turund.us - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 51.15.227.157, located in France and belongs to Online SAS, FR. The main domain is turund.us.
TLS certificate: Issued by R3 on January 30th 2021. Valid for: 3 months.

This is the only time turund.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2	51.15.227.157 51.15.227.157		12876 (Online SAS) (Online SAS)
4	2

2 51.15.227.157 (France)

ASN12876 (Online SAS, FR)
PTR: 157-227-15-51.instances.scw.cloud

turund.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	turund.us turund.us	109 KB
0	uusmaa.ee Failed turuylevaade.uusmaa.ee Failed
4	2

	Domain	Requested by
2	turund.us	turund.us
0	turuylevaade.uusmaa.ee Failed	turund.us
4	2

This site contains links to these domains. Also see Links.

Domain
www.uusmaa.ee

Subject Issuer	Validity	Valid
mail.turund.us R3	`2021-01-30` - `2021-04-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://turund.us/campaigns/rb713oskk5dc5
Frame ID: 4309DFA1461558D3AD7D0C43BBE470EA
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

4
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

109 kB
Transfer

121 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.uusmaa.ee/turuylevaade/newsletter.php?queue_id=20&url=http%3A%2F%2Fwww.uusmaa.ee
Title: www.uusmaa.ee

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.uusmaa.ee/turuylevaade/um_logo.gif HTTP 301
https://turuylevaade.uusmaa.ee/um_logo.gif

Request Chain 2

https://www.uusmaa.ee/turuylevaade/um_logo_small.gif HTTP 301
https://turuylevaade.uusmaa.ee/um_logo_small.gif

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set rb713oskk5dc5 Show response
turund.us/campaigns/ 17 KB
5 KB 299ms
204ms Document
text/html 51.15.227.157
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://turund.us/campaigns/rb713oskk5dc5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.227.157 , France, ASN12876 (Online SAS, FR),

Reverse DNS

157-227-15-51.instances.scw.cloud

Software

Apache/2 /

Resource Hash

fb497f3c1a521e4b720ccecaf3b951eca0d43faf174fe0a4b60987cced758d9b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Host: turund.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 09:22:27 GMT
Server: Apache/2
Set-Cookie: mwsid=ftma0u66u7h2m6k3gif35v7hi7; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4178
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET

um_logo.gif
turuylevaade.uusmaa.ee/
Redirect Chain

https://www.uusmaa.ee/turuylevaade/um_logo.gif
https://turuylevaade.uusmaa.ee/um_logo.gif

0
0

GET
H/1.1 200
OK EESTI%20KAART%20NOOLTEGA_august.jpg
turund.us/frontend/assets/files/customer/qp992ythnk3d9/ 104 KB
104 KB 33ms
32ms Image
image/jpeg 51.15.227.157
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turund.us/frontend/assets/files/customer/qp992ythnk3d9/EESTI%20KAART%20NOOLTEGA_august.jpg
Requested by: Host: turund.us
URL: https://turund.us/campaigns/rb713oskk5dc5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.15.227.157 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 157-227-15-51.instances.scw.cloud
Software: Apache/2 /
Resource Hash: ba98d7c7a7f287ae5de6f8274a642ede150a4e0776eeb2f09452681a7e9b8f2a

Request headers

Referer: https://turund.us/campaigns/rb713oskk5dc5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 09:22:27 GMT
Last-Modified: Thu, 15 Sep 2016 13:28:09 GMT
Server: Apache/2
ETag: "1a00c-53c8bd10d8c40"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 106508

GET

um_logo_small.gif
turuylevaade.uusmaa.ee/
Redirect Chain

https://www.uusmaa.ee/turuylevaade/um_logo_small.gif
https://turuylevaade.uusmaa.ee/um_logo_small.gif

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: turuylevaade.uusmaa.ee
URL: https://turuylevaade.uusmaa.ee/um_logo.gif

Domain: turuylevaade.uusmaa.ee
URL: https://turuylevaade.uusmaa.ee/um_logo_small.gif

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			turund.us/	1969-12-31 23:59:59	Name: mwsid Value: ftma0u66u7h2m6k3gif35v7hi7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

turund.us
turuylevaade.uusmaa.ee
turuylevaade.uusmaa.ee
51.15.227.157
ba98d7c7a7f287ae5de6f8274a642ede150a4e0776eeb2f09452681a7e9b8f2a
fb497f3c1a521e4b720ccecaf3b951eca0d43faf174fe0a4b60987cced758d9b

turund.us Open in urlscan Pro 51.15.227.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

4 Requests

50 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

109 kBTransfer

121 kBSize

1 Cookies

1 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

turund.us Open in urlscan Pro
51.15.227.157 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

109 kB
Transfer

121 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions