ntx0r.duqaryc.cfd
Open in
urlscan Pro
195.62.46.148
Public Scan
Effective URL: https://ntx0r.duqaryc.cfd/a/pay.php/?t=enter&o=5654062&h=3583d28a35258f6692a8b897829b304ea1cf3595
Submission: On August 14 via manual from RU — Scanned from US
Summary
TLS certificate: Issued by E6 on August 13th 2024. Valid for: 3 months.
This is the only time ntx0r.duqaryc.cfd was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 15 | 195.62.46.148 195.62.46.148 | 44592 (SKYLINK) (SKYLINK) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:809::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:9d40:801... 2a03:9d40:801:ff00::1 | 41095 (IPTP) (IPTP) | |
6 | 2607:f8b0:400... 2607:f8b0:4006:81d::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 198.244.165.101 198.244.165.101 | 16276 (OVH) (OVH) | |
23 | 5 |
ASN16276 (OVH, FR)
PTR: ns3199009.ip-198-244-165.eu
telemetry.jivosite.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
duqaryc.cfd
2 redirects
ntx0r.duqaryc.cfd |
34 KB |
6 |
gstatic.com
fonts.gstatic.com |
84 KB |
3 |
jivosite.com
code.jivosite.com — Cisco Umbrella Rank: 42186 telemetry.jivosite.com — Cisco Umbrella Rank: 56613 |
6 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
1 KB |
23 | 4 |
Domain | Requested by | |
---|---|---|
15 | ntx0r.duqaryc.cfd |
2 redirects
ntx0r.duqaryc.cfd
|
6 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | code.jivosite.com |
ntx0r.duqaryc.cfd
code.jivosite.com |
1 | telemetry.jivosite.com |
code.jivosite.com
|
1 | fonts.googleapis.com |
ntx0r.duqaryc.cfd
|
23 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
duqaryc.cfd E6 |
2024-08-13 - 2024-11-11 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.jivosite.com Go Daddy Secure Certificate Authority - G2 |
2024-04-05 - 2025-05-07 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ntx0r.duqaryc.cfd/a/pay.php/?t=enter&o=5654062&h=3583d28a35258f6692a8b897829b304ea1cf3595
Frame ID: 31E8CF28EC6D1121CA2BFF0779C83A4D
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Страница оплатыPage URL History Show full URLs
-
https://ntx0r.duqaryc.cfd/
HTTP 302
https://ntx0r.duqaryc.cfd/a/pay.php/?t=create&p=130&h=b8095176dcfd2ae3c2f2db25e31b8acbad9fb549&cprice=... HTTP 302
https://ntx0r.duqaryc.cfd/a/pay.php/?t=enter&o=5654062&h=3583d28a35258f6692a8b897829b304ea1cf3595 Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ntx0r.duqaryc.cfd/
HTTP 302
https://ntx0r.duqaryc.cfd/a/pay.php/?t=create&p=130&h=b8095176dcfd2ae3c2f2db25e31b8acbad9fb549&cprice=1000 HTTP 302
https://ntx0r.duqaryc.cfd/a/pay.php/?t=enter&o=5654062&h=3583d28a35258f6692a8b897829b304ea1cf3595 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ntx0r.duqaryc.cfd/a/pay.php/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
ntx0r.duqaryc.cfd/formpay/Banks/v/Gosuslugi/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
ntx0r.duqaryc.cfd/formpay/Banks/v/Gosuslugi/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mastercard.svg
ntx0r.duqaryc.cfd/formpay/Banks/v/Gosuslugi/img/ |
1 KB 878 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visa.svg
ntx0r.duqaryc.cfd/formpay/Banks/v/Gosuslugi/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mir.svg
ntx0r.duqaryc.cfd/formpay/Banks/v/Gosuslugi/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mir.png
ntx0r.duqaryc.cfd/formpay/Banks/v/Gosuslugi/img/ |
547 B 822 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mastercard.png
ntx0r.duqaryc.cfd/formpay/Banks/v/Gosuslugi/img/ |
535 B 810 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visa.png
ntx0r.duqaryc.cfd/formpay/Banks/v/Gosuslugi/img/ |
833 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amex.png
ntx0r.duqaryc.cfd/formpay/Banks/v/Gosuslugi/img/ |
704 B 979 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jcb.png
ntx0r.duqaryc.cfd/formpay/Banks/v/Gosuslugi/img/ |
846 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min.js
ntx0r.duqaryc.cfd/formpay/Banks/js/ |
64 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pzv4ojjrDC
code.jivosite.com/widget/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pzv4ojjrDC
code.jivosite.com/script/widget/config/ |
29 B 234 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.png
ntx0r.duqaryc.cfd/formpay/Banks/v/Gosuslugi/img/ |
2 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
w
telemetry.jivosite.com/ |
0 93 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| is_enter function| IMask string| value function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ntx0r.duqaryc.cfd/ | Name: PHPSESSID Value: 59220e11f5c35cb42ec86cfc10b4c2a4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jivosite.com
fonts.googleapis.com
fonts.gstatic.com
ntx0r.duqaryc.cfd
telemetry.jivosite.com
195.62.46.148
198.244.165.101
2607:f8b0:4006:809::200a
2607:f8b0:4006:81d::2003
2a03:9d40:801:ff00::1
042e57c90432b9ab0cac0c85f7af3825427ca280717f60bc28edeac2c44b0888
0b33c63a8c5e27ff8f69065e4b8d484bfce417a744f371ac77c64962a15e9474
30cb7c53abb0bea9b51a7d2589af4bea4bdd66cce47f3f24ca716f408341f19e
4b8c5cc2edf2460c0229156480610c6067037eadeae47a1dc0e58aa3b497c753
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
4f2c19dad8304bd2820c67edc3376aa9ea04dd5cc92577e6df6ede32e58f43c7
58b64132346688871f7fce5fb86826f42782c8ab1f5e32ffe5fa7df18be50a35
78dbd065ca584904697c71ec4f7acf65925ed16aa78de504ae5fbf5b8df26d36
83a00ef8a5bc290c76d5813193eb405fa0ef2bb6ee3b9ac81cef030aa5de8e21
8829ee18f95a7f6c8b1087df2e0a9dcee0e60e2957e9f3a4cf69f7324b4d00c5
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
97d96ec3cab2e54f84d213dc261e9ff6c28c5e09dc61890fc864a3f53233542e
9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482
a369ffea1ddcb3e5e3530c1fe528653063f4b6e46aec0812d30739197d6dfc02
a6a425adf47dfaaddc18a7559fab36452c0ef166408b5f9c970759fe7fef4a7c
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
bd310de4c97d59f50aebb451e2ebc5e9728d926cd7f7a9f752221a5eb9dd4c17
c58eaa1271acf144532c5a807056d6e0fd3aa7bd5081235fdcc421b365492482
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dd4346a722f73229419ca5e2a2902f05f182a432adb7eea2fad34ce01b8e4ba7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec999ab71cbb6beb7e10406b0d6910c32b5079b7def5722662d2915cf3a54677
fc9f228a8c19afbbb8dd7a896fedcfa257a6ad2b988b7712a253f06b1a5ab157