lk.pay.rt.ru Open in urlscan Pro
217.107.111.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lk.pay.rt.ru/
Effective URL:
https://lk.pay.rt.ru/login/
Submission Tags: l4ing sub rt ru rf h8 gov l* Search All
Submission: On January 31 via manual (January 31st 2024, 5:39:59 pm UTC) from JP — Scanned from JP

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 217.107.111.68, located in Russian Federation and belongs to ROSTELECOM-AS, RU. The main domain is lk.pay.rt.ru.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on June 5th 2023. Valid for: a year.

This is the only time lk.pay.rt.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 11	217.107.111.68 217.107.111.68		12389 (ROSTELECO...) (ROSTELECOM-AS)
10	1

11 217.107.111.68 (Russian Federation) 1 redirects

ASN12389 (ROSTELECOM-AS, RU)
PTR: isespp.pay.rt.ru

lk.pay.rt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	rt.ru 1 redirects lk.pay.rt.ru	213 KB
10	1

	Domain	Requested by
11	lk.pay.rt.ru	1 redirects lk.pay.rt.ru
10	1

This site contains links to these domains. Also see Links.

Domain
www.uniteller.ru

Subject Issuer	Validity	Valid
*.pay.rt.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-06-05` - `2024-07-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://lk.pay.rt.ru/login/
Frame ID: 907140E640200B88E71417806236C034
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Личный кабинет Uniteller

Page URL History Show full URLs

http://lk.pay.rt.ru/ HTTP 301
https://lk.pay.rt.ru/ Page URL
https://lk.pay.rt.ru/login/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

212 kB
Transfer

209 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.uniteller.ru/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lk.pay.rt.ru/ HTTP 301
https://lk.pay.rt.ru/ Page URL
https://lk.pay.rt.ru/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://lk.pay.rt.ru/ HTTP 301
https://lk.pay.rt.ru/

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
lk.pay.rt.ru/
Redirect Chain

http://lk.pay.rt.ru/
https://lk.pay.rt.ru/

104 B
496 B

1044ms
430ms

Document
text/html

217.107.111.68
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lk.pay.rt.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.107.111.68 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

isespp.pay.rt.ru

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Jan 2024 17:39:52 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 31 Jan 2024 17:39:51 GMT
Location: https://lk.pay.rt.ru/
Server: nginx
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Primary Request / Show response
lk.pay.rt.ru/login/ 2 KB
2 KB 417ms
417ms Document
text/html 217.107.111.68
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lk.pay.rt.ru/login/

Requested by

Host: lk.pay.rt.ru
URL: https://lk.pay.rt.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.107.111.68 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

isespp.pay.rt.ru

Software

nginx /

Resource Hash

8b6b8f5ad4db4fc7cd9d8b6b0007ff7dd4c35ee7029253ae5d6e0564f9a73707

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lk.pay.rt.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 2074
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Jan 2024 17:39:53 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK auth.css
lk.pay.rt.ru/css/ 2 KB
2 KB 311ms
310ms Stylesheet
text/css 217.107.111.68
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lk.pay.rt.ru/css/auth.css

Requested by

Host: lk.pay.rt.ru
URL: https://lk.pay.rt.ru/login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.107.111.68 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

isespp.pay.rt.ru

Software

nginx /

Resource Hash

6fc8e1102223381e7f91757c0ec49dd7a5ce673717f09e1c6d3aa14735da79e2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lk.pay.rt.ru/login/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:39:53 GMT
Last-Modified: Thu, 25 Jan 2024 13:00:56 GMT
Server: nginx
ETag: "14e2b-88e-60fc4c527f200"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2190
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jsenable.css
lk.pay.rt.ru/css/ 233 B
506 B 295ms
294ms Stylesheet
text/css 217.107.111.68
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lk.pay.rt.ru/css/jsenable.css

Requested by

Host: lk.pay.rt.ru
URL: https://lk.pay.rt.ru/login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.107.111.68 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

isespp.pay.rt.ru

Software

nginx /

Resource Hash

729f67a66a42b9f5c0d3ff1925805041c66fd3f7098279a90b335ad6db24e942

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lk.pay.rt.ru/login/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:39:53 GMT
Last-Modified: Thu, 25 Jan 2024 13:00:56 GMT
Server: nginx
ETag: "14e40-e9-60fc4c527f200"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 233
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-1.4.2.min.js Show response
lk.pay.rt.ru/js/ 70 KB
71 KB 877ms
579ms Script
application/x-javascript 217.107.111.68
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lk.pay.rt.ru/js/jquery-1.4.2.min.js

Requested by

Host: lk.pay.rt.ru
URL: https://lk.pay.rt.ru/login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.107.111.68 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

isespp.pay.rt.ru

Software

nginx /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lk.pay.rt.ru/login/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:39:53 GMT
Last-Modified: Thu, 25 Jan 2024 13:00:57 GMT
Server: nginx
ETag: "190c2-119ee-60fc4c5373440"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72174
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.blockUI.js Show response
lk.pay.rt.ru/js/ 15 KB
16 KB 924ms
612ms Script
application/x-javascript 217.107.111.68
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lk.pay.rt.ru/js/jquery.blockUI.js

Requested by

Host: lk.pay.rt.ru
URL: https://lk.pay.rt.ru/login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.107.111.68 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

isespp.pay.rt.ru

Software

nginx /

Resource Hash

a4f5a6f236748b8a92dbc5a7e9f2e9dc14569b0d8e198450ace9b3a67a7af586

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lk.pay.rt.ru/login/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:39:53 GMT
Last-Modified: Thu, 25 Jan 2024 13:00:57 GMT
Server: nginx
ETag: "190b3-3d43-60fc4c5373440"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15683
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ulogo.png
lk.pay.rt.ru/images/ 9 KB
9 KB 884ms
299ms Image
image/png 217.107.111.68
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lk.pay.rt.ru/images/ulogo.png

Requested by

Host: lk.pay.rt.ru
URL: https://lk.pay.rt.ru/login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.107.111.68 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

isespp.pay.rt.ru

Software

nginx /

Resource Hash

00b4be5381105b92ea6b3bdf7298b6084928df01ab69edd67a4e28340010d4dd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lk.pay.rt.ru/login/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:39:54 GMT
Last-Modified: Thu, 25 Jan 2024 13:00:56 GMT
Server: nginx
ETag: "1d3e1-22ae-60fc4c527f200"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8878
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK slogan.png
lk.pay.rt.ru/images/ 1 KB
2 KB 885ms
301ms Image
image/png 217.107.111.68
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lk.pay.rt.ru/images/slogan.png

Requested by

Host: lk.pay.rt.ru
URL: https://lk.pay.rt.ru/login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.107.111.68 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

isespp.pay.rt.ru

Software

nginx /

Resource Hash

ca71b7ad3f975e7d69a4a818764673c266745f523f9642c4996f082cb9f401c8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lk.pay.rt.ru/login/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:39:54 GMT
Last-Modified: Thu, 25 Jan 2024 13:00:56 GMT
Server: nginx
ETag: "1d3d0-57e-60fc4c527f200"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1406
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK lkcards.png
lk.pay.rt.ru/images/ 108 KB
108 KB 304ms
304ms Image
image/png 217.107.111.68
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lk.pay.rt.ru/images/lkcards.png

Requested by

Host: lk.pay.rt.ru
URL: https://lk.pay.rt.ru/login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.107.111.68 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

isespp.pay.rt.ru

Software

nginx /

Resource Hash

fb03d00d0d3983a6e2e3416aba4772b9015ba08076dba9695f75ef846248d061

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lk.pay.rt.ru/login/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:39:54 GMT
Last-Modified: Thu, 25 Jan 2024 13:00:56 GMT
Server: nginx
ETag: "1d3d1-1aefc-60fc4c527f200"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110332
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK enter_btn.png
lk.pay.rt.ru/images/ 1 KB
2 KB 300ms
300ms Image
image/png 217.107.111.68
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lk.pay.rt.ru/images/enter_btn.png

Requested by

Host: lk.pay.rt.ru
URL: https://lk.pay.rt.ru/login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.107.111.68 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

isespp.pay.rt.ru

Software

nginx /

Resource Hash

870b0f53b3a7c15bef911f807cae9e384b04c23d197a4800d7ceebc58b3e6995

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lk.pay.rt.ru/login/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:39:54 GMT
Last-Modified: Thu, 25 Jan 2024 13:00:56 GMT
Server: nginx
ETag: "1d3dd-553-60fc4c527f200"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1363
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lk.pay.rt.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2ofogvligk0e7g52mc0novdv27

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lk.pay.rt.ru
217.107.111.68
00b4be5381105b92ea6b3bdf7298b6084928df01ab69edd67a4e28340010d4dd
6fc8e1102223381e7f91757c0ec49dd7a5ce673717f09e1c6d3aa14735da79e2
729f67a66a42b9f5c0d3ff1925805041c66fd3f7098279a90b335ad6db24e942
870b0f53b3a7c15bef911f807cae9e384b04c23d197a4800d7ceebc58b3e6995
8b6b8f5ad4db4fc7cd9d8b6b0007ff7dd4c35ee7029253ae5d6e0564f9a73707
a4f5a6f236748b8a92dbc5a7e9f2e9dc14569b0d8e198450ace9b3a67a7af586
ca71b7ad3f975e7d69a4a818764673c266745f523f9642c4996f082cb9f401c8
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
fb03d00d0d3983a6e2e3416aba4772b9015ba08076dba9695f75ef846248d061

lk.pay.rt.ru Open in urlscan Pro 217.107.111.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

212 kBTransfer

209 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

lk.pay.rt.ru Open in urlscan Pro
217.107.111.68 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

212 kB
Transfer

209 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions