tideys.co.uk Open in urlscan Pro
77.72.1.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://tideys.co.uk/
Submission Tags: @phish_report
Submission: On March 15 via api (March 15th 2024, 10:22:23 pm UTC) from FI — Scanned from GB

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 77.72.1.50, located in United Kingdom and belongs to KRYSTAL, GB. The main domain is tideys.co.uk.

This is the only time tideys.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	77.72.1.50 77.72.1.50	12488 (KRYSTAL) (KRYSTAL)
4 5	77.72.0.35 77.72.0.35	12488 (KRYSTAL) (KRYSTAL)
6	77.72.0.34 77.72.0.34	12488 (KRYSTAL) (KRYSTAL)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
9	4

1 77.72.1.50 (United Kingdom)

ASN12488 (KRYSTAL, GB)
PTR: exegol-lon1.krystal.uk

tideys.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.72.0.35 (United Kingdom) 4 redirects

ASN12488 (KRYSTAL, GB)
PTR: krystal.co.uk

krystal.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
krystal.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 77.72.0.34 (United Kingdom)

ASN12488 (KRYSTAL, GB)
PTR: axiom.krystal.co.uk

placeholder.krystal.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.krystal.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	krystal.uk 2 redirects krystal.uk — Cisco Umbrella Rank: 225067 placeholder.krystal.uk	45 KB
4	krystal.io 2 redirects krystal.io cdn.krystal.io	463 KB
1	tideys.co.uk tideys.co.uk	581 B
9	3

	Domain	Requested by
6	placeholder.krystal.uk	tideys.co.uk placeholder.krystal.uk
3	krystal.io	2 redirects placeholder.krystal.uk
2	krystal.uk	2 redirects
1	cdn.krystal.io	placeholder.krystal.uk
1	tideys.co.uk
9	5

This site contains no links.

Subject Issuer	Validity	Valid
placeholder.krystal.uk R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
cdn.krystal.io R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://tideys.co.uk/
Frame ID: 40548308CA7980211B706BA2263B1B0B
Requests: 1 HTTP requests in this frame

Frame: https://placeholder.krystal.uk/
Frame ID: 3172860B41EB9A750DF48D00120A4E87
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Another Website Hosted by Krystal

Page Statistics

9
Requests

78 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

507 kB
Transfer

520 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://krystal.uk/placeholder/ HTTP 301
https://krystal.io/placeholder/ HTTP 301
https://krystal.io/placeholder HTTP 301
https://placeholder.krystal.uk/

Request Chain 2

https://krystal.uk/nextImageExportOptimizer/website2023.cms.k.io_uploads_datacomb_7f247f0fac-opt-2048.WEBP HTTP 301
https://krystal.io/nextImageExportOptimizer/website2023.cms.k.io_uploads_datacomb_7f247f0fac-opt-2048.WEBP

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
tideys.co.uk/ 400 B
581 B 93ms
30ms Document
text/html 77.72.1.50
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: http://tideys.co.uk/
Protocol: HTTP/1.1
Server: 77.72.1.50 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: exegol-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: f93c558e6430e866510642df514be50bdb3e0e91eeffa26bb79bfc2a30298563

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
accept-ranges: bytes
content-encoding: gzip
content-length: 278
content-type: text/html
date: Fri, 15 Mar 2024 22:22:17 GMT
last-modified: Tue, 19 Sep 2023 10:30:08 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent

GET
H2

200

/ Show response
placeholder.krystal.uk/ Frame 3172
Redirect Chain

https://krystal.uk/placeholder/
https://krystal.io/placeholder/
https://krystal.io/placeholder
https://placeholder.krystal.uk/

11 KB
2 KB

116ms
35ms

Document
text/html

77.72.0.34
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://placeholder.krystal.uk/
Requested by: Host: tideys.co.uk
URL: http://tideys.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.72.0.34 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: axiom.krystal.co.uk
Software: LiteSpeed / PHP/8.1.27
Resource Hash: 391ca26cc5a63f2a45413eec5b86a6af02901d6c38e0b979ca12cb1b621fa5c1

Request headers

Referer: http://tideys.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 15 Mar 2024 22:22:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.27

Redirect headers

content-length: 795
content-security-policy: frame-ancestors 'self';
content-type: text/html
date: Fri, 15 Mar 2024 22:22:18 GMT
location: https://placeholder.krystal.uk/
server: LiteSpeed
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 dist.min.css
placeholder.krystal.uk/assets/placeholder/css/ Frame 3172 8 KB
2 KB 34ms
33ms Stylesheet
text/css 77.72.0.34
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://placeholder.krystal.uk/assets/placeholder/css/dist.min.css
Requested by: Host: placeholder.krystal.uk
URL: https://placeholder.krystal.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.72.0.34 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: axiom.krystal.co.uk
Software: LiteSpeed /
Resource Hash: 61759a734d9ecf24f77e131f7a48a3d84a545d9b67971aa109f2c314b2741700

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://placeholder.krystal.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 22:22:18 GMT
content-encoding: br
last-modified: Thu, 09 Nov 2023 10:23:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2184
expires: Fri, 22 Mar 2024 22:22:18 GMT

GET
H3

200

website2023.cms.k.io_uploads_datacomb_7f247f0fac-opt-2048.WEBP
krystal.io/nextImageExportOptimizer/ Frame 3172
Redirect Chain

https://krystal.uk/nextImageExportOptimizer/website2023.cms.k.io_uploads_datacomb_7f247f0fac-opt-2048.WEBP
https://krystal.io/nextImageExportOptimizer/website2023.cms.k.io_uploads_datacomb_7f247f0fac-opt-2048.WEBP

455 KB
456 KB

32ms
31ms

Image
image/webp

77.72.0.35
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krystal.io/nextImageExportOptimizer/website2023.cms.k.io_uploads_datacomb_7f247f0fac-opt-2048.WEBP

Requested by

Host: placeholder.krystal.uk
URL: https://placeholder.krystal.uk/

Protocol

Server

77.72.0.35 , United Kingdom, ASN12488 (KRYSTAL, GB),

Reverse DNS

krystal.co.uk

Software

LiteSpeed /

Resource Hash

75ecd82e1cb7b5ba7f9dc5b8f47a19a6a73350e1012891f62406e6f2cb7785cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://placeholder.krystal.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 22:22:18 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self';
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 465954
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:49:52 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=()
accept-ranges: bytes
expires: Sat, 15 Mar 2025 22:22:18 GMT

Redirect headers

location: https://krystal.io/nextImageExportOptimizer/website2023.cms.k.io_uploads_datacomb_7f247f0fac-opt-2048.WEBP
date: Fri, 15 Mar 2024 22:22:18 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
server: LiteSpeed
content-length: 795
content-type: text/html

GET
H2 200 Krystal_Logo.png
cdn.krystal.io/img/ Frame 3172 6 KB
7 KB 174ms
48ms Image
image/png 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.krystal.io/img/Krystal_Logo.png

Requested by

Host: placeholder.krystal.uk
URL: https://placeholder.krystal.uk/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

dd2a7da7084c68e060f768d5adf73c1f0975f65437c1dc790d2e419998335461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://placeholder.krystal.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 23 Nov 2024 06:12:55 GMT
date: Fri, 15 Mar 2024 22:22:18 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/27/2023 09:59:56
cdn-pullzone: 94866
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
content-length: 6044
last-modified: Thu, 12 Oct 2023 08:29:22 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/png
cdn-cache: HIT
cdn-uid: 630d7df9-226a-429d-bdd3-5542bb960f98
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cdn-requestid: c0edaccdfcf00858acd70a5834130a2a
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 404 scripts.min.js
placeholder.krystal.uk/assets/placeholder/js/ Frame 3172 0
0 32ms
31ms Script
text/html 77.72.0.34
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://placeholder.krystal.uk/assets/placeholder/js/scripts.min.js
Requested by: Host: placeholder.krystal.uk
URL: https://placeholder.krystal.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.72.0.34 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: axiom.krystal.co.uk
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://placeholder.krystal.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Mar 2024 22:22:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1251
content-type: text/html

GET
H3 200 Borna-SemiBold.woff2
placeholder.krystal.uk/assets/placeholder/fonts/ Frame 3172 15 KB
15 KB 31ms
30ms Font
font/woff2 77.72.0.34
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://placeholder.krystal.uk/assets/placeholder/fonts/Borna-SemiBold.woff2
Requested by: Host: placeholder.krystal.uk
URL: https://placeholder.krystal.uk/assets/placeholder/css/dist.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.0.34 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: axiom.krystal.co.uk
Software: LiteSpeed /
Resource Hash: 9a7c15de48e9fde65540a8b7b2dde6c6fe8c8ae0748463c4348c01f81ef6e984

Request headers

Referer: https://placeholder.krystal.uk/assets/placeholder/css/dist.min.css
Origin: https://placeholder.krystal.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 22:22:18 GMT
last-modified: Thu, 09 Nov 2023 10:23:27 GMT
server: LiteSpeed
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 14896
content-type: font/woff2

GET
H3 200 MabgateKrystal-Regular.woff2
placeholder.krystal.uk/assets/placeholder/fonts/ Frame 3172 11 KB
11 KB 31ms
31ms Font
font/woff2 77.72.0.34
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://placeholder.krystal.uk/assets/placeholder/fonts/MabgateKrystal-Regular.woff2
Requested by: Host: placeholder.krystal.uk
URL: https://placeholder.krystal.uk/assets/placeholder/css/dist.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.0.34 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: axiom.krystal.co.uk
Software: LiteSpeed /
Resource Hash: 7b3a74ec07652171925b76cfb7399fd406650e9f1a3b9af99e9a190658a75deb

Request headers

Referer: https://placeholder.krystal.uk/assets/placeholder/css/dist.min.css
Origin: https://placeholder.krystal.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 22:22:18 GMT
last-modified: Thu, 09 Nov 2023 10:23:27 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 11244
content-type: font/woff2

GET
H3 200 Borna-Regular.woff2
placeholder.krystal.uk/assets/placeholder/fonts/ Frame 3172 14 KB
14 KB 33ms
33ms Font
font/woff2 77.72.0.34
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://placeholder.krystal.uk/assets/placeholder/fonts/Borna-Regular.woff2
Requested by: Host: placeholder.krystal.uk
URL: https://placeholder.krystal.uk/assets/placeholder/css/dist.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.0.34 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: axiom.krystal.co.uk
Software: LiteSpeed /
Resource Hash: 5f34ebb9619bf71196037f5a84c9a0c271da14cee4de3ade4cbf7b3837138a37

Request headers

Referer: https://placeholder.krystal.uk/assets/placeholder/css/dist.min.css
Origin: https://placeholder.krystal.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 22:22:18 GMT
last-modified: Thu, 09 Nov 2023 10:23:27 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 14652
content-type: font/woff2

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://placeholder.krystal.uk/assets/placeholder/js/scripts.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.krystal.io
krystal.io
krystal.uk
placeholder.krystal.uk
tideys.co.uk
2400:52e0:1e00::1080:1
77.72.0.34
77.72.0.35
77.72.1.50
391ca26cc5a63f2a45413eec5b86a6af02901d6c38e0b979ca12cb1b621fa5c1
5f34ebb9619bf71196037f5a84c9a0c271da14cee4de3ade4cbf7b3837138a37
61759a734d9ecf24f77e131f7a48a3d84a545d9b67971aa109f2c314b2741700
75ecd82e1cb7b5ba7f9dc5b8f47a19a6a73350e1012891f62406e6f2cb7785cb
7b3a74ec07652171925b76cfb7399fd406650e9f1a3b9af99e9a190658a75deb
9a7c15de48e9fde65540a8b7b2dde6c6fe8c8ae0748463c4348c01f81ef6e984
dd2a7da7084c68e060f768d5adf73c1f0975f65437c1dc790d2e419998335461
f93c558e6430e866510642df514be50bdb3e0e91eeffa26bb79bfc2a30298563

tideys.co.uk Open in urlscan Pro 77.72.1.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

78 %HTTPS

25 %IPv6

3 Domains

5 Subdomains

4 IPs

2 Countries

507 kBTransfer

520 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

tideys.co.uk Open in urlscan Pro
77.72.1.50 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

78 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

507 kB
Transfer

520 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions