URL: https://nadymedu.ru/
Submission: On September 24 via automatic, source certstream-suspicious

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 185.17.30.251, located in Russian Federation and belongs to FLYGROUP-AS, RU. The main domain is nadymedu.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 24th 2020. Valid for: 3 months.
This is the only time nadymedu.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.17.30.251 199420 (FLYGROUP-AS)
6 2
Apex Domain
Subdomains
Transfer
4 nadymedu.ru
nadymedu.ru
14 KB
0 changeip.name Failed
feelthesame.changeip.name Failed
6 2
Domain Requested by
4 nadymedu.ru nadymedu.ru
0 feelthesame.changeip.name Failed nadymedu.ru
6 2

This site contains links to these domains. Also see Links.

Domain
www.lipetskhost.ru
www.artpolitics.ru
Subject Issuer Validity Valid
nadymedu.ru
Let's Encrypt Authority X3
2020-09-24 -
2020-12-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://nadymedu.ru/
Frame ID: 5E4237FCA371B5EB4A47A45BAF94A635
Requests: 6 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

14 kB
Transfer

21 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nadymedu.ru/
2 KB
1 KB
Document
General
Full URL
https://nadymedu.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.17.30.251 , Russian Federation, ASN199420 (FLYGROUP-AS, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
d92d94156c4c20d1ac2192d1752cd55db5f85f3e9756ebc35c2bb67eaa023e39

Request headers

Host
nadymedu.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Thu, 24 Sep 2020 10:13:02 GMT
Content-Type
text/html
Last-Modified
Sun, 27 Jan 2013 05:37:41 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5104bd25-829"
X-Powered-By
PleskLin
Content-Encoding
gzip
winxp.blue.css
nadymedu.ru/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://nadymedu.ru/css/winxp.blue.css
Requested by
Host: nadymedu.ru
URL: https://nadymedu.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.17.30.251 , Russian Federation, ASN199420 (FLYGROUP-AS, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
5c7b468002dd618c7d53ce24a7eb5f76e57897543898c0eee5d4eabb665c096b

Request headers

Referer
https://nadymedu.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 10:13:02 GMT
Content-Encoding
gzip
ETag
W/"4c81f546-2507"
Last-Modified
Sat, 04 Sep 2010 07:29:10 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
lipetskhost.gif
nadymedu.ru/img/
3 KB
3 KB
Image
General
Full URL
https://nadymedu.ru/img/lipetskhost.gif
Requested by
Host: nadymedu.ru
URL: https://nadymedu.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.17.30.251 , Russian Federation, ASN199420 (FLYGROUP-AS, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
061410fdea52ef4dd2754ed3317ca67cb50c7a337f3d5cc73e77e27c119debb4

Request headers

Referer
https://nadymedu.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 10:13:02 GMT
Content-Encoding
gzip
ETag
W/"4c81f546-c51"
Last-Modified
Sat, 04 Sep 2010 07:29:10 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
artpolitics.gif
nadymedu.ru/img/
7 KB
7 KB
Image
General
Full URL
https://nadymedu.ru/img/artpolitics.gif
Requested by
Host: nadymedu.ru
URL: https://nadymedu.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.17.30.251 , Russian Federation, ASN199420 (FLYGROUP-AS, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2975febb8084f8510977d1cef29fbf4711765e51fa460c756b21425882a02505

Request headers

Referer
https://nadymedu.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 10:13:02 GMT
Content-Encoding
gzip
ETag
W/"4c81f546-1b4b"
Last-Modified
Sat, 04 Sep 2010 07:29:10 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
newsfeeds.js.php
nadymedu.ru/javascript/
0
0

rsize.js
feelthesame.changeip.name/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nadymedu.ru
URL
http://nadymedu.ru:8880/javascript/newsfeeds.js.php
Domain
feelthesame.changeip.name
URL
http://feelthesame.changeip.name/rsize.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies