negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6/c2FsZWVtLmtoYW5AZml2ZWhvdGVsc2FuZHJlc29ydHMuY29t
200 OK
0
URL
User Request
GET
HTTP/2
negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6/c2FsZWVtLmtoYW5AZml2ZWhvdGVsc2FuZHJlc29ydHMuY29t
IP
ASN
#36024 AS-TIERP-36024
Certificate
IssuerLet's Encrypt
Subjectnegociosverdes.org
FingerprintD7:30:7B:88:41:CE:6E:AB:90:08:8B:CC:E9:0A:22:7D:7E:27:45:AB
ValiditySun, 04 Jun 2023 02:06:11 GMT - Sat, 02 Sep 2023 02:06:10 GMT
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Microsoft Outlook
GET /css/admine/fhbhb/sf_rand_string_lowercase6/c2FsZWVtLmtoYW5AZml2ZWhvdGVsc2FuZHJlc29ydHMuY29t HTTP/1.1
Host: negociosverdes.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
refresh: 0;url=https://nxdbku.cyttek.ru/Msaleem.khan@fivehotelsandresorts.com
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 10 Jun 2023 05:24:10 GMT
server: Apache
X-Firefox-Spdy: h2
nxdbku.cyttek.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d4f2fbddeefb512
42
URL
nxdbku.cyttek.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d4f2fbddeefb512
IP
Magic
GIF image data, version 89a, 1 x 1\012- data
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d4f2fbddeefb512 HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nxdbku.cyttek.ru/Msaleem.khan@fivehotelsandresorts.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:10 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 06 Jun 2023 11:54:00 GMT
etag: "647f1e58-2a"
server: cloudflare
cf-ray: 7d4f2fbeedd21c16-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 10 Jun 2023 07:24:10 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
nxdbku.cyttek.ru/api-as1f?email=saleem.khan@fivehotelsandresorts.com&data=logo
200 OK
1722
URL
GET
HTTP/3
nxdbku.cyttek.ru/api-as1f?email=saleem.khan@fivehotelsandresorts.com&data=logo
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
JSON data\012- , ASCII text, with no line terminators
Hash
dc8985f77ff982a2295c82fd5feb347b
f4e946dcfc24956c5a6905686134bf210b05558f
fa9b830e8dcf1a2ab5af780a2c45157381b803dcbaffec1659a653751d34bb63
GET /api-as1f?email=saleem.khan@fivehotelsandresorts.com&data=logo HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjBjTQrQW95WIJN1Ip3%2B%2F1sH5HdiWw%2BWmXBhjvx3N6MSoyL2tXiqeR%2B3vqXYFf1p1Xcp1fyh%2F4Ynr0c1xxDFuZsM9aiGu1yLJZr6VsVONr0P26hj8UwbcVqvTs91dfN1n83S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fdd1c6d1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aadcdn.msauthimages.net/c1c6b6c8-2oh28rqzyjprsngiyeqgvvvkxnt-kxctxdjvkejwvo0/logintenantbranding/0/illustration?ts=638037875437121546
200 OK
159390
URL
GET
HTTP/2
aadcdn.msauthimages.net/c1c6b6c8-2oh28rqzyjprsngiyeqgvvvkxnt-kxctxdjvkejwvo0/logintenantbranding/0/illustration?ts=638037875437121546
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D
ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT
Magic
PNG image data, 8000 x 4501, 8-bit/color RGBA, non-interlaced\012- data
Hash
3ef45933c7709ee46f6562086cdeaab1
a12c1e96e338c3cca3388041c7a75f954f811277
dfda461dea0bccfc2bf88f74172d8363a0b774e568d11ce2abcaabcd67effae9
GET /c1c6b6c8-2oh28rqzyjprsngiyeqgvvvkxnt-kxctxdjvkejwvo0/logintenantbranding/0/illustration?ts=638037875437121546 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=86400
content-md5: PvRZM8dwnuRvZWIIbN6qsQ==
content-type: image/*
date: Sat, 10 Jun 2023 05:24:16 GMT
etag: 0x8DAC41136CC033E
last-modified: Fri, 11 Nov 2022 18:19:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Origin
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 985d1c7d-101e-0076-1c5b-9ba88e000000
x-ms-version: 2009-09-19
content-length: 159390
X-Firefox-Spdy: h2
nxdbku.cyttek.ru/ASSETS/img/LIMG-648408ff0baf5.css
200 OK
1637
URL
GET
HTTP/3
nxdbku.cyttek.ru/ASSETS/img/LIMG-648408ff0baf5.css
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
PNG image data, 108 x 24, 8-bit colormap, non-interlaced\012- data
Hash
ee236805d05e24861ce1b6b0e7d94b8d
d46828cf9df268ddaf62facf15590a447116aeb8
175986272200fb72da9a598d30016bbda9ddcaa9e6e3f07eb94bc74196d4b805
GET /ASSETS/img/LIMG-648408ff0baf5.css HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: image/png
content-length: 1637
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 05:24:15 GMT
last-modified: Fri, 02 Jun 2023 16:02:03 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9%2FxOAmCMphhK24M%2BMNCSpLRmPVy1fpndsTdl9tqqGSY5ylDVuUCiAIoWdNGJ5HZpRWKmwW3iOfqtALS7UM9ZzKcdDCfdJ1h1m6fFJKrzHhcCcA8OLAVwMx4tOs9kDg5K5GI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4f2fdf0d741c16-OSL
alt-svc: h3=":443"; ma=86400
nxdbku.cyttek.ru/Msaleem.khan@fivehotelsandresorts.com
403 Forbidden
7756
URL
User Request
GET
HTTP/2
nxdbku.cyttek.ru/Msaleem.khan@fivehotelsandresorts.com
IP
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7925), with no line terminators
Hash
74dcd2efde86ed9985694d66490fd10b
94ea42d65fdbcdd74a2f96fa9a356d4af3a21279
5989cad55c4f2bbcd758bb5d5ed4d5501ae5ec4443b51935b90d4c2b527d17f0
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Microsoft Outlook
GET /Msaleem.khan@fivehotelsandresorts.com HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Sat, 10 Jun 2023 05:24:10 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4lnsTPhA0wbw3PiCy32qJNSlLaHvgiR2I9rz0oyabAVUZ9XafxmuzpS714ZWZDlqZgPMa9LM62WQ9AJUjA9ITrv9A3ZHPWYXIBNAcif9eVSRha0hvuOLiJ7VoKjBsPA8nId"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4f2fbddeefb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
nxdbku.cyttek.ru/jm/f4fde164baec67f9530af80b4049ba34648408fe4b68f
200 OK
6149
URL
GET
HTTP/3
nxdbku.cyttek.ru/jm/f4fde164baec67f9530af80b4049ba34648408fe4b68f
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
ASCII text, with very long lines (6175), with no line terminators
Hash
0b3cd9bfcbe6444742df90b00f63efc3
0c978b0541c9659215908034b6299f78135c935c
2065edfabc7924bff8e65b4b4ade30bb341d70ab350518bfbad98e1d4f35266f
GET /jm/f4fde164baec67f9530af80b4049ba34648408fe4b68f HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 05:24:14 GMT
last-modified: Fri, 02 Jun 2023 16:02:03 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8FycTksDNyOyIT2NB7vFFii9wCxg%2FE2Owh%2BebALSsMJJav2Ci9BvC9HfeLpc77fvtAoLhH4Icw7VszLRsbPOsMrgRp8ja%2F7jXTot25kruO6Y9OJvjnNEkDv%2FzW13MbnGiJ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fdb3b851c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nxdbku.cyttek.ru/o/f4fde164baec67f9530af80b4049ba34648408feaf529
200 OK
3651
URL
GET
HTTP/3
nxdbku.cyttek.ru/o/f4fde164baec67f9530af80b4049ba34648408feaf529
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3695), with no line terminators
Hash
d633a913e6f3b1f45774b9874dfc85e0
5ba1344048578062c93cfddfdf8458477eaca476
c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714
GET /o/f4fde164baec67f9530af80b4049ba34648408feaf529 HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 05:24:14 GMT
last-modified: Fri, 02 Jun 2023 16:02:03 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2EJjRqfVnpRD3guQZ6C5A8sm4UuZrKbURjkGEW8yW17zisJen1msHzjFLg8lT97H7guzPLU1S0cyj%2FCvcrRiDkNiMA5hejiPg%2FJA51rYreZ1ntLCNgzLHnZAlQn5xZA%2BQ%2F%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fdd1c6a1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios@1.4.0/dist/axios.min.js
200 OK
31842
URL
GET
HTTP/2
unpkg.com/axios@1.4.0/dist/axios.min.js
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Magic
ASCII text, with very long lines (31803)
Hash
6470a918ba1fd4b8d0882df0269ddb82
97814fdab64aa7d1b30f082f9eb272d4b1ce18a2
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e
GET /axios@1.4.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nxdbku.cyttek.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7c62-l4FP2rZKp9GzDwgvnrJy1LHOGKI"
via: 1.1 fly.io
fly-request-id: 01GZP8TZEXW4PFCT61FHX2WRTS-fra
cf-cache-status: HIT
age: 3073747
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4f2fdb8c75b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
nxdbku.cyttek.ru/ic/f4fde164baec67f9530af80b4049ba34648408feaf504
200 OK
17174
URL
GET
HTTP/3
nxdbku.cyttek.ru/ic/f4fde164baec67f9530af80b4049ba34648408feaf504
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ic/f4fde164baec67f9530af80b4049ba34648408feaf504 HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:16 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 05:24:15 GMT
last-modified: Fri, 02 Jun 2023 16:02:03 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wp%2FM88OkDhJ7UNNKRMXEE1hnPAB5xvWRWWVQo3%2B3yW6CvtW4py2Dp1wrohyTx4T8asbwiEkvWNvwcaAymKVr1HctOoLqR0EJQr%2F%2F%2BuipbwRR4g9nb1QBSt6VEgcPvmd%2Bg96L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fe0ee5a1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nxdbku.cyttek.ru/Msaleem.khan@fivehotelsandresorts.com
302 Found
24167
URL
User Request
POST
HTTP/3
nxdbku.cyttek.ru/Msaleem.khan@fivehotelsandresorts.com
IP
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Microsoft Outlook
POST /Msaleem.khan@fivehotelsandresorts.com HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nxdbku.cyttek.ru/Msaleem.khan@fivehotelsandresorts.com?__cf_chl_tk=Szz0Wq.7A85nTq00vIsQB9OsNyn627MU_RtYYtO_tpA-1686374650-0-gaNycGzNC7s
Content-Type: application/x-www-form-urlencoded
Content-Length: 3169
Origin: https://nxdbku.cyttek.ru
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
set-cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; path=/; expires=Sun, 09-Jun-24 05:24:14 GMT; domain=.cyttek.ru; HttpOnly; Secure; SameSite=None
PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiqEyf3SODg7mfLug%2FJZcBf3pIUWx%2BoEb%2FlWrS7KdqyJ2Ctp81NP3YsOtdbLdmSWfkQcSDuHo8UoC3D%2FBsfps%2BXt8OymcQGwkcWsu4CiEshkINc0hhpbH69tjI%2F0h8LFD5CI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fd518461c16-OSL
alt-svc: h3=":443"; ma=86400
nxdbku.cyttek.ru/boot/f4fde164baec67f9530af80b4049ba34648408fe4b68c
200 OK
51039
URL
GET
HTTP/3
nxdbku.cyttek.ru/boot/f4fde164baec67f9530af80b4049ba34648408fe4b68c
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
ASCII text, with very long lines (50758)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /boot/f4fde164baec67f9530af80b4049ba34648408fe4b68c HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 05:24:14 GMT
