fimuqzug.duckdns.org

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 4 HTTP transactions. The main IP is 91.201.42.180, located in Russian Federation and belongs to RUWEB, RU. The main domain is fimuqzug.duckdns.org.

This is the only time fimuqzug.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	91.201.42.180 91.201.42.180	49189 (RUWEB) (RUWEB)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	2606:4700:303... 2606:4700:3038::681f:6bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	4

1 91.201.42.180 (Russian Federation)

ASN49189 (RUWEB, RU)
PTR: hosti.ru

fimuqzug.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::681f:6bf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gitcdn.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	gitcdn.link 1 redirects gitcdn.link	8 KB
1	googleapis.com fonts.googleapis.com	521 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com	23 KB
1	duckdns.org fimuqzug.duckdns.org	10 KB
4	4

	Domain	Requested by
2	gitcdn.link	1 redirects fimuqzug.duckdns.org
1	fonts.googleapis.com	fimuqzug.duckdns.org
1	stackpath.bootstrapcdn.com	fimuqzug.duckdns.org
1	fimuqzug.duckdns.org
4	4

This site contains no links.

Subject Issuer	Validity	Valid
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-30` - `2020-10-09`	8 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://fimuqzug.duckdns.org/document68.php
Frame ID: 6DE3B6473D7FD7ADEE3B5D681C782E67
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

4
Requests

75 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

41 kB
Transfer

229 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://gitcdn.link/repo/Chalarangelo/mini.css/master/dist/mini-default.min.css HTTP 301
https://gitcdn.link/cdn/Chalarangelo/mini.css/e849238d198c032c9d3fa84ccadf59ea7f0ad06c/dist/mini-default.min.css

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request document68.php Show response
fimuqzug.duckdns.org/ 31 KB
10 KB 308ms
131ms Document
text/html 91.201.42.180
RUWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://fimuqzug.duckdns.org/document68.php
Protocol: HTTP/1.1
Server: 91.201.42.180 , Russian Federation, ASN49189 (RUWEB, RU),
Reverse DNS: hosti.ru
Software: nginx /
Resource Hash: ceb9246ff1e7056c92423ebf28d8e983a393bdf23a47716eeb68f8a3139d8fa4

Request headers

Host: fimuqzug.duckdns.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Fri, 24 Apr 2020 02:41:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
23 KB 1266ms
836ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: fimuqzug.duckdns.org
URL: http://fimuqzug.duckdns.org/document68.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

/

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fimuqzug.duckdns.org/document68.php
Origin: http://fimuqzug.duckdns.org

Response headers

date: Fri, 24 Apr 2020 02:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:50 GMT
status: 200
etag: "1550076050"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23237

GET
H2

200

mini-default.min.css
gitcdn.link/cdn/Chalarangelo/mini.css/e849238d198c032c9d3fa84ccadf59ea7f0ad06c/dist/
Redirect Chain

https://gitcdn.link/repo/Chalarangelo/mini.css/master/dist/mini-default.min.css
https://gitcdn.link/cdn/Chalarangelo/mini.css/e849238d198c032c9d3fa84ccadf59ea7f0ad06c/dist/mini-default.min.css

46 KB
8 KB

628ms
628ms

Stylesheet
text/css

2606:4700:3038::681f:6bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gitcdn.link/cdn/Chalarangelo/mini.css/e849238d198c032c9d3fa84ccadf59ea7f0ad06c/dist/mini-default.min.css
Requested by: Host: fimuqzug.duckdns.org
URL: http://fimuqzug.duckdns.org/document68.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f68b52e1d99899251c3fea9a56cb050de526be92f2d72e0725b4c351c0db55a7

Request headers

Referer: http://fimuqzug.duckdns.org/document68.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 588c773d0ffb72db-AMS
date: Fri, 24 Apr 2020 02:41:32 GMT
via: 1.1 vegur
cf-cache-status: EXPIRED
server: cloudflare
status: 200
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
content-encoding: br
cf-request-id: 024ba8da20000072dbc3b82200000001
expires: Sun, 24 May 2020 02:41:31 GMT

Redirect headers

date: Fri, 24 Apr 2020 02:41:31 GMT
via: 1.1 vegur
vary: Accept, Accept-Encoding
cf-cache-status: EXPIRED
server: cloudflare
status: 301
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://gitcdn.link/cdn/Chalarangelo/mini.css/e849238d198c032c9d3fa84ccadf59ea7f0ad06c/dist/mini-default.min.css
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 588c773aaeb672db-AMS
content-length: 146
cf-request-id: 024ba8d8a6000072dbc3b6f200000001

GET
H2 200 css
fonts.googleapis.com/ 917 B
521 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Averia%20Gruesa%20Libre

Requested by

Host: fimuqzug.duckdns.org
URL: http://fimuqzug.duckdns.org/document68.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6d8b0093a5031233d90367f480cb346eed8026a77df88a4ccb1e6207fb8c308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://fimuqzug.duckdns.org/document68.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Apr 2020 02:41:31 GMT
server: ESF
date: Fri, 24 Apr 2020 02:41:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Apr 2020 02:41:31 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fimuqzug.duckdns.org
fonts.googleapis.com
gitcdn.link
stackpath.bootstrapcdn.com
2001:4de0:ac19::1:b:2a
2606:4700:3038::681f:6bf
2a00:1450:4001:808::200a
91.201.42.180
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
ceb9246ff1e7056c92423ebf28d8e983a393bdf23a47716eeb68f8a3139d8fa4
f68b52e1d99899251c3fea9a56cb050de526be92f2d72e0725b4c351c0db55a7
f6d8b0093a5031233d90367f480cb346eed8026a77df88a4ccb1e6207fb8c308

fimuqzug.duckdns.org Open in urlscan Pro 91.201.42.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

4 Requests

75 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

4 Countries

41 kBTransfer

229 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

fimuqzug.duckdns.org Open in urlscan Pro
91.201.42.180 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

41 kB
Transfer

229 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions