danli.mandl.ru Open in urlscan Pro
2606:4700:3034::6815:3d55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://danli.mandl.ru/
Submission: On August 24 via api (August 24th 2023, 9:39:33 am UTC) from IN — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3034::6815:3d55, located in United States and belongs to CLOUDFLARENET, US. The main domain is danli.mandl.ru.

This is the only time danli.mandl.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 12	2606:4700:303... 2606:4700:3034::6815:3d55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	3

12 2606:4700:3034::6815:3d55 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

danli.mandl.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	mandl.ru 1 redirects danli.mandl.ru	149 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6115	20 KB
17	2

	Domain	Requested by
12	danli.mandl.ru	1 redirects danli.mandl.ru
4	challenges.cloudflare.com	danli.mandl.ru challenges.cloudflare.com
17	2

This site contains no links.

Subject Issuer	Validity	Valid
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://danli.mandl.ru/
Frame ID: 6542AF20D96A122951F4FB2B8CE52338
Requests: 15 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hoaxp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 9EC0355F44658F533DD40406F4E8C018
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/3l2u5/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: BA24E9F8719C1E4FC4F70BD44F73F648
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page URL History Show full URLs

http://danli.mandl.ru/ Page URL
http://danli.mandl.ru/cdn-cgi/phish-bypass?atok=yyaQwQD06TOB2jeLKOoFZgDWK0qhAtsaoeR6Q32vcSI-169286... HTTP 301
http://danli.mandl.ru/ Page URL
http://danli.mandl.ru/ Page URL

Page Statistics

17
Requests

24 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

168 kB
Transfer

446 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://danli.mandl.ru/ Page URL
http://danli.mandl.ru/cdn-cgi/phish-bypass?atok=yyaQwQD06TOB2jeLKOoFZgDWK0qhAtsaoeR6Q32vcSI-1692869964-0-%2F HTTP 301
http://danli.mandl.ru/ Page URL
http://danli.mandl.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://danli.mandl.ru/cdn-cgi/phish-bypass?atok=yyaQwQD06TOB2jeLKOoFZgDWK0qhAtsaoeR6Q32vcSI-1692869964-0-%2F HTTP 301
http://danli.mandl.ru/

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
danli.mandl.ru/ 4 KB
2 KB 190ms
26ms Document
text/html 2606:4700:3034::6815:3d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://danli.mandl.ru/

Protocol

HTTP/1.1

Server

2606:4700:3034::6815:3d55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4d4cb8d2be23a4d9871de8d153dac3aaaf93d253059c988a3c151c482a571a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-RAY: 7fbaa0bb5af1bbb6-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Aug 2023 09:39:24 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWYQ9iDCB%2FGcFW7RfveDTtG4K0tQ6OQjrXPyH6Ti3WEL8ivx%2BfU0LBz8rlbYBokOgxXHbX77ZB8jaDLCtQDxTKVrEZggocTxYXYJyMl5H5VB7jt4Viuw8JHM3XSLfZuR%2FGaP9L1q5vtDXVKCFA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK cf.errors.css
danli.mandl.ru/cdn-cgi/styles/ 24 KB
5 KB 16ms
15ms Stylesheet
text/css 2606:4700:3034::6815:3d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://danli.mandl.ru/cdn-cgi/styles/cf.errors.css

Requested by

Host: danli.mandl.ru
URL: http://danli.mandl.ru/

Protocol

HTTP/1.1

Server

2606:4700:3034::6815:3d55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://danli.mandl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 09:39:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 21 Aug 2023 16:25:27 GMT
Server: cloudflare
ETag: W/"64e38ff7-5e44"
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=7200, public
Connection: keep-alive
CF-RAY: 7fbaa0bb8b58bbb6-FRA
Expires: Thu, 24 Aug 2023 11:39:24 GMT

GET
H/1.1 200
OK icon-exclamation.png
danli.mandl.ru/cdn-cgi/images/ 452 B
889 B 15ms
15ms Image
image/png 2606:4700:3034::6815:3d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://danli.mandl.ru/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: danli.mandl.ru
URL: http://danli.mandl.ru/cdn-cgi/styles/cf.errors.css

Protocol

HTTP/1.1

Server

2606:4700:3034::6815:3d55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://danli.mandl.ru/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 09:39:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 21 Aug 2023 16:25:27 GMT
Server: cloudflare
ETag: "64e38ff7-1c4"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=7200, public
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7fbaa0bcee1bbbb6-FRA
Content-Length: 452
Expires: Thu, 24 Aug 2023 11:39:24 GMT

GET
H/1.1

403
Forbidden

/ Show response
danli.mandl.ru/
Redirect Chain

http://danli.mandl.ru/cdn-cgi/phish-bypass?atok=yyaQwQD06TOB2jeLKOoFZgDWK0qhAtsaoeR6Q32vcSI-1692869964-0-%2F
http://danli.mandl.ru/

5 KB
5 KB

21ms
21ms

Document
text/html

2606:4700:3034::6815:3d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://danli.mandl.ru/

Protocol

HTTP/1.1

Server

2606:4700:3034::6815:3d55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9e15cfbbf49fcd27def8906e10040db5ff7662a30aea9d9d2ca98e941d8315d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://danli.mandl.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-RAY: 7fbaa0d979bebbb6-FRA
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Thu, 24 Aug 2023 09:39:28 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygaFQ%2FA%2Flb%2FTrehP%2FwBVokQDDN2t4zxx3uzZJkKrR4zIX27TDCNzVNYhkcIwXMbDLoythwYinDpmAPbQ8McnEoABrxHb47YkP4rD7S04neV%2FSN3nmRZ1Uo1SDUIS%2Bm3KUZh27mpHXAyQbXWK4g%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
alt-svc: h3=":443"; ma=86400
cf-mitigated: challenge

Redirect headers

CF-RAY: 7fbaa0d9699cbbb6-FRA
Cache-Control: private, no-cache
Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Thu, 24 Aug 2023 09:39:28 GMT
Location: http://danli.mandl.ru/
Server: cloudflare
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

GET
H/1.1 200
OK v1 Show response
danli.mandl.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 162 KB
55 KB 29ms
23ms Script
application/javascript 2606:4700:3034::6815:3d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fbaa0d979bebbb6
Requested by: Host: danli.mandl.ru
URL: http://danli.mandl.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3d55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a857b5f6394050090645c48945139a5cc0ce327474eae435992d884fff1aaed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://danli.mandl.ru/?__cf_chl_rt_tk=P8WX4AE0GmI176r1eRN.2P9aIIAx2AomyZF0aOvCo2Q-1692869968-0-gaNycGzNB2U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 09:39:28 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfQ7dSArXTy3msb65wC0Cx1YLA%2F8Ye8hsEPso03RJhxiHY7SplQWD1oHw4omuhixJzRnd1%2Fafdn%2BB0go92RKNgw228hIzyo%2FNFb5yTe857rUjw%2FGec1QhaHO7arr%2BRP19ETR53rwiaoJ6ejXNw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
CF-RAY: 7fbaa0d9ccac37ea-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/313d8a27/ 29 KB
10 KB 86ms
44ms Script
application/javascript 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit
Requested by: Host: danli.mandl.ru
URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fbaa0d979bebbb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed

Request headers

Referer
Origin: http://danli.mandl.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 09:39:29 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7fbaa0da481fbb79-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 6b11724c-78c7-4061-80cb-5306274a9047
http://danli.mandl.ru/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://danli.mandl.ru/6b11724c-78c7-4061-80cb-5306274a9047
Requested by: Host: danli.mandl.ru
URL: http://danli.mandl.ru/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://danli.mandl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H/1.1 200
OK 257e559018db385 Show response
danli.mandl.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/262567872:1692868038:CKVL8KFHavLwePFFKh6vGjTLz0aApOFRNOmE8h-XKsU/7fbaa0d979bebbb6/ 10 KB
8 KB 27ms
27ms XHR
text/plain 2606:4700:3034::6815:3d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/262567872:1692868038:CKVL8KFHavLwePFFKh6vGjTLz0aApOFRNOmE8h-XKsU/7fbaa0d979bebbb6/257e559018db385
Requested by: Host: danli.mandl.ru
URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fbaa0d979bebbb6
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3d55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d32eabd56a583a97a70339a6beedd1be08b12af56498c1bf6c637d42443c2a2

Request headers

Referer: http://danli.mandl.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
CF-Challenge: 257e559018db385
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 24 Aug 2023 09:39:29 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IL4RdXelQ%2BNKF8ux7S35myaYCV4IxftRfQTaWZwVWenx1HqddI6RwWytmUtQDivZ8MfpTTQa1dzuwRpyQXqTss1Tdayaci9IdK794jtnKq8%2F4X1j8aa1ZcWOyafpWgu7rRM3DxsxQ9gRaRE0YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
CF-RAY: 7fbaa0daadf137ea-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: JMsDxSqrtu8fkl+MiLCjkL6OANB14HOJUG8nKWPDDHaiy9r52d7RHydpsrxzPZIQ$WVXDy5ZlG4FlXi6atLiX2A==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hoaxp/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 9EC0 0
0 34ms
24ms Document
text/html 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hoaxp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7fbaa0db0d4f195c-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 09:39:29 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H/1.1 200
OK 257e559018db385 Show response
danli.mandl.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/262567872:1692868038:CKVL8KFHavLwePFFKh6vGjTLz0aApOFRNOmE8h-XKsU/7fbaa0d979bebbb6/ 2 KB
3 KB 21ms
21ms XHR
text/html 2606:4700:3034::6815:3d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/262567872:1692868038:CKVL8KFHavLwePFFKh6vGjTLz0aApOFRNOmE8h-XKsU/7fbaa0d979bebbb6/257e559018db385
Requested by: Host: danli.mandl.ru
URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fbaa0d979bebbb6
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3d55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1aa6096a47f8926d45fbc3629b8e56c599402a52755a4a7aac0d1300a8434d5

Request headers

Referer: http://danli.mandl.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
CF-Challenge: 257e559018db385
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: 0DD+grw7UCcNFlv15Co0cpM5nX0X0t3ie0Iq9vKS6YvOB6quRk3g9ThksgN06jJJVVWDs/kdc+0cS1EzpDnACDHKPUq7zU70fOvt5RTm9SE=$pfY46ze2FwKG4qgoRKuujQ==
cf-chl-out-s: UvbvJcCZeUyFK/PPoBzRZ2utUQVslK0mxQJAyXPVwIJfETf8hO6yPvsX+y/p9CdkZ2wQ81+ytSYLBgQtSKApCgtucI73s+lU6uALJpzzZSO+bC0es+3jcRIP18w+r9fz7Bj71QBvFFvc4nrXmICrP06v1+QTMK2GZt4SFjmh7CvluYgboRsKFdlvoI0SV/byd+35vR4Qe8DBn0fA34GWaQ==$nO0USyDPiTKld9moNl5r0Q==
Date: Thu, 24 Aug 2023 09:39:29 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwMIpEqAEU2gxvqzk2sC3O0ToNBNW%2Fx2Fz%2FCtDUOWXuOCpy6RVAyGm10C9BWFh8bAl4LqU4UZ7RhaeMREsD1QX6YxB2x2njnYhHrtDGtUA7AQTcQ0U1bD%2Bn6HtUrCO8Pj8eoOBxQmmRtiTgs6A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
CF-RAY: 7fbaa0dc987c37ea-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 403
Forbidden Primary Request / Show response
danli.mandl.ru/ 5 KB
5 KB 20ms
18ms Document
text/html 2606:4700:3034::6815:3d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://danli.mandl.ru/

Requested by

Host: danli.mandl.ru
URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fbaa0d979bebbb6

Protocol

HTTP/1.1

Server

2606:4700:3034::6815:3d55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55df56d7b19d32b049585f75a24864e8fe09fae96f88682841ce446237e454c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://danli.mandl.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-RAY: 7fbaa0ecd89a37ea-FRA
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Thu, 24 Aug 2023 09:39:31 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtCxYPJQ%2FGPGVWOn2U8lB2zPQxzSRVbu4YAM3%2FKxoKQlj5n%2FDZXlHhJPjYM6%2FLXb9IwC6DPSjb92B6x1Pl%2BRLTd%2BnZnuxbz3oWMaRd5vVUoByO0h1ffkK2uTqJWvWmz25AwKHTfSO4LW01fktw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
alt-svc: h3=":443"; ma=86400
cf-mitigated: challenge

GET
H/1.1 200
OK v1 Show response
danli.mandl.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 164 KB
54 KB 51ms
44ms Script
application/javascript 2606:4700:3034::6815:3d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fbaa0ecd89a37ea
Requested by: Host: danli.mandl.ru
URL: http://danli.mandl.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3d55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0088e6e5d52d06b588039afd30b03c9efff9b3f634870a02ea14f44bc715633

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://danli.mandl.ru/?__cf_chl_rt_tk=DsaOpyeoi2IRZcjBf72wj1ixtEJ3G9F6GB8FJZynvFg-1692869971-0-gaNycGzNB3s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 09:39:32 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alsdqvTjGYqytj%2BKWMLI79lhRRQwQwquj%2B%2F6mM5thsuRl5bCeKtr%2BQmgZn8ubJvVZsAfurmts5M7KzSjx%2BG4x1W2Cm27W8TdegMxUC%2BNYn7yTtGBJrY7zWD%2BEAfNxvwK%2FVUmZ5a%2FpZwkUhhqDw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
CF-RAY: 7fbaa0ed3cac9a2a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/313d8a27/ 29 KB
10 KB 42ms
41ms Script
application/javascript 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit
Requested by: Host: danli.mandl.ru
URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fbaa0ecd89a37ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed

Request headers

Referer
Origin: http://danli.mandl.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 09:39:32 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7fbaa0edbcb7bb79-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK c6edb83c-2b0b-4e86-936c-9902fe6db067
http://danli.mandl.ru/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://danli.mandl.ru/c6edb83c-2b0b-4e86-936c-9902fe6db067
Requested by: Host: danli.mandl.ru
URL: http://danli.mandl.ru/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://danli.mandl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H/1.1 200
OK 54f789fb5b116f6 Show response
danli.mandl.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/885526586:1692868086:kJx-4Pyqzt0_alg2DWU7FKzIh5NM5cvwGF_T7ae2ZZw/7fbaa0ecd89a37ea/ 10 KB
8 KB 26ms
25ms XHR
text/plain 2606:4700:3034::6815:3d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/885526586:1692868086:kJx-4Pyqzt0_alg2DWU7FKzIh5NM5cvwGF_T7ae2ZZw/7fbaa0ecd89a37ea/54f789fb5b116f6
Requested by: Host: danli.mandl.ru
URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fbaa0ecd89a37ea
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3d55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd507cb64b35f448ed9c7cf310b4386b08fb3ec18253e5a9a727ef244e82d104

Request headers

Referer: http://danli.mandl.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
CF-Challenge: 54f789fb5b116f6
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 24 Aug 2023 09:39:32 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmRoZnVC1h7A7Bq4MX2x4F21jh0fUPpWt%2B%2FwYpevbC3iZ1Y2ATiGSAkGqKJvv4qQvUQIJ0xVhAFdI3%2FUua%2FrefpNCmy0sRr7euY%2FyjQ6x6rWOQvsEdmZNavJADOpo%2BTS2AdKr52Hivy6pGfFUw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
CF-RAY: 7fbaa0ee6e759a2a-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: buiSWT6oFJKQkwyF5mkEaPcnOcG7AlZwvsmBQ4OxswhOcxQ4ksR+FDJdKVV3peDo$dCZBXKFG9RmkTHixjkI3OA==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/3l2u5/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame BA24 0
0 16ms
16ms Document
text/html 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/3l2u5/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7fbaa0eeef5d195c-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 09:39:32 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H/1.1 200
OK 54f789fb5b116f6 Show response
danli.mandl.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/885526586:1692868086:kJx-4Pyqzt0_alg2DWU7FKzIh5NM5cvwGF_T7ae2ZZw/7fbaa0ecd89a37ea/ 2 KB
3 KB 21ms
21ms XHR
text/html 2606:4700:3034::6815:3d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/885526586:1692868086:kJx-4Pyqzt0_alg2DWU7FKzIh5NM5cvwGF_T7ae2ZZw/7fbaa0ecd89a37ea/54f789fb5b116f6
Requested by: Host: danli.mandl.ru
URL: http://danli.mandl.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fbaa0ecd89a37ea
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3d55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9b53b2c43d12abbeb5a8b33a887544146937366b19ba56e57b88a44333551ee

Request headers

Referer: http://danli.mandl.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
CF-Challenge: 54f789fb5b116f6
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: qg+E8rcgZvYuH2FRBwxnAqTsqBv5nDfvEtvJrB3thkkX2t9a1Gn0o+Hd+SKV2B3cRBcA/4qLBLSSNIevcIByH0hxwTC4g0EA2C/vUjbMYxs=$SQmzWuVz3BXq5FwM3vQFGg==
cf-chl-out-s: xaR04nW99NexhfqOotDhA1eL9v2BZgkm5fSLRwoyq+EbdwKpXoDaEgQhuAGBZmcflP8WUB4aAIv46U/Z/AtlQkJ3muFT3EqbG5EWxMXMrhJtEOeupOiY3tgcGfriQlZbx6GyzAo+cnGrZcrLrbghIAeJ4MlRPt4VfPBtg6hyUg3ehBONN4qB84vuTVluh19P9r59hCYsy1EF9UztN9Tcsw==$S0A3EwfO4iGOFUw4lSBR0A==
Date: Thu, 24 Aug 2023 09:39:32 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38%2BlItsCf7YctTFp1kgyusd7TpWphYt%2BarqXprdig1RgboOqcTtOAhgq0e4yDGFWZ79xzIzhvKruv9%2BISShgcdhsCj5LhOzgjDGTL0mvKVRJZQ2sUPYa8%2BtCphiWlMIP9QleVtFl31tyHnthfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
CF-RAY: 7fbaa0f028be9a2a-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.danli.mandl.ru/	1970-01-20 14:15:56	Name: __cf_mw_byp Value: yyaQwQD06TOB2jeLKOoFZgDWK0qhAtsaoeR6Q32vcSI-1692869964-0-/
			danli.mandl.ru/	1970-01-20 14:14:33	Name: cf_chl_rc_m Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: http://danli.mandl.ru/ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	error	URL: http://danli.mandl.ru/ Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	warning	URL: http://danli.mandl.ru/ Message: The page requested an origin-keyed agent cluster using the Origin-Agent-Cluster header, but could not be origin-keyed since the origin 'http://danli.mandl.ru' had previously been placed in a site-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: http://danli.mandl.ru/ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	error	URL: http://danli.mandl.ru/ Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	warning	URL: http://danli.mandl.ru/ Message: The page requested an origin-keyed agent cluster using the Origin-Agent-Cluster header, but could not be origin-keyed since the origin 'http://danli.mandl.ru' had previously been placed in a site-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
danli.mandl.ru
2606:4700:3034::6815:3d55
2606:4700::6811:2b8
0d32eabd56a583a97a70339a6beedd1be08b12af56498c1bf6c637d42443c2a2
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed
2a857b5f6394050090645c48945139a5cc0ce327474eae435992d884fff1aaed
55df56d7b19d32b049585f75a24864e8fe09fae96f88682841ce446237e454c8
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
a9b53b2c43d12abbeb5a8b33a887544146937366b19ba56e57b88a44333551ee
bd507cb64b35f448ed9c7cf310b4386b08fb3ec18253e5a9a727ef244e82d104
c9e15cfbbf49fcd27def8906e10040db5ff7662a30aea9d9d2ca98e941d8315d
d4d4cb8d2be23a4d9871de8d153dac3aaaf93d253059c988a3c151c482a571a7
e0088e6e5d52d06b588039afd30b03c9efff9b3f634870a02ea14f44bc715633
e1aa6096a47f8926d45fbc3629b8e56c599402a52755a4a7aac0d1300a8434d5
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

danli.mandl.ru Open in urlscan Pro 2606:4700:3034::6815:3d55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

24 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

168 kBTransfer

446 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

2 Cookies

8 Console Messages

Security Headers

Indicators

danli.mandl.ru Open in urlscan Pro
2606:4700:3034::6815:3d55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

24 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

168 kB
Transfer

446 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!