cah4e3.shedevr.org.ru

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 136.243.90.140, located in Germany and belongs to HETZNER-AS, DE. The main domain is cah4e3.shedevr.org.ru.

This is the only time cah4e3.shedevr.org.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	136.243.90.140 136.243.90.140	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
5	3

2 136.243.90.140 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: betsyouwin.com

cah4e3.shedevr.org.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	yadro.ru 1 redirects counter.yadro.ru	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	org.ru cah4e3.shedevr.org.ru	8 KB
5	3

	Domain	Requested by
2	counter.yadro.ru	1 redirects cah4e3.shedevr.org.ru
2	www.google-analytics.com	cah4e3.shedevr.org.ru www.google-analytics.com
2	cah4e3.shedevr.org.ru	cah4e3.shedevr.org.ru
5	3

This site contains links to these domains. Also see Links.

Domain
cah4e3.wordpress.com
www.glish.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://cah4e3.shedevr.org.ru/
Frame ID: D7B26E9B8AE2E509FAEE752FBA10BA83
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

60 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

28 kB
Transfer

70 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://cah4e3.wordpress.com/
Title: cah4e3.wordpress.com

Search URL Search Domain Scan URL

URL: http://www.glish.com/css/home.asp
Title: www.glish.com/css

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 2

https://counter.yadro.ru/hit?t13.5;r;s1600*1200*24;uhttp%3A//cah4e3.shedevr.org.ru/;0.24906273128553602 HTTP 302
https://counter.yadro.ru/hit?q;t13.5;r;s1600*1200*24;uhttp%3A//cah4e3.shedevr.org.ru/;0.24906273128553602

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
cah4e3.shedevr.org.ru/ 23 KB
7 KB 330ms
71ms Document
text/html 136.243.90.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://cah4e3.shedevr.org.ru/

Protocol

HTTP/1.1

Server

136.243.90.140 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

betsyouwin.com

Software

nginx/1.16.0 /

Resource Hash

3901e7a55f9a1e78654edf2d3581bc2bb3948b0fe25c7b36674e74b17d66b5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Host: cah4e3.shedevr.org.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.16.0
Date: Thu, 29 Oct 2020 06:36:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK all.css
cah4e3.shedevr.org.ru/ 1 KB
1 KB 44ms
43ms Stylesheet
text/css 136.243.90.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://cah4e3.shedevr.org.ru/all.css

Requested by

Host: cah4e3.shedevr.org.ru
URL: http://cah4e3.shedevr.org.ru/

Protocol

HTTP/1.1

Server

136.243.90.140 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

betsyouwin.com

Software

nginx/1.16.0 /

Resource Hash

4599651eacddd1c1aac08fde7f7065efb1235bdb2ec9e11fb3caafac6d4f5159

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 29 Oct 2020 06:36:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 05 Jul 2019 07:45:25 GMT
Server: nginx/1.16.0
ETag: "5d1f0015-45e"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1118

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

45 KB
18 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cah4e3.shedevr.org.ru
URL: http://cah4e3.shedevr.org.ru/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://cah4e3.shedevr.org.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2801
date: Thu, 29 Oct 2020 05:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 29 Oct 2020 07:49:25 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t13.5;r;s1600*1200*24;uhttp%3A//cah4e3.shedevr.org.ru/;0.24906273128553602
https://counter.yadro.ru/hit?q;t13.5;r;s1600*1200*24;uhttp%3A//cah4e3.shedevr.org.ru/;0.24906273128553602

598 B
1 KB

80ms
80ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t13.5;r;s1600*1200*24;uhttp%3A//cah4e3.shedevr.org.ru/;0.24906273128553602

Requested by

Host: cah4e3.shedevr.org.ru
URL: http://cah4e3.shedevr.org.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

f9fa8a68bd425d2b40e7dc61a51a26d2e186723e596fbc253e7a9b4eaf6a64b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://cah4e3.shedevr.org.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Oct 2020 06:36:06 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 598
Expires: Tue, 29 Oct 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Oct 2020 06:36:06 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t13.5;r;s1600*1200*24;uhttp%3A//cah4e3.shedevr.org.ru/;0.24906273128553602
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 29 Oct 2019 21:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
413 B 47ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=17305204&t=pageview&_s=1&dl=http%3A%2F%2Fcah4e3.shedevr.org.ru%2F&ul=en-us&de=UTF-8&dt=CaH4e3%27s%20Stuff&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1121507778&gjid=840419811&cid=340687676.1603953366&tid=UA-695698-1&_gid=749213425.1603953366&_r=1&_slc=1&z=1080408002

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://cah4e3.shedevr.org.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 06:36:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: http://cah4e3.shedevr.org.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shedevr.org.ru/	1970-01-19 13:32:33	Name: _gat Value: 1
.shedevr.org.ru/	1970-01-19 13:33:59	Name: _gid Value: GA1.3.749213425.1603953366
.shedevr.org.ru/	1970-01-20 07:03:45	Name: _ga Value: GA1.3.340687676.1603953366

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cah4e3.shedevr.org.ru
counter.yadro.ru
www.google-analytics.com
136.243.90.140
2a00:1450:4001:806::200e
88.212.201.204
3901e7a55f9a1e78654edf2d3581bc2bb3948b0fe25c7b36674e74b17d66b5eb
4599651eacddd1c1aac08fde7f7065efb1235bdb2ec9e11fb3caafac6d4f5159
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
f9fa8a68bd425d2b40e7dc61a51a26d2e186723e596fbc253e7a9b4eaf6a64b5

cah4e3.shedevr.org.ru Open in urlscan Pro 136.243.90.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

5 Requests

60 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

28 kBTransfer

70 kBSize

3 Cookies

3 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

cah4e3.shedevr.org.ru Open in urlscan Pro
136.243.90.140 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

28 kB
Transfer

70 kB
Size

3
Cookies

5 HTTP transactions
0 data transactions