URL: https://clientsave.api.shelter.ru/
Submission: On March 16 via automatic, source certstream-suspicious

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 81.94.140.206, located in Moscow, Russian Federation and belongs to WESTCALL-AS, RU. The main domain is clientsave.api.shelter.ru.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 17th 2021. Valid for: a year.
This is the only time clientsave.api.shelter.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 81.94.140.206 8595 (WESTCALL-AS)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a04:4e42:1b:... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 7
Domain Requested by
7 clientsave.api.shelter.ru clientsave.api.shelter.ru
code.jquery.com
6 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com clientsave.api.shelter.ru
3 cdn.jsdelivr.net clientsave.api.shelter.ru
1 unpkg.com clientsave.api.shelter.ru
1 code.jquery.com clientsave.api.shelter.ru
21 6

This site contains links to these domains. Also see Links.

Domain
github.com
localhost
example.org
policies.google.com
Subject Issuer Validity Valid
*.ucs-service.ru
Sectigo RSA Domain Validation Secure Server CA
2021-02-17 -
2022-02-17
a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-02 -
2021-08-02
a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-03-09 -
2021-04-17
a month crt.sh
upload.video.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://clientsave.api.shelter.ru/
Frame ID: E1B5843C4F082463D952AD634FDEEB65
Requests: 21 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

67 %
HTTPS

86 %
IPv6

6
Domains

6
Subdomains

7
IPs

4
Countries

876 kB
Transfer

1033 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
clientsave.api.shelter.ru/
32 KB
33 KB
Document
General
Full URL
https://clientsave.api.shelter.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.94.140.206 Moscow, Russian Federation, ASN8595 (WESTCALL-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
02c0965e050f52ee34ed40fdb8a72884531d4e0a6c6f7671952daddda27dc6a1

Request headers

:method
GET
:authority
clientsave.api.shelter.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.18.0
date
Tue, 16 Mar 2021 09:32:30 GMT
content-type
text/html; charset=utf-8
content-length
33129
accept-ranges
bytes
last-modified
Mon, 15 Mar 2021 17:03:08 GMT
livereload.js
clientsave.api.shelter.ru/
31 KB
31 KB
Script
General
Full URL
https://clientsave.api.shelter.ru/livereload.js?mindelay=10&v=2&port=1313&path=livereload
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.94.140.206 Moscow, Russian Federation, ASN8595 (WESTCALL-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2f7fd731cc0950af750ce23bf00402ec11d873520b86bf436177721df111c3d9

Request headers

Referer
https://clientsave.api.shelter.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 09:32:30 GMT
server
nginx/1.18.0
content-type
application/javascript
main.css
clientsave.api.shelter.ru/scss/
474 KB
475 KB
Stylesheet
General
Full URL
https://clientsave.api.shelter.ru/scss/main.css
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.94.140.206 Moscow, Russian Federation, ASN8595 (WESTCALL-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
11629f8737dcf4d2c422ef3a1b4644122683b7aa356267f44bf513559fb8d228

Request headers

Referer
https://clientsave.api.shelter.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 09:32:30 GMT
last-modified
Fri, 12 Mar 2021 13:28:52 GMT
server
nginx/1.18.0
accept-ranges
bytes
content-length
485315
content-type
text/css; charset=utf-8
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://clientsave.api.shelter.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 09:32:30 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1615887150.dop055.fr8.t,1615887150.cds250.fr8.hn,1615887150.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
lunr.min.js
unpkg.com/lunr@2.3.8/
29 KB
8 KB
Script
General
Full URL
https://unpkg.com/lunr@2.3.8/lunr.min.js
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df84a2d58ea594c04a3371b48d020b55ea10284c2ec636e4e331965d7313e29b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://clientsave.api.shelter.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 09:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6931402
vary
Accept-Encoding
cf-request-id
08dbfa449d00000eafb811f000000001
last-modified
Tue, 22 Oct 2019 19:47:34 GMT
server
cloudflare
etag
W/"7347-u61OMC58M1yRehK3ImKAl2cwrSU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
616f22e98efa4a1cb44f0103ed2845bc
cache-control
public, max-age=31536000
cf-ray
630cf980fccf0eaf-FRA
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/
21 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://clientsave.api.shelter.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2975596
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
7503
etag
W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
x-served-by
cache-fra19149-FRA, cache-hhn4080-HHN
date
Tue, 16 Mar 2021 09:32:30 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/
62 KB
15 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://clientsave.api.shelter.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2975596
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
14911
etag
W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
x-served-by
cache-fra19132-FRA, cache-hhn4080-HHN
date
Tue, 16 Mar 2021 09:32:30 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
main.js
clientsave.api.shelter.ru/js/
11 KB
11 KB
Script
General
Full URL
https://clientsave.api.shelter.ru/js/main.js
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.94.140.206 Moscow, Russian Federation, ASN8595 (WESTCALL-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e766b5621cc190a33f3ab28437530c5de13698577ae7a2f3b4018fc7c833f570

Request headers

Referer
https://clientsave.api.shelter.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 09:32:30 GMT
last-modified
Mon, 15 Mar 2021 17:03:08 GMT
server
nginx/1.18.0
accept-ranges
bytes
content-length
10841
content-type
application/javascript; charset=utf-8
css
fonts.googleapis.com/
12 KB
965 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/scss/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95674edfe9117307a320de70aa6e2326124074e0893eaefdc73a877c15865167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://clientsave.api.shelter.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 08:11:00 GMT
server
ESF
date
Tue, 16 Mar 2021 09:32:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Mar 2021 09:32:30 GMT
font-face.css
cdn.jsdelivr.net/gh/rastikerdar/vazir-font@v27.0.1/dist/
2 KB
448 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/gh/rastikerdar/vazir-font@v27.0.1/dist/font-face.css
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/scss/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c4daae7dd46835d962c178c0eeda33032bbe1d6e95901b0af3f89d6c6c222238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://clientsave.api.shelter.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2258275
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
319
etag
W/"793-ugAw4c0oqMqnpbt0uY2nx7sYXJA"
x-served-by
cache-fra19168-FRA, cache-hhn4058-HHN
date
Tue, 16 Mar 2021 09:32:30 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css2
fonts.googleapis.com/
8 KB
706 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700&display=swap
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/scss/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48dab800099e4650a507aabc6268bf8fb08ba4c3eb464c260fde4d417cfdd3b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://clientsave.api.shelter.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 07:43:46 GMT
server
ESF
date
Tue, 16 Mar 2021 09:32:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Mar 2021 09:32:30 GMT
css2
fonts.googleapis.com/
3 KB
516 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Tajawal:wght@300;400;500;700&display=swap
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/scss/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02ec6cabdfbd3fdca06aa42f022a7fdadb33459c3f5d45e8b6decf49b3e060e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://clientsave.api.shelter.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 09:32:30 GMT
server
ESF
date
Tue, 16 Mar 2021 09:32:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Mar 2021 09:32:30 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:15:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
55018
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:15:32 GMT
fa-solid-900.woff2
clientsave.api.shelter.ru/webfonts/
74 KB
74 KB
Font
General
Full URL
https://clientsave.api.shelter.ru/webfonts/fa-solid-900.woff2
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/scss/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.94.140.206 Moscow, Russian Federation, ASN8595 (WESTCALL-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5f370c8cf919f01002e86882a7957b34500dddcb7e599070fa9052d68ede5cb1

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://clientsave.api.shelter.ru/scss/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 09:32:30 GMT
last-modified
Fri, 05 Mar 2021 17:10:00 GMT
server
nginx/1.18.0
accept-ranges
bytes
content-length
75336
content-type
font/woff2
mem8YaGs126MiZpBA-UFUZ0bbck.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0bbck.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 11:21:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:24 GMT
server
sffe
age
339065
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9400
x-xss-protection
0
expires
Sat, 12 Mar 2022 11:21:25 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 12:03:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:21 GMT
server
sffe
age
336522
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14932
x-xss-protection
0
expires
Sat, 12 Mar 2022 12:03:48 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 02:04:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
458901
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Fri, 11 Mar 2022 02:04:09 GMT
fa-brands-400.woff2
clientsave.api.shelter.ru/webfonts/
73 KB
73 KB
Font
General
Full URL
https://clientsave.api.shelter.ru/webfonts/fa-brands-400.woff2
Requested by
Host: clientsave.api.shelter.ru
URL: https://clientsave.api.shelter.ru/scss/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.94.140.206 Moscow, Russian Federation, ASN8595 (WESTCALL-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4fcce6ffdbb36d18042e8dcf18af285a49c12122c6b3d96bb7ceafee49b13de2

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://clientsave.api.shelter.ru/scss/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 09:32:30 GMT
last-modified
Fri, 05 Mar 2021 17:10:00 GMT
server
nginx/1.18.0
accept-ranges
bytes
content-length
74740
content-type
font/woff2
mem5YaGs126MiZpBA-UN_r8OVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OVuhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baa1087a72ec2a36cd6fcaeae786064d4041792df022b8e73cd628cb1c7804ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:08:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
465853
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9588
x-xss-protection
0
expires
Fri, 11 Mar 2022 00:08:17 GMT
mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7909c732c29e37db8eb4a96106deb97541b86d4d1ad4b0b96c4e6729b1c3d666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://clientsave.api.shelter.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 21:18:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:45 GMT
server
sffe
age
476025
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9560
x-xss-protection
0
expires
Thu, 10 Mar 2022 21:18:45 GMT
offline-search-index.836172ee587bf9d3d6e54665eaa1d731.json
clientsave.api.shelter.ru/
44 KB
44 KB
XHR
General
Full URL
https://clientsave.api.shelter.ru/offline-search-index.836172ee587bf9d3d6e54665eaa1d731.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.94.140.206 Moscow, Russian Federation, ASN8595 (WESTCALL-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d78e85208fd1542ff2493d169bb4d838e6387b5794268ff77c0f7b5f349527fd

Request headers

Accept
*/*
Referer
https://clientsave.api.shelter.ru/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 09:32:30 GMT
last-modified
Mon, 15 Mar 2021 16:07:08 GMT
server
nginx/1.18.0
accept-ranges
bytes
content-length
44628
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| lunr function| Popper object| bootstrap function| HugoReload object| __core-js_shared__ object| core object| LiveReload

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
clientsave.api.shelter.ru
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
unpkg.com
2001:4de0:ac18::1:a:1a
2606:4700::6810:7daf
2a00:1450:4001:800::2003
2a00:1450:4001:811::2003
2a00:1450:4001:82a::200a
2a04:4e42:1b::621
81.94.140.206
02c0965e050f52ee34ed40fdb8a72884531d4e0a6c6f7671952daddda27dc6a1
02ec6cabdfbd3fdca06aa42f022a7fdadb33459c3f5d45e8b6decf49b3e060e4
11629f8737dcf4d2c422ef3a1b4644122683b7aa356267f44bf513559fb8d228
2f7fd731cc0950af750ce23bf00402ec11d873520b86bf436177721df111c3d9
48dab800099e4650a507aabc6268bf8fb08ba4c3eb464c260fde4d417cfdd3b8
4fcce6ffdbb36d18042e8dcf18af285a49c12122c6b3d96bb7ceafee49b13de2
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
5f370c8cf919f01002e86882a7957b34500dddcb7e599070fa9052d68ede5cb1
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7909c732c29e37db8eb4a96106deb97541b86d4d1ad4b0b96c4e6729b1c3d666
95674edfe9117307a320de70aa6e2326124074e0893eaefdc73a877c15865167
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
baa1087a72ec2a36cd6fcaeae786064d4041792df022b8e73cd628cb1c7804ee
c4daae7dd46835d962c178c0eeda33032bbe1d6e95901b0af3f89d6c6c222238
d78e85208fd1542ff2493d169bb4d838e6387b5794268ff77c0f7b5f349527fd
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
df84a2d58ea594c04a3371b48d020b55ea10284c2ec636e4e331965d7313e29b
e766b5621cc190a33f3ab28437530c5de13698577ae7a2f3b4018fc7c833f570
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f