sandchantgulsimu.tk - urlscan.io

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3037::ac43:aa34, located in United States and belongs to CLOUDFLARENET, US. The main domain is sandchantgulsimu.tk.

This is the only time sandchantgulsimu.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3037::ac43:aa34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	94.231.103.165 94.231.103.165	48854 (ZITCOM) (ZITCOM)
1	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
7	5

2 2606:4700:3037::ac43:aa34 (United States)

ASN13335 (CLOUDFLARENET, US)

sandchantgulsimu.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.231.103.165 (Aarhus C, Denmark)

ASN48854 (ZITCOM, DK)
PTR: linux147.unoeuro.com

travellingclaus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	bootstrapcdn.com netdna.bootstrapcdn.com	29 KB
2	sandchantgulsimu.tk sandchantgulsimu.tk	6 KB
1	youtube.com www.youtube.com
1	travellingclaus.com travellingclaus.com	2 MB
1	jquery.com code.jquery.com	82 KB
7	5

	Domain	Requested by
2	netdna.bootstrapcdn.com	sandchantgulsimu.tk
2	sandchantgulsimu.tk	sandchantgulsimu.tk
1	www.youtube.com	sandchantgulsimu.tk
1	travellingclaus.com	sandchantgulsimu.tk
1	code.jquery.com	sandchantgulsimu.tk
7	5

This site contains no links.

Subject Issuer	Validity	Valid
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://sandchantgulsimu.tk/
Frame ID: 25BF04C6521F5D15AF793F1B273F9F4D
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ibTmwQdoIls
Frame ID: FC3A4116379553ACFE7C0BFBB5A6A56D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

7
Requests

71 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

2512 kB
Transfer

2838 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
sandchantgulsimu.tk/ 12 KB
6 KB 201ms
179ms Document
text/html 2606:4700:3037::ac43:aa34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sandchantgulsimu.tk/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:aa34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bb029f05a7bb879268258f41d88338c9c2090eaa651b78f091ab5892ab10739

Request headers

Host: sandchantgulsimu.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 24 Jan 2021 18:37:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d2a9a0b13a8f3f9335223e38aac5410ff1611513474; expires=Tue, 23-Feb-21 18:37:54 GMT; path=/; domain=.sandchantgulsimu.tk; HttpOnly; SameSite=Lax ch1c=b
CF-Cache-Status: DYNAMIC
cf-request-id: 07d74947ac00000ea71a276000000001
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FcD2hn2T%2F02NRpFdzOYfbVTAX%2BDENuHsXrqk1%2BCCJfJqYkhpUWc84bCTMQU70hvYDPh2necuZBhj7Jxgp03glP9dASJcxk2EYKypESYx5NhjGo7FToCK310egTlyoVS%2F"}],"group":"cf-nel"}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 616bde52af760ea7-FRA
Content-Encoding: gzip

GET
H2 200 bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.3.5/css/ 120 KB
20 KB 28ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css

Requested by

Host: sandchantgulsimu.tk
URL: http://sandchantgulsimu.tk/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

/

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://sandchantgulsimu.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 18:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19879

GET
H2 404 index.css
sandchantgulsimu.tk/ 0
0 85ms
53ms Stylesheet
text/html 2606:4700:3037::ac43:aa34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sandchantgulsimu.tk/index.css
Requested by: Host: sandchantgulsimu.tk
URL: http://sandchantgulsimu.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:aa34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://sandchantgulsimu.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 jquery.js Show response
code.jquery.com/ 276 KB
82 KB 25ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery.js
Requested by: Host: sandchantgulsimu.tk
URL: http://sandchantgulsimu.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Referer: http://sandchantgulsimu.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 18:37:55 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:08 GMT
server: nginx
etag: W/"54499a48-4508e"
vary: Accept-Encoding
x-hw: 1611513475.dop219.fr8.t,1611513475.cds279.fr8.hc,1611513475.cds051.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 83875

GET
H2 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/bootstrap/3.3.5/js/ 36 KB
10 KB 28ms
10ms Script
text/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js

Requested by

Host: sandchantgulsimu.tk
URL: http://sandchantgulsimu.tk/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

/

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://sandchantgulsimu.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 18:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9743

GET
H/1.1 200
OK SAM_4229.jpg
travellingclaus.com/wp-content/uploads/2016/01/ 2 MB
2 MB 92ms
62ms Image
image/jpeg 94.231.103.165
ZITCOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://travellingclaus.com/wp-content/uploads/2016/01/SAM_4229.jpg

Requested by

Host: sandchantgulsimu.tk
URL: http://sandchantgulsimu.tk/

Protocol

HTTP/1.1

Server

94.231.103.165 Aarhus C, Denmark, ASN48854 (ZITCOM, DK),

Reverse DNS

linux147.unoeuro.com

Software

Apache /

Resource Hash

079a12e91e574f20bbdaacebea65290bfdcd2983bfeb1cace8261cd90cdc8b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://sandchantgulsimu.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 24 Jan 2021 18:37:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Jan 2016 23:12:00 GMT
Server: Apache
ETag: "256879-528eed4bc7000"
Upgrade: h2
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=20, max=10000
Content-Length: 2451577

GET
H2 200 ibTmwQdoIls
www.youtube.com/embed/ Frame FC3A 0
0 143ms
121ms Document
text/html 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ibTmwQdoIls

Requested by

Host: sandchantgulsimu.tk
URL: http://sandchantgulsimu.tk/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/ibTmwQdoIls
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://sandchantgulsimu.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://sandchantgulsimu.tk/

Response headers

content-length: 20868
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Sun, 24 Jan 2021 18:37:55 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=qWQkVM8aZuA; path=/; domain=.youtube.com; secure; expires=Fri, 23-Jul-2021 18:37:55 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 24-Jan-2021 19:07:55 GMT YSC=sCJNPfOa3HU; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=qWQkVM8aZuA; path=/; domain=.youtube.com; secure; expires=Fri, 23-Jul-2021 18:37:55 GMT; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 19:57:45	Name: VISITOR_INFO1_LIVE Value: qWQkVM8aZuA
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: sCJNPfOa3HU
sandchantgulsimu.tk/	1969-12-31 23:59:59	Name: ch1c Value: b
.sandchantgulsimu.tk/	1970-01-19 16:21:45	Name: __cfduid Value: d2a9a0b13a8f3f9335223e38aac5410ff1611513474

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
netdna.bootstrapcdn.com
sandchantgulsimu.tk
travellingclaus.com
www.youtube.com
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3b
2606:4700:3037::ac43:aa34
2a00:1450:4001:814::200e
94.231.103.165
079a12e91e574f20bbdaacebea65290bfdcd2983bfeb1cace8261cd90cdc8b85
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3bb029f05a7bb879268258f41d88338c9c2090eaa651b78f091ab5892ab10739
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

sandchantgulsimu.tk Open in urlscan Pro 2606:4700:3037::ac43:aa34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

71 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

4 Countries

2512 kBTransfer

2838 kBSize

4 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

4 Cookies

Indicators

sandchantgulsimu.tk Open in urlscan Pro
2606:4700:3037::ac43:aa34 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

71 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

2512 kB
Transfer

2838 kB
Size

4
Cookies

7 HTTP transactions
0 data transactions