boxtopsoft3.ru Open in urlscan Pro
2606:4700:3030::ac43:ac63 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://boxtopsoft3.ru/v870.html
Submission: On August 24 via api (August 24th 2023, 8:39:26 pm UTC) from US — Scanned from DE

Summary HTTP 5 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3030::ac43:ac63, located in United States and belongs to CLOUDFLARENET, US. The main domain is boxtopsoft3.ru.
TLS certificate: Issued by GTS CA 1P5 on August 14th 2023. Valid for: 3 months.

This is the only time boxtopsoft3.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

YandexPackLoader.exe 226 KB application/x-dosexec

SHA256: f92b0e1601cc1ac438d1365b25de74a5559ee37e73043d53d680d51244eb7290

MIME: PE32 executable (GUI) Intel 80386, for MS Windows

Size: 226 KB (231072 bytes, 100% done)

Downloaded from: https://cachev2-ams03.cdn.yandex.net/download.cdn.yandex.net/yandex-tag/weboffer/YandexPackLoader.exe?partner=70510&yabrowser=y&yaqsearch=y&yahomepage=y&vid=870&hash=88aab84c8243e18b49d34b2e19e50a1e&lid=77&.exe

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700:303... 2606:4700:3030::ac43:ac63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a02:6b8::231 2a02:6b8::231	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8:0:18... 2a02:6b8:0:1812::353	208722 (GLOBAL_DC) (GLOBAL_DC)
5	3

5 2606:4700:3030::ac43:ac63 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

boxtopsoft3.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::231 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

download.cdn.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:0:1812::353 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

cachev2-ams03.cdn.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	boxtopsoft3.ru 1 redirects boxtopsoft3.ru	271 KB
2	yandex.net 1 redirects download.cdn.yandex.net — Cisco Umbrella Rank: 157725 cachev2-ams03.cdn.yandex.net	396 B
5	2

	Domain	Requested by
5	boxtopsoft3.ru	1 redirects boxtopsoft3.ru
1	cachev2-ams03.cdn.yandex.net	boxtopsoft3.ru
1	download.cdn.yandex.net	1 redirects
5	3

This site contains links to these domains. Also see Links.

Domain
yandex.ru
adhunt.net

Subject Issuer	Validity	Valid
boxtopsoft3.ru GTS CA 1P5	`2023-08-14` - `2023-11-12`	3 months	crt.sh
*.cdn.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-07-17` - `2024-01-14`	6 months	crt.sh

This page contains 1 frames:

Frame: https://cachev2-ams03.cdn.yandex.net/download.cdn.yandex.net/yandex-tag/weboffer/YandexPackLoader.exe?partner=70510&yabrowser=y&yaqsearch=y&yahomepage=y&vid=870&hash=88aab84c8243e18b49d34b2e19e50a1e&lid=77&.exe
Frame ID: 3074CC2F91CE00C4F7FB0CB5A753C3D2
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Скачать Яндекс.Браузер с режимом Turbo

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

270 kB
Transfer

468 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://yandex.ru/legal/browser_agreement/
Title: Яндекс.Браузера

Search URL Search Domain Scan URL

URL: https://yandex.ru/legal/desktop_software_agreement/
Title: настольного ПО Яндекса

Search URL Search Domain Scan URL

URL: https://yandex.ru/support/yabrowser/
Title: Помощь

Search URL Search Domain Scan URL

URL: https://adhunt.net/
Title: Партнёрская программа

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://boxtopsoft3.ru/v870.html?d=desktop&c=WORLD&subid=870&subid2=ODcwfDIxfERFfHx8fHw HTTP 302
https://download.cdn.yandex.net/yandex-tag/weboffer/YandexPackLoader.exe?partner=70510&yabrowser=y&yaqsearch=y&yahomepage=y&vid=870&hash=88aab84c8243e18b49d34b2e19e50a1e&.exe HTTP 302
https://cachev2-ams03.cdn.yandex.net/download.cdn.yandex.net/yandex-tag/weboffer/YandexPackLoader.exe?partner=70510&yabrowser=y&yaqsearch=y&yahomepage=y&vid=870&hash=88aab84c8243e18b49d34b2e19e50a1e&lid=77&.exe

5 HTTP transactions
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request v870.html Show response boxtopsoft3.ru/	9 KB 5 KB	140ms 60ms	Document text/html	2606:4700:3030::ac43:ac63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://boxtopsoft3.ru/v870.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:ac63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8ca7b96da28fcb05ebb791e88011bc408b839eeea8121cd76d7c9a4347f13dbe` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7fbe677ae8cd2bce-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 24 Aug 2023 20:39:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zASlQAtbDkwrkUprM%2B%2BMNv5uY0Rj9rM%2FB4nkHkynlCkPlu%2BSNLWjiy3VElumfYo5IVnbacBiWifd0sCz8SKQVhyVOpH7BrgT4nc%2F%2Fz%2BlpuOe5BerMS3nvfuAvnxDcLBxR98fYe95a46C%2BWraQg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	ya_new.css boxtopsoft3.ru/css/	230 KB 158 KB	20ms 19ms	Stylesheet text/css	2606:4700:3030::ac43:ac63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://boxtopsoft3.ru/css/ya_new.css Requested by Host: boxtopsoft3.ru URL: https://boxtopsoft3.ru/v870.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:ac63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `98e86e394010a4e1571ab3199bcab17087a377f1bf4dd28e552b552d596feedf` Request headers accept-language de-DE,de;q=0.9 Referer https://boxtopsoft3.ru/v870.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 20:39:22 GMT content-encoding br cf-cache-status HIT last-modified Wed, 18 May 2022 10:54:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4074043 etag W/"6284d051-39992" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWavcS9eBgGDNP%2F%2B0KvArpvdIfZHYI%2BAz8X3a6K4mE0mCQaTb9zAjaqPXYwJc%2BTgTxqjlqManJ8DXpMkoPDxAhQBJ%2FIR1%2F4a4l0v8d6%2FhfMJLuLfJpQi3jpj7nmOgUVdSm7pEmFDIRZxj%2Be16w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 7fbe677b498c2bce-FRA alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ya_new.js Show response boxtopsoft3.ru/js/	168 KB 55 KB	28ms 28ms	Script application/javascript	2606:4700:3030::ac43:ac63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://boxtopsoft3.ru/js/ya_new.js Requested by Host: boxtopsoft3.ru URL: https://boxtopsoft3.ru/v870.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:ac63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c5ff8e51fb4ec95b26ad8211ca544addcc983bc33c51aefebe8be8afe088e922` Request headers accept-language de-DE,de;q=0.9 Referer https://boxtopsoft3.ru/v870.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 20:39:22 GMT content-encoding br cf-cache-status HIT last-modified Wed, 18 May 2022 10:59:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5358632 etag W/"6284d17d-29f07" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZNhcabOUEI629Z9a2rysUo6ysLbz60glU54MTHAN6I3h16VJuv9OfvzhVFpFggI7lr1jQ0HfTDCaurogMAIMmXJekzSIUIt3jc1oPPae%2BUAMPSGsFovq5AnHApjE1Zn%2BI%2FQTvPo3uL7zY0PjA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 7fbe677b498f2bce-FRA alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET DATA	200 OK	truncated /	424 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c1fdb07698fff66ac3aa81c8a92dd3884fcf46bfaf3e333506b5f3bc9d9852a9` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	174 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `04bda959c1888c370968ec32b178cacab41d2f28d24fc362a2bf737a8d6263ff` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ba1ff14265991fbe5254ca2367ff95c53a5a3b34a9a9bb5572582c1a953b9101` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4bb2dadb506d4b163ae4985273cd2056ff0d05fe2296eb67086492f9f23f86fb` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	textbook-regular.woff boxtopsoft3.ru/fonts/	52 KB 53 KB	16ms 16ms	Font font/woff	2606:4700:3030::ac43:ac63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://boxtopsoft3.ru/fonts/textbook-regular.woff Requested by Host: boxtopsoft3.ru URL: https://boxtopsoft3.ru/css/ya_new.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ac63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `631ac72482e9ac160ed8d7edc77eed8ff76bcd2a1b4f56ebecf75aaf97f8c178` Request headers Referer https://boxtopsoft3.ru/css/ya_new.css Origin https://boxtopsoft3.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 20:39:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 16416702 alt-svc h3=":443"; ma=86400 content-length 53608 last-modified Wed, 18 May 2022 10:46:42 GMT server cloudflare etag "6284ce92-d168" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsgLLA6iBpLMORYIxgpT0pU5s2dFAAo6oMo1b8caJpyHqu5Uh8bg%2BVdf6I5gYhjyptClNh0IDoGwjF6jxqDEVqXNwRG9XT37lQYr4TjGZBSMvG3Y%2Flrpphpkl9jtxT1PTAHZmrKhfcdu67qv8A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=315360000 accept-ranges bytes cf-ray 7fbe677b98bf3a73-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	YandexPackLoader.exe cachev2-ams03.cdn.yandex.net/download.cdn.yandex.net/yandex-tag/weboffer/ Redirect Chain https://boxtopsoft3.ru/v870.html?d=desktop&c=WORLD&subid=870&subid2=ODcwfDIxfERFfHx8fHw https://download.cdn.yandex.net/yandex-tag/weboffer/YandexPackLoader.exe?partner=70510&yabrowser=y&yaqsearch=y&yahomepage=y&vid=870&hash=88aab84c8243e18b49d34b2e19e50a1e&.exe https://cachev2-ams03.cdn.yandex.net/download.cdn.yandex.net/yandex-tag/weboffer/YandexPackLoader.exe?partner=70510&yabrowser=y&yaqsearch=y&yahomepage=y&vid=870&hash=88aab84c8243e18b49d34b2e19e50a1...	0 0	109ms 24ms	Document application/x-msdownload	2a02:6b8:0:1812::353 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://cachev2-ams03.cdn.yandex.net/download.cdn.yandex.net/yandex-tag/weboffer/YandexPackLoader.exe?partner=70510&yabrowser=y&yaqsearch=y&yahomepage=y&vid=870&hash=88aab84c8243e18b49d34b2e19e50a1e&lid=77&.exe Requested by Host: boxtopsoft3.ru URL: https://boxtopsoft3.ru/js/ya_new.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:0:1812::353 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx / Resource Hash Request headers Referer https://boxtopsoft3.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * content-length 231072 content-type application/x-msdownload date Thu, 24 Aug 2023 20:39:22 GMT etag "65152274d82d475041d916ea9598769d" last-modified Mon, 19 Jun 2023 09:54:53 GMT nel {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true} report-to {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]} server nginx x-amz-request-id 18d913bdcba11e42 x-request-id 7d61d838e0da602c x-robots-tag noindex, noarchive, nofollow x-strm-log-split 8 x-strm-request-id 7d61d838e0da602c x_h cachev2-ams03.cdn.yandex.net Redirect headers cache-control no-cache no-store,no-cache,must-revalidate content-length 0 date Thu, 24 Aug 2023 20:39:22 GMT expires Thu, 01 Jan 1970 00:00:01 GMT location https://cachev2-ams03.cdn.yandex.net/download.cdn.yandex.net/yandex-tag/weboffer/YandexPackLoader.exe?partner=70510&yabrowser=y&yaqsearch=y&yahomepage=y&vid=870&hash=88aab84c8243e18b49d34b2e19e50a1e&lid=77&.exe pragma no-cache server nginx/1.17.9 x-request-id 85a2397e3e377de2 x-strm-request-id 85a2397e3e377de2 x_h strm-cacto-production-5.sas.yp-c.yandex.net
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `497c81731542343fec725b74d87479b71bf5abe087003e15b0914995768685c5` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	401 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0d12d52d455ec9fe934868d3156688a6ec8851500a94fc1e97a32c87b793c2dc` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type image/svg+xml

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

boxtopsoft3.ru
cachev2-ams03.cdn.yandex.net
download.cdn.yandex.net
2606:4700:3030::ac43:ac63
2a02:6b8:0:1812::353
2a02:6b8::231
04bda959c1888c370968ec32b178cacab41d2f28d24fc362a2bf737a8d6263ff
0d12d52d455ec9fe934868d3156688a6ec8851500a94fc1e97a32c87b793c2dc
497c81731542343fec725b74d87479b71bf5abe087003e15b0914995768685c5
4bb2dadb506d4b163ae4985273cd2056ff0d05fe2296eb67086492f9f23f86fb
631ac72482e9ac160ed8d7edc77eed8ff76bcd2a1b4f56ebecf75aaf97f8c178
8ca7b96da28fcb05ebb791e88011bc408b839eeea8121cd76d7c9a4347f13dbe
98e86e394010a4e1571ab3199bcab17087a377f1bf4dd28e552b552d596feedf
ba1ff14265991fbe5254ca2367ff95c53a5a3b34a9a9bb5572582c1a953b9101
c1fdb07698fff66ac3aa81c8a92dd3884fcf46bfaf3e333506b5f3bc9d9852a9
c5ff8e51fb4ec95b26ad8211ca544addcc983bc33c51aefebe8be8afe088e922

boxtopsoft3.ru Open in urlscan Pro 2606:4700:3030::ac43:ac63 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

100 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

270 kBTransfer

468 kBSize

0 Cookies

4 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

Indicators

boxtopsoft3.ru Open in urlscan Pro
2606:4700:3030::ac43:ac63 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

270 kB
Transfer

468 kB
Size

0
Cookies

5 HTTP transactions
6 data transactions