asiatransitions.xyz Open in urlscan Pro
2a02:4780:11:977:0:1c54:d750:10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://asiatransitions.xyz/
Submission: On September 30 via api (September 30th 2024, 4:31:06 am UTC) from BE — Scanned from DE

Summary HTTP 10 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 10 HTTP transactions. The main IP is 2a02:4780:11:977:0:1c54:d750:10, located in Mumbai, India and belongs to AS-HOSTINGER, CY. The main domain is asiatransitions.xyz.
TLS certificate: Issued by on September 13th 2024. Valid for: 3 years.

This is the only time asiatransitions.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a02:4780:11:... 2a02:4780:11:977:0:1c54:d750:10	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:89a::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	172.67.173.89 172.67.173.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	40.114.177.156 40.114.177.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
10	6

2 2a02:4780:11:977:0:1c54:d750:10 (Mumbai, India)

ASN47583 (AS-HOSTINGER, CY)

asiatransitions.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:89a::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.173.89 (United States)

ASN13335 (CLOUDFLARENET, US)

img.shields.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.114.177.156 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	shields.io img.shields.io — Cisco Umbrella Rank: 47906	3 KB
2	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 3161	12 KB
2	asiatransitions.xyz asiatransitions.xyz	3 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	duckduckgo.com duckduckgo.com — Cisco Umbrella Rank: 3538
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	2 KB
10	6

	Domain	Requested by
3	img.shields.io	asiatransitions.xyz
2	res.cloudinary.com	asiatransitions.xyz
2	asiatransitions.xyz
1	fonts.gstatic.com	fonts.googleapis.com
1	duckduckgo.com	asiatransitions.xyz
1	fonts.googleapis.com	asiatransitions.xyz
10	6

This site contains links to these domains. Also see Links.

Domain
www.qanonsecsecuresearch.lol
duck.ai
www.qanonsec.com
duckduckgo.com

Subject Issuer	Validity	Valid
CloudFlare Origin Certificate	`2024-09-13` - `2027-09-13`	3 years	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh
shields.io WE1	`2024-08-23` - `2024-11-21`	3 months	crt.sh
*.duckduckgo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-02` - `2024-11-25`	7 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://asiatransitions.xyz/
Frame ID: FBF82CFBD7AC5DFE0EAC3AAECC53E35C
Requests: 9 HTTP requests in this frame

Frame: https://duckduckgo.com/search.html?width=400&prefill=We%20run%20the%20net!&focus=yes
Frame ID: 1D0AF6DB671821C29B012794345E51B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

#QANONSEC secure search - A next-generation fast-loading, private, secure search portal

Detected technologies

Cloudinary (CDN) Expand

Overall confidence: 80%
Detected patterns

<img[^>]+\.cloudinary\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

10
Requests

80 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

39 kB
Transfer

45 kB
Size

0
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.qanonsecsecuresearch.lol/external/grok/

