Submitted URL: http://bishky.ru/eztmV
Effective URL: https://container.cool/d/9nYw
Submission: On November 28 via manual from US

Summary

This website contacted 1 IPs in 4 countries across 5 domains to perform 2 HTTP transactions. The main IP is 2606:4700:30::681b:a501, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is container.cool.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 22nd 2018. Valid for: 6 months.
This is the only time container.cool was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 37.140.192.212 197695 (AS-REG)
1 1 185.154.14.96 21100 (ITLDC-NL)
1 1 88.99.66.31 24940 (HETZNER-AS)
1 1 194.106.216.20 21257 (CDNNET-AS)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
2 1
Apex Domain
Subdomains
Transfer
2 container.cool
container.cool
1 KB
1 fex.net
fex.net
316 B
1 2no.co
2no.co
323 B
1 2nice.pw
2nice.pw
689 B
1 bishky.ru
bishky.ru
215 B
2 5
Domain Requested by
2 container.cool container.cool
1 fex.net 1 redirects
1 2no.co 1 redirects
1 2nice.pw 1 redirects
1 bishky.ru 1 redirects
2 5

This site contains no links.

Subject Issuer Validity Valid
sni160139.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-11-22 -
2019-05-31
6 months crt.sh

This page contains 1 frames:

Primary Page: https://container.cool/d/9nYw
Frame ID: 4B9465B89503A0CC3ECCCABB13B64257
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://bishky.ru/eztmV HTTP 302
    http://2nice.pw/private HTTP 307
    https://2no.co/2vYbu5 HTTP 301
    https://fex.net/6Rz3zMy HTTP 302
    https://container.cool/d/9nYw Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Page Statistics

2
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

1
IPs

4
Countries

1 kB
Transfer

1 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bishky.ru/eztmV HTTP 302
    http://2nice.pw/private HTTP 307
    https://2no.co/2vYbu5 HTTP 301
    https://fex.net/6Rz3zMy HTTP 302
    https://container.cool/d/9nYw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 9nYw
container.cool/d/
Redirect Chain
  • http://bishky.ru/eztmV
  • http://2nice.pw/private
  • https://2no.co/2vYbu5
  • https://fex.net/6Rz3zMy
  • https://container.cool/d/9nYw
648 B
984 B
Document
General
Full URL
https://container.cool/d/9nYw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a501 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
65da3b8ee90934f8389085bf50b4dff590013e19c5a9bdd42dfb4d9c791d77c3

Request headers

:method
GET
:authority
container.cool
:scheme
https
:path
/d/9nYw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 28 Nov 2018 15:15:38 GMT
content-type
text/html ; charset=UTF-8
set-cookie
__cfduid=d42366430c06d4885e46ebcfa14280ce01543418138; expires=Thu, 28-Nov-19 15:15:38 GMT; path=/; domain=.container.cool; HttpOnly lang=english; domain=container.cool; path=/
expires
Tue, 27 Nov 2018 15:15:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
480dca82dfd263a9-FRA

Redirect headers

Server
nginx/1.13.12
Date
Wed, 28 Nov 2018 15:15:37 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://container.cool/d/9nYw
Strict-Transport-Security
max-age=31536000
X-Frame-Options
: SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
main.css
container.cool/
21 B
211 B
Stylesheet
General
Full URL
https://container.cool/main.css
Requested by
Host: container.cool
URL: https://container.cool/d/9nYw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a501 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9410e012f6a8bb6d27b4e785a08ad3a234a3996ed11b3dbb5c8212d97e16911

Request headers

:path
/main.css
pragma
no-cache
cookie
__cfduid=d42366430c06d4885e46ebcfa14280ce01543418138; lang=english
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
container.cool
referer
https://container.cool/d/9nYw
:scheme
https
:method
GET
Referer
https://container.cool/d/9nYw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 28 Nov 2018 15:15:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 04 Jul 2018 06:15:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
status
200
cache-control
public, max-age=14400
cf-ray
480dca84892d63a9-FRA
expires
Wed, 28 Nov 2018 19:15:38 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.container.cool/ Name: lang
Value: english
.container.cool/ Name: __cfduid
Value: d42366430c06d4885e46ebcfa14280ce01543418138

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2nice.pw
2no.co
bishky.ru
container.cool
fex.net
185.154.14.96
194.106.216.20
2606:4700:30::681b:a501
37.140.192.212
88.99.66.31
65da3b8ee90934f8389085bf50b4dff590013e19c5a9bdd42dfb4d9c791d77c3
f9410e012f6a8bb6d27b4e785a08ad3a234a3996ed11b3dbb5c8212d97e16911