billucci.djft.ru - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 185.199.10.192, located in Krasnodar, Russian Federation and belongs to FREEDOM1-AS, RU. The main domain is billucci.djft.ru.
TLS certificate: Issued by R3 on May 29th 2023. Valid for: 3 months.

This is the only time billucci.djft.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	185.199.10.192 185.199.10.192	206011 (FREEDOM1-AS) (FREEDOM1-AS)
3	2606:4700:e2:... 2606:4700:e2::ac40:8e0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:58a::312e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	3

3 185.199.10.192 (Krasnodar, Russian Federation)

ASN206011 (FREEDOM1-AS, RU)
PTR: clients10-krd-192.freedom1.ru

billucci.djft.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:8e0d (United States)

ASN13335 (CLOUDFLARENET, US)

randomuser.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:58a::312e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img.freepik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	randomuser.me randomuser.me — Cisco Umbrella Rank: 206714	44 KB
3	djft.ru billucci.djft.ru	862 KB
1	freepik.com img.freepik.com — Cisco Umbrella Rank: 17934	57 KB
7	3

	Domain	Requested by
3	randomuser.me
3	billucci.djft.ru	billucci.djft.ru
1	img.freepik.com
7	3

This site contains no links.

Subject Issuer	Validity	Valid
billucci.djft.ru R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh
randomuser.me GTS CA 2P2	`2023-05-12` - `2023-08-10`	3 months	crt.sh
freepik.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-22` - `2023-07-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://billucci.djft.ru/
Frame ID: 654F48EB6D2B1679E6DDEE895E303235
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

React App

Page Statistics

7
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

963 kB
Transfer

3812 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response billucci.djft.ru/	2 KB 1 KB	607ms 90ms	Document text/html	185.199.10.192 FREEDOM1-AS
General Check archive.org Show headers Download Go to Full URL https://billucci.djft.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.10.192 Krasnodar, Russian Federation, ASN206011 (FREEDOM1-AS, RU), Reverse DNS clients10-krd-192.freedom1.ru Software openresty / Express Resource Hash `5fd6e795d7438f4143329f6f241524ddce33771fcdd23cb7cb1209367a4dd045` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * content-encoding gzip content-type text/html; charset=utf-8 date Mon, 29 May 2023 11:36:05 GMT etag W/"6af-+M4OSPFNZpwKBdFEydrj+1+V5xo" server openresty vary Accept-Encoding x-powered-by Express x-served-by billucci.djft.ru
GET H2	200	bundle.js Show response billucci.djft.ru/static/js/	4 MB 843 KB	109ms 108ms	Script application/javascript	185.199.10.192 FREEDOM1-AS
General Check archive.org Show headers Download Go to Full URL https://billucci.djft.ru/static/js/bundle.js Requested by Host: billucci.djft.ru URL: https://billucci.djft.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.10.192 Krasnodar, Russian Federation, ASN206011 (FREEDOM1-AS, RU), Reverse DNS clients10-krd-192.freedom1.ru Software openresty / Express Resource Hash `f36e9be4e27179ea699ad4c150f8e3b80947e2c29163bb87ee44a700ef58e02c` Request headers accept-language de-DE,de;q=0.9 Referer https://billucci.djft.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 11:36:06 GMT content-encoding gzip server openresty x-powered-by Express etag W/"39b2c5-9Tqg5gedmBzXPZYE1BwHR98Vhas" vary Accept-Encoding access-control-allow-methods * content-type application/javascript; charset=utf-8 access-control-allow-origin * accept-ranges bytes access-control-allow-headers * x-served-by billucci.djft.ru
GET H2	200	img.fcf7461c45778eb7c4b3.png billucci.djft.ru/static/media/	18 KB 18 KB	92ms 91ms	Image image/png	185.199.10.192 FREEDOM1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://billucci.djft.ru/static/media/img.fcf7461c45778eb7c4b3.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.10.192 Krasnodar, Russian Federation, ASN206011 (FREEDOM1-AS, RU), Reverse DNS clients10-krd-192.freedom1.ru Software openresty / Express Resource Hash `588656fff0c49d79d21e4a9a7b8e017a6f19f1e2b5d84d3bcdcc733f1106d395` Request headers accept-language de-DE,de;q=0.9 Referer https://billucci.djft.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 11:36:06 GMT server openresty x-powered-by Express etag W/"47ee-tpEIA8tVrYaA8ta7sQncZivwVeA" access-control-allow-methods * content-type image/png access-control-allow-origin * accept-ranges bytes access-control-allow-headers * content-length 18414 x-served-by billucci.djft.ru
GET H2	200	6.jpg randomuser.me/api/portraits/lego/	33 KB 33 KB	84ms 29ms	Image image/jpeg	2606:4700:e2::ac40:8e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://randomuser.me/api/portraits/lego/6.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5bcc7c673c1de281214c4fcc3253e5f5b837746f976dc1b4e90bea17194f31a6` Request headers accept-language de-DE,de;q=0.9 Referer https://billucci.djft.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 11:36:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 50183 alt-svc h3=":443"; ma=86400 content-length 33405 last-modified Tue, 05 Jul 2022 00:27:52 GMT server cloudflare etag "62c38588-827d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arMc3AnqFnBT%2BzVQmTaN%2F6NqXZXPzTLcNICXaAKbztpzwrRXgD2Ns7z%2B9gTeXpOXzZJJa2pHl152SNh%2FLa7iEvBpXW61r%2BpDRlDWHmUPuzPMh3WNx3ayDLfYrTZTDZVP2E5EjwKUYvitwo39"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7cee70134d5a71f0-LHR expires Sat, 03 Jun 2023 09:51:42 GMT
GET H2	200	46.jpg randomuser.me/api/portraits/men/	5 KB 5 KB	99ms 44ms	Image image/jpeg	2606:4700:e2::ac40:8e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://randomuser.me/api/portraits/men/46.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `07b2fa37a61afa65b8e621b24da7408d287751fd5e7dcc887855ce077faaa425` Request headers accept-language de-DE,de;q=0.9 Referer https://billucci.djft.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 11:36:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1013185 alt-svc h3=":443"; ma=86400 content-length 4824 last-modified Tue, 05 Jul 2022 00:27:53 GMT server cloudflare etag "62c38589-12d8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FL1aZrB7sIh%2Fbh%2FeQPePx4cgkaP3H%2FXYLp3mjMEaQ%2BLIEMVmQpY%2Bcmx7eBguDrzYRnAd0Lg9JT5jlw6QI2iK99kchKmYJGgdEEMxSkkSOLYM8DZbsgKtvP3qauah5mCjCh%2FWm%2BwhQkoHMlP"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7cee70134d5e71f0-LHR expires Thu, 27 Apr 2023 11:54:39 GMT
GET H2	200	award-medal-realistic-composition-with-isolated-image-medal-with-laurel-wreath-blank-background-vector-illustration_1284-66109.jpg img.freepik.com/free-vector/	57 KB 57 KB	48ms 13ms	Image image/avif	2a02:26f0:3500:58a::312e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://img.freepik.com/free-vector/award-medal-realistic-composition-with-isolated-image-medal-with-laurel-wreath-blank-background-vector-illustration_1284-66109.jpg?w=2000 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:58a::312e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `bfb9accedf3e5973572265b2cf69545ab52600008469abc322f523e1e7e3097a` Request headers accept-language de-DE,de;q=0.9 Referer https://billucci.djft.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 11:36:06 GMT last-modified Fri, 27 Jan 2023 17:59:21 GMT etag "a6539c38771278020becbc3069352176" content-type image/avif cache-control private, no-transform, max-age=604800 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468155_388276366_2209684243_123_4043_5_0";dur=1 content-length 58372 expires Mon, 05 Jun 2023 11:36:06 GMT
GET H2	200	72.jpg randomuser.me/api/portraits/women/	5 KB 6 KB	87ms 33ms	Image image/jpeg	2606:4700:e2::ac40:8e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://randomuser.me/api/portraits/women/72.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `47599f70ecba6111f70e4d24ec2015874dec8a67677ae3e77ef45ce0f8609aec` Request headers accept-language de-DE,de;q=0.9 Referer https://billucci.djft.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 11:36:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 670303 alt-svc h3=":443"; ma=86400 content-length 5314 last-modified Tue, 05 Jul 2022 00:27:53 GMT server cloudflare etag "62c38589-14c2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Azh0q%2FowK6hxS9NOmCg6kVHpFvdN4JhdDyJh0t8csYrEtx36CJYICni%2FhQQmSkWS5PNKrcyQ15sXRP0PUw1tsS7M3r2fR%2FI6e3a7%2BHhL329ZfWBN48Boc2aV6ydm9iO%2F2VwdR2ZS%2Bl8XAPh9"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7cee70134d6071f0-LHR expires Fri, 02 Jun 2023 17:41:51 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billucci.djft.ru
img.freepik.com
randomuser.me
185.199.10.192
2606:4700:e2::ac40:8e0d
2a02:26f0:3500:58a::312e
07b2fa37a61afa65b8e621b24da7408d287751fd5e7dcc887855ce077faaa425
47599f70ecba6111f70e4d24ec2015874dec8a67677ae3e77ef45ce0f8609aec
588656fff0c49d79d21e4a9a7b8e017a6f19f1e2b5d84d3bcdcc733f1106d395
5bcc7c673c1de281214c4fcc3253e5f5b837746f976dc1b4e90bea17194f31a6
5fd6e795d7438f4143329f6f241524ddce33771fcdd23cb7cb1209367a4dd045
bfb9accedf3e5973572265b2cf69545ab52600008469abc322f523e1e7e3097a
f36e9be4e27179ea699ad4c150f8e3b80947e2c29163bb87ee44a700ef58e02c

billucci.djft.ru Open in urlscan Pro 185.199.10.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

963 kBTransfer

3812 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

billucci.djft.ru Open in urlscan Pro
185.199.10.192 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

963 kB
Transfer

3812 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions