noflyzone.ru - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 141.101.204.113, located in Russian Federation and belongs to VIRTUAALINFRA-AS, RU. The main domain is noflyzone.ru.

This is the only time noflyzone.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	141.101.204.113 141.101.204.113	198770 (VIRTUAALI...) (VIRTUAALINFRA-AS)
2	37.18.74.135 37.18.74.135	198770 (VIRTUAALI...) (VIRTUAALINFRA-AS)
4	2

2 141.101.204.113 (Russian Federation)

ASN198770 (VIRTUAALINFRA-AS, RU)

noflyzone.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.74.135 (Russian Federation)

ASN198770 (VIRTUAALINFRA-AS, RU)

cs71.advantshop.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.advantshop.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	advantshop.net cs71.advantshop.net my.advantshop.net	454 B
2	noflyzone.ru noflyzone.ru	18 KB
4	2

	Domain	Requested by
2	noflyzone.ru
1	my.advantshop.net	noflyzone.ru
1	cs71.advantshop.net	noflyzone.ru
4	3

This site contains links to these domains. Also see Links.

Domain
www.advantshop.net

Subject Issuer	Validity	Valid
cs71.advantshop.net R3	`2024-05-10` - `2024-08-08`	3 months	crt.sh
my.advantshop.net E5	`2024-06-13` - `2024-09-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://noflyzone.ru/gateway/login.php
Frame ID: A68ACB9EA6DDAF09A0DD2D4566F487BC
Requests: 3 HTTP requests in this frame

Frame: https://my.advantshop.net/offline-deleted-counter.html
Frame ID: 38B4F250FD18A6E274D447B6CFF62CB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сайт noflyzone.ru удален, страница /gateway/login.php

Page URL History Show full URLs

http://noflyzone.ru/gateway/login.php HTTP 307
https://noflyzone.ru/gateway/login.php HTTP 307
http://noflyzone.ru/gateway/login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

4
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

18 kB
Transfer

17 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.advantshop.net/saas
Title: Аренда интернет магазина

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://noflyzone.ru/gateway/login.php HTTP 307
https://noflyzone.ru/gateway/login.php HTTP 307
http://noflyzone.ru/gateway/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
noflyzone.ru/gateway/
Redirect Chain

http://noflyzone.ru/gateway/login.php
https://noflyzone.ru/gateway/login.php
http://noflyzone.ru/gateway/login.php

9 KB
9 KB

75ms
75ms

Document
text/html

141.101.204.113
VIRTUAALINFRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://noflyzone.ru/gateway/login.php
Protocol: HTTP/1.1
Server: 141.101.204.113 , Russian Federation, ASN198770 (VIRTUAALINFRA-AS, RU),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 98d8e206688953bd1e72497b749803fef0541a61e8f3bcd9f90f4c6e3fce2a49

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Length: 8763
Content-Type: text/html; charset=utf-8
Date: Mon, 01 Jul 2024 07:03:41 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

Redirect headers

Location: http://noflyzone.ru/gateway/login.php
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK app_offline_bg.png
cs71.advantshop.net/app_offline/ 141 B
454 B 359ms
79ms Image
image/png 37.18.74.135
VIRTUAALINFRA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs71.advantshop.net/app_offline/app_offline_bg.png
Requested by: Host: noflyzone.ru
URL: http://noflyzone.ru/gateway/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.18.74.135 , Russian Federation, ASN198770 (VIRTUAALINFRA-AS, RU),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 293503fc9cdad1cd54a9e54472c85c4dab6ed40c38be79af8b1ef91cfbba79a1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: http://noflyzone.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 07:03:42 GMT
Last-Modified: Thu, 02 Jul 2020 10:57:49 GMT
Server: Microsoft-IIS/8.5
ETag: "5a872ba05f50d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=31536000
Content-Disposition: attachment
Accept-Ranges: bytes
Content-Length: 141

GET
H/1.1 200
OK offline-deleted-counter.html
my.advantshop.net/ Frame 38B4 0
0 367ms
84ms Document
text/html 37.18.74.135
VIRTUAALINFRA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.advantshop.net/offline-deleted-counter.html

Requested by

Host: noflyzone.ru
URL: http://noflyzone.ru/gateway/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.18.74.135 , Russian Federation, ASN198770 (VIRTUAALINFRA-AS, RU),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .advantshop.net .advantshop.by .advantshop.com .advantshop.kz .advstatic.ru .advant.shop www.google-analytics.com ssl.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net apis.google.com vk.com www.facebook.com connect.facebook.net platform.twitter.com cdn.syndication.twimg.com counter.rambler.ru cdn.jsdelivr.net ymetrica.com mc.yandex.ru yastatic.net api-maps.yandex.ru top-fwz1.mail.ru counter.yadro.ru top-abd.mail.ru .jivosite.com .chat2desk.com static.woopra.com www.woopra.com dadata.ru advantshop.disqus.com www.googletagmanager.com tagmanager.google.com ajax.googleapis.com advantschool.ru data:;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://noflyzone.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: __requestverificationtoken,content-type,x-requested-with,Accept,Access-Control-Allow-Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 522
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.advantshop.net *.advantshop.by *.advantshop.com *.advantshop.kz *.advstatic.ru *.advant.shop www.google-analytics.com ssl.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net apis.google.com vk.com www.facebook.com connect.facebook.net platform.twitter.com cdn.syndication.twimg.com counter.rambler.ru cdn.jsdelivr.net ymetrica.com mc.yandex.ru yastatic.net api-maps.yandex.ru top-fwz1.mail.ru counter.yadro.ru top-abd.mail.ru *.jivosite.com *.chat2desk.com static.woopra.com www.woopra.com dadata.ru advantshop.disqus.com www.googletagmanager.com tagmanager.google.com ajax.googleapis.com advantschool.ru data:;
Content-Type: text/html
Date: Mon, 01 Jul 2024 07:03:42 GMT
ETag: "5d4863e16066d61:0"
Last-Modified: Thu, 30 Jul 2020 11:02:13 GMT
P3P: CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
Server: Microsoft-IIS/8.5
Strict-Transport-Security: max-age=31536000; preload
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK favicon.ico
noflyzone.ru/gateway/ 8 KB
9 KB 75ms
75ms Other
text/html 141.101.204.113
VIRTUAALINFRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://noflyzone.ru/gateway/favicon.ico
Protocol: HTTP/1.1
Server: 141.101.204.113 , Russian Federation, ASN198770 (VIRTUAALINFRA-AS, RU),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: aa74c7716c4d1c59dc50adb029ef36419c8f083c2a6bea23f83637cb52a09a9b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://noflyzone.ru/gateway/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 01 Jul 2024 07:03:42 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 8686

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-21 07:19:37	Name: i Value: 5yW94se9yQzwnK0v5xZuoKc8xUHOrgF383WuirtpOcTeegzS/OCLi2oAEVZy+/PuIc8nAAo8gcaDdAVqqLwvFKM3rjk=
.yandex.ru/	1970-01-21 07:19:37	Name: yandexuid Value: 8756524581719817423
.yandex.ru/	1970-01-21 06:29:13	Name: yashr Value: 7842128961719817423
mc.yandex.ru/	1970-01-21 06:29:13	Name: bh Value: EkAiTm90L0EpQnJhbmQiO3Y9IjgiLCAiQ2hyb21pdW0iO3Y9IjEyNiIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjYiKgI/MDoHIkxpbnV4Ig==
.advantshop.net/	1970-01-21 06:29:13	Name: _ym_uid Value: 1719817424613808019
.advantshop.net/	1970-01-21 06:29:13	Name: _ym_d Value: 1719817424
.yandex.com/	1970-01-21 06:29:13	Name: yashr Value: 5448227641719817423
mc.yandex.com/	1970-01-21 06:29:13	Name: bh Value: EkAiTm90L0EpQnJhbmQiO3Y9IjgiLCAiQ2hyb21pdW0iO3Y9IjEyNiIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjYiKgI/MDoHIkxpbnV4Ig==
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2450944271719817423
.yandex.com/	1970-01-21 07:19:37	Name: i Value: gQ10P/gxqKILKBoGKUpBk+qwgQi6wL5w7IL9BUZ96k3DD+XupBDN5A+U46ornKtrZEMT9KfcACpUj8zCaazYb3BMTEQ=
.yandex.com/	1970-01-21 07:19:37	Name: yandexuid Value: 9642960001719817423
.yandex.com/	1970-01-21 06:29:13	Name: yuidss Value: 9642960001719817423
.yandex.com/	1970-01-21 06:29:13	Name: ymex Value: 1751353423.yrts.1719817423#1751353423.yrtsi.1719817423
.yandex.com/	1970-01-21 06:29:13	Name: bh Value: EkAiTm90L0EpQnJhbmQiO3Y9IjgiLCAiQ2hyb21pdW0iO3Y9IjEyNiIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjYiKgI/MDoHIkxpbnV4Ig==
.advantshop.net/	1970-01-20 21:44:49	Name: _ym_isad Value: 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cs71.advantshop.net
my.advantshop.net
noflyzone.ru
141.101.204.113
37.18.74.135
293503fc9cdad1cd54a9e54472c85c4dab6ed40c38be79af8b1ef91cfbba79a1
98d8e206688953bd1e72497b749803fef0541a61e8f3bcd9f90f4c6e3fce2a49
aa74c7716c4d1c59dc50adb029ef36419c8f083c2a6bea23f83637cb52a09a9b

noflyzone.ru Open in urlscan Pro 141.101.204.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

50 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

18 kBTransfer

17 kBSize

15 Cookies

1 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

15 Cookies

Indicators

noflyzone.ru Open in urlscan Pro
141.101.204.113 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

18 kB
Transfer

17 kB
Size

15
Cookies

4 HTTP transactions
0 data transactions