profile.utair.ru Open in urlscan Pro
78.155.208.8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://profile.utair.ru/
Effective URL:
https://profile.utair.ru/Account/SignIn
Submission Tags: ut air ru l4ing sub h8 Search All
Submission: On September 10 via manual (September 10th 2022, 7:46:40 am UTC) from UA — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 78.155.208.8, located in Russian Federation and belongs to XELENT-AS, RU. The main domain is profile.utair.ru.
TLS certificate: Issued by R3 on August 28th 2022. Valid for: 3 months.

This is the only time profile.utair.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 8	78.155.208.8 78.155.208.8	199860 (XELENT-AS) (XELENT-AS)
2	2606:4700:303... 2606:4700:3032::ac43:a9f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

8 78.155.208.8 (Russian Federation) 2 redirects

ASN199860 (XELENT-AS, RU)
PTR: mail20.soft.aero

profile.utair.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	utair.ru 2 redirects profile.utair.ru	108 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1565	77 KB
8	2

	Domain	Requested by
8	profile.utair.ru	2 redirects profile.utair.ru
2	use.fontawesome.com	profile.utair.ru use.fontawesome.com
8	2

This site contains no links.

Subject Issuer	Validity	Valid
profile.utair.ru R3	`2022-08-28` - `2022-11-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://profile.utair.ru/Account/SignIn
Frame ID: C30A3251CBF21FE48339D80A23E44256
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Личный кабинет

Page URL History Show full URLs

http://profile.utair.ru/ HTTP 301
https://profile.utair.ru/ HTTP 302
https://profile.utair.ru/Account/SignIn Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

185 kB
Transfer

502 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://profile.utair.ru/ HTTP 301
https://profile.utair.ru/ HTTP 302
https://profile.utair.ru/Account/SignIn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request SignIn Show response
profile.utair.ru/Account/
Redirect Chain

http://profile.utair.ru/
https://profile.utair.ru/
https://profile.utair.ru/Account/SignIn

12 KB
4 KB

48ms
48ms

Document
text/html

78.155.208.8
XELENT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.utair.ru/Account/SignIn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.208.8 , Russian Federation, ASN199860 (XELENT-AS, RU),

Reverse DNS

mail20.soft.aero

Software

nginx/1.18.0 / ASP.NET

Resource Hash

ef72c99e7a4220a47f840723671ef7e038067a2b227d11fcce85c0360df3b8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, no-cache="Set-Cookie", no-store, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 10 Sep 2022 07:46:36 GMT
expires: Sat, 10 Sep 2022 07:46:36 GMT
last-modified: Sat, 10 Sep 2022 07:46:36 GMT
server: nginx/1.18.0
strict-transport-security: max-age=63072000
vary: *
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

cache-control: private
content-length: 132
content-type: text/html; charset=utf-8
date: Sat, 10 Sep 2022 07:46:36 GMT
location: /Account/SignIn
server: nginx/1.18.0
strict-transport-security: max-age=63072000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
11 KB 73ms
22ms Stylesheet
text/css 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: profile.utair.ru
URL: https://profile.utair.ru/Account/SignIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer: https://profile.utair.ru/
Origin: https://profile.utair.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 07:46:36 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75855
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 42JYA2AZZZK2RJ2S
x-amz-id-2: +GsfxLoAfjD72RHitEpCiAsmHLFTQUv3rr6iKPzRj8sBYoKX1wv5H1bJXu0a2XoRXyOC4oispoU=
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
server: cloudflare
etag: W/"10519cfd3206802f58315b877a9beab5"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdR%2ByOpley1h72j%2Bjdg94ras7WZT8pQEwaeSIDJkP4jQqASn80s0rZPd9WVpj3dnBYUb4eonpTbkFJE%2Fil9JYUZrB%2F8Ege12J9jw3PuwYDqfvAkIdefe%2F%2FnmhTDNkIzvLZmW1dleljwqk9g%2BDjJ5nxJm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 74868d026bd3bbb5-FRA

GET
H2 200 Site.agencyut.min.css
profile.utair.ru/Content/ 201 KB
36 KB 49ms
48ms Stylesheet
text/css 78.155.208.8
XELENT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.utair.ru/Content/Site.agencyut.min.css

Requested by

Host: profile.utair.ru
URL: https://profile.utair.ru/Account/SignIn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.208.8 , Russian Federation, ASN199860 (XELENT-AS, RU),

Reverse DNS

mail20.soft.aero

Software

nginx/1.18.0 / ASP.NET

Resource Hash

2e82654df7e3e43c7830a077306a4fea27f87a84b12b50dd1525b3f747aaaae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.utair.ru/Account/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 07:46:36 GMT
content-encoding: gzip
last-modified: Fri, 04 Mar 2022 09:42:14 GMT
server: nginx/1.18.0
x-powered-by: ASP.NET
etag: W/"01fe220ac2fd81:0"
strict-transport-security: max-age=63072000
content-type: text/css

GET
H2 200 modernizr Show response
profile.utair.ru/bundles/ 11 KB
5 KB 49ms
48ms Script
text/javascript 78.155.208.8
XELENT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.utair.ru/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1

Requested by

Host: profile.utair.ru
URL: https://profile.utair.ru/Account/SignIn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.208.8 , Russian Federation, ASN199860 (XELENT-AS, RU),

Reverse DNS

mail20.soft.aero

Software

nginx/1.18.0 / ASP.NET

Resource Hash

9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.utair.ru/Account/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 07:46:36 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 07:46:36 GMT
server: nginx/1.18.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000
expires: Sun, 10 Sep 2023 07:46:36 GMT

GET
H2 200 jquery Show response
profile.utair.ru/bundles/ 86 KB
36 KB 133ms
132ms Script
text/javascript 78.155.208.8
XELENT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.utair.ru/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1

Requested by

Host: profile.utair.ru
URL: https://profile.utair.ru/Account/SignIn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.208.8 , Russian Federation, ASN199860 (XELENT-AS, RU),

Reverse DNS

mail20.soft.aero

Software

nginx/1.18.0 / ASP.NET

Resource Hash

c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.utair.ru/Account/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 07:46:36 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 07:46:36 GMT
server: nginx/1.18.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000
expires: Sun, 10 Sep 2023 07:46:36 GMT

GET
H2 200 bootstrap Show response
profile.utair.ru/bundles/ 49 KB
17 KB 92ms
91ms Script
text/javascript 78.155.208.8
XELENT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.utair.ru/bundles/bootstrap?v=ir0mDkNAz_k4z2mgliXblsRoAsfq9-vb5ooZ6PIuRNk1

Requested by

Host: profile.utair.ru
URL: https://profile.utair.ru/Account/SignIn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.208.8 , Russian Federation, ASN199860 (XELENT-AS, RU),

Reverse DNS

mail20.soft.aero

Software

nginx/1.18.0 / ASP.NET

Resource Hash

0575c305510f2b368fa3dcf34906163969eef4e479b04d8ec34851d8d0c590f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.utair.ru/Account/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 07:46:36 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 07:46:36 GMT
server: nginx/1.18.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000
expires: Sun, 10 Sep 2023 07:46:36 GMT

GET
H2 200 jqueryval Show response
profile.utair.ru/bundles/ 30 KB
11 KB 90ms
89ms Script
text/javascript 78.155.208.8
XELENT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.utair.ru/bundles/jqueryval?v=Av7u9Xp5SfPfeTHZEhEf21pK9FzHI9WDBqsqpa_4G2E1

Requested by

Host: profile.utair.ru
URL: https://profile.utair.ru/Account/SignIn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.208.8 , Russian Federation, ASN199860 (XELENT-AS, RU),

Reverse DNS

mail20.soft.aero

Software

nginx/1.18.0 / ASP.NET

Resource Hash

95d24089a09f21ca1e28f9ee3b00d106340103f36782c652c593d65815165216

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.utair.ru/Account/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 07:46:36 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 07:46:36 GMT
server: nginx/1.18.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000
expires: Sun, 10 Sep 2023 07:46:36 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 66 KB
66 KB 23ms
22ms Font
font/woff2 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin: https://profile.utair.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 07:46:36 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1266812
cf-ray: 74868d037d8fbbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67400
x-amz-id-2: JZyTj62IFSEPcA7QU9f/TYPX0ukWoRNlml/6qkh8QvW3xCroMx1dAb6zYY9/5GwOXEC5xCkbb5w=
last-modified: Wed, 30 Jun 2021 15:42:33 GMT
server: cloudflare
etag: "14a08198ec7d1eb96d515362293fed36"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOYYKF0%2B5uQG5K6jnv7MHfKH0e1k4eRdraatdMp43nBoQmAJ3UOQKkuV0LEWXwTr4MgAtN8uXQw6%2FEAoVfF%2BvkjEntimaHzBEROi0P51ASoT%2BUN6AbkZMKwn%2F4Sj4bIJpKvEZYB1jS0XWJtf%2BUUFUTtX"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: AWEEAMJ680M32AQC
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			profile.utair.ru/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: H2lNCEXtMBeWjyiq8JFaaPcEIeTi5VpnEblwfDABMgsyXfTQhLa5yY91me-ifhmCv_dBd3wAV5bRwWUuFAZ3P1ASNxOIRCJzpGYuNRzBRaU1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

profile.utair.ru
use.fontawesome.com
2606:4700:3032::ac43:a9f7
78.155.208.8
0575c305510f2b368fa3dcf34906163969eef4e479b04d8ec34851d8d0c590f4
2e82654df7e3e43c7830a077306a4fea27f87a84b12b50dd1525b3f747aaaae9
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
95d24089a09f21ca1e28f9ee3b00d106340103f36782c652c593d65815165216
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
ef72c99e7a4220a47f840723671ef7e038067a2b227d11fcce85c0360df3b8a0

profile.utair.ru Open in urlscan Pro 78.155.208.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

185 kBTransfer

502 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

profile.utair.ru Open in urlscan Pro
78.155.208.8 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

185 kB
Transfer

502 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions