urlscan.io logo urlscan.io
SecurityTrails logo

booking2.alphatour.ru Open in urlscan Pro
82.202.212.221  Public Scan

Go To Rescan Add Verdict Report
URL: https://booking2.alphatour.ru/
Submission: On September 21 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 82.202.212.221, located in Moscow, Russian Federation and belongs to SELECTEL-MSK, RU. The main domain is booking2.alphatour.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 21st 2019. Valid for: 3 months.
This is the only time booking2.alphatour.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 82.202.212.221 50340 (SELECTEL-MSK)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a02:6b8::173 13238 (YANDEX)
1 4 2a02:6b8::1:119 13238 (YANDEX)
4 2a00:1450:400... 15169 (GOOGLE)
20 5
3    82.202.212.221 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: artmull.com
booking2.alphatour.ru
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
9    2a02:6b8::173 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
api-maps.yandex.ru
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
4    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
9 api-maps.yandex.ru booking2.alphatour.ru
api-maps.yandex.ru
4 fonts.gstatic.com booking2.alphatour.ru
4 mc.yandex.ru 1 redirects booking2.alphatour.ru
3 booking2.alphatour.ru booking2.alphatour.ru
1 fonts.googleapis.com booking2.alphatour.ru
20 5

This site contains links to these domains. Also see Links.

Domain
alphatour.ru
Subject Issuer Validity Valid
booking2.alphatour.ru
Let's Encrypt Authority X3		 2019-09-21 -
2019-12-20		 3 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
api-maps.yandex.ru
Yandex CA		 2019-05-13 -
2019-11-09		 6 months crt.sh
bs.yandex.ru
Yandex CA		 2018-10-03 -
2019-10-03		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking2.alphatour.ru/
Frame ID: 93DB1204E10E787142AC808A4B9CBB38
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

20
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1432 kB
Transfer

2888 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://mc.yandex.ru/watch/34728795?wmode=7&page-url=https%3A%2F%2Fbooking2.alphatour.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569071560698%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190921151241%3Aet%3A1569071562%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A549925180%3Ahid%3A491983110%3Ads%3A124%2C135%2C67%2C1%2C0%2C0%2C0%2C467%2C0%2C%2C%2C%2C796%3Afp%3A814%3Awn%3A35550%3Ahl%3A2%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1569071562%3Au%3A1569071562365193736%3At%3A%D0%90%D0%BB%D1%8C%D1%84%D0%B0-%D0%A2%D1%83%D1%80 HTTP 302
  • https://mc.yandex.ru/watch/34728795/1?wmode=7&page-url=https%3A%2F%2Fbooking2.alphatour.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569071560698%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190921151241%3Aet%3A1569071562%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A549925180%3Ahid%3A491983110%3Ads%3A124%2C135%2C67%2C1%2C0%2C0%2C0%2C467%2C0%2C%2C%2C%2C796%3Afp%3A814%3Awn%3A35550%3Ahl%3A2%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1569071562%3Au%3A1569071562365193736%3At%3A%D0%90%D0%BB%D1%8C%D1%84%D0%B0-%D0%A2%D1%83%D1%80

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
booking2.alphatour.ru/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://booking2.alphatour.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.202.212.221 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
artmull.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3df5b071d639ffd4d2587aa14e717cc3befdc9a40442c37db710d1bb8df50d80

