keysystem.fluxteam.net Open in urlscan Pro
198.251.86.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://keysystem.fluxteam.net:2052/
Effective URL:
https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F
Submission: On January 21 via api (January 21st 2024, 9:08:32 am UTC) from US — Scanned from DE

Summary HTTP 6 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 198.251.86.32, located in Las Vegas, United States and belongs to PONYNET, US. The main domain is keysystem.fluxteam.net. The Cisco Umbrella rank of the primary domain is 770101.
TLS certificate: Issued by R3 on January 8th 2024. Valid for: 3 months.

This is the only time keysystem.fluxteam.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3 9	198.251.86.32 198.251.86.32		53667 (PONYNET) (PONYNET)
6	2

9 198.251.86.32 (Las Vegas, United States) 3 redirects

ASN53667 (PONYNET, US)
PTR: anycast.nexuspipe.com

keysystem.fluxteam.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.nexus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cf-ent-cache.nexuspipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.fonts.nexus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	fluxteam.net 3 redirects keysystem.fluxteam.net — Cisco Umbrella Rank: 770101	111 KB
2	fonts.nexus fonts.nexus — Cisco Umbrella Rank: 726083 cdn.fonts.nexus — Cisco Umbrella Rank: 773335	51 KB
1	nexuspipe.com cf-ent-cache.nexuspipe.com	1 KB
6	3

	Domain	Requested by
6	keysystem.fluxteam.net	3 redirects keysystem.fluxteam.net
1	cdn.fonts.nexus	fonts.nexus
1	cf-ent-cache.nexuspipe.com	keysystem.fluxteam.net
1	fonts.nexus	keysystem.fluxteam.net
6	4

This site contains links to these domains. Also see Links.

Domain
nexuspipe.com

Subject Issuer	Validity	Valid
keysystem.fluxteam.net R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
fonts.nexus R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
cf-ent-cache.nexuspipe.com R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
cdn.fonts.nexus R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F
Frame ID: 0E9C96BAF8EFA7CB15FB6194AAB1E48B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CAPTCHA | NexusPIPE

Page URL History Show full URLs

http://keysystem.fluxteam.net:2052/ HTTP 301
https://keysystem.fluxteam.net:2052/ HTTP 302
https://keysystem.fluxteam.net:2052/.nexus/challenge?&reason=0&destination=%2F HTTP 301
https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F Page URL

Detected technologies

Svelte (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+class=\"[^\"]+\ssvelte-[\w]*\"

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

163 kB
Transfer

413 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://nexuspipe.com/?ref=challenge&ref_from=

