pop.hg-rivieragroup.com Open in urlscan Pro
172.67.135.212 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pop.hg-rivieragroup.com/
Submission: On October 10 via api (October 10th 2024, 12:46:34 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 172.67.135.212, located in United States and belongs to CLOUDFLARENET, US. The main domain is pop.hg-rivieragroup.com.
TLS certificate: Issued by WE1 on October 5th 2024. Valid for: 3 months.

This is the only time pop.hg-rivieragroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	172.67.135.212 172.67.135.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	109.95.212.32 109.95.212.32	50448 (SYSTEM-SE...) (SYSTEM-SERVICE-AS)
15	2

4 172.67.135.212 (United States)

ASN13335 (CLOUDFLARENET, US)

pop.hg-rivieragroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 109.95.212.32 (Russian Federation)

ASN50448 (SYSTEM-SERVICE-AS, RU)
PTR: scruffy.handyhost.ru

handyhost.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	handyhost.ru handyhost.ru	13 KB
4	hg-rivieragroup.com pop.hg-rivieragroup.com	9 KB
15	2

	Domain	Requested by
11	handyhost.ru	pop.hg-rivieragroup.com
4	pop.hg-rivieragroup.com	pop.hg-rivieragroup.com
15	2

This site contains links to these domains. Also see Links.

Domain
handyhost.ru
ru.5.ispdoc.com
client.handyhost.ru
vk.com
www.facebook.com
twitter.com
plus.google.com

Subject Issuer	Validity	Valid
hg-rivieragroup.com WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.handyhost.ru AlphaSSL CA - SHA256 - G4	`2023-12-05` - `2025-01-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pop.hg-rivieragroup.com/
Frame ID: 7974715EE385EBE50ABE8CBB7E7D242C
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HandyHost.ru | Виртуальный хост не найден

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

22 kB
Transfer

29 kB
Size

0
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://handyhost.ru/

Search URL Search Domain Scan URL

URL: http://ru.5.ispdoc.com/index.php/%D0%9A%D0%B0%D1%82%D0%B5%D0%B3%D0%BE%D1%80%D0%B8%D1%8F:%D0%9F%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C_ISPmanager
Title: Справочные материалы панели управления хостингом ISPmanager

Search URL Search Domain Scan URL

URL: http://handyhost.ru/help/hosting/
Title: Справка о виртуальном хостинге

Search URL Search Domain Scan URL

URL: https://client.handyhost.ru/billmgr?plid=&startform=clientticket.edit
Title: создать запрос

Search URL Search Domain Scan URL

URL: https://handyhost.ru/livezilla/chat.php
Title: задать вопрос

Search URL Search Domain Scan URL

URL: https://vk.com/handyhost

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Handyhost/254297917958054

Search URL Search Domain Scan URL

URL: https://twitter.com/handyhost_ru

Search URL Search Domain Scan URL

URL: https://plus.google.com/111638553753243778476/

Search URL Search Domain Scan URL

URL: https://handyhost.ru/hosting/
Title: Хостинг сайтов

Search URL Search Domain Scan URL

URL: https://handyhost.ru/linux-ovz-vps/
Title: Linux VPS

Search URL Search Domain Scan URL

URL: https://handyhost.ru/windows-vps/
Title: Windows VPS

Search URL Search Domain Scan URL

URL: https://handyhost.ru/servers/
Title: Выделенные сервера

Search URL Search Domain Scan URL

URL: https://handyhost.ru/domains.html
Title: Домены

Search URL Search Domain Scan URL

URL: https://handyhost.ru/client/
Title: Клиентам

Search URL Search Domain Scan URL

URL: https://handyhost.ru/company/
Title: О компании

Search URL Search Domain Scan URL

URL: https://handyhost.ru/news/
Title: Новости

Search URL Search Domain Scan URL

URL: https://handyhost.ru/partner.html
Title: Партнерская программа

Search URL Search Domain Scan URL

URL: https://handyhost.ru/client/docs/
Title: Документы

Search URL Search Domain Scan URL

URL: https://handyhost.ru/feedback/
Title: Поддержка

Search URL Search Domain Scan URL

URL: https://handyhost.ru/company/contacts.html
Title: Контакты

Search URL Search Domain Scan URL

URL: https://handyhost.ru/reglament.html
Title: Регламент

Search URL Search Domain Scan URL

URL: https://handyhost.ru/help/
Title: Справка

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 404 Primary Request / Show response
pop.hg-rivieragroup.com/ 9 KB
4 KB 156ms
76ms Document
text/html 172.67.135.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.hg-rivieragroup.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.135.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 316f75b22c0d975769871e9b24d716929829148ff045753cb0a14926ff721383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d06b6756c8e9f54-FRA
content-encoding: zstd
content-type: text/html
date: Thu, 10 Oct 2024 12:46:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xs0r4X1ob94wfwLIFdThIIE3SR1TMU7XzBRkpOtA%2BaC387bnbX61ltbh6jeOKfvnHOT%2BmnYCgDpFkVX%2FVzMPRHV1edhU21ImbkW5dwuBV9J5kwBAfaQONANeVuA90lqQ43kmeMvaN3BwBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"

GET
H3 200 speculation
pop.hg-rivieragroup.com/cdn-cgi/ 128 B
575 B 14ms
14ms Other
application/speculationrules+json 172.67.135.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.hg-rivieragroup.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.135.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pop.hg-rivieragroup.com
Referer: https://pop.hg-rivieragroup.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N8opvxODvGd71LIP9%2FRKes2DaBg73CmM1dOALKzrKVu1%2F88Use0xViHlSlOs%2BRS88CTbLHrN0mzjPyzBPik5G0sfRRFY6lIgIUIEYdCeHuum%2BNf9OjBq20EKuRC5sMHO62436B2qpjKdAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d06b6760d609f54-FRA
access-control-allow-origin: https://pop.hg-rivieragroup.com
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 logo.png
handyhost.ru/tpl/img/ 2 KB
2 KB 215ms
57ms Image
image/png 109.95.212.32
SYSTEM-SERVICE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://handyhost.ru/tpl/img/logo.png

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.95.212.32 , Russian Federation, ASN50448 (SYSTEM-SERVICE-AS, RU),

Reverse DNS

scruffy.handyhost.ru

Software

nginx/1.20.2 /

Resource Hash

ddf854ae151b5bd0c9cbd6bec89eaea25196d5c2bee3c4f0d22cf02af7f91f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=31536000
etag: "570ce1ab-753"
expires: Fri, 10 Oct 2025 12:46:21 GMT
accept-ranges: bytes
content-length: 1875
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: image/png
last-modified: Tue, 12 Apr 2016 11:53:15 GMT
server: nginx/1.20.2

GET
H2 200 logo_min.png
handyhost.ru/tpl/img/ 2 KB
2 KB 217ms
59ms Image
image/png 109.95.212.32
SYSTEM-SERVICE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://handyhost.ru/tpl/img/logo_min.png

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.95.212.32 , Russian Federation, ASN50448 (SYSTEM-SERVICE-AS, RU),

Reverse DNS

scruffy.handyhost.ru

Software

nginx/1.20.2 /

Resource Hash

573fcd8b377e3a98e65566bcbc5cac64c3719a8564a9697fa37bb458f38a55cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=31536000
etag: "570ce1ab-62b"
expires: Fri, 10 Oct 2025 12:46:21 GMT
accept-ranges: bytes
content-length: 1579
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: image/png
last-modified: Tue, 12 Apr 2016 11:53:15 GMT
server: nginx/1.20.2

GET
H2 200 vk_ico_mini.png
handyhost.ru/tpl/img/ 500 B
712 B 131ms
63ms Image
image/png 109.95.212.32
SYSTEM-SERVICE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://handyhost.ru/tpl/img/vk_ico_mini.png

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.95.212.32 , Russian Federation, ASN50448 (SYSTEM-SERVICE-AS, RU),

Reverse DNS

scruffy.handyhost.ru

Software

nginx/1.20.2 /

Resource Hash

dc6b7382c67d67f1c6f8cd1c4c7cae160df9b48a584efc071f7cfc2ddc424971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=31536000
etag: "592c11fc-1f4"
expires: Fri, 10 Oct 2025 12:46:21 GMT
accept-ranges: bytes
content-length: 500
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: image/png
last-modified: Mon, 29 May 2017 12:20:12 GMT
server: nginx/1.20.2

GET
H2 200 fb_ico_mini.png
handyhost.ru/tpl/img/ 1 KB
1 KB 127ms
60ms Image
image/png 109.95.212.32
SYSTEM-SERVICE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://handyhost.ru/tpl/img/fb_ico_mini.png

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.95.212.32 , Russian Federation, ASN50448 (SYSTEM-SERVICE-AS, RU),

Reverse DNS

scruffy.handyhost.ru

Software

nginx/1.20.2 /

Resource Hash

e027538d7b66a6b7d8f00312a0e2593407a67c6436c2d8aac58a76c66a4b39b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=31536000
etag: "592c1200-522"
expires: Fri, 10 Oct 2025 12:46:21 GMT
accept-ranges: bytes
content-length: 1314
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: image/png
last-modified: Mon, 29 May 2017 12:20:16 GMT
server: nginx/1.20.2

GET
H2 200 tw_ico_mini.png
handyhost.ru/tpl/img/ 1 KB
1 KB 175ms
109ms Image
image/png 109.95.212.32
SYSTEM-SERVICE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://handyhost.ru/tpl/img/tw_ico_mini.png

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.95.212.32 , Russian Federation, ASN50448 (SYSTEM-SERVICE-AS, RU),

Reverse DNS

scruffy.handyhost.ru

Software

nginx/1.20.2 /

Resource Hash

509cec8648bc61c7a30e6adeccff42e226108f9a7c987a9ddc55e0082457528c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=31536000
etag: "592c11fc-4fe"
expires: Fri, 10 Oct 2025 12:46:21 GMT
accept-ranges: bytes
content-length: 1278
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: image/png
last-modified: Mon, 29 May 2017 12:20:12 GMT
server: nginx/1.20.2

GET
H2 200 g_ico_mini.png
handyhost.ru/tpl/img/ 1 KB
1 KB 176ms
110ms Image
image/png 109.95.212.32
SYSTEM-SERVICE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://handyhost.ru/tpl/img/g_ico_mini.png

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.95.212.32 , Russian Federation, ASN50448 (SYSTEM-SERVICE-AS, RU),

Reverse DNS

scruffy.handyhost.ru

Software

nginx/1.20.2 /

Resource Hash

dda604b32240bc164c9a38d2d0c6592c86c7781c5c01b4643b639079dce0a018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=31536000
etag: "592c11ff-4d4"
expires: Fri, 10 Oct 2025 12:46:21 GMT
accept-ranges: bytes
content-length: 1236
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: image/png
last-modified: Mon, 29 May 2017 12:20:15 GMT
server: nginx/1.20.2

GET
H3 200 email-decode.min.js Show response
pop.hg-rivieragroup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 18ms
18ms Script
application/javascript 172.67.135.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pop.hg-rivieragroup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.135.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67000b37-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmd2gOXf7fzEUk0SOa7RIe%2FPBpJMT6gd9f1bskh2t26qlOHxJ74O9TuNfs0MTIHLIr%2FEM3G7atJSyTRqokd%2BeWYevLZ3Zp0lHxZbAXFY7If1Epp7z8%2FgfqjNVss3OyWUx2PLZDoydl7yaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d06b676ae279f54-FRA
expires: Sat, 12 Oct 2024 12:46:21 GMT
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 15:35:19 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 header_bg.png
handyhost.ru/tpl/img/ 183 B
395 B 61ms
48ms Image
image/png 109.95.212.32
SYSTEM-SERVICE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://handyhost.ru/tpl/img/header_bg.png

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.95.212.32 , Russian Federation, ASN50448 (SYSTEM-SERVICE-AS, RU),

Reverse DNS

scruffy.handyhost.ru

Software

nginx/1.20.2 /

Resource Hash

b842d5124bc76ce517568df11e759f977d06188e2b4602801974018146a74091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=31536000
etag: "570ce1ab-b7"
expires: Fri, 10 Oct 2025 12:46:21 GMT
accept-ranges: bytes
content-length: 183
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: image/png
last-modified: Tue, 12 Apr 2016 11:53:15 GMT
server: nginx/1.20.2

GET
H2 200 li2.png
handyhost.ru/tpl/img/ 335 B
547 B 63ms
51ms Image
image/png 109.95.212.32
SYSTEM-SERVICE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://handyhost.ru/tpl/img/li2.png

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.95.212.32 , Russian Federation, ASN50448 (SYSTEM-SERVICE-AS, RU),

Reverse DNS

scruffy.handyhost.ru

Software

nginx/1.20.2 /

Resource Hash

0bce4bbf5e58c0eeb1d18df25940ae05e9dd936d8d96cb74ba84206047b10f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=31536000
etag: "592c1341-14f"
expires: Fri, 10 Oct 2025 12:46:21 GMT
accept-ranges: bytes
content-length: 335
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: image/png
last-modified: Mon, 29 May 2017 12:25:37 GMT
server: nginx/1.20.2

GET
H2 200 footer_bg.png
handyhost.ru/tpl/img/ 142 B
353 B 64ms
51ms Image
image/png 109.95.212.32
SYSTEM-SERVICE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://handyhost.ru/tpl/img/footer_bg.png

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.95.212.32 , Russian Federation, ASN50448 (SYSTEM-SERVICE-AS, RU),

Reverse DNS

scruffy.handyhost.ru

Software

nginx/1.20.2 /

Resource Hash

80a968088a1ddf37176c9ecedfa7ef56047a970185c82df6517c211c09bf32e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=31536000
etag: "570ce1aa-8e"
expires: Fri, 10 Oct 2025 12:46:21 GMT
accept-ranges: bytes
content-length: 142
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: image/png
last-modified: Tue, 12 Apr 2016 11:53:14 GMT
server: nginx/1.20.2

GET
H2 200 footer_bg_l.png
handyhost.ru/tpl/img/ 902 B
1 KB 65ms
52ms Image
image/png 109.95.212.32
SYSTEM-SERVICE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://handyhost.ru/tpl/img/footer_bg_l.png

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.95.212.32 , Russian Federation, ASN50448 (SYSTEM-SERVICE-AS, RU),

Reverse DNS

scruffy.handyhost.ru

Software

nginx/1.20.2 /

Resource Hash

9abc4ac96824a1102963e3e5b00d89f6fba031cffbfa09e86646fa7f15c8823a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=31536000
etag: "570ce1aa-386"
expires: Fri, 10 Oct 2025 12:46:21 GMT
accept-ranges: bytes
content-length: 902
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: image/png
last-modified: Tue, 12 Apr 2016 11:53:14 GMT
server: nginx/1.20.2

GET
H2 200 footer_bg_r.png
handyhost.ru/tpl/img/ 1 KB
2 KB 66ms
53ms Image
image/png 109.95.212.32
SYSTEM-SERVICE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://handyhost.ru/tpl/img/footer_bg_r.png

Requested by

Host: pop.hg-rivieragroup.com
URL: https://pop.hg-rivieragroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.95.212.32 , Russian Federation, ASN50448 (SYSTEM-SERVICE-AS, RU),

Reverse DNS

scruffy.handyhost.ru

Software

nginx/1.20.2 /

Resource Hash

2f5b5bccf34e716a9e0960fcbe36954b191b57d2a62738c55c86e76cdb6dc92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=31536000
etag: "570ce1aa-5dd"
expires: Fri, 10 Oct 2025 12:46:21 GMT
accept-ranges: bytes
content-length: 1501
date: Thu, 10 Oct 2024 12:46:21 GMT
content-type: image/png
last-modified: Tue, 12 Apr 2016 11:53:14 GMT
server: nginx/1.20.2

GET
H3 404 favicon.ico
pop.hg-rivieragroup.com/ 9 KB
4 KB 76ms
76ms Other
text/html 172.67.135.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.hg-rivieragroup.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.135.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 672f9c9b02af3873f6a00b68996a0975c0ab49a4179fa800e21af3fe23c3ebed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pop.hg-rivieragroup.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: EXPIRED
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ufWeke%2Fl%2BkG0wfR%2FBx2SsPPvj6zwIU7ZOrrxcL2OJtAZqWNqa4aU48iUztMEv4xYAOkA7RbCy0G38rm67x1EKOTqpV348ZZBIVVV6cvMS2hypzrA1I%2BOkbOoiGS30zleir25kZGvVysWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d06b67dc8249f54-FRA
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:46:22 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pop.hg-rivieragroup.com/ Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://pop.hg-rivieragroup.com/ Message: Mixed Content: The page at 'https://pop.hg-rivieragroup.com/' was loaded over HTTPS, but requested an insecure element 'http://handyhost.ru/tpl/img/header_bg.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://pop.hg-rivieragroup.com/ Message: Mixed Content: The page at 'https://pop.hg-rivieragroup.com/' was loaded over HTTPS, but requested an insecure element 'http://handyhost.ru/tpl/img/li2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://pop.hg-rivieragroup.com/ Message: Mixed Content: The page at 'https://pop.hg-rivieragroup.com/' was loaded over HTTPS, but requested an insecure element 'http://handyhost.ru/tpl/img/footer_bg.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://pop.hg-rivieragroup.com/ Message: Mixed Content: The page at 'https://pop.hg-rivieragroup.com/' was loaded over HTTPS, but requested an insecure element 'http://handyhost.ru/tpl/img/footer_bg_l.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://pop.hg-rivieragroup.com/ Message: Mixed Content: The page at 'https://pop.hg-rivieragroup.com/' was loaded over HTTPS, but requested an insecure element 'http://handyhost.ru/tpl/img/footer_bg_r.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://pop.hg-rivieragroup.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

handyhost.ru
pop.hg-rivieragroup.com
109.95.212.32
172.67.135.212
0bce4bbf5e58c0eeb1d18df25940ae05e9dd936d8d96cb74ba84206047b10f33
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2f5b5bccf34e716a9e0960fcbe36954b191b57d2a62738c55c86e76cdb6dc92b
316f75b22c0d975769871e9b24d716929829148ff045753cb0a14926ff721383
509cec8648bc61c7a30e6adeccff42e226108f9a7c987a9ddc55e0082457528c
573fcd8b377e3a98e65566bcbc5cac64c3719a8564a9697fa37bb458f38a55cd
672f9c9b02af3873f6a00b68996a0975c0ab49a4179fa800e21af3fe23c3ebed
80a968088a1ddf37176c9ecedfa7ef56047a970185c82df6517c211c09bf32e3
9abc4ac96824a1102963e3e5b00d89f6fba031cffbfa09e86646fa7f15c8823a
b842d5124bc76ce517568df11e759f977d06188e2b4602801974018146a74091
dc6b7382c67d67f1c6f8cd1c4c7cae160df9b48a584efc071f7cfc2ddc424971
dda604b32240bc164c9a38d2d0c6592c86c7781c5c01b4643b639079dce0a018
ddf854ae151b5bd0c9cbd6bec89eaea25196d5c2bee3c4f0d22cf02af7f91f20
e027538d7b66a6b7d8f00312a0e2593407a67c6436c2d8aac58a76c66a4b39b7

pop.hg-rivieragroup.com Open in urlscan Pro 172.67.135.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

22 kBTransfer

29 kBSize

0 Cookies

23 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

7 Console Messages

Indicators

pop.hg-rivieragroup.com Open in urlscan Pro
172.67.135.212 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

22 kB
Transfer

29 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions