jadmin.jesekung.com Open in urlscan Pro
185.177.116.45 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jadmin.jesekung.com/
Submission: On April 25 via api (April 25th 2024, 8:47:33 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 185.177.116.45, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is jadmin.jesekung.com.
TLS certificate: Issued by R3 on April 25th 2024. Valid for: 3 months.

This is the only time jadmin.jesekung.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	185.177.116.45 185.177.116.45	51167 (CONTABO) (CONTABO)
5	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	76.76.21.123 76.76.21.123	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
11	5

4 185.177.116.45 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi1577828.contaboserver.net

jadmin.jesekung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.76.21.123 (Walnut, United States)

ASN16509 (AMAZON-02, US)

horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	4 KB
4	jesekung.com jadmin.jesekung.com	767 KB
1	gstatic.com fonts.gstatic.com	30 KB
1	vercel.app horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app	11 KB
11	4

	Domain	Requested by
5	fonts.googleapis.com	jadmin.jesekung.com horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app
4	jadmin.jesekung.com	jadmin.jesekung.com
1	fonts.gstatic.com	fonts.googleapis.com
1	horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app	jadmin.jesekung.com
11	4

This site contains no links.

Subject Issuer	Validity	Valid
jadmin.jesekung.com R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.vercel.app R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://jadmin.jesekung.com/
Frame ID: 00B0669973849E0E278E68DBCD2D377B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jeseku-admin-dashoard

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

812 kB
Transfer

3835 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
jadmin.jesekung.com/ 2 KB
1 KB 334ms
201ms Document
text/html 185.177.116.45
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://jadmin.jesekung.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.177.116.45 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1577828.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: bc3e4fd9473789c3c981a9d649796a418d320b90efa526acfcf32efa6652dc66

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Apr 2024 08:47:28 GMT
ETag: W/"61a-M3c2uunXdjIS508Zx/ASLnKuNnw"
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
2 KB 139ms
51ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Kumbh+Sans:wght@400;500;600;700&family=Roboto:wght@400;500;700&display=swap

Requested by

Host: jadmin.jesekung.com
URL: https://jadmin.jesekung.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54945d463c6d9713e952876623c6d59483a26ea368747fedcdb2679dff5f0395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jadmin.jesekung.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Apr 2024 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 08:47:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Apr 2024 08:47:28 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 135ms
48ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: jadmin.jesekung.com
URL: https://jadmin.jesekung.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jadmin.jesekung.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Apr 2024 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 08:47:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Apr 2024 08:47:28 GMT

GET
H2 200 main.d7f96858.css
horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app/static/css/ 64 KB
11 KB 142ms
50ms Stylesheet
text/css 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app/static/css/main.d7f96858.css

Requested by

Host: jadmin.jesekung.com
URL: https://jadmin.jesekung.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1c6387578c16e6156c318f6ee4183ae617f0a19ba2523dcea5f3c1ecd9b26488

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jadmin.jesekung.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 08:47:28 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::bd7wf-1714034848256-6015bb30177c
age: 7903908
etag: W/"dbba30cc61cac1db9719fb121345d078"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.d7f96858.css"
x-robots-tag: noindex

GET
H/1.1 200
OK bundle.js Show response
jadmin.jesekung.com/static/js/ 4 MB
748 KB 255ms
255ms Script
application/javascript 185.177.116.45
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://jadmin.jesekung.com/static/js/bundle.js
Requested by: Host: jadmin.jesekung.com
URL: https://jadmin.jesekung.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.177.116.45 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1577828.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 16880d2574d61fdaa014cc66975a26036f8f9653a4e86666da1b3b01876fe09c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jadmin.jesekung.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 25 Apr 2024 08:47:28 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"398b42-ng1IklhyPa7Sj+m9rFIOsG2D6xU"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
612 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800&display=swap

Requested by

Host: horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app
URL: https://horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app/static/css/main.d7f96858.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91435b33d7a506b6b35f75f69f1a8927eac57a7a9fe9aa492c964f40abeba5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Apr 2024 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 08:45:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Apr 2024 08:47:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
513 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Requested by

Host: horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app
URL: https://horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app/static/css/main.d7f96858.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Apr 2024 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 07:51:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Apr 2024 08:47:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
595 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Requested by

Host: horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app
URL: https://horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app/static/css/main.d7f96858.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f09c18cbfb91024b5e1e0a8408063dcf8a027cf33f3c9d1a3ff727072d7e056b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Apr 2024 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 08:27:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Apr 2024 08:47:28 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e05dc1a7e8c170ab728a52b5c40534b3e56e67f7edeb4b895bbb3e3283a59a1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK jeseku-white-logo-icon.png
jadmin.jesekung.com/src/assets/images/ 2 KB
1 KB 75ms
74ms Other
text/html 185.177.116.45
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://jadmin.jesekung.com/src/assets/images/jeseku-white-logo-icon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.177.116.45 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1577828.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: bc3e4fd9473789c3c981a9d649796a418d320b90efa526acfcf32efa6652dc66

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jadmin.jesekung.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 25 Apr 2024 08:47:28 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"61a-M3c2uunXdjIS508Zx/ASLnKuNnw"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK purple-background-pattern.0362c6f8dee8113c3482.jpg
jadmin.jesekung.com/static/media/ 16 KB
17 KB 131ms
63ms Image
image/jpeg 185.177.116.45
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadmin.jesekung.com/static/media/purple-background-pattern.0362c6f8dee8113c3482.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.177.116.45 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1577828.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 488dc99108ab1ae9d1ddfa009cd821e552116c77b5ae9c1055e0a6ad68250cc7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jadmin.jesekung.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 25 Apr 2024 08:47:28 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"40f4-2kxlSonuMWLpOmOfRrNdI754TTM"
Access-Control-Allow-Methods: *
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 16628

GET
H2 200 c4mw1n92AsfhuCq6tVsaoIx1LQICk0boNoq0ShNPVo0.woff2
fonts.gstatic.com/s/kumbhsans/v22/ 29 KB
30 KB 314ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kumbhsans/v22/c4mw1n92AsfhuCq6tVsaoIx1LQICk0boNoq0ShNPVo0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kumbh+Sans:wght@400;500;600;700&family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a754efdbc7fe7aae0e3fd79f2afb1f5a66dd0de46cfce359aa6a6bc5939db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://jadmin.jesekung.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 09:42:18 GMT
x-content-type-options: nosniff
age: 428711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29776
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 21:29:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Apr 2025 09:42:18 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| webpackHotUpdatejeseku_admin_dashboard object| __REACT_DEVTOOLS_GLOBAL_HOOK__ boolean| __reactRefreshInjected boolean| __EMOTION_REACT_11__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jadmin.jesekung.com/static/js/bundle.js(Line 62565) Message: WebSocket connection to 'wss://jadmin.jesekung.com:3000/ws' failed: Error in connection establishment: net::ERR_ADDRESS_UNREACHABLE
recommendation	verbose	URL: https://jadmin.jesekung.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://jadmin.jesekung.com/static/js/bundle.js(Line 62565) Message: WebSocket connection to 'wss://jadmin.jesekung.com:3000/ws' failed: Error in connection establishment: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://jadmin.jesekung.com/static/js/bundle.js(Line 62565) Message: WebSocket connection to 'wss://jadmin.jesekung.com:3000/ws' failed: Error in connection establishment: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
horizon-tailwind-react-corporate-7s21b54hb-horizon-ui.vercel.app
jadmin.jesekung.com
185.177.116.45
2a00:1450:4001:806::200a
2a00:1450:4001:830::2003
76.76.21.123
0e05dc1a7e8c170ab728a52b5c40534b3e56e67f7edeb4b895bbb3e3283a59a1
16880d2574d61fdaa014cc66975a26036f8f9653a4e86666da1b3b01876fe09c
1c6387578c16e6156c318f6ee4183ae617f0a19ba2523dcea5f3c1ecd9b26488
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
488dc99108ab1ae9d1ddfa009cd821e552116c77b5ae9c1055e0a6ad68250cc7
492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd
54945d463c6d9713e952876623c6d59483a26ea368747fedcdb2679dff5f0395
91435b33d7a506b6b35f75f69f1a8927eac57a7a9fe9aa492c964f40abeba5a5
bc3e4fd9473789c3c981a9d649796a418d320b90efa526acfcf32efa6652dc66
f09c18cbfb91024b5e1e0a8408063dcf8a027cf33f3c9d1a3ff727072d7e056b
f8a754efdbc7fe7aae0e3fd79f2afb1f5a66dd0de46cfce359aa6a6bc5939db5

jadmin.jesekung.com Open in urlscan Pro 185.177.116.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

812 kBTransfer

3835 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

jadmin.jesekung.com Open in urlscan Pro
185.177.116.45 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

812 kB
Transfer

3835 kB
Size

0
Cookies

11 HTTP transactions
1 data transactions