URL: https://monitoring.pallada.sibsau.ru/
Submission Tags: phishingrod
Submission: On August 10 via api from DE — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 91.216.164.125, located in Krasnoyarsk, Russian Federation and belongs to SIBSAU-NET, RU. The main domain is monitoring.pallada.sibsau.ru.
TLS certificate: Issued by R11 on August 10th 2024. Valid for: 3 months.
This is the only time monitoring.pallada.sibsau.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 91.216.164.125 51181 (SIBSAU-NET)
19 2
Apex Domain
Subdomains
Transfer
13 sibsau.ru
monitoring.pallada.sibsau.ru
www.sibsau.ru Failed
1 MB
19 1
Domain Requested by
13 monitoring.pallada.sibsau.ru monitoring.pallada.sibsau.ru
0 www.sibsau.ru Failed monitoring.pallada.sibsau.ru
19 2
Subject Issuer Validity Valid
monitoring.pallada.sibsau.ru
R11
2024-08-10 -
2024-11-08
3 months crt.sh

This page contains 1 frames:

Primary Page: https://monitoring.pallada.sibsau.ru/
Frame ID: 6067B9A9CABFFA677EDCDDF4698CFF8C
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Homepage | Website localhost

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

19
Requests

68 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

1456 kB
Transfer

1453 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
monitoring.pallada.sibsau.ru/
27 KB
27 KB
Document
General
Full URL
https://monitoring.pallada.sibsau.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
c08ca003a1323b37d67caa69f90743e25acf8fc37b8b32132497b8daf18619d8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-length
27342
content-type
text/html; charset=utf-8; charset=utf-8
date
Sat, 10 Aug 2024 09:00:52 GMT
server
Caddy Werkzeug/0.9.6 Python/2.7.9
web.assets_common.0.css
monitoring.pallada.sibsau.ru/web/content/285-87046f4/
115 KB
116 KB
Stylesheet
General
Full URL
https://monitoring.pallada.sibsau.ru/web/content/285-87046f4/web.assets_common.0.css
Requested by
Host: monitoring.pallada.sibsau.ru
URL: https://monitoring.pallada.sibsau.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
e45cf9d972bfe79520ce9c53e0dacca88dfbdb79ad2ad0e9ecb612da4e5ed288
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://monitoring.pallada.sibsau.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 09:00:53 GMT
cache-control
max-age=604800
x-content-type-options
nosniff
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
etag
"9cb50afc2e26ffa537db037fdc5d360a"
content-length
118043
content-type
text/css
website.assets_frontend.0.css
monitoring.pallada.sibsau.ru/web/content/290-9d289a0/
232 KB
232 KB
Stylesheet
General
Full URL
https://monitoring.pallada.sibsau.ru/web/content/290-9d289a0/website.assets_frontend.0.css
Requested by
Host: monitoring.pallada.sibsau.ru
URL: https://monitoring.pallada.sibsau.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
7c80aa3b9ab78122a77c72eb323fed245fba4a3c79d4a72c133524836df49dbf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://monitoring.pallada.sibsau.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 09:00:53 GMT
cache-control
max-age=604800
x-content-type-options
nosniff
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
etag
"70d5698e8c0aef0d63a985e95617f67b"
content-length
237118
content-type
text/css
web.assets_common.js
monitoring.pallada.sibsau.ru/web/content/286-87046f4/
840 KB
841 KB
Script
General
Full URL
https://monitoring.pallada.sibsau.ru/web/content/286-87046f4/web.assets_common.js
Requested by
Host: monitoring.pallada.sibsau.ru
URL: https://monitoring.pallada.sibsau.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
deda7896cfeaa46b1ec0ba5317f3cf9c463c5a99dc782aa8c287b8fd425d8278
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://monitoring.pallada.sibsau.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 09:00:53 GMT
cache-control
max-age=604800
x-content-type-options
nosniff
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
etag
"9cb50afc2e26ffa537db037fdc5d360a"
content-length
860288
content-type
application/javascript
website.assets_frontend.js
monitoring.pallada.sibsau.ru/web/content/295-9d289a0/
121 KB
121 KB
Script
General
Full URL
https://monitoring.pallada.sibsau.ru/web/content/295-9d289a0/website.assets_frontend.js
Requested by
Host: monitoring.pallada.sibsau.ru
URL: https://monitoring.pallada.sibsau.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
e5fd48f9427e7326032a9fc8e0bef0ad9704b0d00d1caf006218c1bd26caa2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://monitoring.pallada.sibsau.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 09:00:53 GMT
cache-control
max-age=604800
x-content-type-options
nosniff
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
etag
"70d5698e8c0aef0d63a985e95617f67b"
content-length
124259
content-type
application/javascript
logo_symbol_white.png
monitoring.pallada.sibsau.ru/theme_universal/static/src/images/
2 KB
2 KB
Image
General
Full URL
https://monitoring.pallada.sibsau.ru/theme_universal/static/src/images/logo_symbol_white.png
Requested by
Host: monitoring.pallada.sibsau.ru
URL: https://monitoring.pallada.sibsau.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
801898e52027dcfa5472c566029a07893575e917d4c750f0369dd507f73d80ef

Request headers

Referer
https://monitoring.pallada.sibsau.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 17 Aug 2024 09:00:53 GMT
date
Sat, 10 Aug 2024 09:00:53 GMT
cache-control
max-age=604800, public
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
etag
"wzsdm-1542036864-1669-1617823898"
content-length
1669
content-type
image/png
main_logo_white.svg
monitoring.pallada.sibsau.ru/theme_universal/static/src/images/
21 KB
21 KB
Image
General
Full URL
https://monitoring.pallada.sibsau.ru/theme_universal/static/src/images/main_logo_white.svg
Requested by
Host: monitoring.pallada.sibsau.ru
URL: https://monitoring.pallada.sibsau.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
11f27cfb0830550799609fa47a33cb3e627ad3e2d8166dabf25fb8cb3621ddaf

Request headers

Referer
https://monitoring.pallada.sibsau.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 17 Aug 2024 09:00:53 GMT
date
Sat, 10 Aug 2024 09:00:53 GMT
cache-control
max-age=604800, public
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
etag
"wzsdm-1520240310-21884-1302529972"
content-length
21884
content-type
image/svg+xml
vk.svg
www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/
0
0

telegram.svg
www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/
0
0

ok.png
www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/
0
0

rutube.jpg
www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/
0
0

tg_abiturient.svg
www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/
0
0

vk_abiturient.svg
www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/
0
0

fontawesome-webfont.woff2
monitoring.pallada.sibsau.ru/web/static/lib/fontawesome/fonts/
63 KB
63 KB
Font
General
Full URL
https://monitoring.pallada.sibsau.ru/web/static/lib/fontawesome/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: monitoring.pallada.sibsau.ru
URL: https://monitoring.pallada.sibsau.ru/web/content/285-87046f4/web.assets_common.0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://monitoring.pallada.sibsau.ru/web/content/285-87046f4/web.assets_common.0.css
Origin
https://monitoring.pallada.sibsau.ru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 17 Aug 2024 09:00:57 GMT
date
Sat, 10 Aug 2024 09:00:57 GMT
cache-control
max-age=604800, public
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
etag
"wzsdm-1507644744-64464-2223376861"
content-length
64464
content-type
text/plain
website.xml
monitoring.pallada.sibsau.ru/website/static/src/xml/
7 KB
7 KB
XHR
General
Full URL
https://monitoring.pallada.sibsau.ru/website/static/src/xml/website.xml
Requested by
Host: monitoring.pallada.sibsau.ru
URL: https://monitoring.pallada.sibsau.ru/web/content/286-87046f4/web.assets_common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
8fa8f987e31525320cdebb17bd4067b158c853266c7f58d959eb22fcb9d19036

Request headers

Referer
https://monitoring.pallada.sibsau.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 17 Aug 2024 09:00:57 GMT
date
Sat, 10 Aug 2024 09:00:57 GMT
cache-control
max-age=604800, public
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
etag
"wzsdm-1507644745-7435-454689907"
content-length
7435
content-type
application/xml
base_common.xml
monitoring.pallada.sibsau.ru/web/static/src/xml/
6 KB
6 KB
XHR
General
Full URL
https://monitoring.pallada.sibsau.ru/web/static/src/xml/base_common.xml
Requested by
Host: monitoring.pallada.sibsau.ru
URL: https://monitoring.pallada.sibsau.ru/web/content/286-87046f4/web.assets_common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
629b213deabdd30a1560086e0294b70be631f9fb8408d55d58e1558d8ef4d7c3

Request headers

Referer
https://monitoring.pallada.sibsau.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 17 Aug 2024 09:00:57 GMT
date
Sat, 10 Aug 2024 09:00:57 GMT
cache-control
max-age=604800, public
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
etag
"wzsdm-1507644744-5912-806422019"
content-length
5912
content-type
application/xml
website.share.xml
monitoring.pallada.sibsau.ru/website/static/src/xml/
671 B
774 B
XHR
General
Full URL
https://monitoring.pallada.sibsau.ru/website/static/src/xml/website.share.xml
Requested by
Host: monitoring.pallada.sibsau.ru
URL: https://monitoring.pallada.sibsau.ru/web/content/286-87046f4/web.assets_common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
734d7dd8c5973922ed58232e3d1b5c2af9a16ecb88eaaaf65a9d10bc662a3736

Request headers

Referer
https://monitoring.pallada.sibsau.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 17 Aug 2024 09:00:58 GMT
date
Sat, 10 Aug 2024 09:00:58 GMT
cache-control
max-age=604800, public
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
etag
"wzsdm-1507644745-671-1026885300"
content-length
671
content-type
application/xml
favicon.ico
monitoring.pallada.sibsau.ru/
19 KB
19 KB
Other
General
Full URL
https://monitoring.pallada.sibsau.ru/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
abf44fa87560049c147aa3786cbd524cc872e5897c7f2a5204a5967dccbe868b

Request headers

Referer
https://monitoring.pallada.sibsau.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 09:00:58 GMT
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
content-length
19055
content-type
text/html;charset=utf-8
translations
monitoring.pallada.sibsau.ru/website/
231 B
356 B
XHR
General
Full URL
https://monitoring.pallada.sibsau.ru/website/translations
Requested by
Host: monitoring.pallada.sibsau.ru
URL: https://monitoring.pallada.sibsau.ru/web/content/286-87046f4/web.assets_common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.216.164.125 Krasnoyarsk, Russian Federation, ASN51181 (SIBSAU-NET, RU),
Reverse DNS
webproxy.sibsau.ru
Software
Caddy, Werkzeug/0.9.6 Python/2.7.9 /
Resource Hash
516a3e99c02fe9dc810fc19b4abafebd6ed37e41ec78bae00af198a2b46a2425

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://monitoring.pallada.sibsau.ru/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Aug 2024 09:00:58 GMT
server
Caddy, Werkzeug/0.9.6 Python/2.7.9
content-length
231
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.sibsau.ru
URL
https://www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/vk.svg
Domain
www.sibsau.ru
URL
https://www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/telegram.svg
Domain
www.sibsau.ru
URL
https://www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/ok.png
Domain
www.sibsau.ru
URL
https://www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/rutube.jpg
Domain
www.sibsau.ru
URL
https://www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/tg_abiturient.svg
Domain
www.sibsau.ru
URL
https://www.sibsau.ru/sibgu/static/src/images/sibgu/img/social-icon/vk_abiturient.svg

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| QWeb2 function| _ function| Spinner function| moment function| autosize function| $ function| jQuery object| odoo object| jQuery111104352021022264063 object| Select2 boolean| jquery_mmenu_all_js

2 Cookies

Domain/Path Name / Value
monitoring.pallada.sibsau.ru/ Name: website_lang
Value: en_US
monitoring.pallada.sibsau.ru/ Name: session_id
Value: bbdfcea5b6a28b4181e1fabe26ebef68a253294b

1 Console Messages

Source Level URL
Text
network error URL: https://monitoring.pallada.sibsau.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()