update.qwerty.plus Open in urlscan Pro
91.206.242.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://update.qwerty.plus/
Effective URL:
https://update.qwerty.plus/Login?ReturnUrl=%2F
Submission: On July 22 via automatic, source certstream-suspicious (July 22nd 2024, 4:00:41 pm UTC) — Scanned from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 91.206.242.1, located in Russian Federation and belongs to QWERTY-AS, RU. The main domain is update.qwerty.plus.
TLS certificate: Issued by R11 on July 22nd 2024. Valid for: 3 months.

This is the only time update.qwerty.plus was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 11	91.206.242.1 91.206.242.1		47854 (QWERTY-AS) (QWERTY-AS)
10	1

11 91.206.242.1 (Russian Federation) 1 redirects

ASN47854 (QWERTY-AS, RU)
PTR: relay0.qwerty.perm.ru

update.qwerty.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	qwerty.plus 1 redirects update.qwerty.plus	242 KB
10	1

	Domain	Requested by
11	update.qwerty.plus	1 redirects update.qwerty.plus
10	1

This site contains no links.

Subject Issuer	Validity	Valid
update.qwerty.plus R11	`2024-07-22` - `2024-10-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://update.qwerty.plus/Login?ReturnUrl=%2F
Frame ID: D4BED9EC19169287D07462F10E929276
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Авторизация - UpdatePage

Page URL History Show full URLs

https://update.qwerty.plus/ HTTP 302
https://update.qwerty.plus/Login?ReturnUrl=%2F Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

242 kB
Transfer

599 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://update.qwerty.plus/ HTTP 302
https://update.qwerty.plus/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Login Show response
update.qwerty.plus/
Redirect Chain

https://update.qwerty.plus/
https://update.qwerty.plus/Login?ReturnUrl=%2F

5 KB
2 KB

222ms
222ms

Document
text/html

91.206.242.1
QWERTY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://update.qwerty.plus/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.206.242.1 , Russian Federation, ASN47854 (QWERTY-AS, RU),

Reverse DNS

relay0.qwerty.perm.ru

Software

nginx/1.18.0 / ASP.NET

Resource Hash

6b8ed62e2b2752d3863beb7a8e1ca00383cc7dc550bf0f8d68bd0cbc46f71369

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 22 Jul 2024 16:00:35 GMT
pragma: no-cache
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

content-length: 0
date: Mon, 22 Jul 2024 16:00:34 GMT
location: /Login?ReturnUrl=%2F
server: nginx/1.18.0
x-powered-by: ASP.NET

GET
H2 200 site.min.css
update.qwerty.plus/css/ 282 B
437 B 227ms
225ms Stylesheet
text/css 91.206.242.1
QWERTY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://update.qwerty.plus/css/site.min.css?v=LYuNbyu0PzpxdHDCf1W0FXIhplhWR8nUSYEcZZbEc0E
Requested by: Host: update.qwerty.plus
URL: https://update.qwerty.plus/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.206.242.1 , Russian Federation, ASN47854 (QWERTY-AS, RU),
Reverse DNS: relay0.qwerty.perm.ru
Software: nginx/1.18.0 / ASP.NET
Resource Hash: 2d8b8d6f2bb43f3a717470c27f55b4157221a6585647c9d449811c6596c47341

Request headers

Referer: https://update.qwerty.plus/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 16:00:35 GMT
last-modified: Fri, 05 Feb 2021 08:30:20 GMT
server: nginx/1.18.0
etag: "1d6fb99239bf71a"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 282

GET
H2 200 select.min.css
update.qwerty.plus/css/ 6 KB
2 KB 227ms
225ms Stylesheet
text/css 91.206.242.1
QWERTY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://update.qwerty.plus/css/select.min.css
Requested by: Host: update.qwerty.plus
URL: https://update.qwerty.plus/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.206.242.1 , Russian Federation, ASN47854 (QWERTY-AS, RU),
Reverse DNS: relay0.qwerty.perm.ru
Software: nginx/1.18.0 / ASP.NET
Resource Hash: d8e0fc4e020c286a934f3fc544493ee482c8505ff71915c3c89620937d0c7b74

Request headers

Referer: https://update.qwerty.plus/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 16:00:35 GMT
content-encoding: gzip
last-modified: Fri, 05 Feb 2021 08:30:20 GMT
server: nginx/1.18.0
etag: W/"1d6fb99239be1d3"
x-powered-by: ASP.NET
content-type: text/css

GET
H2 200 bootstrap.css
update.qwerty.plus/css/ 149 KB
26 KB 228ms
227ms Stylesheet
text/css 91.206.242.1
QWERTY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://update.qwerty.plus/css/bootstrap.css
Requested by: Host: update.qwerty.plus
URL: https://update.qwerty.plus/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.206.242.1 , Russian Federation, ASN47854 (QWERTY-AS, RU),
Reverse DNS: relay0.qwerty.perm.ru
Software: nginx/1.18.0 / ASP.NET
Resource Hash: a29236eed54ff257f34dd88abfd5a2f14b9190d84802f6703152d6b4ea511ca9

Request headers

Referer: https://update.qwerty.plus/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 16:00:35 GMT
content-encoding: gzip
last-modified: Fri, 05 Feb 2021 08:30:20 GMT
server: nginx/1.18.0
etag: W/"1d6fb992399a2bf"
x-powered-by: ASP.NET
content-type: text/css

GET
H2 200 angular.min.js Show response
update.qwerty.plus/js/ 172 KB
66 KB 229ms
227ms Script
application/javascript 91.206.242.1
QWERTY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://update.qwerty.plus/js/angular.min.js
Requested by: Host: update.qwerty.plus
URL: https://update.qwerty.plus/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.206.242.1 , Russian Federation, ASN47854 (QWERTY-AS, RU),
Reverse DNS: relay0.qwerty.perm.ru
Software: nginx/1.18.0 / ASP.NET
Resource Hash: fea7b3e605064bd192be3fa431828f1e5ccf6cf8c41601dbd6bf2c121724fcbf

Request headers

Referer: https://update.qwerty.plus/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 16:00:35 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 09:56:50 GMT
server: nginx/1.18.0
etag: W/"1d68c0fb26c2cca"
x-powered-by: ASP.NET
content-type: application/javascript

GET
H2 200 site.js Show response
update.qwerty.plus/js/ 3 B
166 B 229ms
228ms Script
application/javascript 91.206.242.1
QWERTY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://update.qwerty.plus/js/site.js?v=8ZRc1sGeVrPBx4lD717BgRaQekyh78QKV9SKsdt638U
Requested by: Host: update.qwerty.plus
URL: https://update.qwerty.plus/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.206.242.1 , Russian Federation, ASN47854 (QWERTY-AS, RU),
Reverse DNS: relay0.qwerty.perm.ru
Software: nginx/1.18.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://update.qwerty.plus/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 16:00:35 GMT
last-modified: Fri, 05 Feb 2021 08:30:21 GMT
server: nginx/1.18.0
etag: "1d6fb9924348c83"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 3

GET
H2 200 select.min.js Show response
update.qwerty.plus/js/ 44 KB
14 KB 228ms
227ms Script
application/javascript 91.206.242.1
QWERTY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://update.qwerty.plus/js/select.min.js
Requested by: Host: update.qwerty.plus
URL: https://update.qwerty.plus/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.206.242.1 , Russian Federation, ASN47854 (QWERTY-AS, RU),
Reverse DNS: relay0.qwerty.perm.ru
Software: nginx/1.18.0 / ASP.NET
Resource Hash: 4ac7cd0f2695a09c38af4ec70bb306591ff0342ab497656002ce2a2dc355ec52

Request headers

Referer: https://update.qwerty.plus/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 16:00:35 GMT
content-encoding: gzip
last-modified: Fri, 05 Feb 2021 08:30:20 GMT
server: nginx/1.18.0
etag: W/"1d6fb99239b46bc"
x-powered-by: ASP.NET
content-type: application/javascript

GET
H2 200 angular-sanitize.min.js Show response
update.qwerty.plus/js/ 7 KB
4 KB 229ms
228ms Script
application/javascript 91.206.242.1
QWERTY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://update.qwerty.plus/js/angular-sanitize.min.js
Requested by: Host: update.qwerty.plus
URL: https://update.qwerty.plus/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.206.242.1 , Russian Federation, ASN47854 (QWERTY-AS, RU),
Reverse DNS: relay0.qwerty.perm.ru
Software: nginx/1.18.0 / ASP.NET
Resource Hash: 0dfe6562e9677b64a18dad1b88f6aa870a77070609cc3ea58cc730f4312037d2

Request headers

Referer: https://update.qwerty.plus/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 16:00:35 GMT
content-encoding: gzip
last-modified: Fri, 05 Feb 2021 08:30:20 GMT
server: nginx/1.18.0
etag: W/"1d6fb99239bed24"
x-powered-by: ASP.NET
content-type: application/javascript

GET
H2 200 ui-bootstrap.min.js Show response
update.qwerty.plus/js/ 123 KB
36 KB 229ms
228ms Script
application/javascript 91.206.242.1
QWERTY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://update.qwerty.plus/js/ui-bootstrap.min.js
Requested by: Host: update.qwerty.plus
URL: https://update.qwerty.plus/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.206.242.1 , Russian Federation, ASN47854 (QWERTY-AS, RU),
Reverse DNS: relay0.qwerty.perm.ru
Software: nginx/1.18.0 / ASP.NET
Resource Hash: 4653ab5551586c315d316d0255281566fb2b8ca01d1bd61174c4a06e9d8bb247

Request headers

Referer: https://update.qwerty.plus/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 16:00:35 GMT
content-encoding: gzip
last-modified: Fri, 05 Feb 2021 08:30:21 GMT
server: nginx/1.18.0
etag: W/"1d6fb99243567a9"
x-powered-by: ASP.NET
content-type: application/javascript

GET
H2 200 favicon.ico
update.qwerty.plus/ 93 KB
93 KB 463ms
462ms Other
image/x-icon 91.206.242.1
QWERTY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://update.qwerty.plus/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.206.242.1 , Russian Federation, ASN47854 (QWERTY-AS, RU),
Reverse DNS: relay0.qwerty.perm.ru
Software: nginx/1.18.0 / ASP.NET
Resource Hash: 113534fc574a16ccf7ebef1a145a71fd7f8d85fbb271fa21796df9c65571028c

Request headers

Referer: https://update.qwerty.plus/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 16:00:36 GMT
last-modified: Fri, 05 Feb 2021 08:30:20 GMT
server: nginx/1.18.0
etag: "1d6fb99239a84be"
x-powered-by: ASP.NET
content-type: image/x-icon
accept-ranges: bytes
content-length: 94910

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| angular

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			update.qwerty.plus/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.Qx1nudUUxIk Value: CfDJ8KzNb-Wn9rdOvRRauljSBC59qUmeW15Faym3quaeWzK8DFIuwQwi2JB53UdVkBx80gMSz-zk-_C8jEKagc0W_a8M5YhTEljUziTJ-J_FTxzG--4hX6fJCRVV3zzdhwXifiRez9EV8CtFRVbLUMpZSyU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://update.qwerty.plus/Login?ReturnUrl=%2F Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

update.qwerty.plus
91.206.242.1
0dfe6562e9677b64a18dad1b88f6aa870a77070609cc3ea58cc730f4312037d2
113534fc574a16ccf7ebef1a145a71fd7f8d85fbb271fa21796df9c65571028c
2d8b8d6f2bb43f3a717470c27f55b4157221a6585647c9d449811c6596c47341
4653ab5551586c315d316d0255281566fb2b8ca01d1bd61174c4a06e9d8bb247
4ac7cd0f2695a09c38af4ec70bb306591ff0342ab497656002ce2a2dc355ec52
6b8ed62e2b2752d3863beb7a8e1ca00383cc7dc550bf0f8d68bd0cbc46f71369
a29236eed54ff257f34dd88abfd5a2f14b9190d84802f6703152d6b4ea511ca9
d8e0fc4e020c286a934f3fc544493ee482c8505ff71915c3c89620937d0c7b74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fea7b3e605064bd192be3fa431828f1e5ccf6cf8c41601dbd6bf2c121724fcbf

update.qwerty.plus Open in urlscan Pro 91.206.242.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

242 kBTransfer

599 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

update.qwerty.plus Open in urlscan Pro
91.206.242.1 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

242 kB
Transfer

599 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions