on.visetatiguge.tk Open in urlscan Pro
2606:4700:3037::ac43:85d7  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response on.visetatiguge.tk/	46 KB 15 KB	164ms 104ms	Document text/html	2606:4700:3037::ac43:85d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://on.visetatiguge.tk/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:85d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 030079f0d31f348a33067caa1a733f135973fcf1596e27e7cba16e447850856c Request headers Host on.visetatiguge.tk Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 07 Dec 2020 12:32:04 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d7cf16a60970e30df7204216755a13d081607344324; expires=Wed, 06-Jan-21 12:32:04 GMT; path=/; domain=.visetatiguge.tk; HttpOnly; SameSite=Lax ch1c=b CF-Cache-Status DYNAMIC cf-request-id 06dec918c90000dfad9e848000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wguVsZXHTjFAbj%2FM4l3SbwMI3BYsUwuf5mc69x1E4qHlmB9uxDnmGDKnSFT3rXSJ73L2s9DBgrGX3mSgz%2FpeTHO2xx1q65BPg3WiRlr5XG7bxZweNHw3bjkKQH1LHWQ%3D"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 5fde446e0e55dfad-FRA Content-Encoding gzip
GET H/1.1	200 OK	css fonts.googleapis.com/	8 KB 1 KB	16ms 16ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext Requested by Host: on.visetatiguge.tk URL: http://on.visetatiguge.tk/ Protocol HTTP/1.1 Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 286d54b08df1ef7661c20fe4e151f3c2bf9d7205869cf1a14318ac1199dcc8c7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://on.visetatiguge.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 07 Dec 2020 12:32:04 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Mon, 07 Dec 2020 12:32:04 GMT Server ESF X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=86400, stale-while-revalidate=604800 Transfer-Encoding chunked Timing-Allow-Origin * Link <http://fonts.gstatic.com>; rel=preconnect; crossorigin X-XSS-Protection 0 Expires Mon, 07 Dec 2020 12:32:04 GMT
GET H2	200	Galaxy-A10-Remove-Google-Lock-780x437.jpg ineed2root.com/wp-content/uploads/2020/05/	36 KB 36 KB	616ms 195ms	Image image/jpeg	198.54.120.214 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ineed2root.com/wp-content/uploads/2020/05/Galaxy-A10-Remove-Google-Lock-780x437.jpg Requested by Host: on.visetatiguge.tk URL: http://on.visetatiguge.tk/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.120.214 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium66-2.web-hosting.com Software LiteSpeed / Resource Hash 7a95a3b438ecbb5cb31927f3e54e20cf5b29db12c30b008d8a7093e975a202ea Request headers Referer http://on.visetatiguge.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 07 Dec 2020 12:32:05 GMT last-modified Tue, 19 May 2020 10:41:43 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 36650 expires Mon, 14 Dec 2020 12:32:05 GMT
GET H2	200	Thumbnail-2019.jpg static.giga.de/wp-content/uploads/2019/08/	1 MB 1 MB	155ms 52ms	Image image/jpeg	178.19.70.100 HGCOMP-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://static.giga.de/wp-content/uploads/2019/08/Thumbnail-2019.jpg Requested by Host: on.visetatiguge.tk URL: http://on.visetatiguge.tk/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.19.70.100 , Germany, ASN29551 (HGCOMP-ASN, DE), Reverse DNS Software nginx/1.14.2 / Resource Hash 4872e2ae4020c928654eb6ad9d2f3918e90fa6c67d0ccb30f31f3b503cd7d191 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://on.visetatiguge.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 07 Dec 2020 12:32:05 GMT x-content-type-options nosniff last-modified Wed, 07 Aug 2019 21:23:56 GMT server nginx/1.14.2 filer-source 4872e2ae4020c928654eb6ad9d2f3918e90fa6c67d0ccb30f31f3b503cd7d191 filer-attr W1sxOTIwLDEwODBdLCJzaHV0dGxlLXYyIixbIkZSQS0xIl0sWyJGUkItMSJdXQ== content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=2592000, no-transform accept-ranges bytes content-length 1161606 x-xss-protection 1; mode=block expires Thu, 31 Dec 2020 04:30:27 GMT
GET H2	200	Samsung-Galaxy-Note-10-Plus-Smartphone-Review-16.jpg blog.1und1.de/wp-content/uploads/2019/09/	617 KB 618 KB	226ms 114ms	Image image/jpeg	213.165.66.18 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://blog.1und1.de/wp-content/uploads/2019/09/Samsung-Galaxy-Note-10-Plus-Smartphone-Review-16.jpg Requested by Host: on.visetatiguge.tk URL: http://on.visetatiguge.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.18 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS blog.1und1.de Software Apache / Resource Hash 48c3603385dc3528ff17d70863fe210f8db22a3f34606ac5f05f2d6fa11c6d2e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://on.visetatiguge.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 07 Dec 2020 12:32:05 GMT last-modified Wed, 13 Nov 2019 10:56:02 GMT server Apache etag "9a340-5973835e95480" strict-transport-security max-age=31536000 content-type image/jpeg accept-ranges bytes content-length 631616
GET H2	200	smartphone-motorola-moto-g-g7-power-xt1955-1-tv-digital-32gb-12-0-mp-qualcomm-snapdragon-632-2-chips-android-9-0-pie--photo769215133-12-17-36.jpg i.zst.com.br/images/	25 KB 26 KB	297ms 183ms	Image image/jpeg	65.9.73.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.zst.com.br/images/smartphone-motorola-moto-g-g7-power-xt1955-1-tv-digital-32gb-12-0-mp-qualcomm-snapdragon-632-2-chips-android-9-0-pie--photo769215133-12-17-36.jpg Requested by Host: on.visetatiguge.tk URL: http://on.visetatiguge.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.73.64 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 62cdc91c2f0adacdcc3c2ef6fc10747913977f809a07e361a1166042a986e953 Request headers Referer http://on.visetatiguge.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 07 Dec 2020 12:32:05 GMT via 1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront) last-modified Thu, 07 Feb 2019 20:21:25 GMT server nginx/1.14.0 (Ubuntu) x-amz-cf-pop AMS1-C1 etag "ee9ad52f498054fa1ea9b32f1bbaeaf5" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=31536000 content-length 25937 x-amz-cf-id Zrn6twSXwdy06ynitOL3SUS340LFAsGJc9sVX8WILWD0eLroVIeeew==
GET H2	200	134256044_1GG.jpg images-submarino.b2w.io/produtos/01/00/img7/01/00/item/134256/0/	45 KB 46 KB	149ms 99ms	Image image/webp	2a02:26f0:6c00:28e::19fe AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images-submarino.b2w.io/produtos/01/00/img7/01/00/item/134256/0/134256044_1GG.jpg Requested by Host: on.visetatiguge.tk URL: http://on.visetatiguge.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:28e::19fe , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software BIS / Resource Hash ac54fd11f01518a6769e71d57ab3e6da09bbe8bf4651e5dacd267455de71a6e2 Request headers Referer http://on.visetatiguge.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 07 Dec 2020 12:32:05 GMT last-modified Mon, 07 Dec 2020 00:11:38 GMT server BIS etag c1e1ca21a790f8c8eaa221986bfc467b0547407501abc87d534397dd59206879 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type image/webp access-control-allow-origin * access-control-expose-headers DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log cache-control public, max-age=604800 warning 53344 content-disposition inline; filename="134256044_1GG.webp" access-control-allow-headers DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log content-length 46288 x-request-id PEmBs3pdLcJ7krpMwn_RR expires Mon, 14 Dec 2020 12:32:05 GMT
GET H/1.1	200 OK	jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2 fonts.gstatic.com/s/librefranklin/v6/	27 KB 27 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/librefranklin/v6/jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2 Requested by Host: fonts.googleapis.com URL: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext Protocol HTTP/1.1 Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eca038fe1e21c8c9a0409b1752eaa3d729bef79d9a53f1e5d674400ff9b972b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://on.visetatiguge.tk Referer http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 03 Dec 2020 01:28:47 GMT X-Content-Type-Options nosniff Last-Modified Thu, 05 Nov 2020 22:02:30 GMT Server sffe Age 385397 Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Content-Length 27260 X-XSS-Protection 0 Expires Fri, 03 Dec 2021 01:28:47 GMT
GET H/1.1	200 OK	jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjnTLgNs.woff2 fonts.gstatic.com/s/librefranklin/v6/	30 KB 30 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/librefranklin/v6/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjnTLgNs.woff2 Requested by Host: fonts.googleapis.com URL: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext Protocol HTTP/1.1 Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 921d7c33bffec98c073a1a53b0a332bb2e97856129999c90adecc41b18d7d06c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://on.visetatiguge.tk Referer http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 03 Dec 2020 01:47:05 GMT X-Content-Type-Options nosniff Last-Modified Thu, 05 Nov 2020 22:02:45 GMT Server sffe Age 384299 Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Content-Length 30524 X-XSS-Protection 0 Expires Fri, 03 Dec 2021 01:47:05 GMT

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.1und1.de
fonts.googleapis.com
fonts.gstatic.com
i.zst.com.br
images-submarino.b2w.io
ineed2root.com
on.visetatiguge.tk
static.giga.de
178.19.70.100
198.54.120.214
213.165.66.18
2606:4700:3037::ac43:85d7
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a02:26f0:6c00:28e::19fe
65.9.73.64
030079f0d31f348a33067caa1a733f135973fcf1596e27e7cba16e447850856c
286d54b08df1ef7661c20fe4e151f3c2bf9d7205869cf1a14318ac1199dcc8c7
4872e2ae4020c928654eb6ad9d2f3918e90fa6c67d0ccb30f31f3b503cd7d191
48c3603385dc3528ff17d70863fe210f8db22a3f34606ac5f05f2d6fa11c6d2e
62cdc91c2f0adacdcc3c2ef6fc10747913977f809a07e361a1166042a986e953
7a95a3b438ecbb5cb31927f3e54e20cf5b29db12c30b008d8a7093e975a202ea
921d7c33bffec98c073a1a53b0a332bb2e97856129999c90adecc41b18d7d06c
ac54fd11f01518a6769e71d57ab3e6da09bbe8bf4651e5dacd267455de71a6e2
eca038fe1e21c8c9a0409b1752eaa3d729bef79d9a53f1e5d674400ff9b972b3