hub.hr-services.nordgold.com

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 217.175.24.86, located in Russian Federation and belongs to SCAT7-AS AS for JSC Severstal-infocom, RU. The main domain is hub.hr-services.nordgold.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 12th 2021. Valid for: a year.

This is the only time hub.hr-services.nordgold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	217.175.24.86 217.175.24.86	33936 (SCAT7-AS ...) (SCAT7-AS AS for JSC Severstal-infocom)
2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2

4 217.175.24.86 (Russian Federation)

ASN33936 (SCAT7-AS AS for JSC Severstal-infocom, RU)

hub.hr-services.nordgold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	nordgold.com hub.hr-services.nordgold.com	925 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 828	90 KB
6	2

	Domain	Requested by
4	hub.hr-services.nordgold.com	hub.hr-services.nordgold.com
2	use.fontawesome.com	hub.hr-services.nordgold.com use.fontawesome.com
6	2

This site contains no links.

Subject Issuer	Validity	Valid
hr-services.nordgold.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-12` - `2022-03-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hub.hr-services.nordgold.com/
Frame ID: A738170171FD47A97AD94F6E774E2E98
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Centrifugo admin panel

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1015 kB
Transfer

1054 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hub.hr-services.nordgold.com/ 736 B
990 B 286ms
78ms Document
text/html 217.175.24.86
SCAT7-AS AS for J...

General

Check archive.org

Show headers Download Go to

Full URL: https://hub.hr-services.nordgold.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.175.24.86 , Russian Federation, ASN33936 (SCAT7-AS AS for JSC Severstal-infocom, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 1fda97d6542f8ec387ab395d128427fd6e14278ad43bbaf0f724640ea9b1d7a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.20.1
Date: Thu, 03 Mar 2022 06:23:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 736
Connection: keep-alive
Vary: Accept-Encoding
Accept-Ranges: bytes
Last-Modified: Tue, 15 Sep 2020 07:23:12 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 31ms
14ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: hub.hr-services.nordgold.com
URL: https://hub.hr-services.nordgold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hub.hr-services.nordgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 06:24:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229563
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: T8SEATP9TQKSPZWV
x-amz-id-2: WussJCRx/jYteo2k+8qgQPz0Kx6uA3uBeDeg+b5SCeqR8YTS+RgSS+YII2/ggXYI0K5PhLSq7gI=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO079op3gGOwvYO82C%2FrP%2BUKLLjE028SDU8HTMfAnuqyz7JUv1QNFVtkRsS7VrqbJzgvVddM6%2FqOldljiVoRmS6k3muosaXK1muTQYpj0ncIYMETqDRKPmjb7Muey3uQ9xxp2OqzwEZr3q%2B80gEuEUZE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6e6049f68f899189-FRA

GET
H/1.1 200
OK styles.css
hub.hr-services.nordgold.com/ 153 KB
153 KB 154ms
154ms Stylesheet
text/css 217.175.24.86
SCAT7-AS AS for J...

General

Check archive.org

Show headers Download Go to

Full URL: https://hub.hr-services.nordgold.com/styles.css?bdeb487f35197f958d14
Requested by: Host: hub.hr-services.nordgold.com
URL: https://hub.hr-services.nordgold.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.175.24.86 , Russian Federation, ASN33936 (SCAT7-AS AS for JSC Severstal-infocom, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: a8e912902e5373a27582899d37190919b4bdb0e1305d11fb6f3c368b718de1bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hub.hr-services.nordgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 06:23:01 GMT
Last-Modified: Tue, 15 Sep 2020 07:23:12 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156892

GET
H/1.1 200
OK bundle.js Show response
hub.hr-services.nordgold.com/ 770 KB
770 KB 293ms
147ms Script
text/javascript 217.175.24.86
SCAT7-AS AS for J...

General

Check archive.org

Show headers Download Go to

Full URL: https://hub.hr-services.nordgold.com/bundle.js?bdeb487f35197f958d14
Requested by: Host: hub.hr-services.nordgold.com
URL: https://hub.hr-services.nordgold.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.175.24.86 , Russian Federation, ASN33936 (SCAT7-AS AS for JSC Severstal-infocom, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 0654bba9c7008172b8dbdf50124d1ac9a4721cab21bfe8f1fd92fac4a039abd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hub.hr-services.nordgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 06:23:01 GMT
Last-Modified: Tue, 15 Sep 2020 07:23:12 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 788645

POST
H/1.1 400
Bad Request auth Show response
hub.hr-services.nordgold.com/admin/ 12 B
217 B 74ms
74ms XHR
text/plain 217.175.24.86
SCAT7-AS AS for J...

General

Check archive.org

Show headers Download Go to

Full URL

https://hub.hr-services.nordgold.com/admin/auth

Requested by

Host: hub.hr-services.nordgold.com
URL: https://hub.hr-services.nordgold.com/bundle.js?bdeb487f35197f958d14

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.175.24.86 , Russian Federation, ASN33936 (SCAT7-AS AS for JSC Severstal-infocom, RU),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

0cd6aed5d21ae37310b3c4e0facf48009005018bf4402fbcda1cb66d69b03346

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://hub.hr-services.nordgold.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 03 Mar 2022 06:23:06 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 12
Content-Type: text/plain; charset=utf-8

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 77 KB
78 KB 267ms
246ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://hub.hr-services.nordgold.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 06:24:28 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PJSA00VJYZJB1CGZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79100
x-amz-id-2: SfFAD3E9vtKhIhEpuOlbhUc1p81LlFSbZQyIqmb3mpBLn+yO36PS8v9i3kX+SpX/UBLXPQ/ffJ8=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7KzP4eEDVSqTD%2FK%2F5gVX0KrnPI0vgcLb9BDD2IZxvZMHSg5gMDHqjJLSJa%2FpGNlM%2FVTewdfAi8xwFSiJtp%2Bw%2FOZBYNZR5L3cmq7XKQAKN9NzpDo%2FFPmFd7iYn%2Bn4WRD1YGVtmriIaRkIelUxpmQp1by"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6e604a11acdd0f72-MXP

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| ace

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hub.hr-services.nordgold.com/admin/auth Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hub.hr-services.nordgold.com
use.fontawesome.com
217.175.24.86
2a06:98c1:3120::7
0654bba9c7008172b8dbdf50124d1ac9a4721cab21bfe8f1fd92fac4a039abd4
0cd6aed5d21ae37310b3c4e0facf48009005018bf4402fbcda1cb66d69b03346
1fda97d6542f8ec387ab395d128427fd6e14278ad43bbaf0f724640ea9b1d7a9
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
a8e912902e5373a27582899d37190919b4bdb0e1305d11fb6f3c368b718de1bf
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

hub.hr-services.nordgold.com Open in urlscan Pro 217.175.24.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1015 kBTransfer

1054 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

hub.hr-services.nordgold.com Open in urlscan Pro
217.175.24.86 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1015 kB
Transfer

1054 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions