squatgirl.com - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 5 HTTP transactions. The main IP is 77.79.81.230, located in Turkey and belongs to GRID, TR. The main domain is squatgirl.com.

This is the only time squatgirl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	78.110.50.106 78.110.50.106	31240 (HT-SYSTEM...) (HT-SYSTEMS-AS Uplinks:)
1	77.79.81.230 77.79.81.230	39582 (GRID) (GRID)
3	129.234.254.24 129.234.254.24	786 (JANET Jis...) (JANET Jisc Services Limited)
5	3

1 78.110.50.106 (Moscow, Russian Federation)

ASN31240 (HT-SYSTEMS-AS Uplinks:, RU)
PTR: cl11-w.ht-systems.ru

ilam-motors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.79.81.230 (Turkey)

ASN39582 (GRID, TR)
PTR: reverse-77-79-81-230.pusula.net.tr

squatgirl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 129.234.254.24 (Durham, United Kingdom)

ASN786 (JANET Jisc Services Limited, GB)
PTR: adfs.durham.ac.uk

adfs.durham.ac.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	durham.ac.uk adfs.durham.ac.uk	696 KB
1	squatgirl.com squatgirl.com	16 KB
1	ilam-motors.com ilam-motors.com	423 B
5	3

	Domain	Requested by
3	adfs.durham.ac.uk	squatgirl.com
1	squatgirl.com	ilam-motors.com
1	ilam-motors.com
5	3

This site contains links to these domains. Also see Links.

Domain
www.dur.ac.uk

Subject Issuer	Validity	Valid
adfs.durham.ac.uk QuoVadis EV SSL ICA G3	`2018-03-15` - `2020-03-15`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://squatgirl.com/wp-admin/maint/
Frame ID: A9402513BDA482F6680E7DDA646C287C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ilam-motors.com/downloader/lib/Mage/Connect/du.htm Page URL
http://squatgirl.com/wp-admin/maint/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

Red Hat (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Red Hat/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

713 kB
Transfer

711 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dur.ac.uk/cis/policy/regulations
Title: University IT Regulations

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ilam-motors.com/downloader/lib/Mage/Connect/du.htm Page URL
http://squatgirl.com/wp-admin/maint/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	du.htm ilam-motors.com/downloader/lib/Mage/Connect/	91 B 423 B	162ms 45ms	Document text/html	78.110.50.106 HT-SYSTEMS-AS Upl...
General Check archive.org Show headers Download Go to Full URL http://ilam-motors.com/downloader/lib/Mage/Connect/du.htm Protocol HTTP/1.1 Server 78.110.50.106 Moscow, Russian Federation, ASN31240 (HT-SYSTEMS-AS Uplinks:, RU), Reverse DNS cl11-w.ht-systems.ru Software Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.30 / Resource Hash Request headers Host ilam-motors.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 22 Oct 2018 12:48:16 GMT Server Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.30 Last-Modified Mon, 22 Oct 2018 11:58:46 GMT ETag "4f60048-5b-578cff9ad4980" Accept-Ranges bytes Content-Length 91 Content-Type text/html X-Cache MISS from hc2.hts.ru X-Cache-Lookup MISS from hc2.hts.ru:80
GET H/1.1	200 OK	Primary Request / Show response squatgirl.com/wp-admin/maint/	16 KB 16 KB	398ms 260ms	Document text/html	77.79.81.230 GRID
General Check archive.org Show headers Download Go to Full URL http://squatgirl.com/wp-admin/maint/ Requested by Host: ilam-motors.com URL: http://ilam-motors.com/downloader/lib/Mage/Connect/du.htm Protocol HTTP/1.1 Server 77.79.81.230 , Turkey, ASN39582 (GRID, TR), Reverse DNS reverse-77-79-81-230.pusula.net.tr Software Apache / Resource Hash `4d23c53f7ec46176d08783f70f3a18d853f022040c6485d46821e9ad8796d4fb` Request headers Host squatgirl.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://ilam-motors.com/downloader/lib/Mage/Connect/du.htm Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://ilam-motors.com/downloader/lib/Mage/Connect/du.htm Response headers Date Mon, 22 Oct 2018 13:23:11 GMT Server Apache Last-Modified Mon, 22 Oct 2018 11:33:58 GMT Accept-Ranges bytes Content-Length 16444 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	style.css adfs.durham.ac.uk/adfs/portal/css/	8 KB 8 KB	170ms 35ms	Stylesheet text/css	129.234.254.24 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Full URL https://adfs.durham.ac.uk/adfs/portal/css/style.css?id=D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99 Requested by Host: squatgirl.com URL: http://squatgirl.com/wp-admin/maint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 129.234.254.24 Durham, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS adfs.durham.ac.uk Software Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 / Resource Hash `d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99` Request headers Referer http://squatgirl.com/wp-admin/maint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 22 Oct 2018 12:48:05 GMT Expires Wed, 21 Nov 2018 13:48:17 GMT Server Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 ETag D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99 Content-Length 7812 Content-Type text/css
GET H/1.1	200 OK	logo.png adfs.durham.ac.uk/adfs/portal/logo/	20 KB 21 KB	171ms 37ms	Image image/png	129.234.254.24 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Show image Full URL https://adfs.durham.ac.uk/adfs/portal/logo/logo.png?id=E688D5D0306DA75B41602D2F79D3F4579D4C9C4A89C985E5B4DBE8499DA9EB6F Requested by Host: squatgirl.com URL: http://squatgirl.com/wp-admin/maint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 129.234.254.24 Durham, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS adfs.durham.ac.uk Software Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 / Resource Hash `e688d5d0306da75b41602d2f79d3f4579d4c9c4a89c985e5b4dbe8499da9eb6f` Request headers Referer http://squatgirl.com/wp-admin/maint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 22 Oct 2018 12:48:05 GMT Expires Wed, 21 Nov 2018 13:48:17 GMT Server Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 ETag E688D5D0306DA75B41602D2F79D3F4579D4C9C4A89C985E5B4DBE8499DA9EB6F Content-Length 20828 Content-Type image/png
GET H/1.1	200 OK	illustration.jpg adfs.durham.ac.uk/adfs/portal/illustration/	667 KB 667 KB	60ms 59ms	Image image/jpg	129.234.254.24 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Show image Full URL https://adfs.durham.ac.uk/adfs/portal/illustration/illustration.jpg?id=16ED7E6EF26AD2122BFB6A97F27A915422F22045A6FAEF8FF06C542F15AA2C77 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 129.234.254.24 Durham, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS adfs.durham.ac.uk Software Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 / Resource Hash `16ed7e6ef26ad2122bfb6a97f27a915422f22045a6faef8ff06c542f15aa2c77` Request headers Referer http://squatgirl.com/wp-admin/maint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 22 Oct 2018 12:48:05 GMT Expires Wed, 21 Nov 2018 13:48:17 GMT Server Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 ETag 16ED7E6EF26AD2122BFB6A97F27A915422F22045A6FAEF8FF06C542F15AA2C77 Content-Length 683077 Content-Type image/jpg

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfs.durham.ac.uk
ilam-motors.com
squatgirl.com
129.234.254.24
77.79.81.230
78.110.50.106
16ed7e6ef26ad2122bfb6a97f27a915422f22045a6faef8ff06c542f15aa2c77
4d23c53f7ec46176d08783f70f3a18d853f022040c6485d46821e9ad8796d4fb
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99
e688d5d0306da75b41602d2f79d3f4579d4c9c4a89c985e5b4dbe8499da9eb6f

squatgirl.com Open in urlscan Pro 77.79.81.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

60 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

713 kBTransfer

711 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Indicators

squatgirl.com Open in urlscan Pro
77.79.81.230 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

713 kB
Transfer

711 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions