urlscan.io logo urlscan.io
SecurityTrails logo

giqutatotimosek.tk Open in urlscan Pro
2606:4700:30::681b:81f0  Public Scan

Go To Rescan Add Verdict Report
URL: http://giqutatotimosek.tk/
Submission: On October 07 via manual from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2606:4700:30::681b:81f0, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is giqutatotimosek.tk.
This is the only time giqutatotimosek.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 5.34.180.223 21100 (ITLDC-NL)
1 2a00:1450:400... 15169 (GOOGLE)
11 4
Domain Requested by
8 giqutatotimosek.tk giqutatotimosek.tk
1 fonts.googleapis.com giqutatotimosek.tk
1 q2a.asydu123id.ru giqutatotimosek.tk
1 hgis74sak.ru 1 redirects
1 ajax.googleapis.com giqutatotimosek.tk
11 5

This site contains no links.

Subject Issuer Validity Valid
*.googleapis.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://giqutatotimosek.tk/
Frame ID: A6E7B56EC0CEE3DD8D0941CC4AB96F07
Requests: 10 HTTP requests in this frame

Frame: http://q2a.asydu123id.ru/?q=Winpe+cd+download+x64
Frame ID: CC87D0E193822051AD5A26DAE3107B7F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

11
Requests

18 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

77 kB
Transfer

246 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://hgis74sak.ru/?2cT8&charset=utf-8&sub_id_1=&keyword=Winpe%20cd%20download%20x64&se_referrer= HTTP 302
  • http://q2a.asydu123id.ru/?q=Winpe+cd+download+x64

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
giqutatotimosek.tk/ 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://giqutatotimosek.tk/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:81f0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a121fb578e4b73ab58bf9da45c0f605f896cd0932e052e9b549162f9c5ad45

Request headers

Host
giqutatotimosek.tk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 07 Oct 2019 10:46:21 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=da8f280d4a35f40fb4a371ddf237c56021570445181; expires=Tue, 06-Oct-20 10:46:21 GMT; path=/; domain=.giqutatotimosek.tk; HttpOnly
Last-Modified
Mon, 05 Aug 2019 20:19:04 GMT
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
521f4a72499bcb98-VIE
Content-Encoding
gzip
vote.js
giqutatotimosek.tk/js/ 		1 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
http://giqutatotimosek.tk/js/vote.js
Requested by
Host: giqutatotimosek.tk
URL: http://giqutatotimosek.tk/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:81f0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaafe4f8fd5758cb0a24f3d2023653b21c27008e94a6ebef3bbbaa706c2a360d

Request headers

Referer
http://giqutatotimosek.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 07 Oct 2019 10:46:21 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 05 Aug 2019 20:19:04 GMT
Server
cloudflare
ETag
W/"5d488f38-5ac"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
521f4a72cac6cb98-VIE
Expires
Mon, 07 Oct 2019 14:46:21 GMT
style.css
giqutatotimosek.tk/css/ 		94 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://giqutatotimosek.tk/css/style.css
Requested by
Host: giqutatotimosek.tk
URL: http://giqutatotimosek.tk/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:81f0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8844a0e580ec055fe154d06ff4d85a0e88e099a53290857e7936175f2fdd10a8

Request headers

Referer
http://giqutatotimosek.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 07 Oct 2019 10:46:21 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 05 Aug 2019 20:19:04 GMT
Server
cloudflare
ETag
W/"5d488f38-177fc"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
521f4a72db0fcb98-VIE
Expires
Mon, 07 Oct 2019 14:46:21 GMT
fonts.css
giqutatotimosek.tk/css/ 		93 B
516 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://giqutatotimosek.tk/css/fonts.css
Requested by
Host: giqutatotimosek.tk
URL: http://giqutatotimosek.tk/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:81f0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6dc3c050b4cb05bca99cdd7a1cc4fa356cc2052d93dcff592dd533fb9b70193

Request headers

Referer
http://giqutatotimosek.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 07 Oct 2019 10:46:21 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 05 Aug 2019 20:19:04 GMT
Server
cloudflare
ETag
W/"5d488f38-5d"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
521f4a72df00cb9c-VIE
Expires
Mon, 07 Oct 2019 14:46:21 GMT
ie10-viewport-bug-workaround.css
giqutatotimosek.tk/css/ 		518 B
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://giqutatotimosek.tk/css/ie10-viewport-bug-workaround.css
Requested by
Host: giqutatotimosek.tk
URL: http://giqutatotimosek.tk/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:81f0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9485950ff928c4d006f35a8fe43e7c0ebdc7bc3e6dfb28d1334507fbd0b318d7

Request headers

Referer
http://giqutatotimosek.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 07 Oct 2019 10:46:21 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 05 Aug 2019 20:19:04 GMT
Server
cloudflare
ETag
W/"5d488f38-206"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
521f4a72d85559be-VIE
Expires
Mon, 07 Oct 2019 14:46:21 GMT
styles.css
giqutatotimosek.tk/css/ 		0
385 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://giqutatotimosek.tk/css/styles.css
Requested by
Host: giqutatotimosek.tk
URL: http://giqutatotimosek.tk/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:81f0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://giqutatotimosek.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 07 Oct 2019 10:46:21 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 05 Aug 2019 20:19:04 GMT
Server
cloudflare
ETag
"5d488f38-0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
521f4a72d8f8cbb0-VIE
Content-Length
0
Expires
Mon, 07 Oct 2019 14:46:21 GMT
email-decode.min.js
giqutatotimosek.tk/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://giqutatotimosek.tk/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: giqutatotimosek.tk
URL: http://giqutatotimosek.tk/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:81f0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://giqutatotimosek.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 07 Oct 2019 10:46:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 30 Sep 2019 13:34:14 GMT
Server
cloudflare
ETag
W/"5d920456-4d7"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=172800, public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
521f4a72d916cbac-VIE
Expires
Wed, 09 Oct 2019 10:46:21 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: giqutatotimosek.tk
URL: http://giqutatotimosek.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://giqutatotimosek.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 19:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574694
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Sep 2020 19:08:07 GMT
bootstrap.min.js
giqutatotimosek.tk/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://giqutatotimosek.tk/js/bootstrap.min.js
Requested by
Host: giqutatotimosek.tk
URL: http://giqutatotimosek.tk/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:81f0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer
http://giqutatotimosek.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 07 Oct 2019 10:46:21 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 05 Aug 2019 20:19:04 GMT
Server
cloudflare
ETag
W/"5d488f38-9004"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
521f4a72f968cbac-VIE
Expires
Mon, 07 Oct 2019 14:46:21 GMT
/
q2a.asydu123id.ru/ Frame CC87
Redirect Chain
  • http://hgis74sak.ru/?2cT8&charset=utf-8&sub_id_1=&keyword=Winpe%20cd%20download%20x64&se_referrer=
  • http://q2a.asydu123id.ru/?q=Winpe+cd+download+x64
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://q2a.asydu123id.ru/?q=Winpe+cd+download+x64
Requested by
Host: giqutatotimosek.tk
URL: http://giqutatotimosek.tk/js/vote.js
Protocol
HTTP/1.1
Server
5.34.180.223 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
vds-yashaw-80293.itldc-customer.net
Software
nginx / PHP/5.5.9-1ubuntu4.29
Resource Hash

Request headers

Host
q2a.asydu123id.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://giqutatotimosek.tk/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://giqutatotimosek.tk/

Response headers

Server
nginx
Date
Mon, 07 Oct 2019 10:46:21 GMT
Content-Type
text/html
Content-Length
3417
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.5.9-1ubuntu4.29
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 07 Oct 2019 10:46:21 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.5.9-1ubuntu4.29
Expires
Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified
Mon, 07 Oct 2019 10:46:21 GMT
Cache-Control
max-age=0
Pragma
no-cache
Set-Cookie
9539a=a%3A3%3A%7Bs%3A6%3A%22groups%22%3Ba%3A1%3A%7Bi%3A45%3Bi%3A1570445183%3B%7Ds%3A7%3A%22streams%22%3Ba%3A1%3A%7Bi%3A1543%3Bi%3A1570445183%3B%7Ds%3A4%3A%22time%22%3Bi%3A1570445183%3B%7D; expires=Thu, 07-Nov-2019 10:46:21 GMT; Max-Age=2678400; path=/; domain=.hgis74sak.ru
LOCATION
http://q2a.asydu123id.ru/?q=Winpe+cd+download+x64
css
fonts.googleapis.com/ 		2 KB
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif:400,400italic,700,700italic
Requested by
Host: giqutatotimosek.tk
URL: http://giqutatotimosek.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
68e357769305fcf03ea23213551ea1a6c3aac4a059e83834ca14e7d81a768e09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://giqutatotimosek.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 07 Oct 2019 10:46:21 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 07 Oct 2019 10:46:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 07 Oct 2019 10:46:21 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| iju78 object| hz4 string| enbulj68 string| pbd1 object| iozesqb34 string| jwtuni14 function| $ function| jQuery object| jQuery111303742843188045224

1 Cookies

Domain/Path Name / Value
.giqutatotimosek.tk/ Name: __cfduid
Value: da8f280d4a35f40fb4a371ddf237c56021570445181