www.utair.ru Open in urlscan Pro
178.248.236.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://utair.ru/
Effective URL:
https://www.utair.ru/
Submission: On October 03 via manual (October 3rd 2022, 12:33:19 pm UTC) from RU — Scanned from DE

Summary HTTP 62 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 15 domains to perform 62 HTTP transactions. The main IP is 178.248.236.201, located in Russian Federation and belongs to QRATOR, RU. The main domain is www.utair.ru.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on August 17th 2022. Valid for: a year.

This is the only time www.utair.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	178.248.236.201 178.248.236.201	197068 (QRATOR) (QRATOR)
4	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:ce00:1:28b3:b280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
4	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
3 17	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
4	51.250.15.42 51.250.15.42	200350 (YANDEXCLOUD) (YANDEXCLOUD)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::3f7 2a02:6b8::3f7	13238 (YANDEX) (YANDEX)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
10	178.248.236.237 178.248.236.237	197068 (QRATOR) (QRATOR)
4	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	87.240.132.78 87.240.132.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
4	51.250.84.168 51.250.84.168	200350 (YANDEXCLOUD) (YANDEXCLOUD)
62	19

5 178.248.236.201 (Russian Federation) 1 redirects

ASN197068 (QRATOR, RU)

utair.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.utair.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:ce00:1:28b3:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.weglot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

static.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.250.15.42 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

datalytics.utair.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::3f7 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

browser-updater.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.248.236.237 (Russian Federation)

ASN197068 (QRATOR, RU)

b.utair.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.132.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.250.84.168 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

apm-lb.utair.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	utair.ru 1 redirects utair.ru www.utair.ru datalytics.utair.ru b.utair.ru	1 MB
15	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8250	3 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	370 KB
5	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 5365 ad.mail.ru — Cisco Umbrella Rank: 5894	17 KB
4	utair.io apm-lb.utair.io	39 B
4	google.com www.google.com — Cisco Umbrella Rank: 19	23 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2147	71 KB
2	yandex.net static.yandex.net — Cisco Umbrella Rank: 91134 browser-updater.yandex.net — Cisco Umbrella Rank: 120603	11 KB
2	weglot.com cdn.weglot.com — Cisco Umbrella Rank: 22819	28 KB
1	vk.com vk.com — Cisco Umbrella Rank: 3030	23 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3460	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 171	440 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	50 KB
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 10017	14 KB
62	15

	Domain	Requested by
15	mc.yandex.com	2 redirects www.utair.ru cdn.ravenjs.com
10	b.utair.ru	cdn.ravenjs.com
4	apm-lb.utair.io	cdn.ravenjs.com
4	top-fwz1.mail.ru	www.utair.ru
4	datalytics.utair.ru	www.utair.ru datalytics.utair.ru
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.utair.ru www.gstatic.com www.google.com
4	www.utair.ru	www.utair.ru cdn.ravenjs.com
2	fonts.gstatic.com	www.google.com
2	www.google-analytics.com	www.utair.ru
2	mc.yandex.ru	1 redirects www.utair.ru
2	cdn.weglot.com	www.utair.ru cdn.weglot.com
1	ad.mail.ru
1	vk.com	www.utair.ru
1	www.google.de	www.utair.ru
1	browser-updater.yandex.net	static.yandex.net
1	stats.g.doubleclick.net	cdn.ravenjs.com
1	www.googletagmanager.com	www.utair.ru
1	static.yandex.net	www.utair.ru
1	cdn.ravenjs.com	www.utair.ru
1	utair.ru	1 redirects
62	21

This site contains links to these domains. Also see Links.

Domain
utair.ru
ticket.utair.ru
heli.utair.ru
media.utair.ru

Subject Issuer	Validity	Valid
*.utair.ru GlobalSign RSA OV SSL CA 2018	`2022-08-17` - `2023-09-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.weglot.com Amazon	`2022-03-09` - `2023-04-07`	a year	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-30` - `2023-10-01`	a year	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
datalytics.utair.ru R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
browser-updater.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-04-30` - `2022-10-29`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.utair.io RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-02-22` - `2023-02-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.utair.ru/
Frame ID: 5B6E34031B1075BF48536D5A49332CBA
Requests: 50 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_4asUAAAAANLBRFZfS9kcsu5BhW3bxsS5TZo9&co=aHR0cHM6Ly93d3cudXRhaXIucnU6NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=rw97rt9znl3l
Frame ID: A31BCB355A31D8C9BDE65CD82FA472B0
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Билеты Utair на официальном сайте - Напрямую дешевле!

Page URL History Show full URLs

http://utair.ru/ HTTP 301
https://www.utair.ru/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Weglot (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

cdn\.weglot\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

62
Requests

97 %
HTTPS

67 %
IPv6

15
Domains

21
Subdomains

19
IPs

5
Countries

1763 kB
Transfer

5000 kB
Size

21
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://utair.ru/support
Title: Помощь пассажирам

Search URL Search Domain Scan URL

URL: https://ticket.utair.ru/timetable/
Title: Расписание

Search URL Search Domain Scan URL

URL: http://heli.utair.ru/
Title: Вертолетные услуги

Search URL Search Domain Scan URL

URL: https://media.utair.ru/?from=menu
Title: Куда летает Utair?

Search URL Search Domain Scan URL

URL: https://media.utair.ru/?from=main
Title: Куда летает Utair

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://utair.ru/ HTTP 301
https://www.utair.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9780.0jnFHxmL4Jmq20Efp02mvFS3z6FXo8ptghF41sQHxX6BvtJe8wJ5HuWEbIieXNO0.9LiEEDyQyLuZX9KvyoLDef1UJlY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9780.XvUvZYrMxUmasqcPhvPNwVWV5qmdJY2l25U6gxAO5_ALN7wNAk0ZpbNxqSfpc4L_9q31wBn9y5cJfTURIVzG3Q%2C%2C.gar0ln54qzi9GWJNmOw7AdrKpsQ%2C

Request Chain 21

https://mc.yandex.com/watch/17630638?wmode=7&page-url=https%3A%2F%2Fwww.utair.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A696708004452%3Ahid%3A499590684%3Az%3A0%3Ai%3A20221003123307%3Aet%3A1664800387%3Ac%3A1%3Arn%3A236264722%3Au%3A1664800387361316621%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1664800385727%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664800387%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20Utair%20%D0%BD%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20-%20%D0%9D%D0%B0%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D0%B4%D0%B5%D1%88%D0%B5%D0%B2%D0%BB%D0%B5!&t=gdpr(14)clc(0-0-0)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/17630638/1?wmode=7&page-url=https%3A%2F%2Fwww.utair.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A696708004452%3Ahid%3A499590684%3Az%3A0%3Ai%3A20221003123307%3Aet%3A1664800387%3Ac%3A1%3Arn%3A236264722%3Au%3A1664800387361316621%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1664800385727%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664800387%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20Utair%20%D0%BD%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20-%20%D0%9D%D0%B0%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D0%B4%D0%B5%D1%88%D0%B5%D0%B2%D0%BB%D0%B5%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

62 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.utair.ru/
Redirect Chain

http://utair.ru/
https://www.utair.ru/

13 KB
4 KB

470ms
333ms

Document
text/html

178.248.236.201
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.utair.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.201 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: d5a8e40b2fa338d34c09ea743daa7a6ce09e9f534391f9f4e5042dfd61138b44

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 03 Oct 2022 12:33:06 GMT
etag: W/"632aca67-34da"
last-modified: Wed, 21 Sep 2022 08:25:11 GMT
server: QRATOR
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 194
Content-Type: text/html
Date: Mon, 03 Oct 2022 12:33:06 GMT
Keep-Alive: timeout=15
Location: https://www.utair.ru/
Server: QRATOR

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
996 B 144ms
57ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc_4asUAAAAANLBRFZfS9kcsu5BhW3bxsS5TZo9

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d1a560c1477710be9b37b2e839b8fbe6d67a50bfc2fcfa0cc732bd4a9098429

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Mon, 03 Oct 2022 12:33:06 GMT

GET
H2 200 weglot.min.js Show response
cdn.weglot.com/ 77 KB
27 KB 77ms
22ms Script
application/javascript 2600:9000:225e:ce00:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/weglot.min.js
Requested by: Host: www.utair.ru
URL: https://www.utair.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ce00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c624952821fc6a8e7e1a150a7501b51ddb0dedd9873d02f1842d7b9812916ed4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
date: Mon, 03 Oct 2022 12:28:49 GMT
last-modified: Fri, 30 Sep 2022 12:56:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 257
etag: W/"1e4c4bbe45c74e5065250cfa1d39eb6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
x-amz-cf-id: Z1Q_hrXw1AefhaZHjX3dm8huU4-zKGKTw36OPLdu2qQklUN2eOQvpA==

GET
H2 200 main.d124f1df.js Show response
www.utair.ru/static/ 3 MB
815 KB 654ms
654ms Script
application/javascript 178.248.236.201
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.utair.ru/static/main.d124f1df.js
Requested by: Host: www.utair.ru
URL: https://www.utair.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.201 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: d11b86f54200a553d42057a6e3c57084de7ff9d0af67ff1f618743bde1173524

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:07 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 08:25:11 GMT
server: QRATOR
etag: W/"632aca67-2c0d44"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.26.2/ 37 KB
14 KB 74ms
19ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.26.2/raven.min.js
Requested by: Host: www.utair.ru
URL: https://www.utair.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 4b6d78009e6e369507e7d50925b9f2864e05b27820a92862f8b6bcf5c27a8430

Request headers

Referer: https://www.utair.ru/
Origin: https://www.utair.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:06 GMT
content-encoding: gzip
last-modified: Mon, 11 Jun 2018 15:59:55 GMT
server: Fastly
age: 44009
etag: "1419f17d4165274db4b1ad69fc9721c5"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 13696

GET
H2 200 script.js Show response
static.yandex.net/browser-updater/v1/ 28 KB
10 KB 197ms
61ms Script
application/x-javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://static.yandex.net/browser-updater/v1/script.js

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b32d89987d5549a8ac21fea58a1f5db09e84d770d51aab6695ad8da613671dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:06 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Mon, 17 Jun 2019 11:25:04 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"28e1772eb63b21a59fe28f04c653b18d"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
x-nginx-request-id: 94ecb7dfa60fd2a9

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ 392 KB
157 KB 121ms
34ms Script
text/javascript 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc_4asUAAAAANLBRFZfS9kcsu5BhW3bxsS5TZo9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.utair.ru/
Origin: https://www.utair.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 206 KB
71 KB 278ms
132ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f00864afefb6ac342587e84e7237328d02cb5507147a4a0d039b03a6fd90baff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
etag: "633583ac-11a8a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72330
expires: Mon, 03 Oct 2022 13:33:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 144 KB
50 KB 89ms
40ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MLF5HD

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cd7b69ca14bb463a797b23bfc97194348fe0a0fe0cfa3e144f0e60bd130d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50841
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 12:33:06 GMT

GET
H2 200 5c151a805434beff0ca235c64cca24ac2.json Show response
cdn.weglot.com/projects-settings/ 4 KB
2 KB 63ms
20ms Fetch
application/json 2600:9000:225e:ce00:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/projects-settings/5c151a805434beff0ca235c64cca24ac2.json
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ce00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0cf1ceb7a4e10db6b3e595960c38d8b0864b1f27ffb60596d4983be185ecbfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 12:58:53 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 06:01:08 GMT
server: AmazonS3
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
etag: W/"7ce460e016357b8feb6a13649a7c9bef"
age: 257654
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: ioibhQX3Etw5ikVyn1ZrWgMNq0ZMpsKQ7JPfe23F6uEsRJxhOx5lqg==

GET
H2 200 lib.js Show response
datalytics.utair.ru/ 231 KB
232 KB 288ms
65ms Script
text/javascript 51.250.15.42
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://datalytics.utair.ru/lib.js

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.250.15.42 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

Caddy /

Resource Hash

e30543d7f9ca98535728e825bcabafb48589b06495b86558569f767ae44999cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 0
pragma: no-cache
date: Mon, 03 Oct 2022 12:33:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:44:30 GMT
server: Caddy
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://www.utair.ru
access-control-expose-headers: Content-Length,Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 236698
x-xss-protection: 1
expires: Mon, 01 Jan 1990 21:00:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 64ms
19ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 11:01:59 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 5468
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 03 Oct 2022 13:01:59 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 83ms
30ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-54035537-2&cid=808408290.1664800387&jid=1939178069&gjid=495066003&_gid=2071524733.1664800387&_u=YGBAgAABAAAAAE~&z=1224805710

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 03 Oct 2022 12:33:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.utair.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 19ms
18ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=659192280&t=pageview&_s=1&dl=https%3A%2F%2Fwww.utair.ru%2F&ul=en-us&de=UTF-8&dt=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20Utair%20%D0%BD%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20-%20%D0%9D%D0%B0%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D0%B4%D0%B5%D1%88%D0%B5%D0%B2%D0%BB%D0%B5!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1939178069&gjid=495066003&cid=808408290.1664800387&tid=UA-54035537-2&_gid=2071524733.1664800387&gtm=2wg9s0MLF5HD&cd15=808408290.1664800387&z=355100820

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 03:56:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30985
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
browser-updater.yandex.net/ 197 B
533 B 203ms
81ms Script
application/javascript 2a02:6b8::3f7
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-updater.yandex.net/?browserUpdate=%7B%22yabrowser%22%3A%2215.12%22%2C%22chrome%22%3A%2254%22%2C%22ie%22%3A%2210%22%2C%22opera%22%3A%2241%22%2C%22safari%22%3A%228%22%2C%22fx%22%3A%2249%22%2C%22iron%22%3A%2235%22%2C%22flock%22%3A%22Infinity%22%2C%22palemoon%22%3A%2225%22%2C%22camino%22%3A%22Infinity%22%2C%22maxthon%22%3A%224.5%22%2C%22seamonkey%22%3A%222.3%22%7D&jsonp=yaBrowserUpdaterJSONPCallback

Requested by

Host: static.yandex.net
URL: https://static.yandex.net/browser-updater/v1/script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::3f7 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4ef3fcea2c5d6a6dc2f8f12537a7500b30c3489ecefbfa28f2e7b256fafd0209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 12:33:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Length: 197
Content-Type: application/javascript

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A31B 42 KB
22 KB 147ms
76ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_4asUAAAAANLBRFZfS9kcsu5BhW3bxsS5TZo9&co=aHR0cHM6Ly93d3cudXRhaXIucnU6NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=rw97rt9znl3l

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc1ff54e3098660570b0d0802de7d8f9a845911431127c4acf066128395f3a78

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a9lN33PdQmtiQMI7_MhcTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.utair.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22051
content-security-policy: script-src 'report-sample' 'nonce-a9lN33PdQmtiQMI7_MhcTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 12:33:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 125ms
70ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-54035537-2&cid=808408290.1664800387&jid=1939178069&_u=YGBAgAABAAAAAE~&z=1510545180

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 108ms
59ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-54035537-2&cid=808408290.1664800387&jid=1939178069&_u=YGBAgAABAAAAAE~&z=1510545180

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9780.0jnFHxmL4Jmq20Efp02mvFS3z6FXo8ptghF41sQHxX6BvtJe8wJ5HuWEbIieXNO0.9LiEEDyQyLuZX9KvyoLDef1UJlY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9780.XvUvZYrMxUmasqcPhvPNwVWV5qmdJY2l25U6gxAO5_ALN7wNAk0ZpbNxqSfpc4L_9q31wBn9y5cJfTURIVzG3Q%2C%2C.gar0ln54qzi9GWJNmOw7AdrKpsQ%2C

75 B
75 B

63ms
62ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9780.XvUvZYrMxUmasqcPhvPNwVWV5qmdJY2l25U6gxAO5_ALN7wNAk0ZpbNxqSfpc4L_9q31wBn9y5cJfTURIVzG3Q%2C%2C.gar0ln54qzi9GWJNmOw7AdrKpsQ%2C

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:07 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9780.XvUvZYrMxUmasqcPhvPNwVWV5qmdJY2l25U6gxAO5_ALN7wNAk0ZpbNxqSfpc4L_9q31wBn9y5cJfTURIVzG3Q%2C%2C.gar0ln54qzi9GWJNmOw7AdrKpsQ%2C
date: Mon, 03 Oct 2022 12:33:07 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 76ms
75ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:07 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
etag: "633583ac-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 03 Oct 2022 13:33:07 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame A31B 52 KB
24 KB 106ms
34ms Stylesheet
text/css 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_4asUAAAAANLBRFZfS9kcsu5BhW3bxsS5TZo9&co=aHR0cHM6Ly93d3cudXRhaXIucnU6NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=rw97rt9znl3l

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame A31B 392 KB
156 KB 105ms
33ms Script
text/javascript 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/17630638/
Redirect Chain

https://mc.yandex.com/watch/17630638?wmode=7&page-url=https%3A%2F%2Fwww.utair.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.com/watch/17630638/1?wmode=7&page-url=https%3A%2F%2Fwww.utair.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

439 B
521 B

68ms
67ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/17630638/1?wmode=7&page-url=https%3A%2F%2Fwww.utair.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A696708004452%3Ahid%3A499590684%3Az%3A0%3Ai%3A20221003123307%3Aet%3A1664800387%3Ac%3A1%3Arn%3A236264722%3Au%3A1664800387361316621%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1664800385727%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664800387%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20Utair%20%D0%BD%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20-%20%D0%9D%D0%B0%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D0%B4%D0%B5%D1%88%D0%B5%D0%B2%D0%BB%D0%B5%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a189ab7f0ba54c550c7389571345beedfa5a5850df481ece0aaff151f6abce26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 03-Oct-2022 12:33:07 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:07 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:07 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Oct-2022 12:33:07 GMT
location: /watch/17630638/1?wmode=7&page-url=https%3A%2F%2Fwww.utair.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A696708004452%3Ahid%3A499590684%3Az%3A0%3Ai%3A20221003123307%3Aet%3A1664800387%3Ac%3A1%3Arn%3A236264722%3Au%3A1664800387361316621%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1664800385727%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664800387%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20Utair%20%D0%BD%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20-%20%D0%9D%D0%B0%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D0%B4%D0%B5%D1%88%D0%B5%D0%B2%D0%BB%D0%B5%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:07 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A31B 2 KB
2 KB 36ms
36ms Image
image/png 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:16:38 GMT
x-content-type-options: nosniff
age: 357389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 06 Oct 2022 09:16:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A31B 15 KB
15 KB 76ms
25ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 501986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 27 Sep 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A31B 15 KB
16 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 569508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A31B 102 B
134 B 56ms
56ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_4asUAAAAANLBRFZfS9kcsu5BhW3bxsS5TZo9&co=aHR0cHM6Ly93d3cudXRhaXIucnU6NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=rw97rt9znl3l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 03 Oct 2022 12:33:07 GMT

POST
H2 200 17630638 Show response
mc.yandex.com/webvisor/ 43 B
145 B 121ms
120ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/17630638?wmode=0&wv-part=1&wv-hit=499590684&page-url=https%3A%2F%2Fwww.utair.ru%2F&rn=1052297875&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664800390%3Aw%3A1600x1200%3Av%3A904%3Az%3A0%3Ai%3A20221003123309%3Au%3A1664800387361316621%3Avf%3Aat6op7b9z7b01ilvk53aw%3Awe%3A1%3Ast%3A1664800390&t=gdpr(14)ti(2)

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:10 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Oct-2022 12:33:10 GMT
content-type: image/gif
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:10 GMT

POST
H2 200 17630638 Show response
mc.yandex.com/webvisor/ 43 B
73 B 75ms
74ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/17630638?wmode=0&wv-part=1&wv-hit=499590684&page-url=https%3A%2F%2Fwww.utair.ru%2F&rn=713831718&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1664800390%3Aw%3A1600x1200%3Av%3A904%3Az%3A0%3Ai%3A20221003123310%3Au%3A1664800387361316621%3Avf%3Aat6op7b9z7b01ilvk53aw%3Awe%3A1%3Ast%3A1664800390&t=gdpr(14)ti(2)

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:10 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Oct-2022 12:33:10 GMT
content-type: image/gif
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:10 GMT

GET
H2 200 suisseintl-regular.woff2
www.utair.ru/static/fonts/ 67 KB
67 KB 966ms
966ms Font
font/woff2 178.248.236.201
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.utair.ru/static/fonts/suisseintl-regular.woff2
Requested by: Host: www.utair.ru
URL: https://www.utair.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.201 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 595c9b95cc4d52b94a19987dc9f2e2743c4e74f140510b04a91a9602c6e5bddf

Request headers

Referer: https://www.utair.ru/
Origin: https://www.utair.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:12 GMT
last-modified: Wed, 21 Sep 2022 08:25:11 GMT
server: QRATOR
accept-ranges: bytes
etag: "632aca67-10adc"
content-length: 68316
content-type: font/woff2

OPTIONS
H2 200 token
b.utair.ru/oauth/ Frame 0
0 901ms
682ms Preflight
text/html 178.248.236.237
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://b.utair.ru/oauth/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.237 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: traceparent
Access-Control-Request-Method: POST
Origin: https://www.utair.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Utair-Signature,Rockstat-Uid,If-Unmodified-Since,g-recaptcha-response,X-Compress,x-device-id,Platform,traceparent,tracestate
access-control-allow-methods: OPTIONS,GET,POST,PUT,PATCH,DELETE
access-control-allow-origin: *
allow: POST, OPTIONS
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 12:33:12 GMT
server: QRATOR

GET
DATA 200
OK truncated
/ 259 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 437898b39bcdcd048ebf2cd9bea8905bfc7d620d7731ca69a18b025229884497

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da628f9ad7f45858a22ef822cdb3837dc9931a96f3fb25f2436224f6d19e9f2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 t4k.json
datalytics.utair.ru/band/ 0
0 69ms
69ms Ping
text/plain 51.250.15.42
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://datalytics.utair.ru/band/t4k.json?
Requested by: Host: datalytics.utair.ru
URL: https://datalytics.utair.ru/lib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.250.15.42 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 t4k.json
datalytics.utair.ru/band/ 0
0 68ms
68ms Ping
text/plain 51.250.15.42
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://datalytics.utair.ru/band/t4k.json?
Requested by: Host: datalytics.utair.ru
URL: https://datalytics.utair.ru/lib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.250.15.42 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 token Show response
b.utair.ru/oauth/ 1 KB
2 KB 403ms
403ms Fetch
application/json 178.248.236.237
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://b.utair.ru/oauth/token
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.237 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 0c30c4044ec17af3eeb75c70022882f19c3776217a5f732463a963f6d7a200ae

Request headers

Referer: https://www.utair.ru/
traceparent: 00-4c3d9e5d4056123cdc3c48c9a5e547c7-13a439ad076b4682-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:13 GMT
server: QRATOR
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: Authorization,Content-Type,X-Utair-Signature,Rockstat-Uid,If-Unmodified-Since,g-recaptcha-response,X-Compress,x-device-id,Platform,traceparent,tracestate
content-length: 1455

GET
H2 200 / Show response
www.utair.ru/api/menu/getCoreMenu/ 4 KB
2 KB 361ms
361ms Fetch
application/json 178.248.236.201
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.utair.ru/api/menu/getCoreMenu/
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.201 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 8cd883d90c890627a559ab85e79476a171c497627bf7006399e7caacdb03dc70

Request headers

Referer: https://www.utair.ru/
traceparent: 00-4c3d9e5d4056123cdc3c48c9a5e547c7-1f7d8bb8c3d1d668-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:12 GMT
content-encoding: gzip
server: QRATOR
powered: Artamonov Denis Pro 2016-2022
vary: Accept-Encoding
support: http://artamonov.pro
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-headers: Content-Type, Authorization-Token

GET
H2 200 17630638 Show response
mc.yandex.com/watch/ 43 B
145 B 62ms
62ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/17630638?page-url=https%3A%2F%2Fwww.utair.ru%2F&charset=utf-8&hittoken=1664800387_259fd1e4e7288c899e260d5fc204b80267f3c24022775629fc2e6431214802f0&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A1103%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A1%3Als%3A696708004452%3Ahid%3A499590684%3Az%3A0%3Ai%3A20221003123311%3Aet%3A1664800392%3Ac%3A1%3Arn%3A604460188%3Arqn%3A1%3Au%3A1664800387361316621%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A95%2C41%2C334%2C0%2C475%2C0%2C%2C155%2C1%2C%2C%2C%2C5907%3Acpf%3A1%3Aeu%3A1%3Ans%3A1664800385727%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664800392%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20Utair%20%D0%BD%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20-%20%D0%9D%D0%B0%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D0%B4%D0%B5%D1%88%D0%B5%D0%B2%D0%BB%D0%B5!&t=gdpr(14)clc(0-0-0)lt(21000)aw(1)rqnt(1)ecs(0)rqnl(1)ti(2)

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:11 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Oct-2022 12:33:11 GMT
content-type: image/gif
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:11 GMT

POST
H2 200 17630638 Show response
mc.yandex.com/webvisor/ 43 B
176 B 184ms
183ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/17630638?wmode=0&wv-part=2&wv-hit=499590684&page-url=https%3A%2F%2Fwww.utair.ru%2F&rn=833772618&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664800392%3Aw%3A1600x1200%3Av%3A904%3Az%3A0%3Ai%3A20221003123312%3Au%3A1664800387361316621%3Avf%3Aat6op7b9z7b01ilvk53aw%3Awe%3A1%3Ast%3A1664800392&t=gdpr(14)ti(2)

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:12 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Oct-2022 12:33:12 GMT
content-type: image/gif
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:12 GMT

POST
H2 200 t4k.json
datalytics.utair.ru/band/ 0
0 66ms
66ms Ping
text/plain 51.250.15.42
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://datalytics.utair.ru/band/t4k.json?
Requested by: Host: datalytics.utair.ru
URL: https://datalytics.utair.ru/lib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.250.15.42 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 32 KB
14 KB 282ms
122ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: www.utair.ru
URL: https://www.utair.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 13 Sep 2022 17:32:31 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"6320beaf-7ecc"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Mon, 03 Oct 2022 13:33:12 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
23 KB 209ms
50ms Script
application/x-javascript 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: www.utair.ru
URL: https://www.utair.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv78-132-240-87.vk.com
Software: kittenx /
Resource Hash: 2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:12 GMT
content-encoding: br
x-frontend: front225207
last-modified: Wed, 10 Aug 2022 14:44:17 GMT
server: kittenx
etag: "62f3c441-5b1a"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23322
expires: Fri, 07 Oct 2022 12:33:12 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
959 B 62ms
61ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3255070;u=https%3A//www.utair.ru/;st=1664800386828;pid=USER_ID;title=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20Utair%20%D0%BD%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20-%20%D0%9D%D0%B0%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D0%B4%D0%B5%D1%88%D0%B5%D0%B2%D0%BB%D0%B5!;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=b6a6a76155871c2a;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.3//4g/0/0/;lvid=1664800392919%3A1664800392922%3A1%3A981b89286ba5544932ba10fc31ee0cc7;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.6108387948980463

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:12 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK /
ad.mail.ru/retarget/ 43 B
384 B 406ms
63ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/retarget/?counter=3255070&list=VALUE&productid=VALUE&pagetype=VALUE&totalvalue=VALUE&_=0.865841646193263
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 12:33:13 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
961 B 63ms
62ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3255070;u=https%3A//www.utair.ru/;st=1664800386828;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=b6a6a76155871c2a;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.3//4g/0/0/;lvid=1664800392919%3A1664800392923%3A2%3A981b89286ba5544932ba10fc31ee0cc7;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.29916120200839824;e=IV%3AVALUE/VALUE%3BVALUE%3BVALUE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:12 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
959 B 63ms
62ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3255070;u=https%3A//www.utair.ru/;st=1664800386828;pid=USER_ID;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=b6a6a76155871c2a;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1664800385727/////476/476/571/571/613/590/613/946/946/948/1101/5907/5908/6894/6894/6895;ni=9.3//4g/0/0/;lvid=1664800392919%3A1664800392924%3A3%3A981b89286ba5544932ba10fc31ee0cc7;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.9160994279286483;e=RT/load;et=1664800392923

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.utair.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:12 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

POST
H2 200 17630638 Show response
mc.yandex.com/webvisor/ 43 B
169 B 1521ms
62ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/17630638?wmode=0&wv-part=3&wv-hit=499590684&page-url=https%3A%2F%2Fwww.utair.ru%2F&rn=607873128&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664800393%3Aw%3A1600x1200%3Av%3A904%3Az%3A0%3Ai%3A20221003123312%3Au%3A1664800387361316621%3Avf%3Aat6op7b9z7b01ilvk53aw%3Awe%3A1%3Ast%3A1664800393&t=gdpr(14)ti(2)

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:14 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Oct-2022 12:33:14 GMT
content-type: image/gif
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:14 GMT

OPTIONS
H2 200 /
b.utair.ru/api/v1/system/notification/ Frame 0
0 333ms
333ms Preflight
text/html 178.248.236.237
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://b.utair.ru/api/v1/system/notification/?json=%7B%22page%22%3A%22%2F%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.237 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,rockstat-uid,traceparent
Access-Control-Request-Method: GET
Origin: https://www.utair.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Utair-Signature,Rockstat-Uid,If-Unmodified-Since,g-recaptcha-response,X-Compress,x-device-id,Platform,traceparent,tracestate
access-control-allow-methods: OPTIONS,GET,POST,PUT,PATCH,DELETE
access-control-allow-origin: *
allow: GET, HEAD, OPTIONS
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 12:33:13 GMT
server: QRATOR

OPTIONS
H2 200 /
b.utair.ru/api/v1/cities/nearest/ Frame 0
0 500ms
500ms Preflight
text/html 178.248.236.237
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://b.utair.ru/api/v1/cities/nearest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.237 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,rockstat-uid,traceparent
Access-Control-Request-Method: GET
Origin: https://www.utair.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Utair-Signature,Rockstat-Uid,If-Unmodified-Since,g-recaptcha-response,X-Compress,x-device-id,Platform,traceparent,tracestate
access-control-allow-methods: OPTIONS,GET,POST,PUT,PATCH,DELETE
access-control-allow-origin: *
allow: GET, HEAD, OPTIONS
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 12:33:13 GMT
server: QRATOR

GET
H2 200 / Show response
b.utair.ru/api/v1/system/notification/ 3 B
317 B 504ms
503ms Fetch
application/json 178.248.236.237
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://b.utair.ru/api/v1/system/notification/?json=%7B%22page%22%3A%22%2F%22%7D
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.237 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.utair.ru/
traceparent: 00-4c3d9e5d4056123cdc3c48c9a5e547c7-0576ead3205d08a8-01
accept-language: de-DE,de;q=0.9
rockstat-uid: 6982678922747969536
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIwMTg2MDA4MTgxIiwic2NvcGVzIjpbInVzZXIucHJvZmlsZSIsInVzZXIucHJvZmlsZS5lZGl0IiwidXNlci5wcm9maWxlLnJlcmVnaXN0cmF0aW9uIiwidXNlci5ib251cyIsInVzZXIucGF5bWVudHMuY2FyZHMiLCJ1c2VyLnJlZmVycmFscyIsInVzZXIuc3lzdGVtLmZlZWRiYWNrIiwidXNlci5jb21wYW55IiwidXNlci5yZW1vdGVycyIsInVzZXIuZXhwZXJlbWVudGFsLnJ6ZCIsImFwcC51c2VyLnJlZ2lzdHJhdGlvbiIsImFwcC51c2VyLmNoYW5nZV9wZXJzb25hbF9kYXRhIiwiYXBwLmJvbnVzIiwiYXBwLmJvb2tpbmciLCJhcHAuY2hlY2tpbiIsImFwcC5haXJwb3J0cyIsImFwcC5jb3VudHJpZXMiLCJhcHAucHJvbW8iLCJhcHAuc2NoZWR1bGUiLCJhcHAucHJvbW8ucHJlcGFpZCIsImFwcC5zeXN0ZW0uZmVlZGJhY2siLCJhcHAuc3lzdGVtLnRyYW5zYWN0aW9ucyIsImFwcC5zeXN0ZW0ucHJvZmlsZSIsImFwcC5zeXN0ZW0udGVzdC5hY2NvdW50cyIsImFwcC5zeXN0ZW0ubGlua3MiLCJhcHAuc3lzdGVtLm5vdGlmaWNhdGlvbiIsImFwcC5kYWRhdGEiLCJhcHAuYWIiLCJhcHAuY29tcGFueSIsImFwcC5zZXJ2aWNlcyIsImFwcC5vcmRlcnMucmVmdW5kIiwiYXBwLm9yZGVycy53aXRoZHJhdyJdLCJleHBpcmVzSW4iOjYwNDgwMCwiZXhwIjoxNjY1NDA1MTkyLCJjbGllbnRfaWQiOiJ3ZWJzaXRlX2NsaWVudCJ9.eJQTTDhFux4gS6_MfTGUZQqe5_gqC8s54rlAvbJgpHc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:33:14 GMT
last-modified: Mon, 03 Oct 2022 12:33:13 GMT
server: QRATOR
content-type: application/json
access-control-allow-origin: *
cache-control: public max-age=3600
access-control-allow-headers: Authorization,Content-Type,X-Utair-Signature,Rockstat-Uid,If-Unmodified-Since,g-recaptcha-response,X-Compress,x-device-id,Platform,traceparent,tracestate
content-length: 3
expires: Mon, 03 Oct 2022 13:33:13 GMT

GET
H2 200 / Show response
b.utair.ru/api/v1/cities/nearest/ 1 KB
1 KB 786ms
786ms Fetch
application/json 178.248.236.237
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://b.utair.ru/api/v1/cities/nearest/
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.237 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 8c4125eb66e9d687b4e8ba3f67fcae97a1a41552013c8be1474e3038fefc74ce

Request headers

Referer: https://www.utair.ru/
traceparent: 00-4c3d9e5d4056123cdc3c48c9a5e547c7-f163d30329e8b899-01
accept-language: de-DE,de;q=0.9
rockstat-uid: 6982678922747969536
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIwMTg2MDA4MTgxIiwic2NvcGVzIjpbInVzZXIucHJvZmlsZSIsInVzZXIucHJvZmlsZS5lZGl0IiwidXNlci5wcm9maWxlLnJlcmVnaXN0cmF0aW9uIiwidXNlci5ib251cyIsInVzZXIucGF5bWVudHMuY2FyZHMiLCJ1c2VyLnJlZmVycmFscyIsInVzZXIuc3lzdGVtLmZlZWRiYWNrIiwidXNlci5jb21wYW55IiwidXNlci5yZW1vdGVycyIsInVzZXIuZXhwZXJlbWVudGFsLnJ6ZCIsImFwcC51c2VyLnJlZ2lzdHJhdGlvbiIsImFwcC51c2VyLmNoYW5nZV9wZXJzb25hbF9kYXRhIiwiYXBwLmJvbnVzIiwiYXBwLmJvb2tpbmciLCJhcHAuY2hlY2tpbiIsImFwcC5haXJwb3J0cyIsImFwcC5jb3VudHJpZXMiLCJhcHAucHJvbW8iLCJhcHAuc2NoZWR1bGUiLCJhcHAucHJvbW8ucHJlcGFpZCIsImFwcC5zeXN0ZW0uZmVlZGJhY2siLCJhcHAuc3lzdGVtLnRyYW5zYWN0aW9ucyIsImFwcC5zeXN0ZW0ucHJvZmlsZSIsImFwcC5zeXN0ZW0udGVzdC5hY2NvdW50cyIsImFwcC5zeXN0ZW0ubGlua3MiLCJhcHAuc3lzdGVtLm5vdGlmaWNhdGlvbiIsImFwcC5kYWRhdGEiLCJhcHAuYWIiLCJhcHAuY29tcGFueSIsImFwcC5zZXJ2aWNlcyIsImFwcC5vcmRlcnMucmVmdW5kIiwiYXBwLm9yZGVycy53aXRoZHJhdyJdLCJleHBpcmVzSW4iOjYwNDgwMCwiZXhwIjoxNjY1NDA1MTkyLCJjbGllbnRfaWQiOiJ3ZWJzaXRlX2NsaWVudCJ9.eJQTTDhFux4gS6_MfTGUZQqe5_gqC8s54rlAvbJgpHc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 12:33:14 GMT
server: QRATOR
access-control-allow-headers: Authorization,Content-Type,X-Utair-Signature,Rockstat-Uid,If-Unmodified-Since,g-recaptcha-response,X-Compress,x-device-id,Platform,traceparent,tracestate
content-length: 1308
content-type: application/json

GET
H2 200 / Show response
b.utair.ru/api/v1/cities/ 5 KB
5 KB 497ms
497ms Fetch
application/json 178.248.236.237
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://b.utair.ru/api/v1/cities/?q=&popular=true&for_city=&limit=7
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.237 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 2ce98539471d72187fd8c68a8ec3433c8923b529e0a6ef50803d54b08f134be6

Request headers

Referer: https://www.utair.ru/
traceparent: 00-4c3d9e5d4056123cdc3c48c9a5e547c7-413ea75acd433a54-01
accept-language: de-DE,de;q=0.9
rockstat-uid: 6982678922747969536
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIwMTg2MDA4MTgxIiwic2NvcGVzIjpbInVzZXIucHJvZmlsZSIsInVzZXIucHJvZmlsZS5lZGl0IiwidXNlci5wcm9maWxlLnJlcmVnaXN0cmF0aW9uIiwidXNlci5ib251cyIsInVzZXIucGF5bWVudHMuY2FyZHMiLCJ1c2VyLnJlZmVycmFscyIsInVzZXIuc3lzdGVtLmZlZWRiYWNrIiwidXNlci5jb21wYW55IiwidXNlci5yZW1vdGVycyIsInVzZXIuZXhwZXJlbWVudGFsLnJ6ZCIsImFwcC51c2VyLnJlZ2lzdHJhdGlvbiIsImFwcC51c2VyLmNoYW5nZV9wZXJzb25hbF9kYXRhIiwiYXBwLmJvbnVzIiwiYXBwLmJvb2tpbmciLCJhcHAuY2hlY2tpbiIsImFwcC5haXJwb3J0cyIsImFwcC5jb3VudHJpZXMiLCJhcHAucHJvbW8iLCJhcHAuc2NoZWR1bGUiLCJhcHAucHJvbW8ucHJlcGFpZCIsImFwcC5zeXN0ZW0uZmVlZGJhY2siLCJhcHAuc3lzdGVtLnRyYW5zYWN0aW9ucyIsImFwcC5zeXN0ZW0ucHJvZmlsZSIsImFwcC5zeXN0ZW0udGVzdC5hY2NvdW50cyIsImFwcC5zeXN0ZW0ubGlua3MiLCJhcHAuc3lzdGVtLm5vdGlmaWNhdGlvbiIsImFwcC5kYWRhdGEiLCJhcHAuYWIiLCJhcHAuY29tcGFueSIsImFwcC5zZXJ2aWNlcyIsImFwcC5vcmRlcnMucmVmdW5kIiwiYXBwLm9yZGVycy53aXRoZHJhdyJdLCJleHBpcmVzSW4iOjYwNDgwMCwiZXhwIjoxNjY1NDA1MTkyLCJjbGllbnRfaWQiOiJ3ZWJzaXRlX2NsaWVudCJ9.eJQTTDhFux4gS6_MfTGUZQqe5_gqC8s54rlAvbJgpHc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 12:33:14 GMT
server: QRATOR
access-control-allow-headers: Authorization,Content-Type,X-Utair-Signature,Rockstat-Uid,If-Unmodified-Since,g-recaptcha-response,X-Compress,x-device-id,Platform,traceparent,tracestate
content-length: 5218
content-type: application/json

OPTIONS
H2 200 /
b.utair.ru/api/v1/cities/ Frame 0
0 332ms
332ms Preflight
text/html 178.248.236.237
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://b.utair.ru/api/v1/cities/?q=&popular=true&for_city=&limit=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.237 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,rockstat-uid,traceparent
Access-Control-Request-Method: GET
Origin: https://www.utair.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Utair-Signature,Rockstat-Uid,If-Unmodified-Since,g-recaptcha-response,X-Compress,x-device-id,Platform,traceparent,tracestate
access-control-allow-methods: OPTIONS,GET,POST,PUT,PATCH,DELETE
access-control-allow-origin: *
allow: HEAD, OPTIONS, GET
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 12:33:13 GMT
server: QRATOR

POST
H2 200 17630638 Show response
mc.yandex.com/webvisor/ 43 B
76 B 1759ms
65ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/17630638?wmode=0&wv-part=4&wv-hit=499590684&page-url=https%3A%2F%2Fwww.utair.ru%2F&rn=932765650&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664800393%3Aw%3A1600x1200%3Av%3A904%3Az%3A0%3Ai%3A20221003123313%3Au%3A1664800387361316621%3Avf%3Aat6op7b9z7b01ilvk53aw%3Awe%3A1%3Ast%3A1664800393&t=gdpr(14)ti(2)

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:14 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Oct-2022 12:33:14 GMT
content-type: image/gif
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:14 GMT

POST
H2 200 17630638 Show response
mc.yandex.com/webvisor/ 43 B
145 B 110ms
79ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/17630638?wmode=0&wv-part=5&wv-hit=499590684&page-url=https%3A%2F%2Fwww.utair.ru%2F&rn=288102917&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664800393%3Aw%3A1600x1200%3Av%3A904%3Az%3A0%3Ai%3A20221003123313%3Au%3A1664800387361316621%3Avf%3Aat6op7b9z7b01ilvk53aw%3Awe%3A1%3Ast%3A1664800393&t=gdpr(14)ti(2)

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:13 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Oct-2022 12:33:13 GMT
content-type: image/gif
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:13 GMT

POST
H2 200 17630638 Show response
mc.yandex.com/webvisor/ 43 B
154 B 1542ms
105ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/17630638?wmode=0&wv-part=6&wv-hit=499590684&page-url=https%3A%2F%2Fwww.utair.ru%2F&rn=350250085&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664800394%3Aw%3A1600x1200%3Av%3A904%3Az%3A0%3Ai%3A20221003123313%3Au%3A1664800387361316621%3Avf%3Aat6op7b9z7b01ilvk53aw%3Awe%3A1%3Ast%3A1664800394&t=gdpr(14)ti(2)

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:15 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Oct-2022 12:33:15 GMT
content-type: image/gif
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:15 GMT

POST
H2 200 17630638 Show response
mc.yandex.com/webvisor/ 43 B
73 B 804ms
68ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/17630638?wmode=0&wv-part=7&wv-hit=499590684&page-url=https%3A%2F%2Fwww.utair.ru%2F&rn=331126317&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664800394%3Aw%3A1600x1200%3Av%3A904%3Az%3A0%3Ai%3A20221003123314%3Au%3A1664800387361316621%3Avf%3Aat6op7b9z7b01ilvk53aw%3Awe%3A1%3Ast%3A1664800394&t=gdpr(14)ti(2)

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:14 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Oct-2022 12:33:14 GMT
content-type: image/gif
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:14 GMT

GET
H2 200 / Show response
b.utair.ru/api/v1/cities/ 5 KB
5 KB 333ms
333ms Fetch
application/json 178.248.236.237
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://b.utair.ru/api/v1/cities/?q=&popular=&for_city=BAK&limit=7
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.237 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 9cd6a564839d2820fab51c6ef36dbf0464764dbd661f333eab984850bc7cfb1f

Request headers

Referer: https://www.utair.ru/
traceparent: 00-4c3d9e5d4056123cdc3c48c9a5e547c7-60ed4a7c7aa66ebc-01
accept-language: de-DE,de;q=0.9
rockstat-uid: 6982678922747969536
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIwMTg2MDA4MTgxIiwic2NvcGVzIjpbInVzZXIucHJvZmlsZSIsInVzZXIucHJvZmlsZS5lZGl0IiwidXNlci5wcm9maWxlLnJlcmVnaXN0cmF0aW9uIiwidXNlci5ib251cyIsInVzZXIucGF5bWVudHMuY2FyZHMiLCJ1c2VyLnJlZmVycmFscyIsInVzZXIuc3lzdGVtLmZlZWRiYWNrIiwidXNlci5jb21wYW55IiwidXNlci5yZW1vdGVycyIsInVzZXIuZXhwZXJlbWVudGFsLnJ6ZCIsImFwcC51c2VyLnJlZ2lzdHJhdGlvbiIsImFwcC51c2VyLmNoYW5nZV9wZXJzb25hbF9kYXRhIiwiYXBwLmJvbnVzIiwiYXBwLmJvb2tpbmciLCJhcHAuY2hlY2tpbiIsImFwcC5haXJwb3J0cyIsImFwcC5jb3VudHJpZXMiLCJhcHAucHJvbW8iLCJhcHAuc2NoZWR1bGUiLCJhcHAucHJvbW8ucHJlcGFpZCIsImFwcC5zeXN0ZW0uZmVlZGJhY2siLCJhcHAuc3lzdGVtLnRyYW5zYWN0aW9ucyIsImFwcC5zeXN0ZW0ucHJvZmlsZSIsImFwcC5zeXN0ZW0udGVzdC5hY2NvdW50cyIsImFwcC5zeXN0ZW0ubGlua3MiLCJhcHAuc3lzdGVtLm5vdGlmaWNhdGlvbiIsImFwcC5kYWRhdGEiLCJhcHAuYWIiLCJhcHAuY29tcGFueSIsImFwcC5zZXJ2aWNlcyIsImFwcC5vcmRlcnMucmVmdW5kIiwiYXBwLm9yZGVycy53aXRoZHJhdyJdLCJleHBpcmVzSW4iOjYwNDgwMCwiZXhwIjoxNjY1NDA1MTkyLCJjbGllbnRfaWQiOiJ3ZWJzaXRlX2NsaWVudCJ9.eJQTTDhFux4gS6_MfTGUZQqe5_gqC8s54rlAvbJgpHc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 12:33:15 GMT
server: QRATOR
access-control-allow-headers: Authorization,Content-Type,X-Utair-Signature,Rockstat-Uid,If-Unmodified-Since,g-recaptcha-response,X-Compress,x-device-id,Platform,traceparent,tracestate
content-length: 5342
content-type: application/json

OPTIONS
H2 200 /
b.utair.ru/api/v1/cities/ Frame 0
0 433ms
433ms Preflight
text/html 178.248.236.237
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://b.utair.ru/api/v1/cities/?q=&popular=&for_city=BAK&limit=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.237 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,rockstat-uid,traceparent
Access-Control-Request-Method: GET
Origin: https://www.utair.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Utair-Signature,Rockstat-Uid,If-Unmodified-Since,g-recaptcha-response,X-Compress,x-device-id,Platform,traceparent,tracestate
access-control-allow-methods: OPTIONS,GET,POST,PUT,PATCH,DELETE
access-control-allow-origin: *
allow: HEAD, OPTIONS, GET
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 12:33:15 GMT
server: QRATOR

POST
H2 202 events Show response
apm-lb.utair.io/intake/v2/rum/ 0
21 B 73ms
71ms XHR
text/plain 51.250.84.168
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-lb.utair.io/intake/v2/rum/events

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.250.84.168 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

ycalb /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://www.utair.ru
date: Mon, 03 Oct 2022 12:33:16 GMT
x-content-type-options: nosniff
server: ycalb
content-length: 0

OPTIONS
H2 200 events
apm-lb.utair.io/intake/v2/rum/ Frame 0
0 599ms
67ms Preflight 51.250.84.168
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-lb.utair.io/intake/v2/rum/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.250.84.168 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

ycalb /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type
Access-Control-Request-Method: POST
Origin: https://www.utair.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.utair.ru
access-control-expose-headers: Etag
access-control-max-age: 3600
content-length: 0
date: Mon, 03 Oct 2022 12:33:16 GMT
server: ycalb
vary: Origin
x-content-type-options: nosniff

POST
H2 200 17630638 Show response
mc.yandex.com/webvisor/ 43 B
145 B 71ms
71ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/17630638?wmode=0&wv-part=8&wv-hit=499590684&page-url=https%3A%2F%2Fwww.utair.ru%2F&rn=802317882&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664800396%3Aw%3A1600x1200%3Av%3A904%3Az%3A0%3Ai%3A20221003123315%3Au%3A1664800387361316621%3Avf%3Aat6op7b9z7b01ilvk53aw%3Awe%3A1%3Ast%3A1664800396&t=gdpr(14)ti(2)

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 12:33:16 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Oct-2022 12:33:16 GMT
content-type: image/gif
access-control-allow-origin: https://www.utair.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 12:33:16 GMT

POST
H2 202 events Show response
apm-lb.utair.io/intake/v2/rum/ 0
18 B 93ms
91ms XHR
text/plain 51.250.84.168
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-lb.utair.io/intake/v2/rum/events

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.250.84.168 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

ycalb /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://www.utair.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://www.utair.ru
date: Mon, 03 Oct 2022 12:33:16 GMT
x-content-type-options: nosniff
server: ycalb
content-length: 0

OPTIONS
H2 200 events
apm-lb.utair.io/intake/v2/rum/ Frame 0
0 67ms
67ms Preflight 51.250.84.168
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-lb.utair.io/intake/v2/rum/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.250.84.168 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

ycalb /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type
Access-Control-Request-Method: POST
Origin: https://www.utair.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.utair.ru
access-control-expose-headers: Etag
access-control-max-age: 3600
content-length: 0
date: Mon, 03 Oct 2022 12:33:16 GMT
server: ycalb
vary: Origin
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.utair.ru/	1970-01-20 16:02:40	Name: _ga Value: GA1.2.808408290.1664800387
.utair.ru/	1970-01-20 06:28:06	Name: _gid Value: GA1.2.2071524733.1664800387
.utair.ru/	1970-01-20 06:26:40	Name: _dc_gtm_UA-54035537-2 Value: 1
.utair.ru/	1970-01-20 16:02:40	Name: uid Value: 6982678922747969536
.utair.ru/	1970-01-20 15:12:16	Name: _ym_uid Value: 1664800387361316621
.utair.ru/	1970-01-20 15:12:16	Name: _ym_d Value: 1664800387
.mc.yandex.com/	1970-01-20 06:26:40	Name: sync_cookie_csrf Value: 884881926fake
.utair.ru/	1970-01-20 06:27:52	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 06:26:40	Name: sync_cookie_csrf Value: 1990927948fake
.utair.ru/	1970-01-20 16:02:40	Name: rst-uid Value: 6982678922747969536
.yandex.com/	1970-01-20 15:12:16	Name: yandexuid Value: 6701037441664800387
.yandex.com/	1970-01-20 15:12:16	Name: yuidss Value: 6701037441664800387
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 891377241664800387
.yandex.com/	1970-01-20 16:02:40	Name: i Value: Ros5i98O5/0TfihQU7zUYiMVHltDDddySMnFEV63/ebW/PHLVsBE1A6TbDDNKkFVKFlZlDQepTioSPc8enejng6tWlo=
.yandex.com/	1970-01-20 15:12:16	Name: ymex Value: 1696336387.yrts.1664800387#1696336387.yrtsi.1664800387
.utair.ru/	1970-01-20 06:26:42	Name: _ym_visorc Value: w
.utair.ru/	1970-01-20 14:26:11	Name: tmr_lvid Value: 981b89286ba5544932ba10fc31ee0cc7
.utair.ru/	1970-01-20 14:26:11	Name: tmr_lvidTS Value: 1664800392919
.utair.ru/	1970-01-20 14:26:11	Name: tmr_reqNum Value: 3
.mail.ru/	1970-01-20 15:13:42	Name: VID Value: 00ma2P0tL2IC00000i1OL4YC:::0-0-0-8552f48:CAASEJeff61_kQ18UDGGEeSCgwEaYANyyENb8p2g3M0esDXW-ePYZ3DaAIh_pYQlIhs0Bu_3y3n8CDbTElZXLmhZDp7f-iJpKz4imBH-2wK_JQVbmvCS0DujMvPKeI8fjxEp81I-Yvv9QpsdZSzAn1VgYV8PKA
www.utair.ru/	1970-01-20 06:28:06	Name: tmr_detect Value: 0%7C1664800395183

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9780.XvUvZYrMxUmasqcPhvPNwVWV5qmdJY2l25U6gxAO5_ALN7wNAk0ZpbNxqSfpc4L_9q31wBn9y5cJfTURIVzG3Q%2C%2C.gar0ln54qzi9GWJNmOw7AdrKpsQ%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
apm-lb.utair.io
b.utair.ru
browser-updater.yandex.net
cdn.ravenjs.com
cdn.weglot.com
datalytics.utair.ru
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
static.yandex.net
stats.g.doubleclick.net
top-fwz1.mail.ru
utair.ru
vk.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.utair.ru
178.248.236.201
178.248.236.237
2001:4860:4802:36::178
2600:9000:225e:ce00:1:28b3:b280:93a1
2a00:1148:db00::17
2a00:1450:4001:803::2003
2a00:1450:4001:806::2008
2a00:1450:400c:c00::9d
2a00:1450:400d:80a::2004
2a00:1450:400d:80d::2003
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::3f7
2a04:4e42:600::729
51.250.15.42
51.250.84.168
87.240.132.78
95.163.52.67
0c30c4044ec17af3eeb75c70022882f19c3776217a5f732463a963f6d7a200ae
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d1a560c1477710be9b37b2e839b8fbe6d67a50bfc2fcfa0cc732bd4a9098429
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2ce98539471d72187fd8c68a8ec3433c8923b529e0a6ef50803d54b08f134be6
2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8
380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44
3cd7b69ca14bb463a797b23bfc97194348fe0a0fe0cfa3e144f0e60bd130d8f0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
437898b39bcdcd048ebf2cd9bea8905bfc7d620d7731ca69a18b025229884497
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b6d78009e6e369507e7d50925b9f2864e05b27820a92862f8b6bcf5c27a8430
4ef3fcea2c5d6a6dc2f8f12537a7500b30c3489ecefbfa28f2e7b256fafd0209
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
595c9b95cc4d52b94a19987dc9f2e2743c4e74f140510b04a91a9602c6e5bddf
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c4125eb66e9d687b4e8ba3f67fcae97a1a41552013c8be1474e3038fefc74ce
8cd883d90c890627a559ab85e79476a171c497627bf7006399e7caacdb03dc70
9cd6a564839d2820fab51c6ef36dbf0464764dbd661f333eab984850bc7cfb1f
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a189ab7f0ba54c550c7389571345beedfa5a5850df481ece0aaff151f6abce26
a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b
b0cf1ceb7a4e10db6b3e595960c38d8b0864b1f27ffb60596d4983be185ecbfd
b32d89987d5549a8ac21fea58a1f5db09e84d770d51aab6695ad8da613671dd3
c624952821fc6a8e7e1a150a7501b51ddb0dedd9873d02f1842d7b9812916ed4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11b86f54200a553d42057a6e3c57084de7ff9d0af67ff1f618743bde1173524
d5a8e40b2fa338d34c09ea743daa7a6ce09e9f534391f9f4e5042dfd61138b44
da628f9ad7f45858a22ef822cdb3837dc9931a96f3fb25f2436224f6d19e9f2b
e30543d7f9ca98535728e825bcabafb48589b06495b86558569f767ae44999cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00864afefb6ac342587e84e7237328d02cb5507147a4a0d039b03a6fd90baff
fc1ff54e3098660570b0d0802de7d8f9a845911431127c4acf066128395f3a78

www.utair.ru Open in urlscan Pro 178.248.236.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

97 %HTTPS

67 %IPv6

15 Domains

21 Subdomains

19 IPs

5 Countries

1763 kBTransfer

5000 kBSize

21 Cookies

5 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.utair.ru Open in urlscan Pro
178.248.236.201 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

67 %
IPv6

15
Domains

21
Subdomains

19
IPs

5
Countries

1763 kB
Transfer

5000 kB
Size

21
Cookies

62 HTTP transactions
2 data transactions