last-modified: Fri, 02 Jun 2023 16:02:03 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NUZD%2Be03%2ByMUo3EfQMedb1U0Xc4cXcyLpQmHDIybvoFONuhd3ghJYpFAanubsbPV381qlOiotYTaZnmHWR%2Bx%2FkHncPswAEEUyZsUKMSHQyV5PyLKFDX9zDO69iZjHS%2FZsbz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fdb3b841c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios/dist/axios.min.js
302 Found
31842
URL
GET
HTTP/2
unpkg.com/axios/dist/axios.min.js
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.4.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H2HVP7AG5DV294BRPC33HM4V-arn
cf-cache-status: HIT
age: 526
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4f2fdb7c66b50b-OSL
X-Firefox-Spdy: h2
nxdbku.cyttek.ru/api-as1f?email=saleem.khan@fivehotelsandresorts.com&data=background
200 OK
176
URL
GET
HTTP/3
nxdbku.cyttek.ru/api-as1f?email=saleem.khan@fivehotelsandresorts.com&data=background
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
troff or preprocessor input, ASCII text, with no line terminators
Hash
dc9530ef7dfb6f1343670118c438eb69
616aa784bfbcb41fd3f0eaa3a3c4c1cf65661342
03e8ce5a079619e35d72fc05b2d7cf0bf46120088c0049c6c0eb95f1cef47507
GET /api-as1f?email=saleem.khan@fivehotelsandresorts.com&data=background HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:16 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXBWQlFwymmYVZxc8AD0w04GL14wZX8D1hYVijrqdHZc1%2BvAu03ZOFOt3GktKkNlh9QtgfUMubB8KD7QnSZzfcXZHtl7Slris6lyDDHyU3wuPEVVnfnP5rVqKeYasQm1zwOZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fdd2c741c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nxdbku.cyttek.ru/favicon.ico
404 Not Found
1238
URL
GET
HTTP/3
nxdbku.cyttek.ru/favicon.ico
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1276), with no line terminators
Hash
24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
GET /favicon.ico HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0ojYMhUXrsbdI7ICBa5Za1gRwAkMVzNAS%2FoWhH2fJlTJna05a23zyIGM%2FiDvqUjn61K5NxmI6OX2CIm4e9V%2FpPSGTfPUhMMvWYwDguoJ4fK8%2FI1qQPB3fflu5235nymT5z2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4f2fdd0c5f1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nxdbku.cyttek.ru/e/f4fde164baec67f9530af80b4049ba34648408feaf530
200 OK
513
URL
GET
HTTP/3
nxdbku.cyttek.ru/e/f4fde164baec67f9530af80b4049ba34648408feaf530
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (529), with no line terminators
Hash
adc405f5fd089662209870ca5d2106f7
3a8b776df84bf251afc6ddd802cc5bbeddfb0e36
e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49
GET /e/f4fde164baec67f9530af80b4049ba34648408feaf530 HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 05:24:14 GMT
last-modified: Fri, 02 Jun 2023 16:02:03 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kApcOsLGtyy%2FANPCOKVyoRBFtZMRNWrz%2FjVptFgXPjvD7WzvcVy3ot0PodP8iWvaSA3r%2FpbGZIsnJ0buIy8FzGD4RIfXhYzAZPU5KIYuw%2F49zP2T0l2Ph3AUoVKpTDovAaL3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fdd1c6b1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nxdbku.cyttek.ru/jq/f4fde164baec67f9530af80b4049ba34648408fe4b689
200 OK
85578
URL
GET
HTTP/3
nxdbku.cyttek.ru/jq/f4fde164baec67f9530af80b4049ba34648408fe4b689
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
ASCII text, with very long lines (32065)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jq/f4fde164baec67f9530af80b4049ba34648408fe4b689 HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 05:24:14 GMT
last-modified: Fri, 02 Jun 2023 16:02:03 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Of7a%2FcDaPs9dR6enmBRFbSMiPJetXPFDdEE9ehZVxluRjlvtlJMPF%2BkK2l0ay5PSyMAPELy9ix23nhUKXd7Hs10kcB3aSe1ch3S0OfnvWqjk4WYrApPDhWGMZeSo1KGkx%2F%2Fg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fdb2b831c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nxdbku.cyttek.ru/2
200 OK
40252
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2 HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeFd%2BNzpVbPIrfqxE896k%2BKNp28h%2BsIFUj88UzbRfYL3zg0XJYjHObEjwU7a%2Bx7rHFAagSMY0huq87dg0n6STWP17IwZkEo5ela7cutiMzXACmZuynscAvaeJajTweof7lcd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fdcac361c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
200 OK
24167
URL
User Request
GET
HTTP/3
nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
IP
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (22448)
Hash
5fe95eccd84278ade655e5cdb5ba9c14
b2d1931ecb011fa15b65eda76846b640e2b8902d
a59ae256228f93d2d518d34541192f7db3ec55bd75520c296c02ac2c3fd0a46b
GET /beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nxdbku.cyttek.ru/Msaleem.khan@fivehotelsandresorts.com?__cf_chl_tk=Szz0Wq.7A85nTq00vIsQB9OsNyn627MU_RtYYtO_tpA-1686374650-0-gaNycGzNC7s
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:15 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HypEcPjAZj0xYQ1si84KBFzBIE6QMZKmFYK8j5vsAnWs5g1eqpIQBdT5QTC2pJDOQtMpc4xP71dNSryZ8AZnHfCyqKHSHeDYAiHaxpXzQArq%2BP9loohDA1qJyiJltImG6eBP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fda1aeb1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nxdbku.cyttek.ru/APP-S9VDNN/f4fde164baec67f9530af80b4049ba34648408feaf509
200 OK
105369
URL
GET
HTTP/3
nxdbku.cyttek.ru/APP-S9VDNN/f4fde164baec67f9530af80b4049ba34648408feaf509
IP
Requested by
https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Certificate
IssuerLet's Encrypt
Subjectcyttek.ru
FingerprintFA:85:04:1B:BD:CA:E3:02:45:6A:AD:C7:E6:DC:EB:4B:CA:A6:5A:91
ValidityTue, 30 May 2023 14:28:15 GMT - Mon, 28 Aug 2023 14:28:14 GMT
Magic
ASCII text, with very long lines (65536), with no line terminators
Hash
8e6b0f88563f9c33f78bce65cf287df7
ef7765cd2a7d64ed27dd7344702597aff6f8c397
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a
GET /APP-S9VDNN/f4fde164baec67f9530af80b4049ba34648408feaf509 HTTP/1.1
Host: nxdbku.cyttek.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxdbku.cyttek.ru/beebb091955c06fa68b3eb8afc0bae51648408fe3f6dePASbeebb091955c06fa68b3eb8afc0bae51648408fe3f6df
Cookie: cf_clearance=DkxIqXNImsr_QH1Afwvn3nDsFUH2JM8DwRipXH010w4-1686374650-0-160; PHPSESSID=c8d14680d4ca24a5916b4a1588d6d7ef
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 05:24:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 05:24:15 GMT
last-modified: Fri, 02 Jun 2023 16:02:03 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F%2Fco2iP80GHxhQPQLs%2BseHUdAPytdScki7ija0CbwoA5vHoC8Nuo99QWJIutBgr3TFa%2BN5vzMtk40pzLR345qc8iznLVj243wGNbnim%2BmYRPoqO%2FxnS3k%2FuNC04DyUJWaGc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4f2fdd4c7e1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
198.59.144.130
188.114.96.1
104.16.122.175![URL nxdbku.cyttek.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d4f2fbddeefb512](/search?q=http.url.addr:"nxdbku.cyttek.ru%2fcdn-cgi%2fimages%2ftrace%2fmanaged%2fjs%2ftransparent.gif%3fray%3d7d4f2fbddeefb512"){kind=link}