billing.help-sot.ru Open in urlscan Pro
185.84.162.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://billing.ekaterina-voroncova.ru/
Effective URL:
https://billing.help-sot.ru/
Submission: On July 29 via automatic, source certstream-suspicious (July 29th 2024, 6:49:28 pm UTC) — Scanned from DE

Summary HTTP 16 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 185.84.162.69, located in St Petersburg, Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is billing.help-sot.ru.
TLS certificate: Issued by R11 on July 28th 2024. Valid for: 3 months.

This is the only time billing.help-sot.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	185.84.162.69 185.84.162.69	9123 (TIMEWEB-AS) (TIMEWEB-AS)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
16	3

12 185.84.162.69 (St Petersburg, Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: billing.help-sot.ru

billing.ekaterina-voroncova.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
billing.help-sot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	help-sot.ru billing.help-sot.ru	146 KB
3	gstatic.com fonts.gstatic.com	83 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 84	13 KB
1	ekaterina-voroncova.ru 1 redirects billing.ekaterina-voroncova.ru	86 B
16	4

	Domain	Requested by
11	billing.help-sot.ru	billing.help-sot.ru
3	fonts.gstatic.com	billing.help-sot.ru
2	www.youtube.com	billing.help-sot.ru www.youtube.com
1	billing.ekaterina-voroncova.ru	1 redirects
16	4

This site contains links to these domains. Also see Links.

Domain
money.yandex.ru
www.robokassa.ru
www.webmoney.ru
qiwi.ru

Subject Issuer	Validity	Valid
billing.ekaterina-voroncova.ru R11	`2024-07-28` - `2024-10-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://billing.help-sot.ru/
Frame ID: 789DCF80F36D5D633D69C199DFBEE20B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

| Екатерина Воронцова

Page URL History Show full URLs

https://billing.ekaterina-voroncova.ru/ HTTP 301
https://billing.help-sot.ru/ Page URL

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

242 kB
Transfer

671 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://money.yandex.ru/

Search URL Search Domain Scan URL

URL: http://www.robokassa.ru/

Search URL Search Domain Scan URL

URL: http://www.webmoney.ru/

Search URL Search Domain Scan URL

URL: https://qiwi.ru/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://billing.ekaterina-voroncova.ru/ HTTP 301
https://billing.help-sot.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
billing.help-sot.ru/
Redirect Chain

https://billing.ekaterina-voroncova.ru/
https://billing.help-sot.ru/

3 KB
1 KB

349ms
79ms

Document
text/html

185.84.162.69
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.help-sot.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.84.162.69 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: billing.help-sot.ru
Software: nginx /
Resource Hash: 6735e992f1c7e78ad7eb9d60732190db6dd000057e68803da24bc678956da208

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 29 Jul 2024 18:49:20 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 17
content-type: text/plain; charset=utf-8
date: Mon, 29 Jul 2024 18:49:20 GMT
location: https://billing.help-sot.ru/

GET
H2 200 styles.css
billing.help-sot.ru/assets/6c4bbc5c/ 97 KB
15 KB 71ms
70ms Stylesheet
text/css 185.84.162.69
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
Requested by: Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.84.162.69 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: billing.help-sot.ru
Software: nginx /
Resource Hash: fd6bd1d98edf3405b8da66141cec2adf2b2cdd3ba63317f60394e29d650e07bf

Request headers

Referer: https://billing.help-sot.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:20 GMT
content-encoding: gzip
last-modified: Mon, 13 May 2024 15:21:18 GMT
server: nginx
etag: W/"66422fee-18435"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 scripts.js Show response
billing.help-sot.ru/assets/6c4bbc5c/ 363 KB
97 KB 137ms
136ms Script
application/javascript 185.84.162.69
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.help-sot.ru/assets/6c4bbc5c/scripts.js?v=1715613678
Requested by: Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.84.162.69 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: billing.help-sot.ru
Software: nginx /
Resource Hash: 806af84d2b9efc14c1905e25544e71456c549f6e27f83b8ef9173a25942a7125

Request headers

Referer: https://billing.help-sot.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:20 GMT
content-encoding: gzip
last-modified: Mon, 13 May 2024 15:21:18 GMT
server: nginx
etag: W/"66422fee-5ac42"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 logo.png
billing.help-sot.ru/assets/6c4bbc5c/ 4 KB
4 KB 140ms
140ms Image
image/png 185.84.162.69
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billing.help-sot.ru/assets/6c4bbc5c/logo.png
Requested by: Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.84.162.69 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: billing.help-sot.ru
Software: nginx /
Resource Hash: 5742d5935d5be41804f0ac46cafec44d5f1ca0b90882c6e8ec8670d507b749b5

Request headers

Referer: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:21 GMT
last-modified: Mon, 13 May 2024 15:21:18 GMT
server: nginx
accept-ranges: bytes
etag: "66422fee-ffb"
content-length: 4091
content-type: image/png

GET
H2 200 icon-yandex.png
billing.help-sot.ru/assets/6c4bbc5c/ 4 KB
4 KB 140ms
139ms Image
image/png 185.84.162.69
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billing.help-sot.ru/assets/6c4bbc5c/icon-yandex.png
Requested by: Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.84.162.69 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: billing.help-sot.ru
Software: nginx /
Resource Hash: 024f2034e877caaea402c01a33cadb0477bb0bd99af2efd6afdd1f630bcf4651

Request headers

Referer: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:21 GMT
last-modified: Mon, 13 May 2024 15:21:18 GMT
server: nginx
accept-ranges: bytes
etag: "66422fee-1008"
content-length: 4104
content-type: image/png

GET
H2 200 icon-robokassa.png
billing.help-sot.ru/assets/6c4bbc5c/ 5 KB
5 KB 157ms
156ms Image
image/png 185.84.162.69
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billing.help-sot.ru/assets/6c4bbc5c/icon-robokassa.png
Requested by: Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.84.162.69 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: billing.help-sot.ru
Software: nginx /
Resource Hash: 15b6ae8b2590c36ac89a7e1b7b43ebb2979f812134d3e3b58f16f721a01766a9

Request headers

Referer: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:21 GMT
last-modified: Mon, 13 May 2024 15:21:18 GMT
server: nginx
accept-ranges: bytes
etag: "66422fee-150c"
content-length: 5388
content-type: image/png

GET
H2 200 icon-webmoney.png
billing.help-sot.ru/assets/6c4bbc5c/ 7 KB
7 KB 141ms
140ms Image
image/png 185.84.162.69
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billing.help-sot.ru/assets/6c4bbc5c/icon-webmoney.png
Requested by: Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.84.162.69 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: billing.help-sot.ru
Software: nginx /
Resource Hash: c98719acca6046235f5d1b8bcf543949dc05b9b315f950a19ea0d663df69109b

Request headers

Referer: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:21 GMT
last-modified: Mon, 13 May 2024 15:21:18 GMT
server: nginx
accept-ranges: bytes
etag: "66422fee-1a70"
content-length: 6768
content-type: image/png

GET
H2 200 icon-qiwi.png
billing.help-sot.ru/assets/6c4bbc5c/ 5 KB
5 KB 157ms
156ms Image
image/png 185.84.162.69
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billing.help-sot.ru/assets/6c4bbc5c/icon-qiwi.png
Requested by: Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.84.162.69 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: billing.help-sot.ru
Software: nginx /
Resource Hash: 50bc59e3c5c77f4f860b665ab83f2d8c3d9b00fcea27becbe7c9fb5cc3c4a93d

Request headers

Referer: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:21 GMT
last-modified: Mon, 13 May 2024 15:21:18 GMT
server: nginx
accept-ranges: bytes
etag: "66422fee-1267"
content-length: 4711
content-type: image/png

GET
H2 200 icon-visa.png
billing.help-sot.ru/assets/6c4bbc5c/ 4 KB
4 KB 144ms
143ms Image
image/png 185.84.162.69
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billing.help-sot.ru/assets/6c4bbc5c/icon-visa.png
Requested by: Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.84.162.69 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: billing.help-sot.ru
Software: nginx /
Resource Hash: 552eea4d1d118a34792b4c4f0eb76f798cc557165df5e02caf375d3a0676d22c

Request headers

Referer: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:21 GMT
last-modified: Mon, 13 May 2024 15:21:18 GMT
server: nginx
accept-ranges: bytes
etag: "66422fee-113a"
content-length: 4410
content-type: image/png

GET
H2 200 icon-mastercard.png
billing.help-sot.ru/assets/6c4bbc5c/ 3 KB
4 KB 143ms
142ms Image
image/png 185.84.162.69
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billing.help-sot.ru/assets/6c4bbc5c/icon-mastercard.png
Requested by: Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.84.162.69 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: billing.help-sot.ru
Software: nginx /
Resource Hash: af6c691ec9fc4467fc7b2996492f7d8fcaad499ae98c738923cb519dd324fc7c

Request headers

Referer: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:21 GMT
last-modified: Mon, 13 May 2024 15:21:18 GMT
server: nginx
accept-ranges: bytes
etag: "66422fee-dee"
content-length: 3566
content-type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc9.ttf
fonts.gstatic.com/s/roboto/v30/ 52 KB
29 KB 109ms
55ms Font
font/ttf 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc9.ttf

Requested by

Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0169803dba9476d7603f3ce5c2249dd2cf452a43538c5157f21da6d89d7163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billing.help-sot.ru/
Origin: https://billing.help-sot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 00:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Jul 2025 00:41:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxP.ttf
fonts.gstatic.com/s/roboto/v30/ 52 KB
30 KB 74ms
28ms Font
font/ttf 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxP.ttf

Requested by

Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24a22d0a1afb69f86faefa8e91e4bf08ac42140bea37c99903cb6a554ceb56f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billing.help-sot.ru/
Origin: https://billing.help-sot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Jul 2025 18:41:54 GMT

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISma2Rm.ttf
fonts.gstatic.com/s/robotoslab/v24/ 38 KB
24 KB 110ms
65ms Font
font/ttf 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISma2Rm.ttf

Requested by

Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/assets/6c4bbc5c/styles.css?v=1715613678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d82a7ce9c10e45b5a7faac5f3a59dfe4f7c68e59f258f9f77832e3b60d1754ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billing.help-sot.ru/
Origin: https://billing.help-sot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24609
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:15:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Jul 2025 18:49:21 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 107ms
43ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: billing.help-sot.ru
URL: https://billing.help-sot.ru/assets/6c4bbc5c/scripts.js?v=1715613678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4518700179cb13b9e225f707496de0cddae2209098392de30eb2f7f150736511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://billing.help-sot.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 29 Jul 2024 18:49:21 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/0e90208b/www-widgetapi.vflset/ 31 KB
11 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e90208b/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billing.help-sot.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 17:00:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10518
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 04:16:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 29 Jul 2025 17:00:01 GMT

GET
H2 200 favicon.ico
billing.help-sot.ru/ 318 B
190 B 79ms
78ms Other
image/x-icon 185.84.162.69
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.help-sot.ru/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.84.162.69 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: billing.help-sot.ru
Software: nginx /
Resource Hash: 66332859bd8e3441a019e073a318b62a47014ba244121301034b510dc7532271

Request headers

Referer: https://billing.help-sot.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 18:49:21 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 09:22:40 GMT
server: nginx
etag: W/"65e98760-13e"
vary: Accept-Encoding
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
billing.help-sot.ru/	1969-12-31 23:59:59	Name: _csrf-frontend Value: e51f0146f4d5c779ff0e3057c961897017fdffb71c079db8331f142533134c87a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22E-PfoumD4pC307zt1BD28QHfHtkhINhh%22%3B%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 5RSIk-1yL3g
.youtube.com/	1970-01-21 02:43:50	Name: VISITOR_INFO1_LIVE Value: 1p2tBZ1TEro
.youtube.com/	1970-01-21 02:43:50	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgFA%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billing.ekaterina-voroncova.ru
billing.help-sot.ru
fonts.gstatic.com
www.youtube.com
185.84.162.69
2a00:1450:4001:810::2003
2a00:1450:4001:82f::200e
024f2034e877caaea402c01a33cadb0477bb0bd99af2efd6afdd1f630bcf4651
15b6ae8b2590c36ac89a7e1b7b43ebb2979f812134d3e3b58f16f721a01766a9
24a22d0a1afb69f86faefa8e91e4bf08ac42140bea37c99903cb6a554ceb56f2
2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8
4518700179cb13b9e225f707496de0cddae2209098392de30eb2f7f150736511
50bc59e3c5c77f4f860b665ab83f2d8c3d9b00fcea27becbe7c9fb5cc3c4a93d
552eea4d1d118a34792b4c4f0eb76f798cc557165df5e02caf375d3a0676d22c
5742d5935d5be41804f0ac46cafec44d5f1ca0b90882c6e8ec8670d507b749b5
66332859bd8e3441a019e073a318b62a47014ba244121301034b510dc7532271
6735e992f1c7e78ad7eb9d60732190db6dd000057e68803da24bc678956da208
806af84d2b9efc14c1905e25544e71456c549f6e27f83b8ef9173a25942a7125
ae0169803dba9476d7603f3ce5c2249dd2cf452a43538c5157f21da6d89d7163
af6c691ec9fc4467fc7b2996492f7d8fcaad499ae98c738923cb519dd324fc7c
c98719acca6046235f5d1b8bcf543949dc05b9b315f950a19ea0d663df69109b
d82a7ce9c10e45b5a7faac5f3a59dfe4f7c68e59f258f9f77832e3b60d1754ec
fd6bd1d98edf3405b8da66141cec2adf2b2cdd3ba63317f60394e29d650e07bf

billing.help-sot.ru Open in urlscan Pro 185.84.162.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

16 Requests

100 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

242 kBTransfer

671 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

4 Cookies

Indicators

billing.help-sot.ru Open in urlscan Pro
185.84.162.69 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

242 kB
Transfer

671 kB
Size

4
Cookies

16 HTTP transactions
0 data transactions