Search URL Search Domain Scan URL

URL: https://nexuspipe.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://keysystem.fluxteam.net:2052/ HTTP 301
https://keysystem.fluxteam.net:2052/ HTTP 302
https://keysystem.fluxteam.net:2052/.nexus/challenge?&reason=0&destination=%2F HTTP 301
https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response keysystem.fluxteam.net/.nexus/challenge/ Redirect Chain http://keysystem.fluxteam.net:2052/ https://keysystem.fluxteam.net:2052/ https://keysystem.fluxteam.net:2052/.nexus/challenge?&reason=0&destination=%2F https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F	342 KB 106 KB	34ms 33ms	Document text/html	198.251.86.32 PONYNET
General Check archive.org Show headers Download Go to Full URL https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.251.86.32 Las Vegas, United States, ASN53667 (PONYNET, US), Reverse DNS anycast.nexuspipe.com Software Nexuspipe.com \| DDoS Mitigation Cluster / Resource Hash `9cc2d9b5ca0f447c87454e3c73527a301eb5eda4b66c0c4e6f577f5b6ca2a1b5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache content-encoding gzip content-type text/html date Sun, 21 Jan 2024 09:08:27 GMT last-modified Sunday, 21-Jan-2024 09:08:27 GMT nexus-node 93c776c78f2d server Nexuspipe.com \| DDoS Mitigation Cluster vary Accept-Encoding Redirect headers cache-control no-store, no-cache content-length 166 content-type text/html date Sun, 21 Jan 2024 09:08:27 GMT last-modified Sunday, 21-Jan-2024 09:08:27 GMT location https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F nexus-node 93c776c78f2d server Nexuspipe.com \| DDoS Mitigation Cluster
GET H2	200	css2 fonts.nexus/	716 B 693 B	114ms 35ms	Stylesheet text/css	198.251.86.32 PONYNET
General Check archive.org Show headers Download Go to Full URL https://fonts.nexus/css2?family=Poppins&display=swap&local=false Requested by Host: keysystem.fluxteam.net URL: https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.251.86.32 Las Vegas, United States, ASN53667 (PONYNET, US), Reverse DNS anycast.nexuspipe.com Software Nexuspipe.com \| DDoS Mitigation Cluster / NexusPIPE, Fastify Resource Hash `a51b56b7a9dd18f9371dcd9ae13758336d88144417ceb12ef8eccdbc2546f568` Request headers accept-language de-DE,de;q=0.9 Referer https://keysystem.fluxteam.net:2052/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 09:08:28 GMT content-encoding gzip server Nexuspipe.com \| DDoS Mitigation Cluster nexus-cache BYPASS x-powered-by NexusPIPE, Fastify vary Accept-Encoding content-type text/css access-control-allow-origin * nexus-node 93c776c78f2d cache-control public, max-age=86400 link <https://cdn.fonts.nexus>; rel=preconnect; crossorigin x-server-region Frankfurt, DE
GET DATA	200 OK	truncated /	4 KB 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b135b72fa2094242a6bb5b528a52420209020d8bd182d551d03bd5dacd9ff2c8` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	Background.svg cf-ent-cache.nexuspipe.com/static/	7 KB 1 KB	56ms 11ms	Image image/svg+xml	198.251.86.32 PONYNET
General Check archive.org Show headers Download Go to Show image Full URL https://cf-ent-cache.nexuspipe.com/static/Background.svg Requested by Host: keysystem.fluxteam.net URL: https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.251.86.32 Las Vegas, United States, ASN53667 (PONYNET, US), Reverse DNS anycast.nexuspipe.com Software Nexuspipe.com \| DDoS Mitigation Cluster / Resource Hash `331c98cef3112777df85fba3dab26fbd29b89a5897324b97f98ebaeafede7de1` Request headers accept-language de-DE,de;q=0.9 Referer https://keysystem.fluxteam.net:2052/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 09:08:28 GMT content-encoding gzip last-modified Fri, 15 Sep 2023 13:42:34 GMT server Nexuspipe.com \| DDoS Mitigation Cluster nexus-cache HIT etag W/"65045f4a-1dee" vary Accept-Encoding nexus-node 93c776c78f2d content-type image/svg+xml
GET H2	200	Poppins-255d561d62b2019af045055ecea1b342746a57e564b2a0c477e27807d483c0fb7c00a681ddbf06dbb0aa375d5cfa0c7d91e9a3ed1352375ca40d28b756248f5a.woff2 cdn.fonts.nexus/fonts/	50 KB 50 KB	95ms 24ms	Font application/octet-stream	198.251.86.32 PONYNET
General Check archive.org Show headers Download Go to Full URL https://cdn.fonts.nexus/fonts/Poppins-255d561d62b2019af045055ecea1b342746a57e564b2a0c477e27807d483c0fb7c00a681ddbf06dbb0aa375d5cfa0c7d91e9a3ed1352375ca40d28b756248f5a.woff2 Requested by Host: fonts.nexus URL: https://fonts.nexus/css2?family=Poppins&display=swap&local=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.251.86.32 Las Vegas, United States, ASN53667 (PONYNET, US), Reverse DNS anycast.nexuspipe.com Software Nexuspipe.com \| DDoS Mitigation Cluster / Resource Hash `59c663828e08f9224c259699c9c08106143a99d32a1673746558345d14d01a91` Request headers Referer https://fonts.nexus/ Origin https://keysystem.fluxteam.net:2052 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 09:08:28 GMT last-modified Fri, 24 Nov 2023 16:51:09 GMT server Nexuspipe.com \| DDoS Mitigation Cluster nexus-cache HIT etag "6560d47d-c6e4" access-control-allow-methods GET, POST, OPTIONS content-type application/octet-stream access-control-allow-origin * nexus-node 93c776c78f2d cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 50916 expires Sun, 19 Jan 2025 22:55:55 GMT
GET H2	200	ip Show response keysystem.fluxteam.net/.nexus/	13 B 187 B	12ms 12ms	Fetch text/plain	198.251.86.32 PONYNET
General Check archive.org Show headers Download Go to Full URL https://keysystem.fluxteam.net:2052/.nexus/ip Requested by Host: keysystem.fluxteam.net URL: https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.251.86.32 Las Vegas, United States, ASN53667 (PONYNET, US), Reverse DNS anycast.nexuspipe.com Software Nexuspipe.com \| DDoS Mitigation Cluster / Resource Hash `f1244b5029aae8619c8e0abf4c4eea16b1cdafc804705ec08b233e77a0051a2e` Request headers accept-language de-DE,de;q=0.9 Referer https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers content-type text/plain date Sun, 21 Jan 2024 09:08:28 GMT cache-control no-store, no-cache last-modified Sunday, 21-Jan-2024 09:08:28 GMT server Nexuspipe.com \| DDoS Mitigation Cluster content-length 13 nexus-node 93c776c78f2d
POST H2	200	interact Show response keysystem.fluxteam.net/.nexus/	6 KB 5 KB	128ms 128ms	Fetch application/json	198.251.86.32 PONYNET
General Check archive.org Show headers Download Go to Full URL https://keysystem.fluxteam.net:2052/.nexus/interact Requested by Host: keysystem.fluxteam.net URL: https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.251.86.32 Las Vegas, United States, ASN53667 (PONYNET, US), Reverse DNS anycast.nexuspipe.com Software Nexuspipe.com \| DDoS Mitigation Cluster / Express Resource Hash `ca7865498676356a8d1100dbe74205e34b225ebc54ad029d3d2bf1f891fd464a` Request headers Referer https://keysystem.fluxteam.net:2052/.nexus/challenge/?&reason=0&destination=%2F accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/json Response headers date Sun, 21 Jan 2024 09:08:28 GMT content-encoding gzip last-modified Sunday, 21-Jan-2024 09:08:28 GMT server Nexuspipe.com \| DDoS Mitigation Cluster x-powered-by Express etag W/"167a-lf0lz9jk3u0mFzFytL+KSNKl/qE" vary Accept-Encoding nexus-node 93c776c78f2d content-type application/json; charset=utf-8 cache-control no-store, no-cache
GET DATA	200 OK	truncated /	748 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `46d003524fad4e7c9ab8e27b0e2607e4051eefdf755b145bd42229d974e96525` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	3 KB 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e91fa5b0296258a4b0efd8a9b52be481bf76929e5ddde3292246f25afc1be519` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/webp

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.fonts.nexus
cf-ent-cache.nexuspipe.com
fonts.nexus
keysystem.fluxteam.net
198.251.86.32
331c98cef3112777df85fba3dab26fbd29b89a5897324b97f98ebaeafede7de1
46d003524fad4e7c9ab8e27b0e2607e4051eefdf755b145bd42229d974e96525
59c663828e08f9224c259699c9c08106143a99d32a1673746558345d14d01a91
9cc2d9b5ca0f447c87454e3c73527a301eb5eda4b66c0c4e6f577f5b6ca2a1b5
a51b56b7a9dd18f9371dcd9ae13758336d88144417ceb12ef8eccdbc2546f568
b135b72fa2094242a6bb5b528a52420209020d8bd182d551d03bd5dacd9ff2c8
ca7865498676356a8d1100dbe74205e34b225ebc54ad029d3d2bf1f891fd464a
e91fa5b0296258a4b0efd8a9b52be481bf76929e5ddde3292246f25afc1be519
f1244b5029aae8619c8e0abf4c4eea16b1cdafc804705ec08b233e77a0051a2e

keysystem.fluxteam.net Open in urlscan Pro 198.251.86.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

2 IPs

1 Countries

163 kBTransfer

413 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

keysystem.fluxteam.net Open in urlscan Pro
198.251.86.32 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

163 kB
Transfer

413 kB
Size

0
Cookies

6 HTTP transactions
3 data transactions