urlscan.io logo urlscan.io
SecurityTrails logo

wimark.kaiten.ru Open in urlscan Pro
185.165.123.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://support.wimark.com/
Effective URL: https://wimark.kaiten.ru/sd/login?redirectPath=%2Fsd
Submission: On June 19 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 185.165.123.57, located in Moscow, Russian Federation and belongs to AS_KKM_IT, GB. The main domain is wimark.kaiten.ru.
TLS certificate: Issued by GlobalSign GCC R6 AlphaSSL CA 2023 on May 3rd 2024. Valid for: a year.
This is the only time wimark.kaiten.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.89.25.216 50340 (SELECTEL-MSK)
1 3 185.165.123.57 60922 (AS_KKM_IT)
3 185.165.123.39 60922 (AS_KKM_IT)
1 34.120.195.249 ()
6 3
Apex Domain
Subdomains		 Transfer
6 kaiten.ru
wimark.kaiten.ru
files.kaiten.ru
1 MB
1 sentry.io
o48240.ingest.sentry.io
308 B
1 wimark.com
support.wimark.com
96 B
6 3
Domain Requested by
3 files.kaiten.ru wimark.kaiten.ru
3 wimark.kaiten.ru 1 redirects files.kaiten.ru
1 o48240.ingest.sentry.io files.kaiten.ru
1 support.wimark.com 1 redirects
6 4

This site contains no links.

Subject Issuer Validity Valid
*.kaiten.ru
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-05-03 -
2025-06-04		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wimark.kaiten.ru/sd/login?redirectPath=%2Fsd
Frame ID: CB6870E3E224A22FCB921303BDD26200
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmeldung

Page URL History Show full URLs

  1. https://support.wimark.com/ HTTP 302
    https://wimark.kaiten.ru/sd HTTP 302
    https://wimark.kaiten.ru/sd/login?redirectPath=%2Fsd Page URL

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

1073 kB
Transfer

3667 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://support.wimark.com/ HTTP 302
    https://wimark.kaiten.ru/sd HTTP 302
    https://wimark.kaiten.ru/sd/login?redirectPath=%2Fsd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
wimark.kaiten.ru/sd/
Redirect Chain
  • https://support.wimark.com/
  • https://wimark.kaiten.ru/sd
  • https://wimark.kaiten.ru/sd/login?redirectPath=%2Fsd
235 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wimark.kaiten.ru/sd/login?redirectPath=%2Fsd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.165.123.57 Moscow, Russian Federation, ASN60922 (AS_KKM_IT, GB),
Reverse DNS
Software
nginx /
Resource Hash
a7370e7d925d7e1678e26627b2ef398e8a6fc66820bed4af3438ffea0b5ab286
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Language
de
Content-Type
text/html; charset=utf-8
Date
Wed, 19 Jun 2024 17:01:15 GMT
ETag
W/"3ac6e-PG3vNT4cCQKm8EaTWgc8xtL6Kb4"
Keep-Alive
timeout=60
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Response-Time
140.464ms
X-VARITI-CCR
1690349125:1
X-XSS-Protection
1; mode=block
x-app-version
57.130.24

Redirect headers

Connection
keep-alive
Content-Language
de
Content-Length
100
Content-Type
text/html; charset=utf-8
Date
Wed, 19 Jun 2024 17:01:15 GMT
Keep-Alive
timeout=60
Location
/sd/login?redirectPath=%2Fsd
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains
Vary
Accept, Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Response-Time
6.367ms
X-VARITI-CCR
1690349103:1
X-XSS-Protection
1; mode=block
x-app-version
57.130.24
service-desk.js
files.kaiten.ru/static/v57.130.24/js/ 		3 MB
1018 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.kaiten.ru/static/v57.130.24/js/service-desk.js?version=57.130.24
Requested by
Host: wimark.kaiten.ru
URL: https://wimark.kaiten.ru/sd/login?redirectPath=%2Fsd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.165.123.39 Moscow, Russian Federation, ASN60922 (AS_KKM_IT, GB),
Reverse DNS
Software
nginx / Express
Resource Hash
dc1ae4fe4da6e47a7c4c28cc9a282b3a3c30be2189b3bcd816c2f800c1424ea6
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wimark.kaiten.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 17:01:16 GMT
Content-Security-Policy
default-src 'self'
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains
X-Powered-By
Express
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Content-Disposition
inline; filename="service-desk.js"
Connection
keep-alive
X-VARITI-CCR
1632221936:1
last-modified
Wed, 19 Jun 2024 14:49:49 GMT
Server
nginx
etag
W/"5ae3f4c714ac0bf94e04efd3a1860377"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Keep-Alive
timeout=60
logo.svg
files.kaiten.ru/static/ 		748 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.kaiten.ru/static/logo.svg
Requested by
Host: wimark.kaiten.ru
URL: https://wimark.kaiten.ru/sd/login?redirectPath=%2Fsd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.165.123.39 Moscow, Russian Federation, ASN60922 (AS_KKM_IT, GB),
Reverse DNS
Software
nginx / Express
Resource Hash
903d24eae21648faaefdcc2e820587d440c5c525e30741a7d05f86a1e4828637
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wimark.kaiten.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 17:01:16 GMT
Content-Security-Policy
default-src 'self'
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains
X-Powered-By
Express
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Content-Disposition
attachment; filename="logo.svg"
Connection
keep-alive
X-VARITI-CCR
3593572342:1
last-modified
Tue, 24 Jan 2023 15:14:09 GMT
Server
nginx
etag
W/"dc960e9688f24d9e521e451336bd3e95"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Keep-Alive
timeout=60
/
o48240.ingest.sentry.io/api/6266850/envelope/ 		2 B
308 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o48240.ingest.sentry.io/api/6266850/envelope/?sentry_key=db1e43732f9343d2b4b9975ad978f884&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.117.0
Requested by
Host: files.kaiten.ru
URL: https://files.kaiten.ru/static/v57.130.24/js/service-desk.js?version=57.130.24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://wimark.kaiten.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 19 Jun 2024 17:01:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
moment-chunk25.js
wimark.kaiten.ru/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wimark.kaiten.ru/js/moment-chunk25.js
Requested by
Host: files.kaiten.ru
URL: https://files.kaiten.ru/static/v57.130.24/js/service-desk.js?version=57.130.24
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.165.123.57 Moscow, Russian Federation, ASN60922 (AS_KKM_IT, GB),
Reverse DNS
Software
nginx / Express
Resource Hash
f7dba1659c28b74dffce426d0f1657814d7515bd1424e87ed2299794546fdcc2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wimark.kaiten.ru/sd/login?redirectPath=%2Fsd
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 17:01:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains
Last-Modified
Wed, 19 Jun 2024 14:38:39 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"a3f-19030ef7998"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-VARITI-CCR
1690350087:1
favicon-32x32.png
files.kaiten.ru/static/favicon/ 		364 B
966 B 		Other
General
Check archive.org
Download Go to
Full URL
https://files.kaiten.ru/static/favicon/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.165.123.39 Moscow, Russian Federation, ASN60922 (AS_KKM_IT, GB),
Reverse DNS
Software
nginx / Express
Resource Hash
be5cfb2e034a0b9b3edf22c58dd4dff1263f4ffc1d22f0332cae5e36d9fd68df
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wimark.kaiten.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 17:01:20 GMT
Content-Security-Policy
default-src 'self'
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Disposition
inline; filename="favicon-32x32.png"
Connection
keep-alive
X-VARITI-CCR
1632222929:1
last-modified
Tue, 24 Jan 2023 15:14:10 GMT
Server
nginx
etag
W/"c9185ca17d647b54c17e224fc929d3b5"
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Keep-Alive
timeout=60

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| Config object| __PRELOADED_STATE__ object| webpackChunkkaiten function| P object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| _

2 Cookies

Domain/Path Name / Value
wimark.kaiten.ru/ Name: rerf
Value: AAAAAGZzDtt26E88A5RMAg==
files.kaiten.ru/ Name: rerf
Value: AAAAAGZzDtyzaimIA5Q3Ag==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block