airfrance.rambler.ru Open in urlscan Pro
94.139.253.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://airfrance.rambler.ru/
Effective URL:
https://airfrance.rambler.ru/
Submission Tags: ra ru l4ing subleak h8 bler Search All
Submission: On July 14 via manual (July 14th 2022, 11:20:39 pm UTC) from UA — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 94.139.253.156, located in Asbest, Russian Federation and belongs to SBERCLOUD-AS, RU. The main domain is airfrance.rambler.ru.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on May 16th 2022. Valid for: a year.

This is the only time airfrance.rambler.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	94.139.253.156 94.139.253.156	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1 2	195.209.108.47 195.209.108.47	52007 (ADRIVER-AS) (ADRIVER-AS)
19	4

17 94.139.253.156 (Asbest, Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

airfrance.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.47 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	rambler.ru 1 redirects airfrance.rambler.ru	318 KB
2	adriver.ru 1 redirects ad.adriver.ru — Cisco Umbrella Rank: 18570	883 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81 ajax.googleapis.com — Cisco Umbrella Rank: 350	31 KB
19	3

	Domain	Requested by
17	airfrance.rambler.ru	1 redirects airfrance.rambler.ru
2	ad.adriver.ru	1 redirects airfrance.rambler.ru
1	ajax.googleapis.com	airfrance.rambler.ru
1	fonts.googleapis.com	airfrance.rambler.ru
19	4

This site contains no links.

Subject Issuer	Validity	Valid
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-05-16` - `2023-05-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://airfrance.rambler.ru/
Frame ID: CB19F5652C903998FCD2853E488463C1
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://airfrance.rambler.ru/ HTTP 301
https://airfrance.rambler.ru/ Page URL

Detected technologies

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:<embed[^>]+(?:src="https?://mh\d?\.adriver\.ru/|flashvars="[^"]*(?:http:%3A//(?:ad|mh\d?)\.adriver\.ru/|adriver_banner))|<(?:(?:iframe|img)[^>]+src|a[^>]+href)="https?://ad\.adriver\.ru/)
(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

349 kB
Transfer

422 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://airfrance.rambler.ru/ HTTP 301
https://airfrance.rambler.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&bt=21&ad=647969&pid=2692840&bid=5400773&bn=5400773&rnd=684135619&tail256=unknown HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&bt=21&ad=647969&pid=2692840&bid=5400773&bn=5400773&rnd=684135619&tail256=unknown&tuid=-5670727235

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
airfrance.rambler.ru/
Redirect Chain

http://airfrance.rambler.ru/
https://airfrance.rambler.ru/

12 KB
5 KB

149ms
51ms

Document
text/html

94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airfrance.rambler.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: cc3edceba72f04d9f35d62dd0a0b6e886e06ce16e61fa976f0d0c3455fb86cb0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 14 Jul 2022 23:20:33 GMT
etag: W/"6240ae68-2fab"
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
x-balancer: front-2

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Thu, 14 Jul 2022 23:20:33 GMT
Location: https://airfrance.rambler.ru/
Server: nginx/1.21.6

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 59ms
24ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic-ext

Requested by

Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 23:20:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 23:20:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 23:20:34 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 22:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 22:24:56 GMT

GET
H2 200 global.css
airfrance.rambler.ru/css/ 5 KB
1 KB 52ms
51ms Stylesheet
text/css 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airfrance.rambler.ru/css/global.css
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 0e662eb0fd9bcfe0677e4d403c17d62dc22b74373b10a02f0c1ec645235c63e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: W/"6240ae68-156d"
vary: Accept-Encoding
content-type: text/css
x-balancer: front-2

GET
H2 200 font.css
airfrance.rambler.ru/css/font/ 4 KB
718 B 49ms
49ms Stylesheet
text/css 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airfrance.rambler.ru/css/font/font.css
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 4894da70684a9fa895c5afbfcb7b8bd35d90d49e09e226d62fb4a44da0da48fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: W/"6240ae68-f5a"
vary: Accept-Encoding
content-type: text/css
x-balancer: front-2

GET
H2 200 app.js Show response
airfrance.rambler.ru/js/ 2 KB
951 B 50ms
49ms Script
application/javascript 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airfrance.rambler.ru/js/app.js
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 51a85fe56863d9f68cbd02d309bbe6d14c678ed32667bc6ac2feeaae5cadb9d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: W/"6240ae68-97b"
vary: Accept-Encoding
content-type: application/javascript
x-balancer: front-2

GET
H2 200 share.js Show response
airfrance.rambler.ru/js/ 2 KB
631 B 52ms
52ms Script
application/javascript 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airfrance.rambler.ru/js/share.js
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 5e74ffe6e51152c2cb4226f2ebb994e8d17a23b17f57cb07ad17cb1610e541c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: W/"6240ae68-678"
vary: Accept-Encoding
content-type: application/javascript
x-balancer: front-2

GET
H/1.1

204
No Content

rle.cgi
ad.adriver.ru/cgi-bin/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&bt=21&ad=647969&pid=2692840&bid=5400773&bn=5400773&rnd=684135619&tail256=unknown
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&bt=21&ad=647969&pid=2692840&bid=5400773&bn=5400773&rnd=684135619&tail256=unknown&tuid=-5670727235

0
210 B

56ms
55ms

Image
text/plain

195.209.108.47
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&bt=21&ad=647969&pid=2692840&bid=5400773&bn=5400773&rnd=684135619&tail256=unknown&tuid=-5670727235
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/
Protocol: HTTP/1.1
Server: 195.209.108.47 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache;
Date: Thu, 14 Jul 2022 23:20:34 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Jul 2022 23:20:34 GMT
Location: /cgi-bin/rle.cgi?sid=1&bt=21&ad=647969&pid=2692840&bid=5400773&bn=5400773&rnd=684135619&tail256=unknown&tuid=-5670727235
Transfer-Encoding: chunked
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Access-Control-Allow-Origin: *
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bg.jpg
airfrance.rambler.ru/img/ 134 KB
135 KB 50ms
49ms Image
image/jpeg 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airfrance.rambler.ru/img/bg.jpg
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 7170b5947bbee837800c5f73eeaca017664b32d920f7b44254c351a8bdfb9bf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:34 GMT
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: "6240ae68-21915"
content-type: image/jpeg
accept-ranges: bytes
x-balancer: front-2
content-length: 137493

GET
H2 200 bg_quiz.png
airfrance.rambler.ru/img/ 3 KB
3 KB 50ms
49ms Image
image/png 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airfrance.rambler.ru/img/bg_quiz.png
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: d7716527f7158bfdf7f4693f865e48a56216b3497739ae245e0652fa3f41708a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:34 GMT
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: "6240ae68-d10"
content-type: image/png
accept-ranges: bytes
x-balancer: front-2
content-length: 3344

GET
H2 200 fb.png
airfrance.rambler.ru/img/ 1 KB
1 KB 50ms
49ms Image
image/png 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airfrance.rambler.ru/img/fb.png
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 46f6ce1a0a73255088598d267d051b3c3493cc6f393b1e0d15d0beb84e616763

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:34 GMT
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: "6240ae68-403"
content-type: image/png
accept-ranges: bytes
x-balancer: front-2
content-length: 1027

GET
H2 200 vk.png
airfrance.rambler.ru/img/ 1 KB
1 KB 51ms
49ms Image
image/png 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airfrance.rambler.ru/img/vk.png
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 51ad1bc3b03d75618a949699f77bf749390dc40dcb4da5e2d517dbbaa3edfee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:34 GMT
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: "6240ae68-499"
content-type: image/png
accept-ranges: bytes
x-balancer: front-2
content-length: 1177

GET
H2 200 tv.png
airfrance.rambler.ru/img/ 1 KB
1 KB 51ms
50ms Image
image/png 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airfrance.rambler.ru/img/tv.png
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 8d22b37f9eb033aeff2f189f602638bdc43d6b63c6c31f661b6af2b8c34b5a48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:34 GMT
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: "6240ae68-461"
content-type: image/png
accept-ranges: bytes
x-balancer: front-2
content-length: 1121

GET
H2 200 telek.png
airfrance.rambler.ru/img/ 1 KB
1 KB 51ms
51ms Image
image/png 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airfrance.rambler.ru/img/telek.png
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 7ce4d8d6a23a88d0b59b3d86c94a7c27c4c2d0b920caa6065a0c89341878b0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:34 GMT
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: "6240ae68-441"
content-type: image/png
accept-ranges: bytes
x-balancer: front-2
content-length: 1089

GET
H2 200 ok.png
airfrance.rambler.ru/img/ 1 KB
1 KB 51ms
50ms Image
image/png 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airfrance.rambler.ru/img/ok.png
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: cb0887d9a43d1213e97adcff6d643179a671073fe4c6d3a0f7723ec8b4adc4f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://airfrance.rambler.ru/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:34 GMT
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: "6240ae68-458"
content-type: image/png
accept-ranges: bytes
x-balancer: front-2
content-length: 1112

GET
H2 200 AvenirNextCyr-Medium.woff
airfrance.rambler.ru/css/font/ 40 KB
40 KB 95ms
95ms Font
font/woff 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airfrance.rambler.ru/css/font/AvenirNextCyr-Medium.woff
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/css/font/font.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 718ec308ba2d6eb2427acbe4383807f3985c1a08efa3f1bdf86e744453aba5f0

Request headers

Referer: https://airfrance.rambler.ru/css/font/font.css
Origin: https://airfrance.rambler.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:34 GMT
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: "6240ae68-9fb8"
content-type: font/woff
accept-ranges: bytes
x-balancer: front-2
content-length: 40888

GET
H2 200 AvenirNextCyr-Bold.woff
airfrance.rambler.ru/css/font/ 40 KB
41 KB 143ms
143ms Font
font/woff 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airfrance.rambler.ru/css/font/AvenirNextCyr-Bold.woff
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/css/font/font.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 57e2d614d0a7337ceb75b0a4a6e936b85382f1e08be69e34d8c418b6a8ebfb09

Request headers

Referer: https://airfrance.rambler.ru/css/font/font.css
Origin: https://airfrance.rambler.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:34 GMT
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: "6240ae68-a1b4"
content-type: font/woff
accept-ranges: bytes
x-balancer: front-2
content-length: 41396

GET
H2 200 AvenirNextCyr-Regular.woff
airfrance.rambler.ru/css/font/ 39 KB
40 KB 95ms
94ms Font
font/woff 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airfrance.rambler.ru/css/font/AvenirNextCyr-Regular.woff
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/css/font/font.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 3dfb2b33fe8193d8ae12f19fafe9a11bd3edcc6d2865a0ef8c3d7ed5c895a489

Request headers

Referer: https://airfrance.rambler.ru/css/font/font.css
Origin: https://airfrance.rambler.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:34 GMT
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: "6240ae68-9dcc"
content-type: font/woff
accept-ranges: bytes
x-balancer: front-2
content-length: 40396

GET
H2 200 AvenirNextCyr-Light.woff
airfrance.rambler.ru/css/font/ 45 KB
45 KB 142ms
142ms Font
font/woff 94.139.253.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airfrance.rambler.ru/css/font/AvenirNextCyr-Light.woff
Requested by: Host: airfrance.rambler.ru
URL: https://airfrance.rambler.ru/css/font/font.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.139.253.156 Asbest, Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 9203db31d8490128de81e318d7ed4ffba49617c3070253a83dbfa9b9daf1918f

Request headers

Referer: https://airfrance.rambler.ru/css/font/font.css
Origin: https://airfrance.rambler.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:20:34 GMT
last-modified: Sun, 27 Mar 2022 18:35:20 GMT
server: nginx/1.21.6
etag: "6240ae68-b21c"
content-type: font/woff
accept-ranges: bytes
x-balancer: front-2
content-length: 45596

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.adriver.ru/	1970-01-20 22:01:52	Name: cid Value: -5670727235

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adriver.ru
airfrance.rambler.ru
ajax.googleapis.com
fonts.googleapis.com
195.209.108.47
2a00:1450:4001:812::200a
2a00:1450:4001:829::200a
94.139.253.156
0e662eb0fd9bcfe0677e4d403c17d62dc22b74373b10a02f0c1ec645235c63e5
3dfb2b33fe8193d8ae12f19fafe9a11bd3edcc6d2865a0ef8c3d7ed5c895a489
46f6ce1a0a73255088598d267d051b3c3493cc6f393b1e0d15d0beb84e616763
4894da70684a9fa895c5afbfcb7b8bd35d90d49e09e226d62fb4a44da0da48fc
51a85fe56863d9f68cbd02d309bbe6d14c678ed32667bc6ac2feeaae5cadb9d0
51ad1bc3b03d75618a949699f77bf749390dc40dcb4da5e2d517dbbaa3edfee5
57e2d614d0a7337ceb75b0a4a6e936b85382f1e08be69e34d8c418b6a8ebfb09
5e74ffe6e51152c2cb4226f2ebb994e8d17a23b17f57cb07ad17cb1610e541c9
7170b5947bbee837800c5f73eeaca017664b32d920f7b44254c351a8bdfb9bf3
718ec308ba2d6eb2427acbe4383807f3985c1a08efa3f1bdf86e744453aba5f0
7ce4d8d6a23a88d0b59b3d86c94a7c27c4c2d0b920caa6065a0c89341878b0f2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8d22b37f9eb033aeff2f189f602638bdc43d6b63c6c31f661b6af2b8c34b5a48
9203db31d8490128de81e318d7ed4ffba49617c3070253a83dbfa9b9daf1918f
cb0887d9a43d1213e97adcff6d643179a671073fe4c6d3a0f7723ec8b4adc4f9
cc3edceba72f04d9f35d62dd0a0b6e886e06ce16e61fa976f0d0c3455fb86cb0
d7716527f7158bfdf7f4693f865e48a56216b3497739ae245e0652fa3f41708a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

airfrance.rambler.ru Open in urlscan Pro 94.139.253.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

349 kBTransfer

422 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

1 Cookies

Indicators

airfrance.rambler.ru Open in urlscan Pro
94.139.253.156 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

349 kB
Transfer

422 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions