air.lizaalert.ru Open in urlscan Pro
95.163.209.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://air.lizaalert.ru/
Effective URL:
https://air.lizaalert.ru/?/login
Submission: On March 18 via automatic, source certstream-suspicious (March 18th 2020, 7:09:29 am UTC)

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 95.163.209.147, located in Russian Federation and belongs to MAILRU-AS Mail.Ru, RU. The main domain is air.lizaalert.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 18th 2020. Valid for: 3 months.

This is the only time air.lizaalert.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	95.163.209.147 95.163.209.147	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
9	2a02:6b8::173 2a02:6b8::173	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
24	7

10 95.163.209.147 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: 147.mcs.mail.ru

air.lizaalert.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::173 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

api-maps.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	lizaalert.ru 1 redirects air.lizaalert.ru	648 KB
9	yandex.ru api-maps.yandex.ru	418 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	jquery.com code.jquery.com	75 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	googleapis.com ajax.googleapis.com	29 KB
24	6

	Domain	Requested by
10	air.lizaalert.ru	1 redirects air.lizaalert.ru
9	api-maps.yandex.ru	air.lizaalert.ru api-maps.yandex.ru
2	www.google-analytics.com	www.googletagmanager.com air.lizaalert.ru
2	code.jquery.com	air.lizaalert.ru
1	www.googletagmanager.com	air.lizaalert.ru
1	ajax.googleapis.com	air.lizaalert.ru
24	6

This site contains no links.

Subject Issuer	Validity	Valid
web.lizaalert.ru Let's Encrypt Authority X3	`2020-03-18` - `2020-06-16`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
api-maps.yandex.ru Yandex CA	`2020-03-17` - `2020-09-13`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://air.lizaalert.ru/?/login
Frame ID: 02E368849AFE0F12BDDD4D0021EDC394
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://air.lizaalert.ru/ HTTP 302
https://air.lizaalert.ru/?/login Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Lazy.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /lazy(?:\.browser)?(?:\.min)?\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

24
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

1215 kB
Transfer

2734 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://air.lizaalert.ru/ HTTP 302
https://air.lizaalert.ru/?/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
air.lizaalert.ru/
Redirect Chain

https://air.lizaalert.ru/
https://air.lizaalert.ru/?/login

5 KB
6 KB

56ms
56ms

Document
text/html

95.163.209.147
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.209.147 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: 147.mcs.mail.ru
Software: nginx / PHP/5.6.40
Resource Hash: 498306e8a7255692ccffc91bbac6f771e9c46199ec56bf90fe5ab72cd57fe88e

Request headers

Host: air.lizaalert.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: LIMONADE0x5x0=b9f28vem88pob0a262h8m9hea1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Server: nginx
Date: Wed, 18 Mar 2020 07:00:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
X-Limonade: Un grand cru qui sait se faire attendre
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

Redirect headers

Server: nginx
Date: Wed, 18 Mar 2020 07:00:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
X-Limonade: Un grand cru qui sait se faire attendre
Set-Cookie: LIMONADE0x5x0=b9f28vem88pob0a262h8m9hea1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: /?/login

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 82 KB
29 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js

Requested by

Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 30 Jan 2020 02:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4165064
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29478
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jan 2021 02:11:27 GMT

GET
H/1.1 200
OK w2ui.min.js Show response
air.lizaalert.ru/public/js/ 412 KB
412 KB 80ms
79ms Script
application/javascript 95.163.209.147
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://air.lizaalert.ru/public/js/w2ui.min.js
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.209.147 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: 147.mcs.mail.ru
Software: nginx /
Resource Hash: fa16c723516c96236ad01d30e583c933040e78dd9d9d86f6a7441fd4e3b42c97

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 18 Mar 2020 07:00:18 GMT
Last-Modified: Wed, 21 Aug 2019 11:05:50 GMT
Server: nginx
ETag: "5d5d258e-6709b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 422043

GET
H/1.1 200
OK jquery.md5.js Show response
air.lizaalert.ru/public/ 9 KB
9 KB 132ms
44ms Script
application/javascript 95.163.209.147
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://air.lizaalert.ru/public/jquery.md5.js
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.209.147 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: 147.mcs.mail.ru
Software: nginx /
Resource Hash: a839b8427d284721ca3c5c353c31b174e40b397dc3bff90c8c2c2364afca8dcd

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 18 Mar 2020 07:00:18 GMT
Last-Modified: Thu, 09 Jan 2020 09:54:01 GMT
Server: nginx
ETag: "5e16f839-2447"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9287

GET
H/1.1 200
OK cropper.js Show response
air.lizaalert.ru/public/ 106 KB
106 KB 171ms
82ms Script
application/javascript 95.163.209.147
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://air.lizaalert.ru/public/cropper.js
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.209.147 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: 147.mcs.mail.ru
Software: nginx /
Resource Hash: b8ef701b6c8b01a05d13da6f4e5e3e722b3838c559e9bf5f09ae901a4cb7d8d4

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 18 Mar 2020 07:00:18 GMT
Last-Modified: Wed, 21 Aug 2019 11:05:50 GMT
Server: nginx
ETag: "5d5d258e-1a8d3"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108755

GET
H/1.1 200
OK jquery.knob.min.js Show response
air.lizaalert.ru/public/ 11 KB
11 KB 134ms
44ms Script
application/javascript 95.163.209.147
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://air.lizaalert.ru/public/jquery.knob.min.js
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.209.147 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: 147.mcs.mail.ru
Software: nginx /
Resource Hash: db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 18 Mar 2020 07:00:18 GMT
Last-Modified: Thu, 09 Jan 2020 09:54:01 GMT
Server: nginx
ETag: "5e16f839-2a34"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10804

GET
H/1.1 200
OK jquery.lazy.min.js Show response
air.lizaalert.ru/public/ 5 KB
5 KB 172ms
43ms Script
application/javascript 95.163.209.147
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://air.lizaalert.ru/public/jquery.lazy.min.js
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.209.147 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: 147.mcs.mail.ru
Software: nginx /
Resource Hash: ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 18 Mar 2020 07:00:18 GMT
Last-Modified: Thu, 09 Jan 2020 09:54:01 GMT
Server: nginx
ETag: "5e16f839-139e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5022

GET
H/1.1 200
OK jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
67 KB 21ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 18 Mar 2020 07:09:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2016 16:34:16 GMT
Server: nginx
ETag: W/"57d97c08-3dee4"
Vary: Accept-Encoding
X-HW: 1584515351.dop121.fr8.shc,1584515351.dop121.fr8.t,1584515351.cds151.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 67751

GET
H/1.1 200
OK / Show response
api-maps.yandex.ru/2.1/ 36 KB
13 KB 58ms
56ms Script
application/javascript 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.1/?lang=ru_RU

Requested by

Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx /

Resource Hash

d4573f078c366b645ab68d960d415c40326623700940d3b22894f0af5865af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 18 Mar 2020 07:09:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: nginx
X-qloud-router: myt6-d9164412fdfc.qloud-c.yandex.net
Vary: Accept-Encoding, Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=json.txt
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=120
X-LIGHTTPD-LOCALE: ru_RU

GET
H/1.1 200
OK w2ui.min.css
air.lizaalert.ru/public/js/ 92 KB
92 KB 163ms
78ms Stylesheet
text/css 95.163.209.147
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://air.lizaalert.ru/public/js/w2ui.min.css
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.209.147 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: 147.mcs.mail.ru
Software: nginx /
Resource Hash: b25f55e78d8eb5cbaa58344fcae9a636160d66d7fc429d1f16f25ac6aee2721e

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 18 Mar 2020 07:00:18 GMT
Last-Modified: Thu, 09 Jan 2020 10:30:16 GMT
Server: nginx
ETag: "5e1700b8-16e93"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93843

GET
H/1.1 200
OK cropper.min.css
air.lizaalert.ru/public/ 4 KB
4 KB 128ms
43ms Stylesheet
text/css 95.163.209.147
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://air.lizaalert.ru/public/cropper.min.css
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.209.147 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: 147.mcs.mail.ru
Software: nginx /
Resource Hash: 02cbf57ffa374ad2db425e00e23b09146bcb7704af059910bb7ed1ab69f63ea8

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 18 Mar 2020 07:00:18 GMT
Last-Modified: Thu, 09 Jan 2020 09:54:00 GMT
Server: nginx
ETag: "5e16f838-e9d"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3741

GET
H/1.1 200
OK jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
9 KB 24ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 18 Mar 2020 07:09:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2016 16:34:16 GMT
Server: nginx
ETag: W/"57d97c08-8c85"
Vary: Accept-Encoding
X-HW: 1584515351.dop150.fr8.shc,1584515351.dop150.fr8.t,1584515351.cds010.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8323

GET
H/1.1 200
OK attention2.png
air.lizaalert.ru/public/img/ 1 KB
1 KB 43ms
43ms Image
image/png 95.163.209.147
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://air.lizaalert.ru/public/img/attention2.png
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.209.147 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: 147.mcs.mail.ru
Software: nginx /
Resource Hash: f71b00feb9dcefd8e0c912ad28bbdc78ef80ef5a1a2f1094201cb9e8982d0a11

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 18 Mar 2020 07:00:18 GMT
Last-Modified: Thu, 09 Jan 2020 09:54:00 GMT
Server: nginx
ETag: "5e16f838-4f0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1264

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-117852875-2

Requested by

Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4ea965febaf0363929f7aa50c2d36ccddbdbc5a2fc79ac8567d1e3d67c7c333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 07:09:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28655
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Mar 2020 07:09:11 GMT

GET
H/1.1 200
OK map.js Show response
api-maps.yandex.ru/2.1.75/ 99 KB
27 KB 54ms
54ms Script
application/javascript 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.1.75/map.js?callback=__jsonp_ymaps_map&mode=release&flags=

Requested by

Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx /

Resource Hash

f50a121838324da5e0d49465a4397a6b3b1cb4a268683551170c9d0052cc914b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://air.lizaalert.ru/?/login
Origin: https://air.lizaalert.ru
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 18 Mar 2020 07:09:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: nginx
X-qloud-router: myt4-a93a8fb850b3.qloud-c.yandex.net
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=json.txt
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=120
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ 263 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d125b27cf64598e4bb7dde6d46e7de69f16ba5c87ccb4d615faa08ac31b6fcc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 264 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 406d8a34f5cb36490cde4e165452506e606e7a83749c042053c44d68d7eddb58

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117852875-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1837
date: Wed, 18 Mar 2020 06:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 18 Mar 2020 08:38:35 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2069930329&t=pageview&_s=1&dl=https%3A%2F%2Fair.lizaalert.ru%2F%3F%2Flogin&ul=en-us&de=UTF-8&dt=LizaAlert%20Drone%20Zone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1425100991&gjid=271984511&cid=594068094.1584515352&tid=UA-117852875-2&_gid=1961836925.1584515352&_r=1&gtm=2ou3b2&z=771909162

Requested by

Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 18 Mar 2020 07:09:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK combine.js Show response
api-maps.yandex.ru/2.1.75/ 849 KB
215 KB 58ms
57ms Script
application/javascript 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.1.75/combine.js?callback_prefix=__jsonp_ymaps_combine&mode=release&flags=&load=10111415161718192021222324252627282940414243444546474849646566676869707172737475767778798390919293949596979899$1,1.x.m)P8b1.1,1z.E9)9,_S8f):)N)68c)l1-1J1:)1(51Q6L)n059:2b2e9(9*2c_N8g,y,S)-1i1))t.h016K6N6G)s)y,D)_)0)z2a_P1W)*0$06(8)3,o6j(:(@)r)e)$.k)4)2,h,p,m,u,r6Z(;,v,k,s,t$!0a0f0g0l0o0m0r0s0A0C0B0D4T0L0G0H0N0Y1c1n1o1r1p1t1A1w1x1B1G1P1R1S1T1V1$1!1q2d2f2g2w2A2B2C2E2F2G2!2,2I2Z3c3d3e3f2i2z2Q2j2@2q2(3l3o3p4G4u4v4w4x4Y4H4K4*4,4z5j5I6n5z6e5Z6a6b6d6f6k6o6g6t6u6v6w6x6y6D6F6H6M6A6(6;9H7B7C7E7F7G7L7M7R7S7V7I7Z8a8d8e8h$,$:$i9p8m9K9A9C9B9D$S$04U4V4W_F$I-0-f-H-L_M_R4X9L_W0E,e_X_@_i_Q_J_I_Z.e.f_*.t.s.w(C(H(N(S(9(-(()f)g)K)S0c0b0h)b7O,40d)!0e0k0p7H0Q0z:n0u0y))0T084R0M1Z1I.j_G0K0W0O0P001O1m1v1b1f1s1d1u037_1a:U0I0Z1y!m,-:e1K1M1F1E:o*i1h(t1U1X,f1(1@7k7f,92y0-2O(I2N2M2S2L2T(J2P2R2-2V2*2K)X2U)@2J2$2W2.3a2X2_2Y2H2;2)3h3r4s*e(7)o)O3k3n0!4F_O(j)Q_K_H4y4C4D4A4E4B0*4t04)9(64.4$4_4!4-4)4i)E5i0q6l6m5Q5J0i6c6h6E*u6s)7(q(Q0J6C6B7):$0.0;,x6$6O(i6)9F9-9P9M9$7Y7D7A(z(4:g:h)8,T7P$27y0).b9;7N)T:*7X7U7W)(4L7Q7$7-7.7!7,

Requested by

Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx /

Resource Hash

e7f8d9488ce76e1fd88121e226ae16eca9067f64d45d0d04f4f920cb95e5906f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://air.lizaalert.ru/?/login
Origin: https://air.lizaalert.ru
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 18 Mar 2020 07:09:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: nginx
X-qloud-router: myt4-a93a8fb850b3.qloud-c.yandex.net
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=json.txt
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=120
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK combine.js Show response
api-maps.yandex.ru/2.1.75/ 602 KB
153 KB 51ms
51ms Script
application/javascript 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.1.75/combine.js?callback_prefix=__jsonp_ymaps_combine&mode=release&flags=&load=7:7;7@7q7j7i7z7J:($*$j$(8H8R8k9c9b:k9r8l9E9__L-T-a-h,C_r_w9X_U_V)Y)d,d_;,R_q_j_z.g.u.n.v(V(x(M(T(X(3,7(G(w(E(y(O(W(Y(K(B(_(.(*(!)k)F)H.F,30n:f0S0R0:070_.i.z.Q0V()1e::;11g!M!f.I!o!n1H1D_:_)1C*A)c*z(u7s($);5e2D4I5q3A!84M4N4O*f*d*s3P3m.a).4S,b*v*t,w)a)I;_5,.l)5)q9.9V9G9Y9!9S9O9W9U9R9T029N_T,B,z,(,*,;,@,i,Q,j.d0()V)U;$:V6p:!$@;-$)8!8N8P8O8L:u:s:v3D8((,8,9y9x9w9f9k9t8z*6*0-b-c-v-P_p$Z_o$z$Q$J-e-k-l-m-n-o-p-2-5_x_B_C)m7T,A.o.p.r1Y(R(0(P,6(v(F:x(L(A)G:r0,!$.U.*.0.4.8.1)L;.!N.J!h!g@a;J:Y)v)w6T1l_,:w:y0@)B!97(7*!@*h*m*l*k*r*n*c)Z,c)J;v,q,!,).c;3;2;9$;8*8j8Z8I8;8)8@9e8_9h9s8i*5-N-G-S-D-d-w-x-y-A-E-F_s_v_u-t,0(1:p,5(D,G.X.W.V.26*.,.).(.3.7.6.5.-.$.9:G09;5)u)A)C6:*o!!!:!,!**b!I!z!;:;,a@v9d8:9g9m9n9o9l9u9v8Q8J-U!k6,.@.q.;.:.Y.!..._;0!q!.!_:W!)!(:E!J!Q!i!j;(;!;*2:8q-V!l@x@H@W:F@V@S@R;Y

Requested by

Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx /

Resource Hash

b91a736e098014031f3129971d8283124b0e9fff855bc7e76c7ba301f7aacca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://air.lizaalert.ru/?/login
Origin: https://air.lizaalert.ru
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 18 Mar 2020 07:09:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: nginx
X-qloud-router: myt6-6cc7e89221a3.qloud-c.yandex.net
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=json.txt
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=120
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK grab.cur
api-maps.yandex.ru/2.1.75/build/release/images/cursor/ 326 B
780 B 60ms
59ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.75/build/release/images/cursor/grab.cur
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 18 Mar 2020 07:09:12 GMT
Last-Modified: Thu, 14 Nov 2019 16:03:47 GMT
Server: nginx
ETag: "5dcd7ae3-146"
X-qloud-router: myt6-d9164412fdfc.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK grabbing.cur
api-maps.yandex.ru/2.1.75/build/release/images/cursor/ 326 B
780 B 53ms
52ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.75/build/release/images/cursor/grabbing.cur
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 18 Mar 2020 07:09:12 GMT
Last-Modified: Thu, 14 Nov 2019 16:03:47 GMT
Server: nginx
ETag: "5dcd7ae3-146"
X-qloud-router: sas2-2f6096abedb5.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK help.cur
api-maps.yandex.ru/2.1.75/build/release/images/cursor/ 326 B
780 B 58ms
58ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.75/build/release/images/cursor/help.cur
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 18 Mar 2020 07:09:12 GMT
Last-Modified: Thu, 14 Nov 2019 16:03:47 GMT
Server: nginx
ETag: "5dcd7ae3-146"
X-qloud-router: iva8-68742a36a500.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK zoom_in.cur
api-maps.yandex.ru/2.1.75/build/release/images/cursor/ 326 B
780 B 100ms
47ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.75/build/release/images/cursor/zoom_in.cur
Requested by: Host: air.lizaalert.ru
URL: https://air.lizaalert.ru/?/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872

Request headers

Referer: https://air.lizaalert.ru/?/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 18 Mar 2020 07:09:12 GMT
Last-Modified: Thu, 14 Nov 2019 16:03:47 GMT
Server: nginx
ETag: "5dcd7ae3-146"
X-qloud-router: sas2-2f6096abedb5.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK combine.js Show response
api-maps.yandex.ru/2.1.75/ 18 KB
7 KB 48ms
47ms Script
application/javascript 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.1.75/combine.js?callback_prefix=__jsonp_ymaps_combine&mode=release&flags=&load=,:7K_D_E:l:d,J:a,F:b:c_(

Requested by

Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx /

Resource Hash

053951567edd16f52f17f5cdb6cd92db407a658d0de5ee740352aaa5685888d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://air.lizaalert.ru/?/login
Origin: https://air.lizaalert.ru
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 18 Mar 2020 07:09:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: nginx
X-qloud-router: myt6-6cc7e89221a3.qloud-c.yandex.net
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=json.txt
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=120
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lizaalert.ru/	1970-01-19 08:08:35	Name: _gat_gtag_UA_117852875_2 Value: 1
.lizaalert.ru/	1970-01-19 08:10:01	Name: _gid Value: GA1.2.1961836925.1584515352
.lizaalert.ru/	1970-01-20 01:39:47	Name: _ga Value: GA1.2.594068094.1584515352
air.lizaalert.ru/	1969-12-31 23:59:59	Name: LIMONADE0x5x0 Value: b9f28vem88pob0a262h8m9hea1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

air.lizaalert.ru
ajax.googleapis.com
api-maps.yandex.ru
code.jquery.com
www.google-analytics.com
www.googletagmanager.com
2001:4de0:ac19::1:b:1b
2a00:1450:4001:817::2008
2a00:1450:4001:818::200e
2a00:1450:4001:821::200a
2a02:6b8::173
95.163.209.147
02cbf57ffa374ad2db425e00e23b09146bcb7704af059910bb7ed1ab69f63ea8
053951567edd16f52f17f5cdb6cd92db407a658d0de5ee740352aaa5685888d5
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
406d8a34f5cb36490cde4e165452506e606e7a83749c042053c44d68d7eddb58
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
498306e8a7255692ccffc91bbac6f771e9c46199ec56bf90fe5ab72cd57fe88e
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d125b27cf64598e4bb7dde6d46e7de69f16ba5c87ccb4d615faa08ac31b6fcc
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
a839b8427d284721ca3c5c353c31b174e40b397dc3bff90c8c2c2364afca8dcd
b25f55e78d8eb5cbaa58344fcae9a636160d66d7fc429d1f16f25ac6aee2721e
b8ef701b6c8b01a05d13da6f4e5e3e722b3838c559e9bf5f09ae901a4cb7d8d4
b91a736e098014031f3129971d8283124b0e9fff855bc7e76c7ba301f7aacca0
d4573f078c366b645ab68d960d415c40326623700940d3b22894f0af5865af48
db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db
e7f8d9488ce76e1fd88121e226ae16eca9067f64d45d0d04f4f920cb95e5906f
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f4ea965febaf0363929f7aa50c2d36ccddbdbc5a2fc79ac8567d1e3d67c7c333
f50a121838324da5e0d49465a4397a6b3b1cb4a268683551170c9d0052cc914b
f71b00feb9dcefd8e0c912ad28bbdc78ef80ef5a1a2f1094201cb9e8982d0a11
fa16c723516c96236ad01d30e583c933040e78dd9d9d86f6a7441fd4e3b42c97

air.lizaalert.ru Open in urlscan Pro 95.163.209.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

7 IPs

3 Countries

1215 kBTransfer

2734 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

4 Cookies

Indicators

air.lizaalert.ru Open in urlscan Pro
95.163.209.147 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

1215 kB
Transfer

2734 kB
Size

4
Cookies

24 HTTP transactions
2 data transactions