Search URL Search Domain Scan URL

URL: https://www.qanonsecsecuresearch.lol/external/gab-ai/

Search URL Search Domain Scan URL

URL: https://www.qanonsecsecuresearch.lol/external/chatgpt/

Search URL Search Domain Scan URL

URL: https://www.qanonsecsecuresearch.lol/external/bard/

Search URL Search Domain Scan URL

URL: https://www.qanonsecsecuresearch.lol/external/google-ai-studio/

Search URL Search Domain Scan URL

URL: https://www.qanonsecsecuresearch.lol/external/copilot/

Search URL Search Domain Scan URL

URL: https://www.qanonsecsecuresearch.lol/external/meta-ai/

Search URL Search Domain Scan URL

URL: https://www.qanonsecsecuresearch.lol/external/perplexity/

Search URL Search Domain Scan URL

URL: https://www.qanonsecsecuresearch.lol/external/claude/

Search URL Search Domain Scan URL

URL: https://www.qanonsecsecuresearch.lol/external/huggingchat/

Search URL Search Domain Scan URL

URL: https://www.qanonsecsecuresearch.lol/external/venice-ai/

Search URL Search Domain Scan URL

URL: https://www.qanonsecsecuresearch.lol/external/moshi/

Search URL Search Domain Scan URL

URL: https://duck.ai/

Search URL Search Domain Scan URL

URL: https://www.qanonsec.com/
Title: Return to home page

Search URL Search Domain Scan URL

URL: https://www.qanonsec.com/search/status/
Title: Status

Search URL Search Domain Scan URL

URL: https://duckduckgo.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
asiatransitions.xyz/ 6 KB
2 KB 426ms
136ms Document
text/html 2a02:4780:11:977:0:1c54:d750:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://asiatransitions.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:11:977:0:1c54:d750:10 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.3.1

Resource Hash

2e114fa43ff879c1468f71696b4d1543f341bc1c67c5059425190841d264bbe5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 2007
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 30 Sep 2024 04:31:01 GMT
panel: hpanel
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.3.1

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
2 KB 47ms
20ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Protest+Guerrilla&display=swap

Requested by

Host: asiatransitions.xyz
URL: https://asiatransitions.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

925bb8d6cf3acfce00de8ff1842e57206e69a1e79d57186a29158a3e7b3acfee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://asiatransitions.xyz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 04:31:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 04:31:01 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 30 Sep 2024 04:31:01 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 qanonsec-logo-free-official-AIplus-overlay-U_ff0hbt.webp
res.cloudinary.com/dgihigbo4/image/upload/v1708587314/ 11 KB
11 KB 301ms
252ms Image
image/webp 2a02:26f0:3500:89a::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dgihigbo4/image/upload/v1708587314/qanonsec-logo-free-official-AIplus-overlay-U_ff0hbt.webp

Requested by

Host: asiatransitions.xyz
URL: https://asiatransitions.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:89a::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

f71682980a8428b233818a6d2037120ac231ee5397b364855b2ec65d6244fae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://asiatransitions.xyz/

Response headers

strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
timing-allow-origin: *
etag: "3202834ac4ecd735570d7c63ab7190ec"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=244;cpu=38;start=2024-09-30T04:31:01.597Z;desc=miss,rtt;dur=6,content-info;desc="width=740,height=246,bytes=10966,o=1,ef=(17)",cloudinary;dur=118;start=2024-09-30T04:31:01.672Z
content-length: 10966
date: Mon, 30 Sep 2024 04:31:01 GMT
content-type: image/webp
content-disposition: inline; filename="qanonsec-logo-free-official-AIplus-overlay-U_ff0hbt.webp"
server: Cloudinary
last-modified: Thu, 22 Feb 2024 07:35:15 GMT

GET
H2 200 ddg-plus-button_twfvcw.webp
res.cloudinary.com/dgihigbo4/image/upload/v1724975529/ 514 B
1 KB 225ms
176ms Image
image/webp 2a02:26f0:3500:89a::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dgihigbo4/image/upload/v1724975529/ddg-plus-button_twfvcw.webp

Requested by

Host: asiatransitions.xyz
URL: https://asiatransitions.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:89a::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

675517a4c6aa3d2ae045d121ebb47f022bec5879717f3128f4ed29735eeff097

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://asiatransitions.xyz/

Response headers

x-request-id: f952837e05b6ba9fd9ee9f22f0125615
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
etag: "d1fbb605158c7fb3af71c8570cfc34b4"
x-content-type-options: nosniff
server-timing: cld-akam;dur=168;cpu=28;start=2024-09-30T04:31:01.597Z;desc=miss,rtt;dur=6,content-info;desc="width=40,height=40,bytes=514,o=1,ef=(17)",cloudinary;dur=52;start=2024-09-30T04:31:01.666Z
date: Mon, 30 Sep 2024 04:31:01 GMT
content-type: image/webp
content-disposition: inline; filename="ddg-plus-button_twfvcw.webp"
last-modified: Thu, 29 Aug 2024 23:52:10 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 514
server: Cloudinary

GET
H3 200 Built_with-PHP-blue
img.shields.io/badge/ 1 KB
1 KB 210ms
184ms Image
image/svg+xml 172.67.173.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/Built_with-PHP-blue
Requested by: Host: asiatransitions.xyz
URL: https://asiatransitions.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.173.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e14d1429dc157f705721089a04820fe7b0ee265c5e0548907890c09ee913c67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://asiatransitions.xyz/

Response headers

cache-control: max-age=432000, s-maxage=432000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXeaFJI34obdxRGB%2BQmo1f8EwNjQoL76CZcU4gOVC8aEDbxRilJ%2Bp5DKl2f25n%2F9tsLYNo7TQoRsKSLpiyt5Tp67sH8l6KyUFIF5qlpGXQX1CIE1fTFaGxy%2B7RKcyAC8Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
via: 1.1 fly.io
cf-ray: 8cb17b231d7c9b69-FRA
access-control-allow-origin: *
date: Mon, 30 Sep 2024 04:31:01 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Mon, 30 Sep 2024 04:06:22 GMT
fly-request-id: 01J90K4CFSB1XFQ2RP293VAYKP-fra
server: cloudflare
vary: Accept-Encoding

GET
H3 200 Validated_by-W3C-silver
img.shields.io/badge/ 1 KB
1 KB 418ms
394ms Image
image/svg+xml 172.67.173.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/Validated_by-W3C-silver
Requested by: Host: asiatransitions.xyz
URL: https://asiatransitions.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.173.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3069ded3b330384db8ad0559ed6b353d720d9a482e06e4022175f39b6ff235dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://asiatransitions.xyz/

Response headers

content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LXk9gdxS%2FTQ55MNnYhv7UHAUZaOkT2374zDzQqRay0TN0e0GNlkOMhd9DEeQbDyUMel3NBauoM1s1QOCi3zBuCGx9QHa865G0ABpdG33jR3arq5%2BmJUtJCmYF1ndUk1iw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Sep 2024 04:31:01 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Sun, 29 Sep 2024 12:26:15 GMT
fly-request-id: 01J90K4CFTRCFFYF0F3H3DS8Y6-fra
vary: Accept-Encoding
cache-control: max-age=432000, s-maxage=432000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
via: 1.1 fly.io
cf-ray: 8cb17b230d7a9b69-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 Served_by-Cloudflare-white
img.shields.io/badge/ 1 KB
1008 B 212ms
188ms Image
image/svg+xml 172.67.173.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/Served_by-Cloudflare-white
Requested by: Host: asiatransitions.xyz
URL: https://asiatransitions.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.173.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118684ca752b7f6f6eb2e12c6b3294d97d42342c4b4c7af3402d1412ff468255

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://asiatransitions.xyz/

Response headers

cache-control: max-age=432000, s-maxage=432000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQbd30q23B2BG8xM54sqoyKSu%2FmVsYrr8u0YRDei%2BeFeZbSu12TsNFxUIfaaITBfGZco4KcBxCwNQDexAP5Cr3iR7OgqOIvZtQHZnsIN6hjHMM0RENC7pSr5YjI6Q9dHiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
via: 1.1 fly.io
cf-ray: 8cb17b230d799b69-FRA
access-control-allow-origin: *
date: Mon, 30 Sep 2024 04:31:01 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Sun, 29 Sep 2024 12:26:09 GMT
fly-request-id: 01J90K4CFVYQBC1ASXES1NAXZ2-fra
server: cloudflare
vary: Accept-Encoding

GET
H2 200 search.html
duckduckgo.com/ Frame 1D0A 0
0 63ms
24ms Document
text/html 40.114.177.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/search.html?width=400&prefill=We%20run%20the%20net!&focus=yes

Requested by

Host: asiatransitions.xyz
URL: https://asiatransitions.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.177.156 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors * ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://asiatransitions.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=86400
content-encoding: br
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors * ; base-uri 'self' ; block-all-mixed-content ;
content-type: text/html; charset=UTF-8
date: Mon, 30 Sep 2024 04:31:01 GMT
etag: W/"64dce3af-c13a"
expect-ct: max-age=0
expires: Tue, 01 Oct 2024 04:31:01 GMT
last-modified: Wed, 16 Aug 2023 14:56:47 GMT
permissions-policy: interest-cohort=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-duckduckgo-locale: de_DE
x-xss-protection: 1;mode=block

GET
H3 200 Qw3HZR5PDSL6K3irtrY-VJB2YzARHW0jqp4.woff2
fonts.gstatic.com/s/protestguerrilla/v2/ 19 KB
19 KB 26ms
7ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/protestguerrilla/v2/Qw3HZR5PDSL6K3irtrY-VJB2YzARHW0jqp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Protest+Guerrilla&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

1ea016c93b0aba9bb911f909949f74c7ec44d61d3a8809ecd9ea3f37ee12d1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://asiatransitions.xyz
Referer: https://fonts.googleapis.com/

Response headers

age: 315564
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 12:51:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 12:51:37 GMT
last-modified: Wed, 31 Jan 2024 23:09:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19072
x-xss-protection: 0
server: sffe

GET
H2 200 favicon.ico
asiatransitions.xyz/ 1 KB
775 B 142ms
141ms Other
image/x-icon 2a02:4780:11:977:0:1c54:d750:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://asiatransitions.xyz/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:11:977:0:1c54:d750:10 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c42fe8299040220a83240bee67d353a7238543ef2638b6ce2969c2d5f479f1d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://asiatransitions.xyz/

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "57e-6580d99c-ca6f58635dba65b1;br"
expires: Mon, 07 Oct 2024 04:31:02 GMT
accept-ranges: bytes
content-length: 611
date: Mon, 30 Sep 2024 04:31:02 GMT
content-type: image/x-icon
last-modified: Mon, 18 Dec 2023 23:45:32 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asiatransitions.xyz
duckduckgo.com
fonts.googleapis.com
fonts.gstatic.com
img.shields.io
res.cloudinary.com
142.250.185.227
172.67.173.89
2a00:1450:4001:806::200a
2a02:26f0:3500:89a::523
2a02:4780:11:977:0:1c54:d750:10
40.114.177.156
118684ca752b7f6f6eb2e12c6b3294d97d42342c4b4c7af3402d1412ff468255
1ea016c93b0aba9bb911f909949f74c7ec44d61d3a8809ecd9ea3f37ee12d1ce
2e114fa43ff879c1468f71696b4d1543f341bc1c67c5059425190841d264bbe5
3069ded3b330384db8ad0559ed6b353d720d9a482e06e4022175f39b6ff235dc
675517a4c6aa3d2ae045d121ebb47f022bec5879717f3128f4ed29735eeff097
925bb8d6cf3acfce00de8ff1842e57206e69a1e79d57186a29158a3e7b3acfee
9e14d1429dc157f705721089a04820fe7b0ee265c5e0548907890c09ee913c67
c42fe8299040220a83240bee67d353a7238543ef2638b6ce2969c2d5f479f1d1
f71682980a8428b233818a6d2037120ac231ee5397b364855b2ec65d6244fae2

asiatransitions.xyz Open in urlscan Pro 2a02:4780:11:977:0:1c54:d750:10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

80 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

6 IPs

4 Countries

39 kBTransfer

45 kBSize

0 Cookies

16 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

asiatransitions.xyz Open in urlscan Pro
2a02:4780:11:977:0:1c54:d750:10 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

80 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

39 kB
Transfer

45 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions