corteos.ntravel.su Open in urlscan Pro
94.79.54.168  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response corteos.ntravel.su/	9 KB 4 KB	10199ms 9557ms	Document text/html	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 33f7c3327ef2ec5b59cee18f47b8289090267563a75f349513a4f26b2d6f87e4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control private content-encoding gzip content-length 3584 content-type text/html; charset=utf-8 date Wed, 28 Feb 2024 11:39:24 GMT server Microsoft-IIS/10.0 vary Accept-Encoding x-aspnet-version 4.0.30319 x-powered-by ASP.NET
GET H2	200	open-sans.css corteos.ntravel.su/Pages/Common/Styles/global/googlefonts/open-sans/	9 KB 1 KB	161ms 158ms	Stylesheet text/css	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/Pages/Common/Styles/global/googlefonts/open-sans/open-sans.css Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d07c9db00875aa24039c868e08441916b8ad0c0a7ca6bdfaebc40f3b13320bec Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Tue, 13 Jun 2023 07:34:03 GMT server Microsoft-IIS/10.0 etag "d4326e6dc99dd91:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1031
GET H2	200	swipebox.min.css corteos.ntravel.su/Pages/Common/Styles/global/	4 KB 2 KB	160ms 157ms	Stylesheet text/css	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/Pages/Common/Styles/global/swipebox.min.css Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595 Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Tue, 13 Jun 2023 07:34:03 GMT server Microsoft-IIS/10.0 etag "bbe37e6dc99dd91:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1503
GET H2	200	css corteos.ntravel.su/bundles/common/	1 MB 214 KB	466ms 463ms	Stylesheet text/css	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/bundles/common/css?v=lSCQjlrgzBdLd2Vm0O6ASwZ6o56uInOMqloVKYyGrOE1 Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8ed3fcd8c86e022a3ecd143c50363447dd35980f9cf3e854180c4fb2efaeacf4 Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Wed, 28 Feb 2024 11:39:25 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET vary User-Agent,Accept-Encoding content-type text/css; charset=utf-8 cache-control public expires Thu, 27 Feb 2025 11:39:25 GMT
GET H2	200	css corteos.ntravel.su/bundles/desktop/	2 MB 348 KB	725ms 723ms	Stylesheet text/css	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/bundles/desktop/css?v=hDYF5aa9zgwmmHTT36Lvy1084HyELyb3xxedmK7xx6g1 Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 13a805bc8dc351317c25fcc50c832ce2ca308d5531bee38ddbbe3151664d5dca Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Wed, 28 Feb 2024 11:39:25 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET vary User-Agent,Accept-Encoding content-type text/css; charset=utf-8 cache-control public expires Thu, 27 Feb 2025 11:39:25 GMT
GET H2	200	login_template.min.css corteos.ntravel.su/Pages/Common/Styles/global/CRT_v1/Pages/Layout/	5 KB 2 KB	161ms 158ms	Stylesheet text/css	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/Pages/Common/Styles/global/CRT_v1/Pages/Layout/login_template.min.css Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash eb9984848d1b7afff8fabc6239b7fc3cac5c1748506c438fad8688a2407614ef Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Tue, 01 Aug 2023 07:50:38 GMT server Microsoft-IIS/10.0 etag "e2f694dc4cc4d91:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1624
GET H2	200	login Show response corteos.ntravel.su/bundles/	587 KB 249 KB	300ms 297ms	Script text/javascript	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/bundles/login?v=-7RpsxQgPZNy0pezvFT8vCqizhEC2bahNTCC8xmUdvE1 Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 63146b06856cc6ac0e346b06b835bd191392987361c4f1e3125cc565f0985a1f Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Wed, 28 Feb 2024 11:39:25 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET vary User-Agent,Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public expires Thu, 27 Feb 2025 11:39:25 GMT
GET H2	200	jv3.modal.es6.js Show response corteos.ntravel.su/_Shared/Common/Vue2/modal/script/	1 KB 918 B	155ms 152ms	Script application/javascript	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/_Shared/Common/Vue2/modal/script/jv3.modal.es6.js Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 57b7bbdd733e3bd6ea9c3eb99688a39dc5763bc3e31039686bf356e90d95fa1a Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Mon, 12 Feb 2024 10:57:09 GMT server Microsoft-IIS/10.0 etag "6ef38e39a25dda1:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 791
GET H2	200	personal.data.login.es6.js Show response corteos.ntravel.su/PortableViews/ModAgreementWithPersonalDataExtViews/Scripts/	87 B 300 B	158ms 156ms	Script application/javascript	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/PortableViews/ModAgreementWithPersonalDataExtViews/Scripts/personal.data.login.es6.js Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 78438bbc7a670c65eba9cbbef062f49c483b4fa9be97bf1de8bb11cde6c56752 Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Mon, 12 Feb 2024 11:35:08 GMT server Microsoft-IIS/10.0 etag "be406088a75dda1:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 195
GET H2	200	personal.data.login.es6.js Show response corteos.ntravel.su/PortableViews/ModAgreementWithPersonalDataViews/StartPage/Scripts/	87 B 296 B	158ms 156ms	Script application/javascript	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/PortableViews/ModAgreementWithPersonalDataViews/StartPage/Scripts/personal.data.login.es6.js Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 78438bbc7a670c65eba9cbbef062f49c483b4fa9be97bf1de8bb11cde6c56752 Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Tue, 13 Feb 2024 08:20:14 GMT server Microsoft-IIS/10.0 etag "7fe82878555eda1:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 195
GET H2	200	personal.data.code.login.es6.js Show response corteos.ntravel.su/PortableViews/ModTrackingPersonalCodeViews/StartPage/Scripts/	87 B 295 B	1007ms 1005ms	Script application/javascript	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/PortableViews/ModTrackingPersonalCodeViews/StartPage/Scripts/personal.data.code.login.es6.js Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 74ac8044aabb7fa99e9a44fdc38dc98d63ca13b592517c51ceeb6cfc304f4532 Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Mon, 12 Feb 2024 11:36:17 GMT server Microsoft-IIS/10.0 etag "82466b1a75dda1:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 195
GET H2	200	tavs.css static.corteos.ru/other/media/tavs/	23 KB 23 KB	651ms 142ms	Stylesheet text/css	185.9.147.80 SMARTAPE
General Check archive.org Show headers Download Go to Full URL https://static.corteos.ru/other/media/tavs/tavs.css Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.9.147.80 , Estonia, ASN56694 (SMARTAPE, RU), Reverse DNS mail.shared.smartape.ru Software nginx/1.20.2 / Resource Hash 64ae07e1779381ec023c52bb2bf5eed469747aebd8791787cf7ccfb3b570b13e Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:38:59 GMT strict-transport-security max-age=31536000; last-modified Mon, 13 Nov 2023 06:30:26 GMT server nginx/1.20.2 etag "6551c282-5b6b" content-type text/css accept-ranges bytes content-length 23403
GET H2	200	login.common.es6.js Show response corteos.ntravel.su/Pages/Login/Scripts/	2 KB 1 KB	1008ms 1006ms	Script application/javascript	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/Pages/Login/Scripts/login.common.es6.js Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d7d37ec9c3e33168c17c0c6436050b9b32ffff130e43e1bf3d7152d1ab2bf70a Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Mon, 12 Feb 2024 10:55:51 GMT server Microsoft-IIS/10.0 etag "ba40efaa25dda1:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1089
GET H2	200	password.recovery.mixin.es6.js Show response corteos.ntravel.su/Pages/Login/Scripts/	3 KB 1 KB	1008ms 1007ms	Script application/javascript	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/Pages/Login/Scripts/password.recovery.mixin.es6.js Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c9f231a29130f30f44e3eef7c4e3e11e341c32764e374b03429b3a3204ee212c Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Mon, 12 Feb 2024 10:55:53 GMT server Microsoft-IIS/10.0 etag "ad3b91ca25dda1:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1145
GET H2	200	login.common.mixin.nocaptcha.es6.js Show response corteos.ntravel.su/Pages/Login/Scripts/	2 KB 1 KB	1009ms 1008ms	Script application/javascript	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/Pages/Login/Scripts/login.common.mixin.nocaptcha.es6.js Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash eb2f529325a1c068834a55e6f316c8145cf494786016d070b56fd01f7c2ab89c Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:24 GMT content-encoding gzip last-modified Mon, 12 Feb 2024 10:55:51 GMT server Microsoft-IIS/10.0 etag "3eb71ba25dda1:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1013
GET H2	200	logo-white.png static.corteos.ru/other/media/tavs/	3 KB 4 KB	145ms 144ms	Image image/png	185.9.147.80 SMARTAPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.corteos.ru/other/media/tavs/logo-white.png Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.9.147.80 , Estonia, ASN56694 (SMARTAPE, RU), Reverse DNS mail.shared.smartape.ru Software nginx/1.20.2 / Resource Hash 2538b833937bdcb08ce263a769dcb40900e4f392e88a67459af41a686e1bd4c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:00 GMT strict-transport-security max-age=31536000; last-modified Wed, 19 Jul 2023 08:15:50 GMT server nginx/1.20.2 etag "64b79bb6-d69" content-type image/png accept-ranges bytes content-length 3433
GET H2	200	bg-1.jpg static.corteos.ru/other/media/nornik/bg/	593 KB 594 KB	276ms 276ms	Image image/jpeg	185.9.147.80 SMARTAPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.corteos.ru/other/media/nornik/bg/bg-1.jpg Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.9.147.80 , Estonia, ASN56694 (SMARTAPE, RU), Reverse DNS mail.shared.smartape.ru Software nginx/1.20.2 / Resource Hash 661caee61809c569e0344bcb82a1a1226c1aa42fab12d62a0280b976ffa329ab Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:00 GMT strict-transport-security max-age=31536000; last-modified Thu, 19 Nov 2020 13:10:37 GMT server nginx/1.20.2 etag "5fb66ecd-944c3" content-type image/jpeg accept-ranges bytes content-length 607427
GET H2	200	ProximaNova-Bold.ttf corteos.ntravel.su/Pages/Test/Styles/Desktop/fonts/Proxima/	141 KB 141 KB	148ms 147ms	Font application/octet-stream	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/Pages/Test/Styles/Desktop/fonts/Proxima/ProximaNova-Bold.ttf Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/bundles/desktop/css?v=hDYF5aa9zgwmmHTT36Lvy1084HyELyb3xxedmK7xx6g1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e101655ea8ab108a99ae8b26036e9b4f030b137294867be5245b8699ec024543 Request headers Referer https://corteos.ntravel.su/bundles/desktop/css?v=hDYF5aa9zgwmmHTT36Lvy1084HyELyb3xxedmK7xx6g1 Origin https://corteos.ntravel.su accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:26 GMT last-modified Tue, 13 Jun 2023 07:34:05 GMT server Microsoft-IIS/10.0 etag "df59d6ec99dd91:0" x-powered-by ASP.NET content-type application/octet-stream accept-ranges bytes content-length 144284
GET H2	200	CRT_Icon.ttf corteos.ntravel.su/Pages/Common/Styles/fonts/CRT_Font/	31 KB 31 KB	146ms 146ms	Font application/octet-stream	94.79.54.168 ITSOFT-AS
General Check archive.org Show headers Download Go to Full URL https://corteos.ntravel.su/Pages/Common/Styles/fonts/CRT_Font/CRT_Icon.ttf Requested by Host: corteos.ntravel.su URL: https://corteos.ntravel.su/bundles/common/css?v=lSCQjlrgzBdLd2Vm0O6ASwZ6o56uInOMqloVKYyGrOE1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.79.54.168 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS mail.corteos.ru Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8614b393e04483d73f5a1cc8a943cb81c1a936a7b47282f4e87a37cf45ebba03 Request headers Referer https://corteos.ntravel.su/bundles/common/css?v=lSCQjlrgzBdLd2Vm0O6ASwZ6o56uInOMqloVKYyGrOE1 Origin https://corteos.ntravel.su accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:26 GMT last-modified Tue, 13 Jun 2023 07:34:03 GMT server Microsoft-IIS/10.0 etag "e3815d6dc99dd91:0" x-powered-by ASP.NET content-type application/octet-stream accept-ranges bytes content-length 31380
GET H2	200	bg-2.jpg static.corteos.ru/other/media/nornik/bg/	768 KB 769 KB	274ms 274ms	Image image/jpeg	185.9.147.80 SMARTAPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.corteos.ru/other/media/nornik/bg/bg-2.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.9.147.80 , Estonia, ASN56694 (SMARTAPE, RU), Reverse DNS mail.shared.smartape.ru Software nginx/1.20.2 / Resource Hash 7dc1c4c52a5c0ec0d79db8cd9f906048a3d712a46418d03f7822c22b93a3f7e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://corteos.ntravel.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 11:39:05 GMT strict-transport-security max-age=31536000; last-modified Thu, 19 Nov 2020 13:10:39 GMT server nginx/1.20.2 etag "5fb66ecf-bff9e" content-type image/jpeg accept-ranges bytes content-length 786334

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| axios function| Popper object| bootstrap function| Vue function| asyncGeneratorStep function| _asyncToGenerator object| passwordRecoveryMixin object| loginMixin object| login

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			corteos.ntravel.su/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: wlwceu4vtreblxgcndkbyyow
			corteos.ntravel.su/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

corteos.ntravel.su
static.corteos.ru
185.9.147.80
94.79.54.168
13a805bc8dc351317c25fcc50c832ce2ca308d5531bee38ddbbe3151664d5dca
2538b833937bdcb08ce263a769dcb40900e4f392e88a67459af41a686e1bd4c9
33f7c3327ef2ec5b59cee18f47b8289090267563a75f349513a4f26b2d6f87e4
57b7bbdd733e3bd6ea9c3eb99688a39dc5763bc3e31039686bf356e90d95fa1a
63146b06856cc6ac0e346b06b835bd191392987361c4f1e3125cc565f0985a1f
64ae07e1779381ec023c52bb2bf5eed469747aebd8791787cf7ccfb3b570b13e
661caee61809c569e0344bcb82a1a1226c1aa42fab12d62a0280b976ffa329ab
74ac8044aabb7fa99e9a44fdc38dc98d63ca13b592517c51ceeb6cfc304f4532
78438bbc7a670c65eba9cbbef062f49c483b4fa9be97bf1de8bb11cde6c56752
7dc1c4c52a5c0ec0d79db8cd9f906048a3d712a46418d03f7822c22b93a3f7e0
8614b393e04483d73f5a1cc8a943cb81c1a936a7b47282f4e87a37cf45ebba03
8ed3fcd8c86e022a3ecd143c50363447dd35980f9cf3e854180c4fb2efaeacf4
c9f231a29130f30f44e3eef7c4e3e11e341c32764e374b03429b3a3204ee212c
d07c9db00875aa24039c868e08441916b8ad0c0a7ca6bdfaebc40f3b13320bec
d7d37ec9c3e33168c17c0c6436050b9b32ffff130e43e1bf3d7152d1ab2bf70a
e101655ea8ab108a99ae8b26036e9b4f030b137294867be5245b8699ec024543
e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595
eb2f529325a1c068834a55e6f316c8145cf494786016d070b56fd01f7c2ab89c
eb9984848d1b7afff8fabc6239b7fc3cac5c1748506c438fad8688a2407614ef