urlscan.io logo urlscan.io
SecurityTrails logo

ro.education.qulto.eu Open in urlscan Pro
92.119.122.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ro.education.qulto.eu/
Effective URL: https://ro.education.qulto.eu/landing-page-ro/
Submission: On October 06 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 92.119.122.78, located in Hungary and belongs to RACKFOREST-AS, HU. The main domain is ro.education.qulto.eu.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 7th 2020. Valid for: 3 months.
This is the only time ro.education.qulto.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 92.119.122.78 62214 (RACKFORES...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 5
Apex Domain
Subdomains		 Transfer
4 gstatic.com
fonts.gstatic.com
79 KB
3 qulto.eu
ro.education.qulto.eu
141 KB
1 googleapis.com
fonts.googleapis.com
793 B
6 3
Domain Requested by
4 fonts.gstatic.com fonts.googleapis.com
3 ro.education.qulto.eu 2 redirects
1 fonts.googleapis.com ro.education.qulto.eu
6 3

This site contains links to these domains. Also see Links.

Domain
docs.google.com
qulto.eu
Subject Issuer Validity Valid
ro.education.qulto.eu
Let's Encrypt Authority X3		 2020-08-07 -
2020-11-05		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ro.education.qulto.eu/landing-page-ro/
Frame ID: 3C9471B1C504DD16D7DDDB0F947383D9
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ro.education.qulto.eu/ HTTP 302
    https://ro.education.qulto.eu/landing-page-ro;jsessionid=25CEA11AB41C233B45977CC29E9815A0 HTTP 302
    https://ro.education.qulto.eu/landing-page-ro/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

5
IPs

2
Countries

220 kB
Transfer

397 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ro.education.qulto.eu/ HTTP 302
    https://ro.education.qulto.eu/landing-page-ro;jsessionid=25CEA11AB41C233B45977CC29E9815A0 HTTP 302
    https://ro.education.qulto.eu/landing-page-ro/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ro.education.qulto.eu/landing-page-ro/
Redirect Chain
  • https://ro.education.qulto.eu/
  • https://ro.education.qulto.eu/landing-page-ro;jsessionid=25CEA11AB41C233B45977CC29E9815A0
  • https://ro.education.qulto.eu/landing-page-ro/
214 KB
141 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ro.education.qulto.eu/landing-page-ro/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.119.122.78 , Hungary, ASN62214 (RACKFOREST-AS, HU),
Reverse DNS
app.asp.hunteka.hu
Software
nginx/1.10.3 /
Resource Hash
6f1f23d5c422197a8c963f007c5883537f59bf177c3e40b9057f8bd8555851cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
ro.education.qulto.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=25CEA11AB41C233B45977CC29E9815A0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.10.3
Date
Tue, 06 Oct 2020 15:11:35 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"219068-1586937586000"
Last-Modified
Wed, 15 Apr 2020 07:59:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip

Redirect headers

Server
nginx/1.10.3
Date
Tue, 06 Oct 2020 15:11:35 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://ro.education.qulto.eu/landing-page-ro/
Strict-Transport-Security
max-age=31536000; includeSubDomains
css
fonts.googleapis.com/ 		5 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:300,500|Varela+Round&display=swap
Requested by
Host: ro.education.qulto.eu
URL: https://ro.education.qulto.eu/landing-page-ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bfaa8edfee83ba6ec80c170d5af1903fec4274325f0363cdc816484716f0964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ro.education.qulto.eu/landing-page-ro/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Oct 2020 15:11:35 GMT
server
ESF
date
Tue, 06 Oct 2020 15:11:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Oct 2020 15:11:35 GMT
truncated
/ 		47 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e33f58c3ac59b5dd7d06092eee1cfc5e861e638bffe6d3d23f3b8919eb72285

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v11/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v11/iJWKBXyIfDnIV7nBrXyw023e.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,500|Varela+Round&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c90b7af2ba867dc9291d978e41c1573ca710536b064541c75f539208e794b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ro.education.qulto.eu
Referer
https://fonts.googleapis.com/css?family=Rubik:300,500|Varela+Round&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 05 Oct 2020 23:15:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 22:16:56 GMT
server
sffe
age
57380
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35668
x-xss-protection
0
expires
Tue, 05 Oct 2021 23:15:15 GMT
w8gdH283Tvk__Lua32TysjIfp8uPLdshZg.woff2
fonts.gstatic.com/s/varelaround/v13/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfp8uPLdshZg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,500|Varela+Round&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d7c0b71cb6af711f4f47b8049b04f99fb860d3731e4ccf3db8a0a11d589073d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ro.education.qulto.eu
Referer
https://fonts.googleapis.com/css?family=Rubik:300,500|Varela+Round&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 01 Oct 2020 17:40:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:36 GMT
server
sffe
age
423075
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14172
x-xss-protection
0
expires
Fri, 01 Oct 2021 17:40:20 GMT
iJWKBXyIfDnIV7nPrXyw023e1Ik.woff2
fonts.gstatic.com/s/rubik/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v11/iJWKBXyIfDnIV7nPrXyw023e1Ik.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,500|Varela+Round&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566ad8fd2d888e531b52e1402647b653f4550e00b0c8cced2802d1b1de425ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ro.education.qulto.eu
Referer
https://fonts.googleapis.com/css?family=Rubik:300,500|Varela+Round&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 03:20:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 22:17:43 GMT
server
sffe
age
388258
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18384
x-xss-protection
0
expires
Sat, 02 Oct 2021 03:20:37 GMT
truncated
/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2076037864cf71623ec4b9ae631df4287198be88add6ea9dac53e82e7998e637

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		888 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c9e8d44064b2d5d41901b23232d7c6af1e8a6299984e598bf0a1f8097f7c8e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
w8gdH283Tvk__Lua32TysjIfqcuPLdshZhVB.woff2
fonts.gstatic.com/s/varelaround/v13/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfqcuPLdshZhVB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,500|Varela+Round&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1d2ad878f82f7d47ced6f0551c4b0fe5a45daf86e44505c657f908f6a70056
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ro.education.qulto.eu
Referer
https://fonts.googleapis.com/css?family=Rubik:300,500|Varela+Round&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 01:21:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:44 GMT
server
sffe
age
49811
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12184
x-xss-protection
0
expires
Wed, 06 Oct 2021 01:21:24 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

1 Cookies

Domain/Path Name / Value
ro.education.qulto.eu/ Name: JSESSIONID
Value: 25CEA11AB41C233B45977CC29E9815A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains