5=1&al60=1
Frame ID: 994B2EB22FD005BE23B33620807EA5F9
Requests: 1 HTTP requests in this frame

Frame: http://go.jetswap.hs5.ru/swap?user=smak15&a=1&v2=1&v3=1&v4=1&v5=1&al60=1
Frame ID: 76BA0D80E4EB5F61685EE4FA5C3123A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

**BAYDU-404**

Page URL History Show full URLs

  1. http://kortatay.myz.info/procx64.exe_ HTTP 307
    https://kortatay.myz.info/procx64.exe_ HTTP 307
    http://kortatay.myz.info/procx64.exe_ Page URL

Page Statistics

10
Requests

30 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

5 kB
Transfer

3 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kortatay.myz.info/procx64.exe_ HTTP 307
    https://kortatay.myz.info/procx64.exe_ HTTP 307
    http://kortatay.myz.info/procx64.exe_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cnhv.co/7utq HTTP 307
  • https://cnhv.co/7utq HTTP 301
  • https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Request Chain 2
  • http://cnhv.co/7utq HTTP 307
  • https://cnhv.co/7utq HTTP 301
  • https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request procx64.exe_
kortatay.myz.info/
Redirect Chain
  • http://kortatay.myz.info/procx64.exe_
  • https://kortatay.myz.info/procx64.exe_
  • http://kortatay.myz.info/procx64.exe_
513 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
http://kortatay.myz.info/procx64.exe_
Protocol
HTTP/1.1
Server
85.132.91.141 Baku, Azerbaijan, ASN29049 (DELTA-TELECOM-AS International Communication Operator, AZ),
Reverse DNS
Software
SHS /
Resource Hash
0b7eceb95f7f6172c63ffde3ec2d77591a9137e98936d9170b335a8b9d359953

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
513
Content-Type
text/html
Last-modified
Tue, 8 Feb 2022 08:44:31 GMT
Server
SHS

Redirect headers

Location
http://kortatay.myz.info/procx64.exe_
Non-Authoritative-Reason
HttpsUpgrades
/
www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/ Frame 86C2
Redirect Chain
  • http://cnhv.co/7utq
  • https://cnhv.co/7utq
  • https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Requested by
Host: kortatay.myz.info
URL: http://kortatay.myz.info/procx64.exe_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com static.cloudflareinsights.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

Referer
http://kortatay.myz.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=14400
cf-cache-status
MISS
cf-ray
8e0ae6d2ec7839d4-FRA
content-encoding
br
content-security-policy
default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com static.cloudflareinsights.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
content-type
text/html; charset=utf-8
date
Mon, 11 Nov 2024 02:37:39 GMT
expect-ct
max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
expires
Mon, 11 Nov 2024 06:37:39 GMT
ghost-fastly
true
nel
{"report_to":"default","max_age":10886400}
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
referrer-policy
no-referrer-when-downgrade
report-to
{"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server
cloudflare
server-timing
cfCacheStatus;desc="MISS"
status
200 OK
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Cookie, Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, HIT, HIT
x-cache-hits
0, 4, 4
x-content-type-options
nosniff
x-request-id
dc5ba3e7-d7d1-423c-b084-797f238c01c7
x-served-by
cache-ams21063-AMS, cache-ams21063-AMS, cache-fra-eddf8230088-FRA
x-timer
S1731292660.677400,VS0,VE0
x-xss-protection
1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e0ae6ca1a1bd3a0-FRA
content-type
text/html; charset=utf-8
date
Mon, 11 Nov 2024 02:37:39 GMT
location
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJwO3e71S4kR0KzyCuNtbLBDbAqeJYccDoANnrd3c93mq9ppfv7nSpkc33GQsYl77kTo2WWl2VN5ZMsrVWHwp1cJg7vkQ%2BT172AUTQvDDoKt%2FyeRwkjgJmpwd8FZ2BLwwOL%2FMdum"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=16244&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3902&recv_bytes=2295&delivery_rate=273551&cwnd=252&unsent_bytes=0&cid=2daeebc5e1e9713d&ts=1086&x=0"
x-powered-by
ASP.NET
jet.html
kortatay.myz.info/ Frame 9D7B 		134 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
http://kortatay.myz.info/jet.html
Requested by
Host: kortatay.myz.info
URL: http://kortatay.myz.info/procx64.exe_
Protocol
HTTP/1.1
Server
85.132.91.141 Baku, Azerbaijan, ASN29049 (DELTA-TELECOM-AS International Communication Operator, AZ),
Reverse DNS
Software
SHS /
Resource Hash
1bc64bd9cde4ecbfb16539d401a844da6650f0bfe76d3d1a4aaf1e8bfe6977e1

Request headers

Referer
http://kortatay.myz.info/procx64.exe_
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
134
Content-Type
text/html
Last-modified
Tue, 8 Feb 2022 08:47:18 GMT
Server
SHS
/
www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/ Frame D888
Redirect Chain
  • http://cnhv.co/7utq
  • https://cnhv.co/7utq
  • https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Requested by
Host: kortatay.myz.info
URL: http://kortatay.myz.info/procx64.exe_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com static.cloudflareinsights.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

Referer
http://kortatay.myz.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=14400
cf-cache-status
MISS
cf-ray
8e0ae6d2ec7839d4-FRA
content-encoding
br
content-security-policy
default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com static.cloudflareinsights.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
content-type
text/html; charset=utf-8
date
Mon, 11 Nov 2024 02:37:39 GMT
expect-ct
max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
expires
Mon, 11 Nov 2024 06:37:39 GMT
ghost-fastly
true
nel
{"report_to":"default","max_age":10886400}
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
referrer-policy
no-referrer-when-downgrade
report-to
{"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server
cloudflare
server-timing
cfCacheStatus;desc="MISS"
status
200 OK
vary
Cookie, Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, HIT, HIT
x-cache-hits
0, 4, 4
x-content-type-options
nosniff
x-request-id
dc5ba3e7-d7d1-423c-b084-797f238c01c7
x-served-by
cache-ams21063-AMS, cache-ams21063-AMS, cache-fra-eddf8230088-FRA
x-timer
S1731292660.677400,VS0,VE0
x-xss-protection
1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e0ae6ca1a1bd3a0-FRA
content-type
text/html; charset=utf-8
date
Mon, 11 Nov 2024 02:37:39 GMT
location
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJwO3e71S4kR0KzyCuNtbLBDbAqeJYccDoANnrd3c93mq9ppfv7nSpkc33GQsYl77kTo2WWl2VN5ZMsrVWHwp1cJg7vkQ%2BT172AUTQvDDoKt%2FyeRwkjgJmpwd8FZ2BLwwOL%2FMdum"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=16244&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3902&recv_bytes=2295&delivery_rate=273551&cwnd=252&unsent_bytes=0&cid=2daeebc5e1e9713d&ts=1086&x=0"
x-powered-by
ASP.NET
jet.html
kortatay.myz.info/ Frame 5950 		134 B
0 		Document
General
Check archive.org
Download Go to
Full URL
http://kortatay.myz.info/jet.html
Requested by
Host: kortatay.myz.info
URL: http://kortatay.myz.info/procx64.exe_
Protocol
HTTP/1.1
Server
85.132.91.141 Baku, Azerbaijan, ASN29049 (DELTA-TELECOM-AS International Communication Operator, AZ),
Reverse DNS
Software
SHS /
Resource Hash
1bc64bd9cde4ecbfb16539d401a844da6650f0bfe76d3d1a4aaf1e8bfe6977e1

Request headers

Referer
http://kortatay.myz.info/procx64.exe_
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Content-Length
134
Content-Type
text/html
Last-modified
Tue, 8 Feb 2022 08:47:18 GMT
Server
SHS
websurf
go.jetswap.hs5.ru/ Frame 9D7B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.jetswap.hs5.ru/websurf?smak15
Requested by
Host: kortatay.myz.info
URL: http://kortatay.myz.info/jet.html
Protocol
HTTP/1.1
Server
195.54.32.5 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
main.jetswap.com
Software
nginx /
Resource Hash
115f2f5450611cd8f5ece5a425208d5040a14e5ce3d6c62727580472e3597cd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://kortatay.myz.info/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;
Keep-Alive
timeout=10
Date
Mon, 11 Nov 2024 02:37:38 GMT
Content-Type
application/x-javascript
Server
nginx
Connection
keep-alive
websurf
go.jetswap.hs5.ru/ Frame 5950 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.jetswap.hs5.ru/websurf?smak15
Requested by
Host: kortatay.myz.info
URL: http://kortatay.myz.info/jet.html
Protocol
HTTP/1.1
Server
195.54.32.5 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
main.jetswap.com
Software
nginx /
Resource Hash
115f2f5450611cd8f5ece5a425208d5040a14e5ce3d6c62727580472e3597cd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://kortatay.myz.info/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;
Keep-Alive
timeout=10
Date
Mon, 11 Nov 2024 02:37:38 GMT
Content-Type
application/x-javascript
Server
nginx
Connection
keep-alive
swap
go.jetswap.hs5.ru/ Frame 994B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://go.jetswap.hs5.ru/swap?user=smak15&a=1&v2=1&v3=1&v4=1&v5=1&al60=1
Requested by
Host: go.jetswap.hs5.ru
URL: http://go.jetswap.hs5.ru/websurf?smak15
Protocol
HTTP/1.1
Server
195.54.32.5 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
main.jetswap.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
http://kortatay.myz.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=windows-1251
Date
Mon, 11 Nov 2024 02:37:38 GMT
Keep-Alive
timeout=10
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=31536000;
Transfer-Encoding
chunked
swap
go.jetswap.hs5.ru/ Frame 76BA 		0
0
enforce
troyhunt.report-uri.com/r/d/csp/ 		0
618 B 		Other
General
Check archive.org
Download Go to
Full URL
https://troyhunt.report-uri.com/r/d/csp/enforce
Requested by
Host: kortatay.myz.info
URL: http://kortatay.myz.info/procx64.exe_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.214.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
http://kortatay.myz.info/

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
cross-origin-resource-policy
cross-origin
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
cf-ray
8e0ae6d40c08d39d-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 11 Nov 2024 02:37:39 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
go.jetswap.hs5.ru
URL
http://go.jetswap.hs5.ru/swap?user=smak15&a=1&v2=1&v3=1&v4=1&v5=1&al60=1

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3

1 Cookies

Domain/Path Name / Value
.cnhv.co/ Name: ARRAffinitySameSite
Value: 50e11c565d62e6771930066988118ef1682882ce90c53df274b81366d9d9b4c6

3 Console Messages

Source Level URL
Text
network error URL: http://kortatay.myz.info/procx64.exe_
Message:
Failed to load resource: the server responded with a status of 404 (Ok)
security error
Message:
Refused to frame 'https://www.troyhunt.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' troyhunt.ghost.io".
security error
Message:
Refused to frame 'https://www.troyhunt.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' troyhunt.ghost.io".