Request headers

Host
booking2.alphatour.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sat, 21 Sep 2019 13:12:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
public, max-age=0
Last-Modified
Sat, 21 Sep 2019 12:55:22 GMT
ETag
W/"ab9-16d53e4217f"
Content-Encoding
gzip
css
fonts.googleapis.com/ 		10 KB
801 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
52eea7b863b639c2ea7cbea9447ba1f2838db62d65a6c6044c9f40f8c59ec437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://booking2.alphatour.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 21 Sep 2019 13:12:41 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sat, 21 Sep 2019 13:12:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Sat, 21 Sep 2019 13:12:41 GMT
/
api-maps.yandex.ru/2.1/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=4311798d-f1cd-49d5-a458-96fca43c108c
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
f35ec398d626b6a76c5c3a66d2926e3963f4b3a163bf83782dbb107fe5e2c415
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://booking2.alphatour.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Server
nginx
X-qloud-router
iva7-8f999336c8bb.qloud-c.yandex.net
Vary
Accept-Encoding, Origin
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
X-LIGHTTPD-LOCALE
ru_RU
Content-Disposition
attachment; filename=json.txt
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=120
X-XSS-Protection
1; mode=block
2.811f5aad.chunk.js
booking2.alphatour.ru/static/js/ 		857 KB
857 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking2.alphatour.ru/static/js/2.811f5aad.chunk.js
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.202.212.221 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
artmull.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
456aa8e42979a6b57e566c4372e0c386216429bed94f05f616078c30786307d1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://booking2.alphatour.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Last-Modified
Sat, 21 Sep 2019 12:55:22 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"d6229-16d53e421a7"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
877097
main.2128b6c1.chunk.js
booking2.alphatour.ru/static/js/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking2.alphatour.ru/static/js/main.2128b6c1.chunk.js
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.202.212.221 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
artmull.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
39abadd6025849925b34c25ffa7661a5fa043bd4e7cf6ea5ac61c15e3b67d54e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://booking2.alphatour.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Last-Modified
Sat, 21 Sep 2019 12:55:22 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"6f17-16d53e42183"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28439
map.js
api-maps.yandex.ru/2.1.74/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-maps.yandex.ru/2.1.74/map.js?callback=__jsonp_ymaps_map&mode=release&flags=
Requested by
Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=4311798d-f1cd-49d5-a458-96fca43c108c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
2f41510be6d190ceedd352ed2f182a9192f20a5c347048ed22f2a160ffc8daa2
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://booking2.alphatour.ru/
Origin
https://booking2.alphatour.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Server
nginx
X-qloud-router
sas2-c1151c1af979.qloud-c.yandex.net
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Content-Disposition
attachment; filename=json.txt
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=120
X-XSS-Protection
1; mode=block
tag.js
mc.yandex.ru/metrika/ 		353 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e43f50a325a5a83f020dd452365a66f18ccbbb271151a63748df361fbd96938f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://booking2.alphatour.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Content-Encoding
br
Last-Modified
Wed, 18 Sep 2019 09:49:20 GMT
Server
nginx/1.14.2
ETag
"5d81fda0-16999"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
92569
Expires
Sat, 21 Sep 2019 14:12:41 GMT
KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/static/js/2.811f5aad.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Origin
https://booking2.alphatour.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 19:29:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
2483006
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
6864
x-xss-protection
0
expires
Sat, 22 Aug 2020 19:29:15 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/static/js/2.811f5aad.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Origin
https://booking2.alphatour.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 29 Aug 2019 05:01:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:40 GMT
server
sffe
age
2016648
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
6720
x-xss-protection
0
expires
Fri, 28 Aug 2020 05:01:53 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/static/js/2.811f5aad.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Origin
https://booking2.alphatour.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 20:33:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2133563
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11016
x-xss-protection
0
expires
Wed, 26 Aug 2020 20:33:18 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/static/js/2.811f5aad.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Origin
https://booking2.alphatour.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 09:45:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
2258816
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11056
x-xss-protection
0
expires
Tue, 25 Aug 2020 09:45:45 GMT
combine.js
api-maps.yandex.ru/2.1.74/ 		846 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-maps.yandex.ru/2.1.74/combine.js?callback_prefix=__jsonp_ymaps_combine&mode=release&flags=&load=1013141516171819202122232425262728294041424344454647484963646566676869707172737475767778798290919293949596979899$0,0.w.l)N8a1_1)1i.D9(9)_R8e),)L)48b)h1$1Q1,)Y(31z6K)l049,2a2d9*9!2b_M8f,x,R)$1j1()r.g006H6M6F)p)w,C)-)X)i1Z_O1V)!0905(6)1,n6q()(:)o)c)9.h)2)0,g,o,l,t,p6I(,,u,h,r,s$.0a0f0g0l0o0m0r0s0A0C0B0D4S0K0F0G0M0X1b1m1n1p1o1s1y1v1w1A1F1O1P1R1S1U1.1@2c2e2f2v2y2A2B2D2E2F2.2)2J2I3b3c3d3e2j2i2z2q2;2@2*3k3n3o4F4t4u4v4w4X4G4H4!4)4i5q5J6m5i6d5I5Z6a6c6e6h6n6f6s6t6u6v6w6x6C6E6G6L6y6*6:9G7A7B7D7E7F7K7L7P7R7U7J7I7Z8c8d8g$)$,$j9o8l9H9y9B9A9C$R$Y4T4U4V_E$J-Y-e-G-K_L_P4W9K_V0E,d_W_;_j_z_Q_J_I.d.e_!.s.r.v(B(G(M(P(7(9(!)d)e)G)z)P0c0b0h(Z7N,30d).0e0k0p7G0z0i:m0u0y)(0S074P0L1I1J.q_F0H0V0N0O0Y1N1l1u1a1e1r1c1t027-0Z:T0J0I1x!l,$:d1H1L1E1D:n*j1g(s1T1W,e1*1;7h7e,82x0$2N(Q2M2L2R2K2S(z2O2P2$2U2!2H)V2T);2Q2V2_2Z2W2-2X2G2:2(3g3p4r4Y*d(5)m)M3h3m0.4E_N(@_H_G4x4B4C4y4D4A0!4s03)8(44_4-4.4$4(4j)C5j0@6k6l5z5Q0j6b6g6D*t6r)6(;(i0Q6B6A7(:90_0:,w6N(q1Y6(9E9Y9$9O9L7X7C7y(j(2:f:g)7,S7O$17x0(.a9:7Y7M)R:!7W7T7V)*4K7z7$7_7.7)7,
Requested by
Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=4311798d-f1cd-49d5-a458-96fca43c108c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
4a08844324f7c11fc251116aaa8e46cf1f20bce2e24dbc3cfb6b861da0268336
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://booking2.alphatour.ru/
Origin
https://booking2.alphatour.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Server
nginx
X-qloud-router
sas2-c1151c1af979.qloud-c.yandex.net
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Content-Disposition
attachment; filename=json.txt
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=120
X-XSS-Protection
1; mode=block
combine.js
api-maps.yandex.ru/2.1.74/ 		602 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-maps.yandex.ru/2.1.74/combine.js?callback_prefix=__jsonp_ymaps_combine&mode=release&flags=&load=7:7;7@7q7j7i7Q:*$!$q$*8G8P8h9b9a:h9p8k9D9-_K-S$Z-g,B_p_v9W_T_U)W)b,c_:,P_@_q_i.f.t.m.u(T(w(L(R(V(1,6(F(v(D(x(U(W(H(A($(-(.(_)g)D)F.E,20n:e0R0P0,060-.j.i.z0U(*1d:,;01f!L!e.J!n!m1G1C_,_(1B*y)a*i(t7r(82Y):5d2C4J5@3y!74L4M4N*e*c*r3O3l_Z)_4R,a*u*s,v(I)J;-5).k)3)@9_9U9F9X9.9R9N9V9T9P9S019M_S,A,i,*,!,:,;,j,z,q.c0*)T)S;9:U6o:.$;;$$(8.8M8O8N8K:t:r:u3C8*((8)9x9w9v9e9h9s8i*5*Y-a-b-u-O_o$I_n$i$z$Q-d-h-k-l-m-n-o-1-4_w_A_B)k7S,y.n.o.p1X(O(X(N,5(u(E:w(K(y)E:p0)!9.T.!.Y.3.7.0)H;_!M.Q!g!f;Z;Q:X)t)u6S1k_):v:x0;)y!87*7!!;*g*l*k*h*p*m*b)I,b)Q;u)5,@,.,(.b;2;1;8$:8!8q8I8J8:8(8;9d8-9g9r8j*4-M-F-R-C-c-v-w-x-y-D-E_r_u_t-s,Y(Y:o,4(C,F.W.V.U.16!.).(.*.2.6.5.4.$.9.8:F08;4)s)x)A6,*n!.!,!)!!*a!J!i!:::)Z@u9c8,9f9l9m9n9k9t9u8z8Q-T!h6).;.@.:.,.X..._.-;Y!@!_!-:V!(!*:D!Q!z!j!q;*;.;!2,8@-U!k@w@G@V:E@U@R@P;X
Requested by
Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=4311798d-f1cd-49d5-a458-96fca43c108c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
f08725be3efe052a2cfd1d61d99f00a1fe3be1954a9cb47979cf7e754053f91a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://booking2.alphatour.ru/
Origin
https://booking2.alphatour.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Server
nginx
X-qloud-router
sas1-7bd45fb94b85.qloud-c.yandex.net
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Content-Disposition
attachment; filename=json.txt
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=120
X-XSS-Protection
1; mode=block
1
mc.yandex.ru/watch/34728795/
Redirect Chain
  • https://mc.yandex.ru/watch/34728795?wmode=7&page-url=https%3A%2F%2Fbooking2.alphatour.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569071560698%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216...
  • https://mc.yandex.ru/watch/34728795/1?wmode=7&page-url=https%3A%2F%2Fbooking2.alphatour.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569071560698%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2...
133 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/34728795/1?wmode=7&page-url=https%3A%2F%2Fbooking2.alphatour.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569071560698%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190921151241%3Aet%3A1569071562%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A549925180%3Ahid%3A491983110%3Ads%3A124%2C135%2C67%2C1%2C0%2C0%2C0%2C467%2C0%2C%2C%2C%2C796%3Afp%3A814%3Awn%3A35550%3Ahl%3A2%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1569071562%3Au%3A1569071562365193736%3At%3A%D0%90%D0%BB%D1%8C%D1%84%D0%B0-%D0%A2%D1%83%D1%80
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e5674efb14b4df1a9199d74a28c70d01415302950eb5d41a88ae1d1f31f4c9b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking2.alphatour.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Sep 2019 13:12:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21-Sep-2019 13:12:41 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://booking2.alphatour.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Sat, 21-Sep-2019 13:12:41 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 Sep 2019 13:12:41 GMT
Last-Modified
Sat, 21-Sep-2019 13:12:41 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://booking2.alphatour.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/34728795/1?wmode=7&page-url=https%3A%2F%2Fbooking2.alphatour.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569071560698%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190921151241%3Aet%3A1569071562%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A549925180%3Ahid%3A491983110%3Ads%3A124%2C135%2C67%2C1%2C0%2C0%2C0%2C467%2C0%2C%2C%2C%2C796%3Afp%3A814%3Awn%3A35550%3Ahl%3A2%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1569071562%3Au%3A1569071562365193736%3At%3A%D0%90%D0%BB%D1%8C%D1%84%D0%B0-%D0%A2%D1%83%D1%80
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sat, 21-Sep-2019 13:12:41 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://booking2.alphatour.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 16:03:06 GMT
Server
nginx/1.14.2
ETag
"5d275dba-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Sat, 21 Sep 2019 14:12:41 GMT
grab.cur
api-maps.yandex.ru/2.1.74/build/release/images/cursor/ 		326 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.74/build/release/images/cursor/grab.cur
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://booking2.alphatour.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Last-Modified
Wed, 21 Aug 2019 12:25:33 GMT
Server
nginx
ETag
"5d5d383d-146"
X-qloud-router
iva7-8f999336c8bb.qloud-c.yandex.net
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
326
Expires
Thu, 31 Dec 2037 23:55:55 GMT
grabbing.cur
api-maps.yandex.ru/2.1.74/build/release/images/cursor/ 		326 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.74/build/release/images/cursor/grabbing.cur
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://booking2.alphatour.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Last-Modified
Wed, 21 Aug 2019 12:25:33 GMT
Server
nginx
ETag
"5d5d383d-146"
X-qloud-router
iva7-8f999336c8bb.qloud-c.yandex.net
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
326
Expires
Thu, 31 Dec 2037 23:55:55 GMT
help.cur
api-maps.yandex.ru/2.1.74/build/release/images/cursor/ 		326 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.74/build/release/images/cursor/help.cur
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://booking2.alphatour.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Last-Modified
Wed, 21 Aug 2019 12:25:33 GMT
Server
nginx
ETag
"5d5d383d-146"
X-qloud-router
iva7-8f999336c8bb.qloud-c.yandex.net
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
326
Expires
Thu, 31 Dec 2037 23:55:55 GMT
zoom_in.cur
api-maps.yandex.ru/2.1.74/build/release/images/cursor/ 		326 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.74/build/release/images/cursor/zoom_in.cur
Requested by
Host: booking2.alphatour.ru
URL: https://booking2.alphatour.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://booking2.alphatour.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Last-Modified
Wed, 21 Aug 2019 12:25:33 GMT
Server
nginx
ETag
"5d5d383d-146"
X-qloud-router
sas1-9dd7fcfdf2d5.qloud-c.yandex.net
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
326
Expires
Thu, 31 Dec 2037 23:55:55 GMT
combine.js
api-maps.yandex.ru/2.1.74/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-maps.yandex.ru/2.1.74/combine.js?callback_prefix=__jsonp_ymaps_combine&mode=release&flags=&load=,,7H_C_D:k:c,Q,Z,E:a:b_*
Requested by
Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=4311798d-f1cd-49d5-a458-96fca43c108c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
dc159a80c13c26c218256d6d5dd0920a1e12a2e1d057a7147a88d2450b6ec819
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://booking2.alphatour.ru/
Origin
https://booking2.alphatour.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 13:12:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Server
nginx
X-qloud-router
sas1-7bd45fb94b85.qloud-c.yandex.net
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Content-Disposition
attachment; filename=json.txt
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=120
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| ymaps function| ym object| webpackJsonp number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime object| Ya object| yaCounter34728795

4 Cookies

Domain/Path Name / Value
.alphatour.ru/ Name: _ym_visorc_34728795
Value: w
.alphatour.ru/ Name: _ym_isad
Value: 2
.alphatour.ru/ Name: _ym_d
Value: 1569071562
.alphatour.ru/ Name: _ym_uid
Value: 1569071562365193736

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-maps.yandex.ru
booking2.alphatour.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.ru
2a00:1450:4001:81f::200a
2a00:1450:4001:825::2003
2a02:6b8::173
2a02:6b8::1:119
82.202.212.221
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
2f41510be6d190ceedd352ed2f182a9192f20a5c347048ed22f2a160ffc8daa2
39abadd6025849925b34c25ffa7661a5fa043bd4e7cf6ea5ac61c15e3b67d54e
3df5b071d639ffd4d2587aa14e717cc3befdc9a40442c37db710d1bb8df50d80
456aa8e42979a6b57e566c4372e0c386216429bed94f05f616078c30786307d1
4a08844324f7c11fc251116aaa8e46cf1f20bce2e24dbc3cfb6b861da0268336
52eea7b863b639c2ea7cbea9447ba1f2838db62d65a6c6044c9f40f8c59ec437
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
dc159a80c13c26c218256d6d5dd0920a1e12a2e1d057a7147a88d2450b6ec819
e43f50a325a5a83f020dd452365a66f18ccbbb271151a63748df361fbd96938f
e5674efb14b4df1a9199d74a28c70d01415302950eb5d41a88ae1d1f31f4c9b2
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
f08725be3efe052a2cfd1d61d99f00a1fe3be1954a9cb47979cf7e754053f91a
f35ec398d626b6a76c5c3a66d2926e3963f4b3a163bf83782dbb107fe5e2c415