xxiqyqqu.cfd Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://39089.xtcdc.net/
Effective URL:
https://xxiqyqqu.cfd/gNvzNoGkVY
Submission: On February 06 via api (February 6th 2024, 6:37:38 am UTC) from BY — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 9 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is xxiqyqqu.cfd.
TLS certificate: Issued by GTS CA 1P5 on January 19th 2024. Valid for: 3 months.

This is the only time xxiqyqqu.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:973c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::ac43:4aa3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::347	54113 (FASTLY) (FASTLY)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14ce	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.215.88.119 52.215.88.119	16509 (AMAZON-02) (AMAZON-02)
1	2606:2c40::c7... 2606:2c40::c73c:6702	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a04:4e42:8d:... 2a04:4e42:8d::720	54113 (FASTLY) (FASTLY)
9	7

1 2606:4700:3033::ac43:973c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

39089.xtcdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

xxiqyqqu.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4aa3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

picsum.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::347 (United States)

ASN54113 (FASTLY, US)

fastly.picsum.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ts2.mm.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14ce (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.uc.assets.prezly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.88.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-88-119.eu-west-1.compute.amazonaws.com

blog.emakina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:6702 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.gwi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)

images.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	xxiqyqqu.cfd xxiqyqqu.cfd	55 KB
2	picsum.photos 1 redirects picsum.photos — Cisco Umbrella Rank: 67706 fastly.picsum.photos — Cisco Umbrella Rank: 112746	452 KB
1	prismic.io images.prismic.io — Cisco Umbrella Rank: 12406	2 MB
1	gwi.com www.gwi.com — Cisco Umbrella Rank: 429920	17 KB
1	emakina.com blog.emakina.com	687 KB
1	prezly.com cdn.uc.assets.prezly.com — Cisco Umbrella Rank: 348878	25 KB
1	bing.net ts2.mm.bing.net — Cisco Umbrella Rank: 222974	16 KB
1	xtcdc.net 1 redirects 39089.xtcdc.net	447 B
9	8

	Domain	Requested by
3	xxiqyqqu.cfd	xxiqyqqu.cfd
1	images.prismic.io	xxiqyqqu.cfd
1	www.gwi.com	xxiqyqqu.cfd
1	blog.emakina.com	xxiqyqqu.cfd
1	cdn.uc.assets.prezly.com	xxiqyqqu.cfd
1	ts2.mm.bing.net	xxiqyqqu.cfd
1	fastly.picsum.photos	xxiqyqqu.cfd
1	picsum.photos	1 redirects
1	39089.xtcdc.net	1 redirects
9	9

This site contains no links.

Subject Issuer	Validity	Valid
xxiqyqqu.cfd GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
cps11.ucarecdn.com R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh
blog.emakina.ae R3	`2024-01-15` - `2024-04-14`	3 months	crt.sh
www.gwi.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
images.prismic.io Certainly Intermediate R1	`2024-01-28` - `2024-02-27`	a month	crt.sh

This page contains 1 frames:

Primary Page: https://xxiqyqqu.cfd/gNvzNoGkVY
Frame ID: 0E5B63440F7B524A5251F33DEC62B768
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://39089.xtcdc.net/ HTTP 301
https://xxiqyqqu.cfd/gNvzNoGkVY Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

9
Requests

89 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

2883 kB
Transfer

2897 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://39089.xtcdc.net/ HTTP 301
https://xxiqyqqu.cfd/gNvzNoGkVY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://picsum.photos/2300/2300?random=8943355 HTTP 302
https://fastly.picsum.photos/id/90/2300/2300.jpg?hmac=yW4A8XrwP1eC7U_5B5d1b13CG_oOB4doCmy8nJIEjck

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request gNvzNoGkVY Show response
xxiqyqqu.cfd/
Redirect Chain

https://39089.xtcdc.net/
https://xxiqyqqu.cfd/gNvzNoGkVY

36 KB
17 KB

243ms
137ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xxiqyqqu.cfd/gNvzNoGkVY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8637438bf66776ab091ca8048e59af360544ece0702bccb8ba25a3faabaa1a89

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 851162987b971913-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 06:37:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPB8%2FTYaABWTDP098eNZEXXYb%2BEVi%2FC0eEisKsaQ3tsYWSFovCtW8r4lOxHEEAgRRGdt1stJCXvHvhRefK48DK3PFCdu6hoqZzSx%2B5%2BuBUlJmmnEc4sh7BH4qWJsvdv2MfXzhoDEV0awqkY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85116295dd762a58-CDG
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 06:37:32 GMT
location: https://xxiqyqqu.cfd/gNvzNoGkVY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbCbER4iTz5nvbBTaO1aGtrtl9lYlgqWvuNLORqXDe7M92%2Bbuoim7vmDnbJKV5dwheCoADKOVbXRFqGr6WGvYCLYIOKQOKA%2BQaK09qDgAGX4hZdE9aY9Su9eu8ovfch63o3Tyu2uXqeY1UK3EDw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

200

2300.jpg
fastly.picsum.photos/id/90/2300/
Redirect Chain

https://picsum.photos/2300/2300?random=8943355
https://fastly.picsum.photos/id/90/2300/2300.jpg?hmac=yW4A8XrwP1eC7U_5B5d1b13CG_oOB4doCmy8nJIEjck

451 KB
452 KB

1267ms
1229ms

Image
image/jpeg

2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.picsum.photos/id/90/2300/2300.jpg?hmac=yW4A8XrwP1eC7U_5B5d1b13CG_oOB4doCmy8nJIEjck
Requested by: Host: xxiqyqqu.cfd
URL: https://xxiqyqqu.cfd/gNvzNoGkVY
Protocol: H2
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8292ba2a7951309a1e9d3cbd378e6cb25b87bb2ccb0dd3115ece36052eedbcaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xxiqyqqu.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 06 Feb 2024 06:37:34 GMT
via: 1.1 varnish
picsum-id: 90
age: 0
x-timer: S1707201453.142393,VS0,VE1223
vary: Origin
x-cache: MISS
content-type: image/jpeg
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition: inline; filename="90-2300x2300.jpg"
accept-ranges: bytes
timing-allow-origin: *
content-length: 462189
x-served-by: cache-fra-eddf8230082-FRA

Redirect headers

date: Tue, 06 Feb 2024 06:37:33 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdV5swPFIcHlWNp3KEpA7k1wZhIwdDr7jeiTGmZA1JOsk7OY%2BksR%2Fz0NWBgU0s%2Ba77EtW6qnR8MW0IT4UWj05WQsXBpMGLDGhSdsjbY%2F7iwUBR8a42P%2Fgj%2FDYSWVZvrzDpe1psTt%2FdY9Tzs%3D"}],"group":"cf-nel","max_age":604800}
location: https://fastly.picsum.photos/id/90/2300/2300.jpg?hmac=yW4A8XrwP1eC7U_5B5d1b13CG_oOB4doCmy8nJIEjck
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 85116299ae98bb50-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 th
ts2.mm.bing.net/ 15 KB
16 KB 337ms
226ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts2.mm.bing.net/th?q=Privacy%20Policy%20%E2%80%94%20Findabride.net
Requested by: Host: xxiqyqqu.cfd
URL: https://xxiqyqqu.cfd/gNvzNoGkVY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 98621522f84c7e9df978fce4f3627a997fb3c05b8c4f213fc822822cf78f25aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xxiqyqqu.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:37:32 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB98B352BE0F419FA106E211AFAFC432 Ref B: FRAEDGE1805 Ref C: 2024-02-06T06:37:33Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_MISS
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=5184000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 15295

GET
H2 200 EPAM_LOGO_Primary.png
xxiqyqqu.cfd/getmedia/365e3b3f-8da7-4e5d-8c9c-76169145c703/ 36 KB
36 KB 136ms
130ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xxiqyqqu.cfd/getmedia/365e3b3f-8da7-4e5d-8c9c-76169145c703/EPAM_LOGO_Primary.png?width=2459%20height=866%20ext=.png%20width=85%20resizemode=force
Requested by: Host: xxiqyqqu.cfd
URL: https://xxiqyqqu.cfd/gNvzNoGkVY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xxiqyqqu.cfd/gNvzNoGkVY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:37:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Feb 2024 05:52:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPu5XEEgmuC8oGYII5NEa7v6yBVTpDosIhl34wqv3phv99sUBaqqUqWTt%2FXZ%2Fu98pCuCsC81ipB3kK6vttqqMl5bnCWYdMytykiWbuUDc3Qi5CPFHe8u9j83JgQ5fPsdE8jDC91cfBhOHZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 851162996c561913-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
cdn.uc.assets.prezly.com/61a96f8a-dec2-4de3-a8ef-0d44bbfbdca9/-/preview/1200x1200/-/format/auto/ 25 KB
25 KB 664ms
580ms Image
image/avif 2a02:26f0:3500:11::215:14ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.uc.assets.prezly.com/61a96f8a-dec2-4de3-a8ef-0d44bbfbdca9/-/preview/1200x1200/-/format/auto/?width=1640%20resizemode=force
Requested by: Host: xxiqyqqu.cfd
URL: https://xxiqyqqu.cfd/gNvzNoGkVY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Uploadcare /
Resource Hash: e98d5a79ed16f4e68e4384047d6bdf07af1f10f7667de1f0d7cff157511b53d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xxiqyqqu.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:37:33 GMT
x-image-width: 1200
server: Uploadcare
etag: "414e5c7dfd5d7c65fb6b4ceb393321e9"
vary: accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=31556899
content-disposition: inline
x-image-height: 367
content-length: 25088

GET
H2 200 MicrosoftTeams-image-59.jpg
blog.emakina.com/wp-content/uploads/2023/09/ 687 KB
687 KB 137ms
31ms Image
image/jpeg 52.215.88.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.emakina.com/wp-content/uploads/2023/09/MicrosoftTeams-image-59.jpg?width=700%20resizemode=force

Requested by

Host: xxiqyqqu.cfd
URL: https://xxiqyqqu.cfd/gNvzNoGkVY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.215.88.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-88-119.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c2d6a350304a98abec407b8d1d1b54c9cc2fb98e66fd7c4033fc9b5c0e04dcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xxiqyqqu.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:37:33 GMT
strict-transport-security: max-age=0
traceresponse: 00-17b132ad2e701765c3737b8d971e9f9a-3f7090a21f05c24e-01
x-platform-processor: cy7watlbldjq7oioae637jsbem
content-length: 703055
x-platform-cache: MISS
last-modified: Thu, 21 Sep 2023 14:11:03 GMT
etag: "650c4ef7-aba4f"
vary: Accept-Encoding
x-platform-cluster: jvslluxnxau4c-master-7rqtwti
content-type: image/jpeg
cache-control: no-cache
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
x-platform-router: d6f6vbjsz4y6ht2li34plhw2ru
expires: Tue, 06 Feb 2024 06:37:32 GMT

GET
H2 200 data.png
www.gwi.com/hubfs/raw_assets/public/Coded%20files/Custom/system/2020_partials/site_nav_assets/ 15 KB
17 KB 128ms
53ms Image
image/webp 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gwi.com/hubfs/raw_assets/public/Coded%20files/Custom/system/2020_partials/site_nav_assets/data.png

Requested by

Host: xxiqyqqu.cfd
URL: https://xxiqyqqu.cfd/gNvzNoGkVY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea50fe0bc42c9d833a253349519c2a171c1b83d99705c27a175bb5b14351fde4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xxiqyqqu.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-137411524380,FD-137072488627,P-304927,FLS-ALL
age: 62052
x-amz-request-id: 7BH2Q9F0V07A26GB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-137411524380,FD-137072488627,P-304927,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="data.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "e932038c0639c5f2b4df7206c3adcadc"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1696237862449
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 06 Feb 2024 06:37:33 GMT
strict-transport-security: max-age=31536000
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: eR0.I3ldDRphZLsIOVjv9zkRHAUi7HO.
x-amz-cf-pop: AMS1-C1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=35545
x-cache: RefreshHit from cloudfront
cache-tag: F-137411524380,FD-137072488627,P-304927,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 15258
x-amz-id-2: UO/sp8824YKbytP/ZxdXDdrd5zHNaPNG3GbxGkXgS3o0J7mWuOp0x40sWLEBnuY3+JItcOOJ+N4=
last-modified: Mon, 02 Oct 2023 09:11:03 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2B48GKaTKXMp6EYkEyix1%2BXu3h17uiSLpGvY5H%2B25N2ohKHTmMVh2qRXHqvAVhvvEtq2EGwJJgKKKvYGo39hcNblTQyQk22uMDvayuE2Fxp310reoL%2BIj8BjoKa0vr24XH5seCuBpui8"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 85116299d9223a97-FRA
x-amz-cf-id: WP3kqu5Ae9hiG_iaBnB5jBM4vhMHPJwkFo_Y_s5d_kwcTHn0BQ9fjw==

GET
H2 200 79207ea3-a7a3-48b1-a9ba-ab3a08febe56_GivingBack_HighRes_Header.jpg
images.prismic.io/ip-about-us/ 2 MB
2 MB 287ms
184ms Image
image/jpeg 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/ip-about-us/79207ea3-a7a3-48b1-a9ba-ab3a08febe56_GivingBack_HighRes_Header.jpg?auto%20compress,format%20rect%200,0,4359,3130%20w%20454%20h%20326

Requested by

Host: xxiqyqqu.cfd
URL: https://xxiqyqqu.cfd/gNvzNoGkVY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3cc3efca3ad9b1e465717ec50aad788a284ff1ef746e2cd5974e42083b239935

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xxiqyqqu.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:37:33 GMT
x-content-type-options: nosniff
age: 95539
x-cache: HIT, MISS
x-imgix-id: 7dbcfb217fb15e805ec6d9f38edda9ba36073e79
cross-origin-resource-policy: cross-origin
content-length: 1670400
x-served-by: cache-sjc1000120-SJC, cache-fra-eddf8230135-FRA
x-imgix-render-farm: 01.132136
last-modified: Mon, 05 Feb 2024 04:05:14 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 email-decode.min.js Show response
xxiqyqqu.cfd/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 19ms
13ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xxiqyqqu.cfd/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: xxiqyqqu.cfd
URL: https://xxiqyqqu.cfd/gNvzNoGkVY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xxiqyqqu.cfd/gNvzNoGkVY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 18:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b94449-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pp1n2rctfVsECFyFQ%2BSCYjKcg59KWDTD8JU6z4zHdpH5fIIXtqPyzs%2B9hbfMP6VhfpwNMytSOBpJlNm68zcwlWNvtbg5VFfKAWb2XgNqGLPvj3%2FevxOz9TSVCpzNw3lYMF7FX29tqca4bfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 851162996c571913-FRA
expires: Thu, 08 Feb 2024 06:37:33 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.gwi.com/	1970-01-20 18:13:23	Name: __cf_bm Value: bwbP5rtpMPudFkWYg7vJid7qXOZm67hwqCYbeoJEhXY-1707201453-1-AUpZA8u/EqWIFou1yt762gAtwnPuCZMPlrEQ3e7lnzVeetT9zLgU2+M4Cclj6fXchyohfPGEwLL5vCEts9tn2uI=
			.www.gwi.com/	1969-12-31 23:59:59	Name: __cfruid Value: 785be699b007067ead99dc9f389e549733cf5d31-1707201453

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://xxiqyqqu.cfd/gNvzNoGkVY Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xxiqyqqu.cfd/gNvzNoGkVY Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

39089.xtcdc.net
blog.emakina.com
cdn.uc.assets.prezly.com
fastly.picsum.photos
images.prismic.io
picsum.photos
ts2.mm.bing.net
www.gwi.com
xxiqyqqu.cfd
2606:2c40::c73c:6702
2606:4700:20::ac43:4aa3
2606:4700:3033::ac43:973c
2620:1ec:c11::200
2a02:26f0:3500:11::215:14ce
2a04:4e42:400::347
2a04:4e42:8d::720
2a06:98c1:3121::3
52.215.88.119
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3cc3efca3ad9b1e465717ec50aad788a284ff1ef746e2cd5974e42083b239935
8292ba2a7951309a1e9d3cbd378e6cb25b87bb2ccb0dd3115ece36052eedbcaf
8637438bf66776ab091ca8048e59af360544ece0702bccb8ba25a3faabaa1a89
98621522f84c7e9df978fce4f3627a997fb3c05b8c4f213fc822822cf78f25aa
c2d6a350304a98abec407b8d1d1b54c9cc2fb98e66fd7c4033fc9b5c0e04dcd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98d5a79ed16f4e68e4384047d6bdf07af1f10f7667de1f0d7cff157511b53d9
ea50fe0bc42c9d833a253349519c2a171c1b83d99705c27a175bb5b14351fde4

xxiqyqqu.cfd Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

89 %IPv6

8 Domains

9 Subdomains

7 IPs

3 Countries

2883 kBTransfer

2897 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

xxiqyqqu.cfd Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

2883 kB
Transfer

2897 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions