urlscan.io logo urlscan.io
SecurityTrails logo

karakalpak.info Open in urlscan Pro
37.252.14.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://karakalpak.info/
Effective URL: https://karakalpak.info/
Submission: On February 16 via api from PL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 2 HTTP transactions. The main IP is 37.252.14.168, located in Netherlands and belongs to SCALAXY-AS, NL. The main domain is karakalpak.info.
TLS certificate: Issued by R3 on December 4th 2022. Valid for: 3 months.
This is the only time karakalpak.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 37.252.14.168 58061 (SCALAXY-AS)
1 1 2a05:d018:483... 16509 (AMAZON-02)
1 2600:1f18:416... 14618 (AMAZON-AES)
2 2
Apex Domain
Subdomains		 Transfer
3 karakalpak.info
karakalpak.info
687 B
1 homequote.io
www.homequote.io
1 wh-ldg.com
cd.wh-ldg.com
3 KB
2 3
Domain Requested by
3 karakalpak.info 2 redirects
1 www.homequote.io karakalpak.info
1 cd.wh-ldg.com 1 redirects
2 3

This site contains no links.

Subject Issuer Validity Valid
karakalpak.info
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
homequote.io
Amazon		 2022-07-07 -
2023-08-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://karakalpak.info/
Frame ID: A4C7AC8CA9E18CD12A9DAF38BDB6197E
Requests: 1 HTTP requests in this frame

Frame: https://www.homequote.io/home-quote/black-hvac?a=120&api_key=gwvd7r36kip9aES5&s1=114207&s2=715509d0a6524f9fa5bb67bcc5f048821e9c0&cp=1&fbpixelid=&ttpixelid=&googlepixelid=&snappxid=&s4=26&s5=125376
Frame ID: 2773C8198A742E5E25788C8BA9E8BB54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://karakalpak.info/ HTTP 301
    https://karakalpak.info/ Page URL

Page Statistics

2
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

0 kB
Transfer

0 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://karakalpak.info/ HTTP 301
    https://karakalpak.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://karakalpak.info/hq-hvacbordel/?flow=1534 HTTP 302
  • https://cd.wh-ldg.com/?a=114207&c=321618&oc=193424&mt=26&s1=WebKarakurt&s2=7362767&s4= HTTP 302
  • https://www.homequote.io/home-quote/black-hvac?a=120&api_key=gwvd7r36kip9aES5&s1=114207&s2=715509d0a6524f9fa5bb67bcc5f048821e9c0&cp=1&fbpixelid=&ttpixelid=&googlepixelid=&snappxid=&s4=26&s5=125376

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
karakalpak.info/
Redirect Chain
  • http://karakalpak.info/
  • https://karakalpak.info/
268 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://karakalpak.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.252.14.168 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
Nginx 1.17 /
Resource Hash
a9aa0b3ecba0d2d99c649fc3aff701d28f0ba95e12f9bd2e91d82460a73ab246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
268
content-type
text/html; charset=UTF-8
date
Thu, 16 Feb 2023 13:30:15 GMT
server
Nginx 1.17

Redirect headers

Content-Length
59
Content-Type
text/html; charset=utf-8
Date
Thu, 16 Feb 2023 13:12:27 GMT
Location
https://karakalpak.info/
black-hvac
www.homequote.io/home-quote/ Frame 2773
Redirect Chain
  • https://karakalpak.info/hq-hvacbordel/?flow=1534
  • https://cd.wh-ldg.com/?a=114207&c=321618&oc=193424&mt=26&s1=WebKarakurt&s2=7362767&s4=
  • https://www.homequote.io/home-quote/black-hvac?a=120&api_key=gwvd7r36kip9aES5&s1=114207&s2=715509d0a6524f9fa5bb67bcc5f048821e9c0&cp=1&fbpixelid=&ttpixelid=&googlepixelid=&snappxid=&s4=26&s5=125376
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.homequote.io/home-quote/black-hvac?a=120&api_key=gwvd7r36kip9aES5&s1=114207&s2=715509d0a6524f9fa5bb67bcc5f048821e9c0&cp=1&fbpixelid=&ttpixelid=&googlepixelid=&snappxid=&s4=26&s5=125376
Requested by
Host: karakalpak.info
URL: https://karakalpak.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:416a:d310:a5ae:91f3:587f:c6cb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://karakalpak.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Feb 2023 13:30:15 GMT
expires
Thu, 16 Feb 2023 13:30:15 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
sameorigin

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Thu, 16 Feb 2023 13:30:15 GMT
location
https://www.homequote.io/home-quote/black-hvac?a=120&api_key=gwvd7r36kip9aES5&s1=114207&s2=715509d0a6524f9fa5bb67bcc5f048821e9c0&cp=1&fbpixelid=&ttpixelid=&googlepixelid=&snappxid=&s4=26&s5=125376
server
nginx

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange

6 Cookies

Domain/Path Name / Value
karakalpak.info/ Name: site1540
Value: 1534
.wh-ldg.com/ Name: gdm_uid_v2_1_001
Value: +iIaXgxE2XxWuH1yH27rox4oR15tlqxjzx7a0r+gNX0DKnpFnADP3IdTUvNpQtZM
.wh-ldg.com/ Name: gdm_sid_v2_3_001
Value: PWRPUFktLOlucn0x6H2Wap11oVCQYcLIKSRJ10z9X1577/hAF1BpBn01gcJiuYBBAd9VpKMDgqzGFh1fQWLd8DztiiGIHJXL6zV7BRFAuDoRU6Z/Su2NkBA97WhcjWIDvNCsCbRG8bbf/wEafmWjad3Lmih63/dEZiRTX3TC4EB57LcLpVn0K5MmzGDNqrOs8uGAUN+4XRWvnUwO7wuaaH+KJttEtf9Ru5gAASxzKFZdti0Hm+Siez2L/5SBqv+k7Ax/UD2jEG288MualXu8SsRSDt93UXJ95ZH08rNYTkjfP8W657pAQkEP/vEqDi0zmHqTRiw153oUfuLRjerlI/90kkeVFe0wI04sUHM7xiaG0I1H9fSyaIHjpMDcJF3IG79iXl0BaeBhISTAckpyvL08TH15/asUtibTdrbvF5TnT79dxKCtsaMzQf0ct/yktzyPzSW9YxYdgGc/md3OZwdrGIhuX09nXbMJ8UrLFI8H1Hh6O6YfWk7xqCnXwxjyJS4OmovyVeuJUk3Z/GIuK/TnLrf/dljkwyoz/AQOIePKtWEwq/qnD71U9ekfbADNX+zpFCc4hrlys2q2N3KWK897f8uZAJd/zHGd2FjpebO4SfEiYW37/e7vT3PlN9uZEtfSGCtnb5DfhVfv+sE3lqLukKd8PU5tgx2tQvicj8S64ZvRV/OX2AJuChLc0wUKC33kfJuMVBg1DGNTrL3E0rdsIdpYifDJLUfPH7LtCE8hMidD4pkJwkPWKqDYtO8usSfImr1xuejcFnFbpJIO9LsGzgmd0nz7mQBviBp+v5GXpu9AnWhLXOU7Ys9A2Bw4d5YfD76GBCZxJc57mjvrOCnxk8Kqxpy0JNOBp4gDqKVlj1eBzl+eF/eIosecM9XH7alFL6It9zNVEubr4Sx2StD5WVMuBRdKfUo+2koVybTnJ+OMYLKER+0QA+tN3VSUVlGKJ8N+4d3oFuKiqTGX7NCJnAukB6FC1iKUos9nJnjoEtL8RCTcPCfcyLIldUXFjzju2UotQ3KbBB3AjXSmdmAZVQ2Z6uOcG5IPS3q6HkbrCff+MNRyz1JZ5OYFx4b7SsdE+liVd4/6zCn4PIUobqyTypnSuQcBttXOG+zaYhN9WYq//sW6tzWpTWJ/wvyk
.wh-ldg.com/ Name: gdm_click_freq_v2_1_001
Value: TpyIpXqYlkWzVhUKJ37eodnunYxv1/ma/mv9UPbL3Twm8mX8NQkmQFopZf3O3pzD
.wh-ldg.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.wh-ldg.com/ Name: gdm_click_adv_freq_v2_1_001
Value: gUTdPHKt9F51y+89AM2rwYIIoEsI4PxhW/EREvRWxKu2wNeZkr8oVF+pD4Y/o6Hz

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.homequote.io/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cd.wh-ldg.com
karakalpak.info
www.homequote.io
2600:1f18:416a:d310:a5ae:91f3:587f:c6cb
2a05:d018:483:6110:3295:4f8a:ff37:c93
37.252.14.168
a9aa0b3ecba0d2d99c649fc3aff701d28f0ba95e12f9bd2e91d82460a73ab246