o82al.gusiwul.click Open in urlscan Pro
146.19.169.181 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://o82al.gusiwul.click/
Submission: On January 29 via manual (January 29th 2023, 9:35:00 am UTC) from RU — Scanned from DE

Summary HTTP 10 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 146.19.169.181, located in Germany and belongs to SKYLINK, NL. The main domain is o82al.gusiwul.click.
TLS certificate: Issued by R3 on January 25th 2023. Valid for: 3 months.

This is the only time o82al.gusiwul.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	146.19.169.181 146.19.169.181		44592 (SKYLINK) (SKYLINK)
10	2

10 146.19.169.181 (Germany)

ASN44592 (SKYLINK, NL)

o82al.gusiwul.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gusiwul.click o82al.gusiwul.click	429 KB
10	1

	Domain	Requested by
10	o82al.gusiwul.click	o82al.gusiwul.click
10	1

This site contains links to these domains. Also see Links.

Domain
www.vesti.ru
t.me

Subject Issuer	Validity	Valid
gusiwul.click R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://o82al.gusiwul.click/
Frame ID: 910A026B874A0640F49C3D0D921AF21F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Великое Отечество – фонд компетентной помощи армии - Главная

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

429 kB
Transfer

458 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vesti.ru/article/2977450
Title: НОВОСТИ Отказ Зеленского от переговоров с Путиным – решение Запада В ходе брифинга официальный представитель МИД РФ Мария Захарова заявила, что указ украинского президента Владимира Зеленского о невозможности переговоров с президентом России Владимиром Путиным подписан по указанию Запада, как и в случае с предыдущими шагами Киева, направленными на отказ от урегулирования ситуации на Украине.

Search URL Search Domain Scan URL

URL: https://www.vesti.ru/article/2974635
Title: НОВОСТИ СНБО Украины курирует создание "грязной ядерной бомбы"

Search URL Search Domain Scan URL

URL: https://www.vesti.ru/article/2974805
Title: НОВОСТИ Поставки оружия Киеву утверждают США стороной конфликта

Search URL Search Domain Scan URL

URL: https://www.vesti.ru/article/2973698
Title: НОВОСТИ На Украине выпустили рекомендации на случай ядерных инцидентов

Search URL Search Domain Scan URL

URL: https://www.vesti.ru/article/2977046
Title: НОВОСТИ Какой сигнал дали Штаты Киеву публикацией об убийстве Дугиной

Search URL Search Domain Scan URL

URL: https://www.vesti.ru/article/2977567
Title: НОВОСТИ Песков прокомментировал высказывание Маска об Украине

Search URL Search Domain Scan URL

URL: https://www.vesti.ru/article/2976499
Title: НОВОСТИ Американские читатели требуют прекратить помощь Украине и другим странам

Search URL Search Domain Scan URL

URL: https://t.me/ZvolonterRu
Title: Подписаться

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response o82al.gusiwul.click/	39 KB 8 KB	480ms 53ms	Document text/html	146.19.169.181 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://o82al.gusiwul.click/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.19.169.181 , Germany, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.14.2 / PHP/7.1.33 Resource Hash `f33814b6aadef605eb7fecf8f537420b651e992bd5ac928ab1bf6cdc712f9333` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 29 Jan 2023 09:34:55 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server nginx/1.14.2 Transfer-Encoding chunked X-Powered-By PHP/7.1.33
GET H/1.1	200 OK	style.min.css o82al.gusiwul.click/css/	21 KB 21 KB	24ms 23ms	Stylesheet text/css	146.19.169.181 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://o82al.gusiwul.click/css/style.min.css?_v=20221011145336 Requested by Host: o82al.gusiwul.click URL: https://o82al.gusiwul.click/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.19.169.181 , Germany, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `d0364b8df66fa0b43ff387168251668ed1d58f9f251ce6158259305fd640b60e` Request headers accept-language de-DE,de;q=0.9 Referer https://o82al.gusiwul.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Sun, 29 Jan 2023 09:34:55 GMT Last-Modified Sun, 18 Dec 2022 14:14:38 GMT Server nginx/1.14.2 ETag "542b-5f01ad2b4d32f" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 21547
GET H/1.1	200 OK	news-1.jpg o82al.gusiwul.click/img/	66 KB 66 KB	64ms 22ms	Image image/jpeg	146.19.169.181 SKYLINK
General Check archive.org Show headers Download Go to Show image Full URL https://o82al.gusiwul.click/img/news-1.jpg Requested by Host: o82al.gusiwul.click URL: https://o82al.gusiwul.click/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.19.169.181 , Germany, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `447f365a95dc507655b7a30286487486706bf39a84725305611e7634b197a2c4` Request headers accept-language de-DE,de;q=0.9 Referer https://o82al.gusiwul.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Sun, 29 Jan 2023 09:34:55 GMT Last-Modified Sun, 18 Dec 2022 14:15:00 GMT Server nginx/1.14.2 ETag "1083a-5f01ad4023e2b" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 67642
GET H/1.1	200 OK	news-2.jpg o82al.gusiwul.click/img/	116 KB 116 KB	81ms 22ms	Image image/jpeg	146.19.169.181 SKYLINK
General Check archive.org Show headers Download Go to Show image Full URL https://o82al.gusiwul.click/img/news-2.jpg Requested by Host: o82al.gusiwul.click URL: https://o82al.gusiwul.click/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.19.169.181 , Germany, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `8331c9940d1e9448e67d84be09442de7ad601bec7133fef03fe730da70de3543` Request headers accept-language de-DE,de;q=0.9 Referer https://o82al.gusiwul.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Sun, 29 Jan 2023 09:34:55 GMT Last-Modified Sun, 18 Dec 2022 14:14:57 GMT Server nginx/1.14.2 ETag "1cf3f-5f01ad3d2b25d" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 118591
GET H/1.1	200 OK	news-3.jpg o82al.gusiwul.click/img/	28 KB 28 KB	90ms 23ms	Image image/jpeg	146.19.169.181 SKYLINK
General Check archive.org Show headers Download Go to Show image Full URL https://o82al.gusiwul.click/img/news-3.jpg Requested by Host: o82al.gusiwul.click URL: https://o82al.gusiwul.click/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.19.169.181 , Germany, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `905591e0da53186dca8f94136eb211fcb9bc31d82b438cd2408f8a7e7c680853` Request headers accept-language de-DE,de;q=0.9 Referer https://o82al.gusiwul.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Sun, 29 Jan 2023 09:34:55 GMT Last-Modified Sun, 18 Dec 2022 14:14:55 GMT Server nginx/1.14.2 ETag "6eef-5f01ad3c010dc" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 28399
GET H/1.1	200 OK	app.min.js Show response o82al.gusiwul.click/js/	63 KB 63 KB	60ms 40ms	Script application/javascript	146.19.169.181 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://o82al.gusiwul.click/js/app.min.js?_v=20221011145336 Requested by Host: o82al.gusiwul.click URL: https://o82al.gusiwul.click/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.19.169.181 , Germany, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `4e16e35ee143675b3e7e555204d25ad045c586637b0f2f8108c96f83c0f04afc` Request headers accept-language de-DE,de;q=0.9 Referer https://o82al.gusiwul.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Sun, 29 Jan 2023 09:34:55 GMT Last-Modified Sun, 18 Dec 2022 14:15:08 GMT Server nginx/1.14.2 ETag "fad4-5f01ad484858b" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 64212
GET H/1.1	200 OK	Laqonic4FUnicase.woff2 o82al.gusiwul.click/fonts/	18 KB 18 KB	45ms 39ms	Font font/woff2	146.19.169.181 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://o82al.gusiwul.click/fonts/Laqonic4FUnicase.woff2 Requested by Host: o82al.gusiwul.click URL: https://o82al.gusiwul.click/css/style.min.css?_v=20221011145336 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.19.169.181 , Germany, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `825c0c44657538604dadff68bb453c48829f595bb715106daf09e71ba5571ad0` Request headers Referer https://o82al.gusiwul.click/css/style.min.css?_v=20221011145336 Origin https://o82al.gusiwul.click accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Sun, 29 Jan 2023 09:34:55 GMT Last-Modified Sun, 18 Dec 2022 14:14:47 GMT Server nginx/1.14.2 ETag "47f0-5f01ad33833ce" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 18416
GET H/1.1	200 OK	HelveticaNeueCyr-Bold.woff2 o82al.gusiwul.click/fonts/	11 KB 11 KB	28ms 22ms	Font font/woff2	146.19.169.181 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://o82al.gusiwul.click/fonts/HelveticaNeueCyr-Bold.woff2 Requested by Host: o82al.gusiwul.click URL: https://o82al.gusiwul.click/css/style.min.css?_v=20221011145336 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.19.169.181 , Germany, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `11e00eda7e5b463bb75280b83dff1b63f977d7387d16d7601fe05e1a600fffdd` Request headers Referer https://o82al.gusiwul.click/css/style.min.css?_v=20221011145336 Origin https://o82al.gusiwul.click accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Sun, 29 Jan 2023 09:34:55 GMT Last-Modified Sun, 18 Dec 2022 14:14:44 GMT Server nginx/1.14.2 ETag "2b10-5f01ad315522b" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 11024
GET H/1.1	200 OK	Laqonic4FUnicase-SemiBold.woff2 o82al.gusiwul.click/fonts/	19 KB 19 KB	48ms 42ms	Font font/woff2	146.19.169.181 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://o82al.gusiwul.click/fonts/Laqonic4FUnicase-SemiBold.woff2 Requested by Host: o82al.gusiwul.click URL: https://o82al.gusiwul.click/css/style.min.css?_v=20221011145336 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.19.169.181 , Germany, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `8e12789425cc9d790c41a1c02eb53f59a55affa00f19d1087a170c3112015268` Request headers Referer https://o82al.gusiwul.click/css/style.min.css?_v=20221011145336 Origin https://o82al.gusiwul.click accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Sun, 29 Jan 2023 09:34:55 GMT Last-Modified Sun, 18 Dec 2022 14:14:42 GMT Server nginx/1.14.2 ETag "4c54-5f01ad2f1a180" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 19540
GET DATA	200 OK	truncated /	66 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/webp
GET H/1.1	200 OK	offer.webp o82al.gusiwul.click/img/	77 KB 77 KB	23ms 23ms	Image image/webp	146.19.169.181 SKYLINK
General Check archive.org Show headers Download Go to Show image Full URL https://o82al.gusiwul.click/img/offer.webp Requested by Host: o82al.gusiwul.click URL: https://o82al.gusiwul.click/css/style.min.css?_v=20221011145336 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.19.169.181 , Germany, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `2e3e44a9fef71a21110de0eaa6ac2dc1dc7f13219ffe324dbc2c0ffe35f4454d` Request headers accept-language de-DE,de;q=0.9 Referer https://o82al.gusiwul.click/css/style.min.css?_v=20221011145336 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Sun, 29 Jan 2023 09:34:55 GMT Last-Modified Sun, 18 Dec 2022 14:15:03 GMT Server nginx/1.14.2 ETag "134b6-5f01ad4354499" Content-Type image/webp Connection keep-alive Accept-Ranges bytes Content-Length 79030

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange number| page_id function| IMask

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			o82al.gusiwul.click/	1970-01-20 09:26:29	Name: PHPSESSID Value: 9765ff3cc379c6ad405d5bf4e61dbb86

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

o82al.gusiwul.click
146.19.169.181
11e00eda7e5b463bb75280b83dff1b63f977d7387d16d7601fe05e1a600fffdd
2e3e44a9fef71a21110de0eaa6ac2dc1dc7f13219ffe324dbc2c0ffe35f4454d
447f365a95dc507655b7a30286487486706bf39a84725305611e7634b197a2c4
4e16e35ee143675b3e7e555204d25ad045c586637b0f2f8108c96f83c0f04afc
825c0c44657538604dadff68bb453c48829f595bb715106daf09e71ba5571ad0
8331c9940d1e9448e67d84be09442de7ad601bec7133fef03fe730da70de3543
8e12789425cc9d790c41a1c02eb53f59a55affa00f19d1087a170c3112015268
905591e0da53186dca8f94136eb211fcb9bc31d82b438cd2408f8a7e7c680853
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
d0364b8df66fa0b43ff387168251668ed1d58f9f251ce6158259305fd640b60e
f33814b6aadef605eb7fecf8f537420b651e992bd5ac928ab1bf6cdc712f9333

o82al.gusiwul.click Open in urlscan Pro 146.19.169.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

429 kBTransfer

458 kBSize

1 Cookies

8 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Indicators

o82al.gusiwul.click Open in urlscan Pro
146.19.169.181 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

429 kB
Transfer

458 kB
Size

1
Cookies

10 HTTP transactions
1 data transactions