zaimcraft.ru
Open in
urlscan Pro
87.236.16.49
Public Scan
Effective URL: https://zaimcraft.ru/web/ndcube/webmail/index2?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post...
Submission: On November 23 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 8th 2020. Valid for: 3 months.
This is the only time zaimcraft.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 166.62.28.86 166.62.28.86 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 23 | 87.236.16.49 87.236.16.49 | 198610 (BEGET-AS) (BEGET-AS) | |
25 | 3 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-166-62-28-86.ip.secureserver.net
aggcon.com |
ASN198610 (BEGET-AS, RU)
PTR: ssl.sectoid.beget.com
zaimcraft.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
zaimcraft.ru
1 redirects
zaimcraft.ru |
118 KB |
3 |
aggcon.com
aggcon.com |
2 KB |
25 | 2 |
Domain | Requested by | |
---|---|---|
23 | zaimcraft.ru |
1 redirects
zaimcraft.ru
|
3 | aggcon.com | |
25 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
zaimcraft.ru Let's Encrypt Authority X3 |
2020-11-08 - 2021-02-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://zaimcraft.ru/web/ndcube/webmail/index2?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code+id_token&scope=openid+profile&state=OpenIdConnect.AuthenticationProperties%3donpDpYbVA9UXVeosIVrA2-DRa_7W9BcPErYg_pHkzLEm2C1CXJyT7zl-TTnGm7GUwNa28IqVdMPLDfTu22Vkx9jLw7ulhKTeOy8b3tB1XrriWmPomqxiCJyQbvHmEDVD&nonce=636905940261455591.NGY1NDc0NjYtYTUyNi00NzQ5LWE0NTEtMzY4ZTkxMjBlOTc1MGJlMDllZmQtODE0Ni00N2U2LWI2MjctZjYyYzcxODY2ZmM3&redirect_uri=https%3a%2f%2fwww.office.com%2f&ui_locales=en-US&mkt=en-US&client-request-id=dbf14819-814f-4fc4-b446-9ee8f4d1cdc6
Frame ID: 8DD55CC2793E14BD048CEDABCF367B63
Requests: 26 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://aggcon.com/ab/index38.php Page URL
- http://aggcon.com/ab/index38.php?email= Page URL
- http://aggcon.com/ab/index38.php?email= Page URL
-
https://zaimcraft.ru/web/ndcube/webmail/?email=
HTTP 302
https://zaimcraft.ru/web/ndcube/webmail/index2?client_id=4345a7b9-9a63-4910-a426-35363201d503&res... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://aggcon.com/ab/index38.php Page URL
- http://aggcon.com/ab/index38.php?email= Page URL
- http://aggcon.com/ab/index38.php?email= Page URL
-
https://zaimcraft.ru/web/ndcube/webmail/?email=
HTTP 302
https://zaimcraft.ru/web/ndcube/webmail/index2?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code+id_token&scope=openid+profile&state=OpenIdConnect.AuthenticationProperties%3donpDpYbVA9UXVeosIVrA2-DRa_7W9BcPErYg_pHkzLEm2C1CXJyT7zl-TTnGm7GUwNa28IqVdMPLDfTu22Vkx9jLw7ulhKTeOy8b3tB1XrriWmPomqxiCJyQbvHmEDVD&nonce=636905940261455591.NGY1NDc0NjYtYTUyNi00NzQ5LWE0NTEtMzY4ZTkxMjBlOTc1MGJlMDllZmQtODE0Ni00N2U2LWI2MjctZjYyYzcxODY2ZmM3&redirect_uri=https%3a%2f%2fwww.office.com%2f&ui_locales=en-US&mkt=en-US&client-request-id=dbf14819-814f-4fc4-b446-9ee8f4d1cdc6 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
index38.php
aggcon.com/ab/ |
650 B 889 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index38.php
aggcon.com/ab/ |
650 B 799 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index38.php
aggcon.com/ab/ |
690 B 824 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index2
zaimcraft.ru/web/ndcube/webmail/ Redirect Chain
|
9 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index2A.js
zaimcraft.ru/web/ndcube/webmail/js/ |
40 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index2B.js
zaimcraft.ru/web/ndcube/webmail/js/ |
14 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index2C.js
zaimcraft.ru/web/ndcube/webmail/js/ |
19 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index2D.js
zaimcraft.ru/web/ndcube/webmail/js/ |
100 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open_sans.min.css
zaimcraft.ru/web/ndcube/webmail/files/ |
5 KB 716 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style_v2_optimized.css
zaimcraft.ru/web/ndcube/webmail/files/ |
116 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
zaimcraft.ru/web/ndcube/webmail/Resources/ |
82 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notice-error.png
zaimcraft.ru/web/ndcube/webmail/files/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notice-info.png
zaimcraft.ru/web/ndcube/webmail/files/images/ |
976 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notice-success.png
zaimcraft.ru/web/ndcube/webmail/files/images/ |
962 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
warning.png
zaimcraft.ru/web/ndcube/webmail/files/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webmail-logo.svg
zaimcraft.ru/web/ndcube/webmail/files/images/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-username.png
zaimcraft.ru/web/ndcube/webmail/files/images/ |
320 B 506 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Regular-webfont.woff
zaimcraft.ru/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-password.png
zaimcraft.ru/web/ndcube/webmail/files/images/ |
450 B 635 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Semibold-webfont.woff
zaimcraft.ru/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Bold-webfont.woff
zaimcraft.ru/web/ndcube/webmail/files/fonts/open_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Webmail.js
zaimcraft.ru/web/ndcube/webmail/Resources/ |
12 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Bold-webfont.ttf
zaimcraft.ru/web/ndcube/webmail/files/fonts/open_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Regular-webfont.ttf
zaimcraft.ru/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Semibold-webfont.ttf
zaimcraft.ru/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
55 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _0x4581 function| _0x5251 function| _0x115dc0 function| _0x3c8fc4 function| _0x421ab4 function| _0x2d4b0a function| _0xaf2ef4 object| erp string| em function| _0x5353e1 number| tmp function| $ function| jQuery object| DOM object| _0x2bbe function| _0x4110 function| _0x1468f1 function| _0x192f07 function| _0x1dd4f4 function| _0x231833 function| _0x2c7793 function| _0x41e433 object| _0xe887 function| _0xfd0a function| _0x416af7 function| _0x2dac50 function| _0x32791c function| _0x3b8bf function| _0x20db63 function| _0x42ae46 object| _0x4cca function| _0x128b function| _0x469bc6 function| _0xf3202d function| _0x5adc06 function| _0x190e44 function| _0x31b1e2 function| _0x4c5df2 object| _0x3eac function| _0x21a4 function| _0x229c47 function| _0x2c33b1 function| _0x18804c function| _0x1c67d6 function| _0x56c48f function| _0xc626281 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
zaimcraft.ru/ | Name: PHPSESSID Value: 3b31aa0d7764db9a9723698c0ee01a07 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aggcon.com
zaimcraft.ru
166.62.28.86
87.236.16.49
05ce0f813e6236158fa1d115faba62cd2041aab1878cac0960a0f45575cece1e
1060ba101d2a066d2f490291232af6df4fbc9d1285501c4c04b0e3249323da85
1bc427b6ae83b2798e3f89a2816ec833db6bd11e9be9078cea0117389aa63fcf
24130a12aac654a3c3fb631f98d27f50444f0cbb67186dee753c91dfdbdba9d7
29bf37ada02f917353bbb5bb180aff2b7194c1a59a1ee659e0f38b8ac0e4c932
2c80dfe1071f990fee31dd3c9df73bad30787475d5f316e6694e9d77450a94b2
420db99eeab7a59b852f47b5a52ff4fb32ea5cc2ff0c8be172b3b96f35daddad
43a064f12248084d1c12d54942e0b419b6f7ebd7f4c38f2e8622c0f26f67ec1e
55ea764a6121b909f23fbe1f5f20fb80f51eedba6cb714f15f595f52f673b718
70667a94ef79118b93b13b1cb41fcb11b09e8fd3ce0c9c82680ed5f991ba9a32
7ecb82019606d891c5197d2f8ba24ec323d9b10a089facc82d089ff1ec3d399b
95f8a142dd96c310afeb75329ef504f162ab3102a81fc07f20b268361990f526
998cd48cdc0414f694d0a3a299dd2beb1134769d5666c7e5567e7d20b4174ef8
a02998df88a6efb0baa526796b2b682ce9fdd6471ceb19170b326320f22f7053
a0e6b41edb24e20a727b350814ce28e2763629832ecf3a036493a6ca90cb5f62
bcaf01928e5c7246ab0bb7e83f609b485a67a5e442d3dd94539a883c11fb70cd
cafbe3036533fe094931f5745f8cb9962a34409522e93d63ac8427acb9a02c79
cf8fbe43bc5472e812987e18da36bae408d5f05734167a8be2147a452a10a423
e1f3e51f3293390b5293092fdf904becb59a1b2358e1d2eedf07a2bab1c4c72c