nuget.qsupport.ru Open in urlscan Pro
91.216.147.7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nuget.qsupport.ru/
Submission: On August 02 via automatic, source certstream-suspicious (August 2nd 2024, 7:48:44 am UTC) — Scanned from CA

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 91.216.147.7, located in Russian Federation and belongs to MTS, RU. The main domain is nuget.qsupport.ru.
TLS certificate: Issued by R11 on August 2nd 2024. Valid for: 3 months.

This is the only time nuget.qsupport.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	91.216.147.7 91.216.147.7	8359 (MTS) (MTS)
1	23.218.218.155 23.218.218.155	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.49.181.182 23.49.181.182	16625 (AKAMAI-AS) (AKAMAI-AS)
10	4

7 91.216.147.7 (Russian Federation)

ASN8359 (MTS, RU)
PTR: quantumart.ru

nuget.qsupport.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.218.155 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-218-155.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.49.181.182 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-181-182.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	qsupport.ru nuget.qsupport.ru	199 KB
2	sharepointonline.com static2.sharepointonline.com — Cisco Umbrella Rank: 4344	69 KB
1	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 14353	7 KB
10	3

	Domain	Requested by
7	nuget.qsupport.ru	nuget.qsupport.ru
2	static2.sharepointonline.com	nuget.qsupport.ru
1	spoprod-a.akamaihd.net	nuget.qsupport.ru
10	3

This site contains links to these domains. Also see Links.

Domain
loic-sharma.github.io

Subject Issuer	Validity	Valid
nuget.qsupport.ru R11	`2024-08-02` - `2024-10-31`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-19`	a year	crt.sh
privatecdn.sharepointonline.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-07-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://nuget.qsupport.ru/
Frame ID: F6AF549A0C74DED0770084916A9B7E5E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BaGet

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Bag

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

274 kB
Transfer

790 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://loic-sharma.github.io/BaGet/
Title: Documentation

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response nuget.qsupport.ru/	2 KB 1 KB	2973ms 157ms	Document text/html	91.216.147.7 MTS
General Check archive.org Show headers Download Go to Full URL https://nuget.qsupport.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.216.147.7 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS quantumart.ru Software / ARR/3.0 ASP.NET Resource Hash `979a308d45579521fa88ee5a8237ab95db14460f93fa6f5b8f549837c9d34539` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-encoding gzip content-length 1068 content-type text/html date Fri, 02 Aug 2024 07:48:39 GMT etag W/"1d6b8b1d23dd4f2" last-modified Thu, 12 Nov 2020 05:08:13 GMT vary Accept-Encoding x-cms-developed-by Quantum Art x-cms-platform QP8.Framework x-powered-by ARR/3.0 ASP.NET x-site-developed-by Quantum Art
GET H2	200	2.440d540c.chunk.css nuget.qsupport.ru/static/css/	112 KB 19 KB	319ms 318ms	Stylesheet text/css	91.216.147.7 MTS
General Check archive.org Show headers Download Go to Full URL https://nuget.qsupport.ru/static/css/2.440d540c.chunk.css Requested by Host: nuget.qsupport.ru URL: https://nuget.qsupport.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.216.147.7 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS quantumart.ru Software / ARR/3.0, ASP.NET Resource Hash `3ddd126bae906a2e3e25281d0ca39893a0f28aa33074d9e80aab04f27399cbf3` Request headers Referer https://nuget.qsupport.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-cms-developed-by Quantum Art date Fri, 02 Aug 2024 07:48:39 GMT content-encoding gzip last-modified Thu, 12 Nov 2020 05:08:13 GMT etag W/"1d6b8b1d23c1d5e" x-powered-by ARR/3.0, ASP.NET vary Accept-Encoding content-type text/css x-cms-platform QP8.Framework x-site-developed-by Quantum Art content-length 19806
GET H2	200	main.500d9819.chunk.css nuget.qsupport.ru/static/css/	6 KB 2 KB	166ms 165ms	Stylesheet text/css	91.216.147.7 MTS
General Check archive.org Show headers Download Go to Full URL https://nuget.qsupport.ru/static/css/main.500d9819.chunk.css Requested by Host: nuget.qsupport.ru URL: https://nuget.qsupport.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.216.147.7 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS quantumart.ru Software / ARR/3.0, ASP.NET Resource Hash `813927e1dd8ee8fb0eb235d72eb409e14a1a7299e4e014d1e44050894ca8c177` Request headers Referer https://nuget.qsupport.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-cms-developed-by Quantum Art date Fri, 02 Aug 2024 07:48:39 GMT content-encoding gzip last-modified Thu, 12 Nov 2020 05:08:13 GMT etag W/"1d6b8b1d23dca31" x-powered-by ARR/3.0, ASP.NET vary Accept-Encoding content-type text/css x-cms-platform QP8.Framework x-site-developed-by Quantum Art content-length 1592
GET H2	200	2.de145262.chunk.js Show response nuget.qsupport.ru/static/js/	514 KB 159 KB	434ms 433ms	Script application/javascript	91.216.147.7 MTS
General Check archive.org Show headers Download Go to Full URL https://nuget.qsupport.ru/static/js/2.de145262.chunk.js Requested by Host: nuget.qsupport.ru URL: https://nuget.qsupport.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.216.147.7 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS quantumart.ru Software / ARR/3.0, ASP.NET Resource Hash `5555c6f159ef857a3542e092c93d9a17f2daf00183d2c4964d82ba436aa4dca5` Request headers Referer https://nuget.qsupport.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-cms-developed-by Quantum Art date Fri, 02 Aug 2024 07:48:39 GMT content-encoding gzip last-modified Thu, 12 Nov 2020 05:08:13 GMT etag W/"1d6b8b1d235d5e1" x-powered-by ARR/3.0, ASP.NET vary Accept-Encoding content-type application/javascript x-cms-platform QP8.Framework x-site-developed-by Quantum Art content-length 162665
GET H2	200	main.c4c7176e.chunk.js Show response nuget.qsupport.ru/static/js/	39 KB 12 KB	171ms 170ms	Script application/javascript	91.216.147.7 MTS
General Check archive.org Show headers Download Go to Full URL https://nuget.qsupport.ru/static/js/main.c4c7176e.chunk.js Requested by Host: nuget.qsupport.ru URL: https://nuget.qsupport.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.216.147.7 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS quantumart.ru Software / ARR/3.0, ASP.NET Resource Hash `a6d3696b814f0f97a01272cbbeba23f767e774b4861f07ecc15e02e1d7bff6e6` Request headers Referer https://nuget.qsupport.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-cms-developed-by Quantum Art date Fri, 02 Aug 2024 07:48:39 GMT content-encoding gzip last-modified Thu, 12 Nov 2020 05:08:13 GMT etag W/"1d6b8b1d23d479e" x-powered-by ARR/3.0, ASP.NET vary Accept-Encoding content-type application/javascript x-cms-platform QP8.Framework x-site-developed-by Quantum Art content-length 12144
GET H2	200	search Show response nuget.qsupport.ru/v3/	23 KB 3 KB	475ms 474ms	Fetch application/json	91.216.147.7 MTS
General Check archive.org Show headers Download Go to Full URL https://nuget.qsupport.ru/v3/search?semVerLevel=2.0.0&take=20&prerelease=true Requested by Host: nuget.qsupport.ru URL: https://nuget.qsupport.ru/static/js/main.c4c7176e.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.216.147.7 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS quantumart.ru Software / ARR/3.0, ASP.NET Resource Hash `4ec9415907a2bdf1d68404e4ce0084bbf584cbcefb5a084c7d1268d0d237093f` Request headers Referer https://nuget.qsupport.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-cms-developed-by Quantum Art date Fri, 02 Aug 2024 07:48:40 GMT content-encoding gzip x-powered-by ARR/3.0, ASP.NET vary Accept-Encoding content-type application/json; charset=utf-8 x-cms-platform QP8.Framework x-site-developed-by Quantum Art content-length 2851
GET H2	200	fabric-icons-a13498cf.woff spoprod-a.akamaihd.net/files/fabric/assets/icons/	7 KB 7 KB	260ms 40ms	Font font/woff	23.218.218.155 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/fabric/assets/icons/fabric-icons-a13498cf.woff Requested by Host: nuget.qsupport.ru URL: https://nuget.qsupport.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.218.218.155 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-218-218-155.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `43c551ea819a83b1100f566ecf6bd70db5a019f165d221200af2df11c4448627` Request headers Referer https://nuget.qsupport.ru/ Origin https://nuget.qsupport.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Fri, 02 Aug 2024 07:48:40 GMT last-modified Mon, 22 Jun 2020 16:24:49 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D816C8C8CD917B content-type font/woff access-control-allow-origin * x-ms-request-id d04669c6-b01e-0039-04f1-b1cb34000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=18136407 x-ms-version 2009-09-19 timing-allow-origin * alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 6784
GET H2	200	segoeui-regular.woff2 static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/	35 KB 36 KB	263ms 88ms	Font application/font-woff2	23.49.181.182 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2 Requested by Host: nuget.qsupport.ru URL: https://nuget.qsupport.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.49.181.182 Ashburn, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-49-181-182.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49` Request headers Referer https://nuget.qsupport.ru/ Origin https://nuget.qsupport.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Fri, 02 Aug 2024 07:48:40 GMT last-modified Wed, 22 Nov 2017 20:18:04 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 content-md5 hl8dtlRfyUovRETdYOe7xg== etag 0x8D531E6235E7909 content-type application/font-woff2 access-control-allow-origin * x-ms-request-id 8b83ca2a-201e-0082-142d-167196000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=3498070 x-ms-version 2009-09-19 content-length 36344
GET H2	200	segoeui-bold.woff2 static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/	32 KB 33 KB	214ms 40ms	Font font/woff2	23.49.181.182 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-bold.woff2 Requested by Host: nuget.qsupport.ru URL: https://nuget.qsupport.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.49.181.182 Ashburn, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-49-181-182.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `c599144a6ee494d56d4622e7cc57873a3ba7b3413e525f3e3b4aa7d8298aa2ec` Request headers Referer https://nuget.qsupport.ru/ Origin https://nuget.qsupport.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Fri, 02 Aug 2024 07:48:40 GMT last-modified Mon, 22 Jun 2020 16:25:10 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D816C8D56FDD6D content-type font/woff2 access-control-allow-origin * x-ms-request-id 3423c374-601e-002a-1175-17ef38000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=4102916 x-ms-version 2009-09-19 content-length 32964
GET H2	200	favicon.ico nuget.qsupport.ru/	15 KB 2 KB	152ms 151ms	Other image/x-icon	91.216.147.7 MTS
General Check archive.org Show headers Download Go to Full URL https://nuget.qsupport.ru/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.216.147.7 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS quantumart.ru Software / ARR/3.0, ASP.NET Resource Hash `84e976e7462fe37db8665d742c160ebef049b1fa903dcbd24f05b10460a37712` Request headers Referer https://nuget.qsupport.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-cms-developed-by Quantum Art date Fri, 02 Aug 2024 07:48:40 GMT content-encoding gzip last-modified Thu, 12 Nov 2020 05:07:39 GMT etag W/"1d6b8b1bdf9e56e" x-powered-by ARR/3.0, ASP.NET vary Accept-Encoding content-type image/x-icon x-cms-platform QP8.Framework x-site-developed-by Quantum Art content-length 2360
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7f409dd251bac0840fb9356d87d938288d43e2021942b43ca599306d7c71b547` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nuget.qsupport.ru
spoprod-a.akamaihd.net
static2.sharepointonline.com
23.218.218.155
23.49.181.182
91.216.147.7
3ddd126bae906a2e3e25281d0ca39893a0f28aa33074d9e80aab04f27399cbf3
43c551ea819a83b1100f566ecf6bd70db5a019f165d221200af2df11c4448627
4ec9415907a2bdf1d68404e4ce0084bbf584cbcefb5a084c7d1268d0d237093f
5555c6f159ef857a3542e092c93d9a17f2daf00183d2c4964d82ba436aa4dca5
7f409dd251bac0840fb9356d87d938288d43e2021942b43ca599306d7c71b547
813927e1dd8ee8fb0eb235d72eb409e14a1a7299e4e014d1e44050894ca8c177
84e976e7462fe37db8665d742c160ebef049b1fa903dcbd24f05b10460a37712
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
979a308d45579521fa88ee5a8237ab95db14460f93fa6f5b8f549837c9d34539
a6d3696b814f0f97a01272cbbeba23f767e774b4861f07ecc15e02e1d7bff6e6
c599144a6ee494d56d4622e7cc57873a3ba7b3413e525f3e3b4aa7d8298aa2ec

nuget.qsupport.ru Open in urlscan Pro 91.216.147.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

274 kBTransfer

790 kBSize

0 Cookies

1 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

nuget.qsupport.ru Open in urlscan Pro
91.216.147.7 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

274 kB
Transfer

790 kB
Size

0
Cookies

10 HTTP transactions
1 data transactions