aquitemvaga.top Open in urlscan Pro
91.218.247.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aquitemvaga.top/unimed/
Submission: On March 01 via manual (March 1st 2021, 6:37:31 pm UTC) from BR

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 14 HTTP transactions. The main IP is 91.218.247.105, located in Russian Federation and belongs to HOSTKEY-RU-AS, NL. The main domain is aquitemvaga.top.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 12th 2021. Valid for: 3 months.

This is the only time aquitemvaga.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 7	91.218.247.105 91.218.247.105	50867 (HOSTKEY-R...) (HOSTKEY-RU-AS)
6	2606:4700:303... 2606:4700:3033::6815:1e7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
14	6

7 91.218.247.105 (Russian Federation) 6 redirects

ASN50867 (HOSTKEY-RU-AS, NL)

aquitemvaga.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3033::6815:1e7c (United States)

ASN13335 (CLOUDFLARENET, US)

bestprizes.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	aquitemvaga.top 6 redirects aquitemvaga.top	8 KB
6	bestprizes.ru bestprizes.ru	122 KB
3	googleusercontent.com themes.googleusercontent.com	66 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	googleapis.com ajax.googleapis.com	30 KB
14	6

	Domain	Requested by
7	aquitemvaga.top	6 redirects
6	bestprizes.ru	aquitemvaga.top
3	themes.googleusercontent.com	bestprizes.ru
2	www.google-analytics.com	aquitemvaga.top www.google-analytics.com
1	cdn.onesignal.com	aquitemvaga.top
1	ajax.googleapis.com	aquitemvaga.top
14	6

This site contains no links.

Subject Issuer	Validity	Valid
aquitemvaga.top cPanel, Inc. Certification Authority	`2021-02-12` - `2021-05-13`	3 months	crt.sh
*.bestprizes.ru R3	`2021-01-01` - `2021-04-01`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://aquitemvaga.top/unimed/
Frame ID: E604B4178770352C5CB89A68222B1CDF
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

248 kB
Transfer

355 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://aquitemvaga.top/unimed/index_files/min6.css HTTP 301
https://bestprizes.ru/unimed/index_files/min6.css

Request Chain 3

https://aquitemvaga.top/unimed/index_files/logo.png HTTP 301
https://bestprizes.ru/unimed/index_files/logo.png

Request Chain 4

https://aquitemvaga.top/unimed/index_files/tc.jpg HTTP 301
https://bestprizes.ru/unimed/index_files/tc.jpg

Request Chain 5

https://aquitemvaga.top/unimed/index_files/trabalhe-conosco.jpg HTTP 301
https://bestprizes.ru/unimed/index_files/trabalhe-conosco.jpg

Request Chain 6

https://aquitemvaga.top/unimed/index_files/req.jpg HTTP 301
https://bestprizes.ru/unimed/index_files/req.jpg

Request Chain 7

https://aquitemvaga.top/unimed/index_files/bras.png HTTP 301
https://bestprizes.ru/unimed/index_files/bras.png

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
aquitemvaga.top/unimed/ 23 KB
7 KB 313ms
75ms Document
text/html 91.218.247.105
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aquitemvaga.top/unimed/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.247.105 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 34d294cd36e08bbec4dcbabe3664a72c2d74330c483c630bffb39b2ffe007d99

Request headers

:method: GET
:authority: aquitemvaga.top
:scheme: https
:path: /unimed/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html
last-modified: Wed, 24 Feb 2021 19:56:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7412
date: Mon, 01 Mar 2021 18:37:11 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2

200

min6.css
bestprizes.ru/unimed/index_files/
Redirect Chain

https://aquitemvaga.top/unimed/index_files/min6.css
https://bestprizes.ru/unimed/index_files/min6.css

8 KB
3 KB

40ms
14ms

Stylesheet
text/css

2606:4700:3033::6815:1e7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bestprizes.ru/unimed/index_files/min6.css
Requested by: Host: aquitemvaga.top
URL: https://aquitemvaga.top/unimed/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1e7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0129ceeb73730be41b30dec2a92cb353880b32b14af1c26f087ab580e3d17efa

Request headers

Referer: https://aquitemvaga.top/unimed/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:37:12 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6583
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0890ad908800004dc4af299000000001
x-robots-tag: noindex
last-modified: Wed, 22 Jul 2020 15:19:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gvi9Z%2FfevP886%2FwwlCPJl6zEUlXeXmoa4tjm1Uw6AaTPTPBUx840ZYGmKaXOqlFwfD3mDh0Z9L4rjgm2iTPFiSwbBKDr1h%2Ft6W23FbNkaIq09hwDarXMH9N1"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 62947ec73ccc4dc4-FRA
access-control-allow-headers: Origin, Accept, Accept- Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, x-api-key, X-Response-Time, X-PINGOTHER, X-CSRF-Token,Authorization

Redirect headers

location: https://bestprizes.ru/unimed/index_files/min6.css
date: Mon, 01 Mar 2021 18:37:12 GMT
server: LiteSpeed
content-length: 706
content-type: text/html

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: aquitemvaga.top
URL: https://aquitemvaga.top/unimed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aquitemvaga.top/unimed/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 18:30:02 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 30ms
14ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: aquitemvaga.top
URL: https://aquitemvaga.top/unimed/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer: https://aquitemvaga.top/unimed/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:37:11 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3524
etag: W/"29e3b92597e716694def18b1f85abbfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 62947ec4e819535d-FRA
cf-request-id: 0890ad8f130000535dcb0dd000000001
expires: Mon, 01 Mar 2021 19:37:11 GMT

GET
H2

200

logo.png
bestprizes.ru/unimed/index_files/
Redirect Chain

https://aquitemvaga.top/unimed/index_files/logo.png
https://bestprizes.ru/unimed/index_files/logo.png

9 KB
9 KB

12ms
12ms

Image
image/png

2606:4700:3033::6815:1e7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bestprizes.ru/unimed/index_files/logo.png
Requested by: Host: aquitemvaga.top
URL: https://aquitemvaga.top/unimed/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1e7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbc5445de0040d442d6e556f1838de0f065c2bc93f615b0afaa34dc8e3d2d32f

Request headers

Referer: https://aquitemvaga.top/unimed/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:37:12 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6581
access-control-max-age: 1000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8809
cf-request-id: 0890ad90e400004dc48c845000000001
x-robots-tag: noindex
last-modified: Wed, 22 Jul 2020 15:06:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mI0RZrD8TyA7D4YDswdN3TX%2BmNGNHN230DeLtjsJEirYNuI6naoiZn6mCJR3dwiHlA%2BXTf%2FczGE6tcmiAcFzzZM3pjPYhuuo%2Fke3mV466nnHsf%2FwB24%2FFB6a"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62947ec7de024dc4-FRA
access-control-allow-headers: Origin, Accept, Accept- Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, x-api-key, X-Response-Time, X-PINGOTHER, X-CSRF-Token,Authorization

Redirect headers

location: https://bestprizes.ru/unimed/index_files/logo.png
date: Mon, 01 Mar 2021 18:37:12 GMT
server: LiteSpeed
content-length: 706
content-type: text/html

GET
H2

200

tc.jpg
bestprizes.ru/unimed/index_files/
Redirect Chain

https://aquitemvaga.top/unimed/index_files/tc.jpg
https://bestprizes.ru/unimed/index_files/tc.jpg

27 KB
27 KB

12ms
12ms

Image
image/jpeg

2606:4700:3033::6815:1e7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bestprizes.ru/unimed/index_files/tc.jpg
Requested by: Host: aquitemvaga.top
URL: https://aquitemvaga.top/unimed/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1e7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f90472335039aed93831a41cd5fd4e140ba1a4c4165aadce19fea12100e5e179

Request headers

Referer: https://aquitemvaga.top/unimed/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:37:12 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6581
access-control-max-age: 1000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27145
cf-request-id: 0890ad920d00004dc4a732c000000001
x-robots-tag: noindex
last-modified: Wed, 22 Jul 2020 15:06:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RnrXQVvelv5lBOmgomyVi30dm3g9bqL7RFXNoHVwmWrvAKJCM%2BW8k0L%2B2T%2FHLWDXFthAsF7fE4dpLd1F%2F0lRU0vWQ5GuAcjnlfCHG96kyv%2FKLfbgWKlJx%2BJi"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62947ec9a98c4dc4-FRA
access-control-allow-headers: Origin, Accept, Accept- Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, x-api-key, X-Response-Time, X-PINGOTHER, X-CSRF-Token,Authorization

Redirect headers

location: https://bestprizes.ru/unimed/index_files/tc.jpg
date: Mon, 01 Mar 2021 18:37:12 GMT
server: LiteSpeed
content-length: 706
content-type: text/html

GET
H2

200

trabalhe-conosco.jpg
bestprizes.ru/unimed/index_files/
Redirect Chain

https://aquitemvaga.top/unimed/index_files/trabalhe-conosco.jpg
https://bestprizes.ru/unimed/index_files/trabalhe-conosco.jpg

33 KB
33 KB

12ms
11ms

Image
image/jpeg

2606:4700:3033::6815:1e7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bestprizes.ru/unimed/index_files/trabalhe-conosco.jpg
Requested by: Host: aquitemvaga.top
URL: https://aquitemvaga.top/unimed/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1e7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab025569e9737bd18b8b7e9a6a426fa188d57a99e5372dc501af78a84573260

Request headers

Referer: https://aquitemvaga.top/unimed/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:37:12 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6581
access-control-max-age: 1000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33418
cf-request-id: 0890ad922b00004dc4a732e000000001
x-robots-tag: noindex
last-modified: Wed, 22 Jul 2020 15:06:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tDHH5MbrR95AHw4JF54jcQmG1syMmVEW7Z%2BxvCYDd3JnmzXTfx89qgvhIoIO5qIuVpUBjMFaa8VT7wq%2FwEiPkeD9xgx3Fh6lAZ6qDwslkcMFqHg1vGyxj26k"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62947ec9d9e24dc4-FRA
access-control-allow-headers: Origin, Accept, Accept- Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, x-api-key, X-Response-Time, X-PINGOTHER, X-CSRF-Token,Authorization

Redirect headers

location: https://bestprizes.ru/unimed/index_files/trabalhe-conosco.jpg
date: Mon, 01 Mar 2021 18:37:12 GMT
server: LiteSpeed
content-length: 706
content-type: text/html

GET
H2

200

req.jpg
bestprizes.ru/unimed/index_files/
Redirect Chain

https://aquitemvaga.top/unimed/index_files/req.jpg
https://bestprizes.ru/unimed/index_files/req.jpg

34 KB
35 KB

14ms
14ms

Image
image/jpeg

2606:4700:3033::6815:1e7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bestprizes.ru/unimed/index_files/req.jpg
Requested by: Host: aquitemvaga.top
URL: https://aquitemvaga.top/unimed/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1e7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a7e75d7992e840181ae81bc875c7a5a74d9eb005e5630efebda6fd971faf8e7

Request headers

Referer: https://aquitemvaga.top/unimed/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:37:12 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6581
access-control-max-age: 1000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35220
cf-request-id: 0890ad922b00004dc46116e000000001
x-robots-tag: noindex
last-modified: Wed, 22 Jul 2020 15:06:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EWhUXQX%2BDPOxTs34VQGzGEPDoDzpfG7SFxtNVTDiA4hcyyiJWW6%2FVT%2FWfZvlP9Xvv9bgpr09Ci26G9n%2FiOKr1Y7vjUWsVrbM6%2F9ASsRHf2nYTVmt8fv2%2B0IK"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62947ec9d9e34dc4-FRA
access-control-allow-headers: Origin, Accept, Accept- Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, x-api-key, X-Response-Time, X-PINGOTHER, X-CSRF-Token,Authorization

Redirect headers

location: https://bestprizes.ru/unimed/index_files/req.jpg
date: Mon, 01 Mar 2021 18:37:12 GMT
server: LiteSpeed
content-length: 706
content-type: text/html

GET
H2

200

bras.png
bestprizes.ru/unimed/index_files/
Redirect Chain

https://aquitemvaga.top/unimed/index_files/bras.png
https://bestprizes.ru/unimed/index_files/bras.png

16 KB
16 KB

13ms
13ms

Image
image/png

2606:4700:3033::6815:1e7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bestprizes.ru/unimed/index_files/bras.png
Requested by: Host: aquitemvaga.top
URL: https://aquitemvaga.top/unimed/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1e7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 501d24692d893628f1aec5afc40ffdd2425f40be148cc31bbe8cf03ef8efb911

Request headers

Referer: https://aquitemvaga.top/unimed/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:37:12 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6581
access-control-max-age: 1000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16284
cf-request-id: 0890ad922b00004dc49f2b2000000001
x-robots-tag: noindex
last-modified: Wed, 22 Jul 2020 15:06:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ICXNKvSYDoh3YmV8zBQBGS5QcMXgg1z3vJi8PDe6HHiOoysdpgs0QZiCk7n7OvDnpOFIst7pkir4IaLaEok1OqaTBZvBDH4OUSw2lDTMcsJ6sTpSTis5JVQt"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62947ec9d9e54dc4-FRA
access-control-allow-headers: Origin, Accept, Accept- Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, x-api-key, X-Response-Time, X-PINGOTHER, X-CSRF-Token,Authorization

Redirect headers

location: https://bestprizes.ru/unimed/index_files/bras.png
date: Mon, 01 Mar 2021 18:37:12 GMT
server: LiteSpeed
content-length: 706
content-type: text/html

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: aquitemvaga.top
URL: https://aquitemvaga.top/unimed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aquitemvaga.top/unimed/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2076
date: Mon, 01 Mar 2021 18:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 01 Mar 2021 20:02:36 GMT

GET
H2 200 DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff
themes.googleusercontent.com/static/fonts/opensans/v6/ 22 KB
22 KB 36ms
15ms Font
font/woff 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/opensans/v6/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff

Requested by

Host: bestprizes.ru
URL: https://bestprizes.ru/unimed/index_files/min6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fd69ff0a1671b508800f38f6ad3690650c27c0a1f3f505629ecbe6ba51942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aquitemvaga.top
Referer: https://bestprizes.ru/unimed/index_files/min6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 08:35:39 GMT
x-content-type-options: nosniff
age: 381693
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22656
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 08:35:39 GMT

GET
H2 200 cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
themes.googleusercontent.com/static/fonts/opensans/v6/ 21 KB
22 KB 29ms
12ms Font
font/woff 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/opensans/v6/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff

Requested by

Host: bestprizes.ru
URL: https://bestprizes.ru/unimed/index_files/min6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aquitemvaga.top
Referer: https://bestprizes.ru/unimed/index_files/min6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:38:05 GMT
x-content-type-options: nosniff
age: 28747
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21956
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 10:38:05 GMT

GET
H2 200 k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff
themes.googleusercontent.com/static/fonts/opensans/v6/ 22 KB
23 KB 19ms
7ms Font
font/woff 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/opensans/v6/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff

Requested by

Host: bestprizes.ru
URL: https://bestprizes.ru/unimed/index_files/min6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd0e6f9fbe497b6a0346fde3934cbcbd7c557a334c27bb34e69c7ed430ed4a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aquitemvaga.top
Referer: https://bestprizes.ru/unimed/index_files/min6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:37:21 GMT
x-content-type-options: nosniff
age: 215991
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22748
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 06:37:21 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1672161270&t=pageview&_s=1&dl=https%3A%2F%2Faquitemvaga.top%2Funimed%2F&ul=en-us&de=UTF-8&dt=UNIMED%20%7C%20TRABALHE%20CONOSCO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1804648966&gjid=550158674&cid=499721883.1614623832&tid=UA-167179002-2&_gid=100475534.1614623832&_r=1&_slc=1&z=1032295834

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aquitemvaga.top/unimed/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 18:37:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aquitemvaga.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.aquitemvaga.top/	1970-01-19 16:30:23	Name: _gat Value: 1
.aquitemvaga.top/	1970-01-19 16:31:50	Name: _gid Value: GA1.2.100475534.1614623832
.aquitemvaga.top/	1970-01-20 10:01:35	Name: _ga Value: GA1.2.499721883.1614623832

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
aquitemvaga.top
bestprizes.ru
cdn.onesignal.com
themes.googleusercontent.com
www.google-analytics.com
2606:4700:3033::6815:1e7c
2606:4700::6812:e134
2a00:1450:4001:810::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
91.218.247.105
0129ceeb73730be41b30dec2a92cb353880b32b14af1c26f087ab580e3d17efa
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
34d294cd36e08bbec4dcbabe3664a72c2d74330c483c630bffb39b2ffe007d99
501d24692d893628f1aec5afc40ffdd2425f40be148cc31bbe8cf03ef8efb911
5a7e75d7992e840181ae81bc875c7a5a74d9eb005e5630efebda6fd971faf8e7
7e7fd69ff0a1671b508800f38f6ad3690650c27c0a1f3f505629ecbe6ba51942
90556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
bbc5445de0040d442d6e556f1838de0f065c2bc93f615b0afaa34dc8e3d2d32f
cab025569e9737bd18b8b7e9a6a426fa188d57a99e5372dc501af78a84573260
cd0e6f9fbe497b6a0346fde3934cbcbd7c557a334c27bb34e69c7ed430ed4a45
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
f90472335039aed93831a41cd5fd4e140ba1a4c4165aadce19fea12100e5e179

aquitemvaga.top Open in urlscan Pro 91.218.247.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

248 kBTransfer

355 kBSize

3 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

aquitemvaga.top Open in urlscan Pro
91.218.247.105 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

248 kB
Transfer

355 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions