wp1.infotic-agricole.ndzjp.spectrum.myjino.ru
Open in
urlscan Pro
81.177.135.150
Malicious Activity!
Public Scan
Effective URL: http://wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/e44ff8f8d39cdb9/details.php
Submission: On April 08 via api from IE
Summary
This is the only time wp1.infotic-agricole.ndzjp.spectrum.myjino.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swiss Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:10:... 2606:4700:10::6814:8b41 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 74.124.214.202 74.124.214.202 | 17139 (NETRANGE) (NETRANGE) | |
1 21 | 81.177.135.150 81.177.135.150 | 8342 (RTCOMM-AS) (RTCOMM-AS) | |
21 | 2 |
ASN8342 (RTCOMM-AS, RU)
PTR: srv189-sp-st.jino.ru
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
myjino.ru
1 redirects
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru |
7 MB |
1 |
ram16.org
ram16.org |
494 B |
1 |
tinyurl.com
1 redirects
tinyurl.com |
544 B |
21 | 3 |
Domain | Requested by | |
---|---|---|
21 | wp1.infotic-agricole.ndzjp.spectrum.myjino.ru |
1 redirects
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru
|
1 | ram16.org | |
1 | tinyurl.com | 1 redirects |
21 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ram16.org R3 |
2021-03-04 - 2021-06-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/e44ff8f8d39cdb9/details.php
Frame ID: 4BF2D1F8CB6220A8009421485123C3A0
Requests: 21 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://tinyurl.com/4rpfre2h
HTTP 301
https://ram16.org/wp-includes/certificates/index.php Page URL
-
http://wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/
HTTP 302
http://wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/e44ff8f8d39cdb9/details.php Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tinyurl.com/4rpfre2h
HTTP 301
https://ram16.org/wp-includes/certificates/index.php Page URL
-
http://wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/
HTTP 302
http://wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/e44ff8f8d39cdb9/details.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://tinyurl.com/4rpfre2h HTTP 301
- https://ram16.org/wp-includes/certificates/index.php
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
index.php
ram16.org/wp-includes/certificates/ Redirect Chain
|
286 B 494 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
details.php
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/e44ff8f8d39cdb9/ Redirect Chain
|
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/css/ |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
helpers.css
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/css/ |
41 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/css/ |
4 KB 734 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
left-img.png
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/images/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
left-img2.png
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-left.png
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/images/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-right.png
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/images/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-right2.png
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/images/ |
632 B 632 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
features.png
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social.png
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/images/ |
6 MB 6 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-top.png
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/images/ |
169 KB 169 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-bottom.png
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popper.min.js
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/js/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/js/ |
57 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome.min.js
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/js/ |
1 MB 379 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/js/ |
2 KB 882 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow.png
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/suiss/ko/of/assets/images/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swiss Post (Transportation)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| isShift string| seperator string| dash function| cc_date function| date_of_birth1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru/ | Name: PHPSESSID Value: e26d5bcb11d8af830a8c6d9a2ad4dd25 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ram16.org
tinyurl.com
wp1.infotic-agricole.ndzjp.spectrum.myjino.ru
2606:4700:10::6814:8b41
74.124.214.202
81.177.135.150
01afaa4be553978a1e63d908f29ccc59c2ccb1e182af54fa8ccfc1f74aee74ed
213e1c07e15eea7f20b56e8dab08ce45429188b20c55cd91d45c84cdda5c0635
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
23df17a2ec1e0a9cc543334728f1542cf0eceda2c5c7b99a271034a9a83cd548
282e8c3e8461329dc63d1bf35498eb028e8289e77357bce6aed9ff38853c1d45
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2d3a854feeb66b1042fcb8120f2ad85c303faa230e0babde41eaffcf4dd52430
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
592677c8a96bf971c929020ff8b480a0c7d374cbba0915a2cce59f7a0b6f8b8b
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60d8cfdf250b5589ff59f00b264cccc72ef49a8be4b65c6fe071259d607b0fc4
79a6a69988786984a1dd334a09017145806dd3927f757f5a455ddcc2722df07a
9d035d613a98b091036776e64df78da50b1ad211f683e17d071ab74962acd5d7
b9260c5891269f8d4d0b80ea0f42f202129bbf7de67094d34c7a75c21dbe90f9
ce1bf32e6bd4dde0e6253a7a5bc19e3e843aad49cdf607c48d06773452739f24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63cb005c0f146469afd4b0021b20baece115f3bb39021c70395c9d13bccc628
ebeedd0ebc527fad2ed18306d33ce27674423acdcdd9314c2e6b214ed4be70f5
eed334187b86a27ec3563f62b2df0daed06d153c5dc19b92bd004bffb2962ce8
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765