urlscan.io logo urlscan.io
SecurityTrails logo

plus.yandex.by Open in urlscan Pro
2a02:6b8::12d  Public Scan

Go To Rescan Add Verdict Report
URL: https://plus.yandex.by/
Submission: On May 13 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 22 HTTP transactions. The main IP is 2a02:6b8::12d, located in Moscow, Russian Federation and belongs to YANDEX, RU. The main domain is plus.yandex.by.
TLS certificate: Issued by Yandex CA on December 4th 2019. Valid for: 6 months.
This is the only time plus.yandex.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a02:6b8::12d 13238 (YANDEX)
2 2a02:6b8::1:119 13238 (YANDEX)
11 2a02:6b8:4::44 13238 (YANDEX)
4 2a02:6b8:20::215 13238 (YANDEX)
4 2a02:6b8:a::a 13238 (YANDEX)
22 6
1    2a02:6b8::12d (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
plus.yandex.by
2    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
11    2a02:6b8:4::44 (Russian Federation)

ASN13238 (YANDEX, RU)
yastat.net
4    2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
4    2a02:6b8:a::a (Russian Federation)

ASN13238 (YANDEX, RU)
yandex.ru
Apex Domain
Subdomains		 Transfer
11 yastat.net
yastat.net
1 MB
6 yandex.ru
mc.yandex.ru
yandex.ru
42 KB
4 yastatic.net
yastatic.net
81 KB
1 yandex.by
plus.yandex.by
32 KB
22 4
Domain Requested by
11 yastat.net plus.yandex.by
4 yandex.ru yastat.net
4 yastatic.net plus.yandex.by
yastat.net
mc.yandex.ru
2 mc.yandex.ru plus.yandex.by
mc.yandex.ru
1 plus.yandex.by
22 5

This site contains links to these domains. Also see Links.

Domain
yandex.ru
yandex.com
Subject Issuer Validity Valid
plus.yandex.by
Yandex CA		 2019-12-04 -
2020-06-01		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
*.yastat.net
Yandex CA		 2020-02-15 -
2021-02-14		 a year crt.sh
static.yandex.net
Yandex CA		 2019-09-06 -
2020-09-05		 a year crt.sh
yandex.ru
Yandex CA		 2019-09-05 -
2020-09-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://plus.yandex.by/
Frame ID: 21038A1A781351F1D9E2AE9244254A4A
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

22
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

6
IPs

1
Countries

1333 kB
Transfer

2340 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
plus.yandex.by/ 		112 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plus.yandex.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::12d Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
d5026a9ba8079e3f8a348a8514a876f4e0595cc2df8782139e2b0735d5b769ce
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'nonce-+VLoQonJAndGxKP6JeWU6Q==' yastatic.net yastat.net mc.yandex.ru mc.webvisor.com mc.webvisor.org export.yandex.ru export.yandex.kz export.yandex.by export.yandex.com *.s3.mds.yandex.net *.s3.yandex.net; style-src 'self' 'unsafe-inline' yastatic.net yastat.net *.s3.mds.yandex.net *.s3.yandex.net; font-src 'self' yastatic.net yastat.net; img-src 'self' data: yastatic.net yastat.net mc.webvisor.com mc.webvisor.org mc.yandex.ru mc.admetrica.ru avatars.mds.yandex.net avatars.mdst.yandex.net mc.yandex.ru mc.yandex.ua mc.yandex.by mc.yandex.kz mc.yandex.com mc.yandex.com.tr *.s3.mds.yandex.net *.s3.yandex.net; frame-src 'self' blob: mc.yandex.ru https://trust.yandex.ru https://trust.yandex.kz https://trust.yandex.by https://trust.yandex.com music.yandex.ru jmb.alfabank.ru www.tinkoff.ru sense.alfabank.ru online.alfabank.ru yandex.st anketa.alfabank.ru s4.money.yandex.net yandex.ru payment-widget.ott.yandex.ru trust-ext-cert-proxy-test.paysys.yandex.ru https://yandexplus2020.ailove.ru/ yastat.net; child-src 'self' blob: mc.yandex.ru; connect-src 'self' mc.webvisor.com mc.webvisor.org mc.yandex.ru mc.admetrica.ru https://yandex.ru yandex.ru api.ott.yandex.ru *.s3.yandex.net *.s3.mdst.yandex.net *.s3.mds.yandex.net; media-src yastatic.net yastat.net; frame-ancestors webvisor.com *.webvisor.com http://webvisor.com http://*.webvisor.com; report-uri https://csp.yandex.net/csp?from=plus&project=plus&yandex_login=&yandexuid=;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
plus.yandex.by
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Wed, 13 May 2020 17:32:33 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
x-request-id
730d5254b17230e751517af12620b3c3
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'nonce-+VLoQonJAndGxKP6JeWU6Q==' yastatic.net yastat.net mc.yandex.ru mc.webvisor.com mc.webvisor.org export.yandex.ru export.yandex.kz export.yandex.by export.yandex.com *.s3.mds.yandex.net *.s3.yandex.net; style-src 'self' 'unsafe-inline' yastatic.net yastat.net *.s3.mds.yandex.net *.s3.yandex.net; font-src 'self' yastatic.net yastat.net; img-src 'self' data: yastatic.net yastat.net mc.webvisor.com mc.webvisor.org mc.yandex.ru mc.admetrica.ru avatars.mds.yandex.net avatars.mdst.yandex.net mc.yandex.ru mc.yandex.ua mc.yandex.by mc.yandex.kz mc.yandex.com mc.yandex.com.tr *.s3.mds.yandex.net *.s3.yandex.net; frame-src 'self' blob: mc.yandex.ru https://trust.yandex.ru https://trust.yandex.kz https://trust.yandex.by https://trust.yandex.com music.yandex.ru jmb.alfabank.ru www.tinkoff.ru sense.alfabank.ru online.alfabank.ru yandex.st anketa.alfabank.ru s4.money.yandex.net yandex.ru payment-widget.ott.yandex.ru trust-ext-cert-proxy-test.paysys.yandex.ru https://yandexplus2020.ailove.ru/ yastat.net; child-src 'self' blob: mc.yandex.ru; connect-src 'self' mc.webvisor.com mc.webvisor.org mc.yandex.ru mc.admetrica.ru https://yandex.ru yandex.ru api.ott.yandex.ru *.s3.yandex.net *.s3.mdst.yandex.net *.s3.mds.yandex.net; media-src yastatic.net yastat.net; frame-ancestors webvisor.com *.webvisor.com http://webvisor.com http://*.webvisor.com; report-uri https://csp.yandex.net/csp?from=plus&project=plus&yandex_login=&yandexuid=;
Set-Cookie
yandexuid=5709094261589391153; Domain=.yandex.by; Path=/; Expires=Mon, 13 May 2030 17:32:33 GMT
Content-Encoding
gzip
X-qloud-router
sas1-da369aad2c05.qloud-c.yandex.net
watch.js
mc.yandex.ru/metrika/ 		135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18b4d3e3e996bd9a9a1ae4959836e1f47e3d1e5296a3c01606c55a7d3ca21d74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 17:32:33 GMT
Content-Encoding
br
Last-Modified
Tue, 28 Apr 2020 11:04:11 GMT
Server
nginx/1.14.2
ETag
"5ea80dab-9f17"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40727
Expires
Wed, 13 May 2020 18:32:33 GMT
15.ru.5f74.css
yastat.net/s3/plus/landing/build/static/ 		70 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yastat.net/s3/plus/landing/build/static/15.ru.5f74.css
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:4::44 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2551d25173db3e0001c139b284630dfff9e740b2ba6c002a860d6f4fef94c34d

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 May 2020 17:32:33 GMT
content-encoding
br
last-modified
Wed, 13 May 2020 10:14:40 GMT
server
nginx/1.17.9
status
200
etag
W/"9c575c408e2aeca7b0e2cc547d1c25e7"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
x-yc-s3-bucket-tags
{}
main.ru.abf2.css
yastat.net/s3/plus/landing/build/static/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yastat.net/s3/plus/landing/build/static/main.ru.abf2.css
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:4::44 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
5e519c5ac317fdf9d6f0436d0a2651e810a0bac8428e07653e5ca2ed607b38f6

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 May 2020 17:32:33 GMT
content-encoding
br
last-modified
Tue, 14 Apr 2020 14:15:54 GMT
server
nginx/1.17.9
status
200
etag
W/"9098637f879044233e962b93902a8197"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
x-yc-s3-bucket-tags
{}
0.ru.4554.css
yastat.net/s3/plus/landing/build/static/ 		31 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yastat.net/s3/plus/landing/build/static/0.ru.4554.css
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:4::44 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
186c78145d95f65be999e0a3579762abb21c7c10ffb4a66f9d2421d72cefcd3b

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 May 2020 17:32:33 GMT
content-encoding
br
last-modified
Thu, 30 Apr 2020 15:50:00 GMT
server
nginx/1.17.9
status
200
etag
W/"0ceab92082cdcdfa7ec3bf80f90142a9"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
x-yc-s3-bucket-tags
{}
1.ru.5d0a.css
yastat.net/s3/plus/landing/build/static/ 		80 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yastat.net/s3/plus/landing/build/static/1.ru.5d0a.css
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:4::44 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
362e69ea96f68d1c9ae2549c908c4549a2cd67974046eb3c08db7b49ac539a65

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 May 2020 17:32:33 GMT
content-encoding
br
last-modified
Thu, 30 Apr 2020 15:50:00 GMT
server
nginx/1.17.9
status
200
etag
W/"0914053bb91eecff80280e0116b7fd23"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
x-yc-s3-bucket-tags
{}
8.ru.68a4.css
yastat.net/s3/plus/landing/build/static/ 		158 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yastat.net/s3/plus/landing/build/static/8.ru.68a4.css
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:4::44 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
40908c1aff236feee6f6a08a0668881740ce32734564835f1937ac9c86ca523c

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 May 2020 17:32:33 GMT
content-encoding
br
last-modified
Wed, 13 May 2020 14:05:01 GMT
server
nginx/1.17.9
status
200
etag
W/"f6a6521ff6d1b654153a6879e0dc6a04"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
x-yc-s3-bucket-tags
{}
vendors~main.client.ru.5521.js
yastat.net/s3/plus/landing/build/static/ 		345 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastat.net/s3/plus/landing/build/static/vendors~main.client.ru.5521.js
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:4::44 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
b2083ad170d365f8559476453b82ae5c632640ffa7eaf3463b96954fe857610e

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 May 2020 17:32:34 GMT
content-encoding
br
last-modified
Wed, 29 Apr 2020 07:58:10 GMT
server
nginx/1.17.9
status
200
etag
W/"fc1132ae1aaeabb1f0787abf2d2391c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
x-yc-s3-bucket-tags
{}
main.client.ru.8316.js
yastat.net/s3/plus/landing/build/static/ 		325 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastat.net/s3/plus/landing/build/static/main.client.ru.8316.js
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:4::44 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ac1e387eb775fff4da1679549156023b6d56dba4c365305fd3cce9cdfe79723b

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 May 2020 17:32:34 GMT
content-encoding
br
last-modified
Wed, 13 May 2020 14:05:01 GMT
server
nginx/1.17.9
status
200
etag
W/"6770c8b290f9cde77033fbf74842e390"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
x-yc-s3-bucket-tags
{}
vendors~benefit~card~getplus~gift~landing~mastercard~newlanding~notfound~present.client.ru.f6fe.js
yastat.net/s3/plus/landing/build/static/ 		121 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastat.net/s3/plus/landing/build/static/vendors~benefit~card~getplus~gift~landing~mastercard~newlanding~notfound~present.client.ru.f6fe.js
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:4::44 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
b46b617aa7c64aa2c4de833902d767b1dd3514fdcef9ca49ede451c295d76465

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 May 2020 17:32:34 GMT
content-encoding
br
last-modified
Thu, 30 Apr 2020 15:50:00 GMT
server
nginx/1.17.9
status
200
etag
W/"d89b31df7624bad73b1dacb6102da34e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
x-yc-s3-bucket-tags
{}
vendors~benefit~getplus~gift~landing~mastercard~newlanding~notfound~present.client.ru.fe05.js
yastat.net/s3/plus/landing/build/static/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastat.net/s3/plus/landing/build/static/vendors~benefit~getplus~gift~landing~mastercard~newlanding~notfound~present.client.ru.fe05.js
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:4::44 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
04ce7996d3c5ebe59af964f711240d117e4d2b18ad22ab3a1e6a76b4703791ed

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 May 2020 17:32:34 GMT
content-encoding
br
last-modified
Thu, 30 Apr 2020 15:50:00 GMT
server
nginx/1.17.9
status
200
etag
W/"67fb491dc81960df96f6da45646c6754"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
x-yc-s3-bucket-tags
{}
gift.client.ru.65b0.js
yastat.net/s3/plus/landing/build/static/ 		93 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastat.net/s3/plus/landing/build/static/gift.client.ru.65b0.js
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:4::44 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
b7193bfacc6099b7bc487838ee5f9c74e15f03f4bced58ac5ba059e18e16f52a

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 May 2020 17:32:34 GMT
content-encoding
br
last-modified
Wed, 13 May 2020 14:04:58 GMT
server
nginx/1.17.9
status
200
etag
W/"ba871d4aacffc83e2b95a45ffc27875a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
x-yc-s3-bucket-tags
{}
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6b8104563450f5c848642011c32dc6fdaeda54250407d7a17c8e572a2449a04

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f12cb55eee5e0057acfad12126adba220f0950b7542498ddba4cffeed24e3b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
PyVcRbwHetz0gOVWLonWH7Od8zM.woff2
yastatic.net/islands/_/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/islands/_/PyVcRbwHetz0gOVWLonWH7Od8zM.woff2
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
de4fb43ce43b6134c3e063b137f3933c046f2d4829a8687127c6e49fa6248ecd
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://yastat.net/s3/plus/landing/build/static/main.ru.abf2.css
Origin
https://plus.yandex.by

Response headers

date
Wed, 13 May 2020 17:32:34 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 1, "success_fraction": 0.001, "failure_fraction": 0.1}
status
200
content-length
37556
x-nginx-request-id
415e4517e2e725d3
last-modified
Tue, 22 Jan 2019 17:13:11 GMT
server
nginx/1.17.9
etag
"a14e74e2823c691e357a82324da5ded4"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 1, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 May 2020 05:31:51 GMT
f186fde92f484e7c531815a101930066.jpg
yastat.net/s3/plus/landing/build/_/ 		754 KB
755 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yastat.net/s3/plus/landing/build/_/f186fde92f484e7c531815a101930066.jpg
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:4::44 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
5994d37695662f451229eb78f60357369617687d904b87daaa646a63ccedef00

Request headers

Referer
https://yastat.net/s3/plus/landing/build/static/8.ru.68a4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 May 2020 17:32:34 GMT
last-modified
Tue, 14 Apr 2020 14:15:54 GMT
server
nginx/1.17.9
status
200
etag
"f186fde92f484e7c531815a101930066"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
x-yc-s3-bucket-tags
{}
content-length
772091
7_GKBdKFbUPzKlghJRv55xgz0FQ.woff2
yastatic.net/islands/_/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/islands/_/7_GKBdKFbUPzKlghJRv55xgz0FQ.woff2
Requested by
Host: plus.yandex.by
URL: https://plus.yandex.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
f0aa37cda27c0a4cba5fa7dffe585cd358235ddf052afc950d7aa35f73d7b3f1
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://yastat.net/s3/plus/landing/build/static/main.ru.abf2.css
Origin
https://plus.yandex.by

Response headers

date
Wed, 13 May 2020 17:32:34 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 1, "success_fraction": 0.001, "failure_fraction": 0.1}
status
200
content-length
38808
x-nginx-request-id
4643c0b41e823beb
last-modified
Tue, 22 Jan 2019 17:04:09 GMT
server
nginx/1.17.9
etag
"d01b18c78b2fc8fba89144f7c9865735"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 1, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 May 2020 05:31:54 GMT
1
mc.yandex.ru/watch/3/ 		35 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fplus.yandex.by%2F&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Afu%3A2%3Av%3A1850%3Arqnl%3A1%3Ast%3A1589391154%3Au%3A
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 13 May 2020 17:32:34 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13-May-2020 17:32:34 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://plus.yandex.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
35
X-XSS-Protection
1; mode=block
Expires
Wed, 13-May-2020 17:32:34 GMT
nearest.js
yastatic.net/ 		27 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/nearest.js
Requested by
Host: yastat.net
URL: https://yastat.net/s3/plus/landing/build/static/vendors~main.client.ru.5521.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9a1b8043f270bf5155279b03e069e1b5ae2f63bca0f7d6cb6212541645e2c76c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://plus.yandex.by/
Origin
https://plus.yandex.by

Response headers

date
Wed, 13 May 2020 17:32:34 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2020 17:30:01 GMT
server
nginx/1.17.9
etag
W/"5ebc2e99-1b"
status
200
content-type
application/x-javascript
access-control-allow-origin
*
timing-allow-origin
*
_lego-cc.en.js
yastatic.net/q/global-notifications/cc/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/global-notifications/cc/_lego-cc.en.js
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
bf38fea3891aa66ac078ae94f0afa7ca0998116f2a21ce3d1b021cc334c538b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 17:32:34 GMT
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 1, "success_fraction": 0.001, "failure_fraction": 0.1}
status
200
content-length
4685
last-modified
Mon, 02 Mar 2020 13:24:39 GMT
server
nginx/1.17.9
etag
"5e5d0917-124d"
strict-transport-security
max-age=31536000
report-to
{ "group": "network-errors", "max_age": 1, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 May 2020 05:29:49 GMT
click
yandex.ru/clck/ 		43 B
347 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/clck/click
Requested by
Host: yastat.net
URL: https://yastat.net/s3/plus/landing/build/static/vendors~main.client.ru.5521.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://plus.yandex.by
content-length
43
x-content-type-options
nosniff
content-type
image/gif
click
yandex.ru/clck/ 		43 B
210 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/clck/click
Requested by
Host: yastat.net
URL: https://yastat.net/s3/plus/landing/build/static/vendors~main.client.ru.5521.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://plus.yandex.by
content-length
43
x-content-type-options
nosniff
content-type
image/gif
click
yandex.ru/clck/ 		43 B
212 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/clck/click
Requested by
Host: yastat.net
URL: https://yastat.net/s3/plus/landing/build/static/vendors~main.client.ru.5521.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://plus.yandex.by
content-length
43
x-content-type-options
nosniff
content-type
image/gif
click
yandex.ru/clck/ 		43 B
68 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/clck/click
Requested by
Host: yastat.net
URL: https://yastat.net/s3/plus/landing/build/static/vendors~main.client.ru.5521.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plus.yandex.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://plus.yandex.by
content-length
43
x-content-type-options
nosniff
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Ya object| Pace function| $ object| __PRELOADED_STATE__ object| nodeList object| lazyBackgrounds object| lazyBackgroundObserver object| __LOADABLE_LOADED_CHUNKS__ object| __core-js_shared__ object| core object| yaCounter54321510 string| YaStaticRegion

2 Cookies

Domain/Path Name / Value
.yandex.by/ Name: _ym_wasSynced
Value: %7B%22time%22%3A1589391154284%2C%22params%22%3A%7B%22eu%22%3A1%7D%2C%22bkParams%22%3A%7B%7D%7D
.yandex.by/ Name: yandexuid
Value: 5709094261589391153

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'nonce-+VLoQonJAndGxKP6JeWU6Q==' yastatic.net yastat.net mc.yandex.ru mc.webvisor.com mc.webvisor.org export.yandex.ru export.yandex.kz export.yandex.by export.yandex.com *.s3.mds.yandex.net *.s3.yandex.net; style-src 'self' 'unsafe-inline' yastatic.net yastat.net *.s3.mds.yandex.net *.s3.yandex.net; font-src 'self' yastatic.net yastat.net; img-src 'self' data: yastatic.net yastat.net mc.webvisor.com mc.webvisor.org mc.yandex.ru mc.admetrica.ru avatars.mds.yandex.net avatars.mdst.yandex.net mc.yandex.ru mc.yandex.ua mc.yandex.by mc.yandex.kz mc.yandex.com mc.yandex.com.tr *.s3.mds.yandex.net *.s3.yandex.net; frame-src 'self' blob: mc.yandex.ru https://trust.yandex.ru https://trust.yandex.kz https://trust.yandex.by https://trust.yandex.com music.yandex.ru jmb.alfabank.ru www.tinkoff.ru sense.alfabank.ru online.alfabank.ru yandex.st anketa.alfabank.ru s4.money.yandex.net yandex.ru payment-widget.ott.yandex.ru trust-ext-cert-proxy-test.paysys.yandex.ru https://yandexplus2020.ailove.ru/ yastat.net; child-src 'self' blob: mc.yandex.ru; connect-src 'self' mc.webvisor.com mc.webvisor.org mc.yandex.ru mc.admetrica.ru https://yandex.ru yandex.ru api.ott.yandex.ru *.s3.yandex.net *.s3.mdst.yandex.net *.s3.mds.yandex.net; media-src yastatic.net yastat.net; frame-ancestors webvisor.com *.webvisor.com http://webvisor.com http://*.webvisor.com; report-uri https://csp.yandex.net/csp?from=plus&project=plus&yandex_login=&yandexuid=;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mc.yandex.ru
plus.yandex.by
yandex.ru
yastat.net
yastatic.net
2a02:6b8:20::215
2a02:6b8:4::44
2a02:6b8::12d
2a02:6b8::1:119
2a02:6b8:a::a
04ce7996d3c5ebe59af964f711240d117e4d2b18ad22ab3a1e6a76b4703791ed
186c78145d95f65be999e0a3579762abb21c7c10ffb4a66f9d2421d72cefcd3b
18b4d3e3e996bd9a9a1ae4959836e1f47e3d1e5296a3c01606c55a7d3ca21d74
2551d25173db3e0001c139b284630dfff9e740b2ba6c002a860d6f4fef94c34d
362e69ea96f68d1c9ae2549c908c4549a2cd67974046eb3c08db7b49ac539a65
40908c1aff236feee6f6a08a0668881740ce32734564835f1937ac9c86ca523c
5994d37695662f451229eb78f60357369617687d904b87daaa646a63ccedef00
5e519c5ac317fdf9d6f0436d0a2651e810a0bac8428e07653e5ca2ed607b38f6
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
7f12cb55eee5e0057acfad12126adba220f0950b7542498ddba4cffeed24e3b8
9a1b8043f270bf5155279b03e069e1b5ae2f63bca0f7d6cb6212541645e2c76c
ac1e387eb775fff4da1679549156023b6d56dba4c365305fd3cce9cdfe79723b
b2083ad170d365f8559476453b82ae5c632640ffa7eaf3463b96954fe857610e
b46b617aa7c64aa2c4de833902d767b1dd3514fdcef9ca49ede451c295d76465
b7193bfacc6099b7bc487838ee5f9c74e15f03f4bced58ac5ba059e18e16f52a
bf38fea3891aa66ac078ae94f0afa7ca0998116f2a21ce3d1b021cc334c538b8
d5026a9ba8079e3f8a348a8514a876f4e0595cc2df8782139e2b0735d5b769ce
d6b8104563450f5c848642011c32dc6fdaeda54250407d7a17c8e572a2449a04
de4fb43ce43b6134c3e063b137f3933c046f2d4829a8687127c6e49fa6248ecd
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f0aa37cda27c0a4cba5fa7dffe585cd358235ddf052afc950d7aa35f73d7b3f1