employee.istok54.ru - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 194.126.169.35, located in Novosibirsk, Russian Federation and belongs to TC-AS, RU. The main domain is employee.istok54.ru.
TLS certificate: Issued by R3 on January 22nd 2023. Valid for: 3 months.

This is the only time employee.istok54.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	194.126.169.35 194.126.169.35	35025 (TC-AS) (TC-AS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	13.32.99.118 13.32.99.118	16509 (AMAZON-02) (AMAZON-02)
4	3

2 194.126.169.35 (Novosibirsk, Russian Federation)

ASN35025 (TC-AS, RU)
PTR: host-194-126-169-35.teleconnect.ru

employee.istok54.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-118.fra60.r.cloudfront.net

openfpcdn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	istok54.ru employee.istok54.ru	81 KB
1	openfpcdn.io openfpcdn.io — Cisco Umbrella Rank: 25002	14 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 672	31 KB
4	3

	Domain	Requested by
2	employee.istok54.ru	employee.istok54.ru
1	openfpcdn.io	employee.istok54.ru
1	code.jquery.com	employee.istok54.ru
4	3

This site contains no links.

Subject Issuer	Validity	Valid
employee.istok54.ru R3	`2023-01-22` - `2023-04-22`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
openfpcdn.io Amazon	`2022-02-24` - `2023-03-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://employee.istok54.ru/
Frame ID: EADB697E12EDCA5E8D82CBF4DE49B0CF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Employee | ISTOK54

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

126 kB
Transfer

204 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
employee.istok54.ru/ 4 KB
2 KB 314ms
93ms Document
text/html 194.126.169.35
TC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://employee.istok54.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.169.35 Novosibirsk, Russian Federation, ASN35025 (TC-AS, RU),
Reverse DNS: host-194-126-169-35.teleconnect.ru
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ab38d9a2565b300ab78ab89363bdcdcb536afd8c3d33956a13456044aa2eb916

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1858
Content-Type: text/html
Date: Sun, 22 Jan 2023 08:14:58 GMT
ETag: "ff7-5f2d5dd648024-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Sun, 22 Jan 2023 08:13:59 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 jquery-3.6.3.min.js Show response
code.jquery.com/ 88 KB
31 KB 76ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.3.min.js
Requested by: Host: employee.istok54.ru
URL: https://employee.istok54.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

Referer: https://employee.istok54.ru/
Origin: https://employee.istok54.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 08:14:58 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJL9s54GEpMBCiRmYTBjNmVhOS1hNDU4LTRhOWUtOTUzOS00Mzg3MDVhMWFkMGYQ+OiCoKvU+wIaBgiC4bOeBiIYMjAwMToxYjYwOjI6MjQwOjMyNDc6OjEwKMinAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMzMwM2VjZjctNWU4ZC00MzhmLTgwMGUtZjMwMmYzNDk1ZjEyGMbyASIYCAISFGNkczIwMy5mcjguaHdjZG4ubmV0.JDcZagJvIJybT1qh58Yt/dO+gFITAvOKpTxY5XdED5o=
last-modified: Tue, 20 Dec 2022 21:10:40 GMT
server: nginx
etag: W/"63a224d0-15f5b"
vary: Accept-Encoding
x-hw: 1674375298.dop229.fr8.t,1674375298.cds227.fr8.hn,1674375298.cds203.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 31046

GET
H2 200 v3 Show response
openfpcdn.io/fingerprintjs/ 33 KB
14 KB 74ms
20ms Script
text/javascript 13.32.99.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://openfpcdn.io/fingerprintjs/v3

Requested by

Host: employee.istok54.ru
URL: https://employee.istok54.ru/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-118.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

23e35cf769e214f4da44414b124393d59dc47dc9db7bc6d0add313ed717ef44c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employee.istok54.ru/
Origin: https://employee.istok54.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 06:46:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5336
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"hgr97TpQKaVAGMaALEadtdFfoCM"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=585998, s-maxage=10700
x-amz-cf-id: Sdoq96xXTO6jNvGM9OjjUsIIahdxT6R9H-ZRqhjfAL9BUamShmWZVA==

GET
H/1.1 200
OK click.png
employee.istok54.ru/ 79 KB
79 KB 93ms
93ms Image
image/png 194.126.169.35
TC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee.istok54.ru/click.png
Requested by: Host: employee.istok54.ru
URL: https://employee.istok54.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.169.35 Novosibirsk, Russian Federation, ASN35025 (TC-AS, RU),
Reverse DNS: host-194-126-169-35.teleconnect.ru
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ca5d009a70aa0e22f4977b6c662907e8e24e27ee948390911c165c1d0c3ef407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employee.istok54.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 08:14:58 GMT
Last-Modified: Sun, 22 Jan 2023 08:13:59 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "13c37-5f2d5dd64dde3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 80951

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
employee.istok54.ru
openfpcdn.io
13.32.99.118
194.126.169.35
2001:4de0:ac18::1:a:2b
23e35cf769e214f4da44414b124393d59dc47dc9db7bc6d0add313ed717ef44c
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
ab38d9a2565b300ab78ab89363bdcdcb536afd8c3d33956a13456044aa2eb916
ca5d009a70aa0e22f4977b6c662907e8e24e27ee948390911c165c1d0c3ef407

employee.istok54.ru Open in urlscan Pro 194.126.169.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

126 kBTransfer

204 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

employee.istok54.ru Open in urlscan Pro
194.126.169.35 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

126 kB
Transfer

204 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions