test2.hei.ge - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 193.200.149.82, located in United States and belongs to XNNET, US. The main domain is test2.hei.ge.
TLS certificate: Issued by R11 on November 19th 2024. Valid for: 3 months.

This is the only time test2.hei.ge was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	193.200.149.82 193.200.149.82	6134 (XNNET) (XNNET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3

4 193.200.149.82 (United States)

ASN6134 (XNNET, US)

test2.hei.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jaksay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

uai.hei.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	hei.ge test2.hei.ge uai.hei.ge	22 KB
2	jaksay.com jaksay.com	42 KB
7	2

	Domain	Requested by
2	jaksay.com	test2.hei.ge
2	test2.hei.ge
1	uai.hei.ge	test2.hei.ge uai.hei.ge
7	3

This site contains links to these domains. Also see Links.

Domain
jaksay.com
paoti.club

Subject Issuer	Validity	Valid
jaksay.com R11	`2024-11-19` - `2025-02-17`	3 months	crt.sh
hei.ge WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://test2.hei.ge/
Frame ID: C72C4695641538EF056E5183D148F479
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jaksay's Blog

Page Statistics

7
Requests

43 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

64 kB
Transfer

74 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://jaksay.com/

Search URL Search Domain Scan URL

URL: https://paoti.club/
Title: 跑题俱乐部

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
test2.hei.ge/ 11 KB
4 KB 876ms
274ms Document
text/html 193.200.149.82
XNNET

General

Check archive.org

Show headers Download Go to

Full URL

https://test2.hei.ge/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

193.200.149.82 , United States, ASN6134 (XNNET, US),

Reverse DNS

Software

nginx /

Resource Hash

684f3581dd8753cdc8a4c9122ce96e8c3da50da8bb9a1cc8c21cabfa40e9c665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 20 Nov 2024 19:22:37 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
x-pingback: https://test2.hei.ge/action/xmlrpc

GET
H2 200 style.css
jaksay.com/usr/themes/Mini/ 6 KB
3 KB 976ms
240ms Stylesheet
text/css 193.200.149.82
XNNET

General

Check archive.org

Show headers Download Go to

Full URL

https://jaksay.com/usr/themes/Mini/style.css

Requested by

Host: test2.hei.ge
URL: https://test2.hei.ge/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

193.200.149.82 , United States, ASN6134 (XNNET, US),

Reverse DNS

Software

nginx /

Resource Hash

30113249cc5a2e96551f419d2f332bfd6dc766345090e4546fec711789f8f400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test2.hei.ge/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
cache-control: max-age=43200
content-encoding: gzip
etag: W/"670ac5fe-19a5"
expires: Thu, 21 Nov 2024 07:22:38 GMT
date: Wed, 20 Nov 2024 19:22:38 GMT
content-type: text/css
last-modified: Sat, 12 Oct 2024 18:54:54 GMT
server: nginx

GET
H2 200 logo.png
jaksay.com/usr/themes/Mini/ 39 KB
40 KB 1256ms
521ms Image
image/png 193.200.149.82
XNNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jaksay.com/usr/themes/Mini/logo.png

Requested by

Host: test2.hei.ge
URL: https://test2.hei.ge/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

193.200.149.82 , United States, ASN6134 (XNNET, US),

Reverse DNS

Software

nginx /

Resource Hash

83b618ed61fef6e2b8b7b42bf074f42b48ecacc5efc54a9a0093d2249988148c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test2.hei.ge/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
cache-control: max-age=2592000
etag: "6647d600-9db1"
expires: Fri, 20 Dec 2024 19:22:38 GMT
accept-ranges: bytes
content-length: 40369
date: Wed, 20 Nov 2024 19:22:38 GMT
content-type: image/png
last-modified: Fri, 17 May 2024 22:11:12 GMT
server: nginx

GET
H3 200 uai Show response
uai.hei.ge/ 3 KB
2 KB 366ms
143ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uai.hei.ge/uai

Requested by

Host: test2.hei.ge
URL: https://test2.hei.ge/

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ada205e6d27ef97d3b561fcbd2754bf023a5e0d150487e592378706f757f6c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test2.hei.ge/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"9bc297e4ef7676659c62f260469ef0fc"
age: 457209
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMFzAVhRN5I27IeEzKArlg8URBPTIkyp3N%2F2XSCTOQdT1zou2%2B%2B6bGcfMpQHt4y7r6A1YR%2FWQ5ThJR6KJICBQZUa4E3GVf9mAOebZIiyxZaH3HE5Pe67lcFndwle"}],"group":"cf-nel","max_age":604800}
x-matched-path: /script.js
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74707&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4161&recv_bytes=4263&delivery_rate=43765&cwnd=12000&unsent_bytes=0&cid=5d9db0991d6bc3a0&ts=255&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 19:22:39 GMT
content-type: application/javascript; charset=utf-8
content-disposition: inline; filename="script.js"
priority: u=3,i=?0
strict-transport-security: max-age=63072000
content-security-policy: default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
cache-control: public, max-age=0, must-revalidate
x-dns-prefetch-control: on
x-vercel-cache: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 15 Nov 2024 12:22:29 GMT
cf-ray: 8e5acf5b5d57d396-FRA
access-control-allow-origin: *
server: cloudflare
x-vercel-id: fra1::wwpgh-1732130559276-3067956d1c5e

POST send
uai.hei.ge/api/ 0
0

OPTIONS send
uai.hei.ge/api/ 0
0

GET
H2 200 favicon.ico
test2.hei.ge/ 15 KB
15 KB 331ms
331ms Other
image/x-icon 193.200.149.82
XNNET

General

Check archive.org

Show headers Download Go to

Full URL

https://test2.hei.ge/favicon.ico

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

193.200.149.82 , United States, ASN6134 (XNNET, US),

Reverse DNS

Software

nginx /

Resource Hash

bbeab0328542fd4ba71343eddf16347aed502f14affdd631ca616982d246068b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test2.hei.ge/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
etag: "6466e2ba-3c2e"
accept-ranges: bytes
content-length: 15406
date: Wed, 20 Nov 2024 19:22:39 GMT
content-type: image/x-icon
last-modified: Fri, 19 May 2023 02:45:14 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uai.hei.ge
URL: https://uai.hei.ge/api/send

Domain: uai.hei.ge
URL: https://uai.hei.ge/api/send

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| TypechoComment function| loadScriptWithTimeout object| umami

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jaksay.com
test2.hei.ge
uai.hei.ge
uai.hei.ge
188.114.96.3
193.200.149.82
2ada205e6d27ef97d3b561fcbd2754bf023a5e0d150487e592378706f757f6c8
30113249cc5a2e96551f419d2f332bfd6dc766345090e4546fec711789f8f400
684f3581dd8753cdc8a4c9122ce96e8c3da50da8bb9a1cc8c21cabfa40e9c665
83b618ed61fef6e2b8b7b42bf074f42b48ecacc5efc54a9a0093d2249988148c
bbeab0328542fd4ba71343eddf16347aed502f14affdd631ca616982d246068b

test2.hei.ge Open in urlscan Pro 193.200.149.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

43 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

64 kBTransfer

74 kBSize

0 Cookies

2 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

test2.hei.ge Open in urlscan Pro
193.200.149.82 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

43 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

64 kB
Transfer

74 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions