noncrirejw.ru Open in urlscan Pro
104.21.23.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://noncrirejw.ru/lander/sber/
Effective URL:
https://noncrirejw.ru/lander/sber/
Submission: On May 22 via manual (May 22nd 2024, 1:17:06 pm UTC) from RU — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 17 HTTP transactions. The main IP is 104.21.23.212, located in and belongs to CLOUDFLARENET, US. The main domain is noncrirejw.ru.
TLS certificate: Issued by E1 on May 17th 2024. Valid for: 3 months.

This is the only time noncrirejw.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	104.21.23.212 104.21.23.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.166.188.188 104.166.188.188	21859 (ZEN-ECN) (ZEN-ECN)
1	2606:4700:20:... 2606:4700:20::ac43:4bc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	4

13 104.21.23.212 (None, )

ASN13335 (CLOUDFLARENET, US)

noncrirejw.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.166.188.188 (Amsterdam, Netherlands)

ASN21859 (ZEN-ECN, US)

api.imotech.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4bc7 (United States)

ASN13335 (CLOUDFLARENET, US)

api.country.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	noncrirejw.ru noncrirejw.ru	751 KB
1	country.is api.country.is — Cisco Umbrella Rank: 63774	508 B
1	imotech.video api.imotech.video — Cisco Umbrella Rank: 74621
17	3

	Domain	Requested by
13	noncrirejw.ru	noncrirejw.ru
1	api.country.is	noncrirejw.ru
1	api.imotech.video	noncrirejw.ru
17	3

This site contains no links.

Subject Issuer	Validity	Valid
noncrirejw.ru E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.imotech.video AlphaSSL CA - SHA256 - G4	`2023-07-12` - `2024-08-12`	a year	crt.sh
country.is GTS CA 1P5	`2024-04-16` - `2024-07-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://noncrirejw.ru/lander/sber/
Frame ID: A3F6BD17890F156A82471F109AFC44BF
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Получайте пассивный доход в интернете от 5000₽ каждый день!

Page URL History Show full URLs

http://noncrirejw.ru/lander/sber/ HTTP 307
https://noncrirejw.ru/lander/sber/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

88 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

752 kB
Transfer

1354 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://noncrirejw.ru/lander/sber/ HTTP 307
https://noncrirejw.ru/lander/sber/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response noncrirejw.ru/lander/sber/ Redirect Chain http://noncrirejw.ru/lander/sber/ https://noncrirejw.ru/lander/sber/	33 KB 8 KB	165ms 81ms	Document text/html	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://noncrirejw.ru/lander/sber/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f3b944655dbbe56df570dc55394f83a28962f4d6a86e95e1a375d04dbe9bd8a1` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 887d158308b04d9e-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 22 May 2024 13:17:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ixEFf6kHNNavekehOwmYpaGASMhSEeLSsvWEvZ%2BS9pIY10mzYgYSc0UnD5P25241C4VUZSfX6ZBC67l6BL0cAFqvmSa%2BY21PRU8PF9KV30rWwbUAqOE%2BBOndCh4sStRc"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers Location https://noncrirejw.ru/lander/sber/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	3.3.1.js Show response noncrirejw.ru/lander/sber/	348 KB 106 KB	98ms 97ms	Script application/javascript	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://noncrirejw.ru/lander/sber/3.3.1.js Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `73e3ae141777c483b369db25e936d456302a5a80d30d186549a86d6980b84b68` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 23 Apr 2024 07:59:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66276a66-57060" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iYuBD%2BM22jsqrQ5Aw1e7zQ7xE62mUtNpa45RXeYgIq6R2adfWeKgAnQSfqgI17AZZ56omjZ%2B85wPQ3f6u4vFwa91BuISlZzAbi%2F7xzHy5gp8lymLDyPsK63Upe38NiiM"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 887d158399694d9e-FRA alt-svc h3=":443"; ma=86400 expires Sat, 01 Jun 2024 13:17:01 GMT
GET H3	200	intlTelInput.css noncrirejw.ru/lander/sber/js/registerForm/intlTelInput/css/	26 KB 4 KB	50ms 50ms	Stylesheet text/css	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://noncrirejw.ru/lander/sber/js/registerForm/intlTelInput/css/intlTelInput.css Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `40d66ddce0898e40dc42ec747cf843340defa57df8ccd855c97ce77c61d84eb0` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 23 Apr 2024 07:59:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66276a66-6646" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pv4i6M7EdDWmq8uDRFI6URfe3znm%2FcoK2FEKwuaK5qUfdheAeTBmPPNiy64g1wBA8jC%2BZHOdk%2FYmbab6Z9lDz%2Bw%2BWIVEP%2FAl9zdyZ9aeRZsjvMQN2zeGzDPtqmx8g8Pi"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 887d1583996c4d9e-FRA alt-svc h3=":443"; ma=86400 expires Sat, 01 Jun 2024 13:17:01 GMT
GET H3	200	registerForm.css noncrirejw.ru/lander/sber/js/registerForm/	2 KB 1 KB	45ms 44ms	Stylesheet text/css	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://noncrirejw.ru/lander/sber/js/registerForm/registerForm.css Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cecfaa757c5694cded80f50f79a3808d5470b0e93d7b1121060d3b02be0f3012` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT content-encoding br cf-cache-status MISS last-modified Tue, 23 Apr 2024 07:59:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66276a66-801" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZXsOsGhxJKG0RCT0t43TxVGqP%2FRRveag%2F1jUOQWhfvNwMTgZVFUe37IQHLEl0uj%2FLmj9mL%2FgqgyichwqnlcMRezC6wC%2BzrqJ9tFY0N2QtS3mYViOdKcfwk2ph9Z12Wel"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 887d1583996f4d9e-FRA alt-svc h3=":443"; ma=86400 expires Sat, 01 Jun 2024 13:17:01 GMT
GET		css2 noncrirejw.ru/lander/sber/	0 0

GET H2	500	events.js api.imotech.video/ad/	0 0	113ms 27ms	Script application/javascript	104.166.188.188 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL https://api.imotech.video/ad/events.js?pixel_id= Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.166.188.188 Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US), Reverse DNS Software openresty / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Wed, 22 May 2024 13:17:01 GMT cache-control private, max-age=900 server openresty bigotraceresponse 00-4226bbf35cd43ebd517792d464449c88-0-01 content-length 0 content-type application/javascript;charset=utf-8
GET H3	200	logo.png noncrirejw.ru/lander/sber/lander/sberbank-forma2-vienna/images/	8 KB 8 KB	76ms 75ms	Image image/png	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://noncrirejw.ru/lander/sber/lander/sberbank-forma2-vienna/images/logo.png Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0dc64f4be536a38f5584d37f58d8f9cd4178696649f8426d302ba5c676a9430a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 7770 last-modified Tue, 23 Apr 2024 07:59:34 GMT server cloudflare etag "66276a66-1e5a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4qOTryQZkk0ak1PnMhlNAK4YeVJoKOwH%2BWvZ%2Fag6mL7QtWYNUKlnXJZomeJ8T7i%2BN%2FnuoepqcBfWf21vcSK9ucdxVzO%2FjRMOEVEZFBKFvo9s8UGY7NfSHM%2BkqCAibks"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 887d158399724d9e-FRA expires Sat, 01 Jun 2024 13:17:01 GMT
GET H3	200	gerb_w.png noncrirejw.ru/lander/sber/lander/sberbank-forma2-vienna/images/	2 KB 2 KB	62ms 62ms	Image image/png	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://noncrirejw.ru/lander/sber/lander/sberbank-forma2-vienna/images/gerb_w.png Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `36cd8049d99ea4fcfd5acdce46c381d0ba9293ed8cbadfeb6b7fb0ae7b35cc8a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 2067 last-modified Tue, 23 Apr 2024 07:59:34 GMT server cloudflare etag "66276a66-813" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TNduo81pnZsBtzHV4ysjFnyiTrOYAnkTzwOJfcxKcKk1vW1uzX7ggd7UCQJ3biDh7rX3bGo46c9vY6BJB9iiE8CM5h6ZsrJLY%2Fj7w4Y2%2FhMLbzGw2Yl16kDTtpZrIBWg"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 887d158399744d9e-FRA expires Sat, 01 Jun 2024 13:17:01 GMT
GET H3	200	jquery-3.5.1.min.js Show response noncrirejw.ru/lander/sber/	87 KB 31 KB	76ms 76ms	Script application/javascript	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://noncrirejw.ru/lander/sber/jquery-3.5.1.min.js Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 23 Apr 2024 07:59:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66276a66-15d84" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2goBBuUJbMT5D%2B4MY6X1BjOh4XBQgY7GzQ0lolPSA3gvqJVJ3xBAOqPMkkzD%2ByzX0mEXnamXdGYlYht4pR7k7PbS7lod%2BY1G96gEazNVldeyZxWWUbIH62uyuPGgxLPx"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 887d1583f9e74d9e-FRA alt-svc h3=":443"; ma=86400 expires Sat, 01 Jun 2024 13:17:01 GMT
GET H3	200	intlTelInput.js Show response noncrirejw.ru/lander/sber/js/registerForm/intlTelInput/js/	88 KB 21 KB	76ms 76ms	Script application/javascript	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://noncrirejw.ru/lander/sber/js/registerForm/intlTelInput/js/intlTelInput.js Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `82a3ec7fe8e0ea7fe1eb2624f0707244f8086f9cd06fef732e995d7973d8dd5c` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 23 Apr 2024 07:59:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66276a66-15fcd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2FhZxX6PE1kFA9sTRtQLwjL4EZOm41Xxj%2Brj%2BjSz%2FP2z220%2BsVH7eoA%2Fa6m4jOndrXXTlcllA1xAfBprz7ls2OmxcELMsgjmM%2B%2BQs1%2BHDNUmCxkTM163Gz80VvnW3X%2FL"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 887d15841a194d9e-FRA alt-svc h3=":443"; ma=86400 expires Sat, 01 Jun 2024 13:17:01 GMT
GET H3	200	registerForm.js Show response noncrirejw.ru/lander/sber/js/registerForm/	9 KB 4 KB	54ms 53ms	Script application/javascript	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://noncrirejw.ru/lander/sber/js/registerForm/registerForm.js?43432152 Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7901e5b0a65e66a3d2d2b32f320b0cff4abe8612a71652e8f9902b5dfb6b5a8a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 23 Apr 2024 07:59:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66276a66-23aa" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k7SzEslg4LQofbVUdyG2DNJxvLHh3UPXhHmlG82PcE0GV9S9%2FlEfz9a6gkPs92Yn2SPd7gkTjcRJFOLAmOpww8h3loOoETN7DZDQ7%2Fm0CPmAAFZbwBNvLm9OcECmDb3r"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 887d1584aaf24d9e-FRA alt-svc h3=":443"; ma=86400 expires Sat, 01 Jun 2024 13:17:01 GMT
GET		css2 noncrirejw.ru/lander/sber/	0 0

GET H3	200	bg.jpg noncrirejw.ru/lander/sber/lander/sberbank-forma2-vienna/images/	440 KB 441 KB	66ms 65ms	Image image/jpeg	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://noncrirejw.ru/lander/sber/lander/sberbank-forma2-vienna/images/bg.jpg Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dcb9ecbd8585c14dfe6ef589377db001517ff238f3b22b6e95ad80e356aaf607` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 450869 last-modified Tue, 23 Apr 2024 07:59:34 GMT server cloudflare etag "66276a66-6e135" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yx3o4LmjaJH4lefhLvOXENvRBhv0%2BRURMw3ZvdCqVitmIdDYYdran6VlaV6naVlNX5oDTweIzvNrnO%2BIyy6e5Ap4RMNImdk1RNkW6Cmuna%2BPvTc%2BNlg143tKEn7iexHd"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 887d15853c014d9e-FRA expires Sat, 01 Jun 2024 13:17:01 GMT
GET H2	200	/ Show response api.country.is/	43 B 508 B	246ms 198ms	XHR application/json	2606:4700:20::ac43:4bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.country.is/ Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/jquery-3.5.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `de03fd8d4f72d0188285173278d4bc1eb120d173bc226ebb85ab169112c13e5a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/javascript, /; q=0.01 Referer https://noncrirejw.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2b-VyUD8vIWIvcq7zX01Fv7rKnXLno" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTFgl%2BZ3Y6U1%2BSETE1BsQMtDyxZZmXI%2FTDvhlmpFlJ7RwQiH7258u8Qa3NMx1IxBauNc5UlOVO0%2BZbt%2Fe0E41YlDlL5Hn%2BTUDrXxRmE94Grq1hMkGDk%2F4Vy7XlxoEHDb9MEeW8x4DW7ICUj8"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache cf-ray 887d1585cd9f3815-FRA content-length 43
GET H3	200	flags.png noncrirejw.ru/lander/sber/js/registerForm/intlTelInput/img/	69 KB 70 KB	95ms 94ms	Image image/png	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://noncrirejw.ru/lander/sber/js/registerForm/intlTelInput/img/flags.png Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/js/registerForm/intlTelInput/css/intlTelInput.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/js/registerForm/intlTelInput/css/intlTelInput.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 70857 last-modified Tue, 23 Apr 2024 07:59:34 GMT server cloudflare etag "66276a66-114c9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hD7JxL1IKeoAJ6LgDE7lefBKSJI03wmhduFyLSZbw5cNIQMkId7agqbcEmDnJYW1Lt%2BWLj6C0r3CYvoY1NhKL5sCL%2BQhsIe0MuQDsv1FXyNQaT6AzUbRaV1c0WIMixmv"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 887d15859ca44d9e-FRA expires Sat, 01 Jun 2024 13:17:01 GMT
GET H3	200	utils.js Show response noncrirejw.ru/lander/sber/js/registerForm/intlTelInput/js/	240 KB 55 KB	97ms 96ms	Script application/javascript	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://noncrirejw.ru/lander/sber/js/registerForm/intlTelInput/js/utils.js Requested by Host: noncrirejw.ru URL: https://noncrirejw.ru/lander/sber/js/registerForm/intlTelInput/js/intlTelInput.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b3e09fcd1c5b2a09016b0e89e8a71a0a3977b7ce074d02e399ba90e993a52f93` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 23 Apr 2024 07:59:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66276a66-3c1cb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTnXPO69a9yZhr9ZL1m5EYQIc%2B4Zz8QmmuGMhuQD3%2FbdMVNicXMApYueqV9yHD1J9HuW2qkbZdyF%2BtwcZK76B06vhxFP535LsOY5UIaKqQGF68fGqEEZIJcNSnPX8zWt"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 887d15863d7c4d9e-FRA alt-svc h3=":443"; ma=86400 expires Sat, 01 Jun 2024 13:17:01 GMT
GET H3	200	favicon.ico noncrirejw.ru/lander/sber/lander/sberbank-forma2-vienna/	1 KB 2 KB	54ms 53ms	Other image/x-icon	104.21.23.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://noncrirejw.ru/lander/sber/lander/sberbank-forma2-vienna/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5c222513f164c36d13a42896006a42a326da08ee00e3e7bff78789474f86e745` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://noncrirejw.ru/lander/sber/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 13:17:01 GMT content-encoding br cf-cache-status MISS last-modified Tue, 23 Apr 2024 07:59:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66276a66-4a6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPpAhjUgaep7%2B4wvk5%2BTEFxsCTw9h%2ByXEa9bCFZr1IpovgYDQoOwBqFj6Kigygy4dpRmoPQrFvHfmlwctWXmsvW0NjFqmjw%2Fh2%2B7hEAEdl6XMnpE0jywJQW1HRpirJQh"}],"group":"cf-nel","max_age":604800} content-type image/x-icon access-control-allow-origin * cache-control max-age=864000 cf-ray 887d15864da34d9e-FRA alt-svc h3=":443"; ma=86400 expires Sat, 01 Jun 2024 13:17:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: noncrirejw.ru
URL: https://noncrirejw.ru/lander/sber/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Domain: noncrirejw.ru
URL: https://noncrirejw.ru/lander/sber/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://noncrirejw.ru/lander/sber/ Message: Refused to apply style from 'https://noncrirejw.ru/lander/sber/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap' because its MIME type ('application/octet-stream') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://noncrirejw.ru/lander/sber/ Message: Refused to apply style from 'https://noncrirejw.ru/lander/sber/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap' because its MIME type ('application/octet-stream') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://api.imotech.video/ad/events.js?pixel_id= Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.country.is
api.imotech.video
noncrirejw.ru
noncrirejw.ru
104.166.188.188
104.21.23.212
2606:4700:20::ac43:4bc7
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0dc64f4be536a38f5584d37f58d8f9cd4178696649f8426d302ba5c676a9430a
36cd8049d99ea4fcfd5acdce46c381d0ba9293ed8cbadfeb6b7fb0ae7b35cc8a
40d66ddce0898e40dc42ec747cf843340defa57df8ccd855c97ce77c61d84eb0
5c222513f164c36d13a42896006a42a326da08ee00e3e7bff78789474f86e745
73e3ae141777c483b369db25e936d456302a5a80d30d186549a86d6980b84b68
7901e5b0a65e66a3d2d2b32f320b0cff4abe8612a71652e8f9902b5dfb6b5a8a
82a3ec7fe8e0ea7fe1eb2624f0707244f8086f9cd06fef732e995d7973d8dd5c
b3e09fcd1c5b2a09016b0e89e8a71a0a3977b7ce074d02e399ba90e993a52f93
cecfaa757c5694cded80f50f79a3808d5470b0e93d7b1121060d3b02be0f3012
dcb9ecbd8585c14dfe6ef589377db001517ff238f3b22b6e95ad80e356aaf607
de03fd8d4f72d0188285173278d4bc1eb120d173bc226ebb85ab169112c13e5a
f3b944655dbbe56df570dc55394f83a28962f4d6a86e95e1a375d04dbe9bd8a1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

noncrirejw.ru Open in urlscan Pro 104.21.23.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

88 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

752 kBTransfer

1354 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

noncrirejw.ru Open in urlscan Pro
104.21.23.212 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

88 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

752 kB
Transfer

1354 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions