novostroyodua.polyakovakova.workers.dev Open in urlscan Pro
172.67.134.4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://novostroyodua.polyakovakova.workers.dev/
Submission: On May 09 via api (May 9th 2024, 9:20:37 pm UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 172.67.134.4, located in United States and belongs to CLOUDFLARENET, US. The main domain is novostroyodua.polyakovakova.workers.dev.
TLS certificate: Issued by E1 on May 7th 2024. Valid for: 3 months.

This is the only time novostroyodua.polyakovakova.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	172.67.134.4 172.67.134.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	95.217.45.207 95.217.45.207	24940 (HETZNER-AS) (HETZNER-AS)
8	3

3 172.67.134.4 (United States)

ASN13335 (CLOUDFLARENET, US)

novostroyodua.polyakovakova.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.45.207 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: tzk301.nic.ua

zaporignews.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	67 KB
3	workers.dev novostroyodua.polyakovakova.workers.dev	11 KB
2	zaporignews.com.ua zaporignews.com.ua	684 KB
8	3

	Domain	Requested by
3	cdn.jsdelivr.net	novostroyodua.polyakovakova.workers.dev
3	novostroyodua.polyakovakova.workers.dev	novostroyodua.polyakovakova.workers.dev
2	zaporignews.com.ua	novostroyodua.polyakovakova.workers.dev
8	3

This site contains no links.

Subject Issuer	Validity	Valid
polyakovakova.workers.dev E1	`2024-05-07` - `2024-08-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
www.zaporignews.com.ua R3	`2024-04-20` - `2024-07-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://novostroyodua.polyakovakova.workers.dev/
Frame ID: B8D2B9C67B10E62863E72297D91E1A74
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Максим Криппа: покупка “Паруса” - успешная инвестиция

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

8
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

762 kB
Transfer

1086 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
novostroyodua.polyakovakova.workers.dev/ 11 KB
4 KB 1449ms
1402ms Document
text/html 172.67.134.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novostroyodua.polyakovakova.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 295f80065e1dcbb1c16d80c00580f3cabd87b39e53538c667fce4a487c1656a4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8814bbe08dfa92e8-CPH
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 09 May 2024 21:20:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s20U2xTiV7RSRNo1%2FyFh%2BRoq2JlmR7scONghVhqKY3MEt1QR4%2Bp8CpGljt0cUNVNZA2M5FvWa1HAMTNRHBkEEPX46emKwfFwZ330rlxeGJWqlzToVeFbNzqryTULU%2FCDRPCA%2BZnTRFZ8uegsFUYOQRx6EZP6rhzNjBI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 64 KB
9 KB 97ms
28ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css

Requested by

Host: novostroyodua.polyakovakova.workers.dev
URL: https://novostroyodua.polyakovakova.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://novostroyodua.polyakovakova.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 May 2024 21:20:32 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1887798
x-jsd-version: 1.5.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8770
x-served-by: cache-fra-eddf8230112-FRA
x-jsd-version-type: version
etag: W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/ 227 KB
34 KB 104ms
35ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css

Requested by

Host: novostroyodua.polyakovakova.workers.dev
URL: https://novostroyodua.polyakovakova.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://novostroyodua.polyakovakova.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 May 2024 21:20:32 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1770053
x-jsd-version: 5.3.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34908
x-served-by: cache-fra-eddf8230112-FRA
x-jsd-version-type: version
etag: W/"38d63-xawd7pYctZoEUlbsID9p4xeHL3w"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 3-2.png
zaporignews.com.ua/wp-content/uploads/2024/03/ 471 KB
472 KB 194ms
77ms Image
image/png 95.217.45.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zaporignews.com.ua/wp-content/uploads/2024/03/3-2.png
Requested by: Host: novostroyodua.polyakovakova.workers.dev
URL: https://novostroyodua.polyakovakova.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.217.45.207 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: tzk301.nic.ua
Software: nginx /
Resource Hash: 2d4f04c25f5217cf99c328478fc3049fecf735a6b751ccb9dc04ae59e0c626ab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://novostroyodua.polyakovakova.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 21:20:32 GMT
last-modified: Thu, 21 Mar 2024 09:44:34 GMT
server: nginx
accept-ranges: bytes
etag: "65fc0182-75d97"
content-length: 482711
content-type: image/png

GET
H2 200 bc_parus1_1000x0.jpg
zaporignews.com.ua/wp-content/uploads/2024/03/ 211 KB
212 KB 232ms
116ms Image
image/jpeg 95.217.45.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zaporignews.com.ua/wp-content/uploads/2024/03/bc_parus1_1000x0.jpg
Requested by: Host: novostroyodua.polyakovakova.workers.dev
URL: https://novostroyodua.polyakovakova.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.217.45.207 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: tzk301.nic.ua
Software: nginx /
Resource Hash: 2d314b3dd1d20ed6bd87b64a365e24e962ad0e86bebc614cc652955a09535e1c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://novostroyodua.polyakovakova.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 21:20:32 GMT
last-modified: Thu, 21 Mar 2024 09:43:03 GMT
server: nginx
accept-ranges: bytes
etag: "65fc0127-34ca4"
content-length: 216228
content-type: image/jpeg

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 79 KB
24 KB 88ms
28ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: novostroyodua.polyakovakova.workers.dev
URL: https://novostroyodua.polyakovakova.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://novostroyodua.polyakovakova.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 May 2024 21:20:32 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1366821
x-jsd-version: 5.2.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24659
x-served-by: cache-fra-eddf8230112-FRA
x-jsd-version-type: version
etag: W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 scripts.js Show response
novostroyodua.polyakovakova.workers.dev/js/ 11 KB
4 KB 37ms
37ms Script
text/html 172.67.134.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novostroyodua.polyakovakova.workers.dev/js/scripts.js
Requested by: Host: novostroyodua.polyakovakova.workers.dev
URL: https://novostroyodua.polyakovakova.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 295f80065e1dcbb1c16d80c00580f3cabd87b39e53538c667fce4a487c1656a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://novostroyodua.polyakovakova.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 21:20:32 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frHHoVU5CuY0GBK9ZssLPURdmr632fCO2eKuGnGRRRB%2B3J9Oym5uGSuZrZn4cHKDQEJvqTGO3eQTFgZMIYXcM7qTILtJPwA%2FFTQa9qWXIZXGUcaVBMNdoIoqzOxQTUoxFnwMno9hWcuSvjk5tTsVTMkkXu2YvlBonbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 8814bbe95df692e8-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
novostroyodua.polyakovakova.workers.dev/assets/ 11 KB
4 KB 35ms
35ms Other
text/html 172.67.134.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novostroyodua.polyakovakova.workers.dev/assets/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 295f80065e1dcbb1c16d80c00580f3cabd87b39e53538c667fce4a487c1656a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://novostroyodua.polyakovakova.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 21:20:32 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0umZj9G5CjwsvS4m9lYD8MpwSqI3EMD2e9OQWCCpbDH8V%2BuMLhCqifasj1H0iqDBLibX8h99TZoM%2F8B9LNwP%2FJasvjAZyiO%2BM6l18Ry4SSC4FckpOrfATqpwoMmOSBR1zWuD9893rBb96UsqtslijoxTpJ4cVKQ%2FFPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 8814bbeb8fe092e8-CPH
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
novostroyodua.polyakovakova.workers.dev
zaporignews.com.ua
172.67.134.4
2a04:4e42:400::485
95.217.45.207
295f80065e1dcbb1c16d80c00580f3cabd87b39e53538c667fce4a487c1656a4
2d314b3dd1d20ed6bd87b64a365e24e962ad0e86bebc614cc652955a09535e1c
2d4f04c25f5217cf99c328478fc3049fecf735a6b751ccb9dc04ae59e0c626ab
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b

novostroyodua.polyakovakova.workers.dev Open in urlscan Pro 172.67.134.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

762 kBTransfer

1086 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

novostroyodua.polyakovakova.workers.dev Open in urlscan Pro
172.67.134.4 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

762 kB
Transfer

1086 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions