ics214.ymk89.ru Open in urlscan Pro
194.247.184.175 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ics214.ymk89.ru/
Submission Tags: phishingrod
Submission: On June 15 via api (June 15th 2024, 2:46:02 pm UTC) from DE — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 194.247.184.175, located in Russian Federation and belongs to CONNECT-LLC-AS, RU. The main domain is ics214.ymk89.ru.
TLS certificate: Issued by R10 on June 14th 2024. Valid for: 3 months.

This is the only time ics214.ymk89.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
17	194.247.184.175 194.247.184.175		50158 (CONNECT-L...) (CONNECT-LLC-AS)
22	2

17 194.247.184.175 (Russian Federation)

ASN50158 (CONNECT-LLC-AS, RU)

ics214.ymk89.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	ymk89.ru ics214.ymk89.ru	4 MB
22	1

	Domain	Requested by
17	ics214.ymk89.ru	ics214.ymk89.ru
22	1

This site contains no links.

Subject Issuer	Validity	Valid
ics214.ymk89.ru R10	`2024-06-14` - `2024-09-12`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://ics214.ymk89.ru/
Frame ID: C47C44431BCA9941BF305A0FABA3F189
Requests: 17 HTTP requests in this frame

Frame: https://ics214.ymk89.ru/sock/iframe.html
Frame ID: 6E9799FA2116E0545884BFE912A558D4
Requests: 2 HTTP requests in this frame

Frame: https://ics214.ymk89.ru/sock/055/sjrxqr42/htmlfile?c=_jp.ajihepk
Frame ID: CF05DCFBB24722713EBFC0F3635952E5
Requests: 1 HTTP requests in this frame

Frame: https://ics214.ymk89.ru/sock/iframe.html
Frame ID: 8289B7EEE57FB1AB4094D832CEFECFEE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Semantic UI (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

/semantic(?:-([\d.]+))?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

77 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

3766 kB
Transfer

3846 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ics214.ymk89.ru/ 1 KB
815 B 494ms
159ms Document
text/html 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

bac66c608c4e41e4f679322f80b08779ce028599dc2ac44695793f047af17ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Jun 2024 14:45:55 GMT
Front-End-Https: on
Server: nginx/1.18.0
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked

GET
H/1.1 200
OK semantic.min.css
ics214.ymk89.ru/ 614 KB
614 KB 135ms
134ms Stylesheet
text/css 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/semantic.min.css?ver=7.2.1.2010201508

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

91fcdd03d3f79d5085a35fba60294ca6495dc17c6bdc6e79aae824171996d1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:45:55 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 20 Oct 2020 12:18:54 GMT
Server: nginx/1.18.0
ETag: "5f8ed5ae-99722"
Front-End-Https: on
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 628514

GET
H/1.1 200
OK jquery-3.1.1.min.js Show response
ics214.ymk89.ru/ 85 KB
85 KB 383ms
129ms Script
application/javascript 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/jquery-3.1.1.min.js?ver=7.2.1.2010201508

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:45:56 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 20 Oct 2020 12:18:54 GMT
Server: nginx/1.18.0
ETag: "5f8ed5ae-152b5"
Front-End-Https: on
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86709

GET
H/1.1 200
OK jquery.ba-throttle-debounce.min.js Show response
ics214.ymk89.ru/ 732 B
1 KB 388ms
131ms Script
application/javascript 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/jquery.ba-throttle-debounce.min.js?ver=7.2.1.2010201508

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

ad4581e1c4b60813387ba30373e8bbb86f7d441b73ecc1679d24964bb58759c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:45:56 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 20 Oct 2020 12:18:54 GMT
Server: nginx/1.18.0
ETag: "5f8ed5ae-2dc"
Front-End-Https: on
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 732

GET
H/1.1 200
OK semantic.min.js Show response
ics214.ymk89.ru/ 269 KB
270 KB 403ms
143ms Script
application/javascript 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/semantic.min.js?ver=7.2.1.2010201508

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

b7c19ea67c8f9b0f6df9fa0c87798a36f728aea3476a648ab4a471c695048052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:45:56 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 20 Oct 2020 12:18:54 GMT
Server: nginx/1.18.0
ETag: "5f8ed5ae-43512"
Front-End-Https: on
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 275730

GET
H/1.1 200
OK sockjs-1.1.5.min.js Show response
ics214.ymk89.ru/ 59 KB
60 KB 390ms
130ms Script
application/javascript 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/sockjs-1.1.5.min.js?ver=7.2.1.2010201508

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3ad08d18a2c6f48e8b08fa398bfefdc0c4c477375806f2c9bfa73cabc216e499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:45:56 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 20 Oct 2020 12:18:54 GMT
Server: nginx/1.18.0
ETag: "5f8ed5ae-ed07"
Front-End-Https: on
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60679

GET
H/1.1 200
OK d3-5.9.2.min.js Show response
ics214.ymk89.ru/ 237 KB
237 KB 397ms
133ms Script
application/javascript 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/d3-5.9.2.min.js?ver=7.2.1.2010201508

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

93d472661bcc8f66e0d1f77c2f7204e35b741e94d79e2bcca1e3cdfcab2adb9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:45:56 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 20 Oct 2020 12:18:54 GMT
Server: nginx/1.18.0
ETag: "5f8ed5ae-3b434"
Front-End-Https: on
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 242740

GET
H/1.1 200
OK bundle.js Show response
ics214.ymk89.ru/ 2 MB
2 MB 518ms
130ms Script
application/javascript 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/bundle.js?ver=7.2.1.2010201508

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

10a33121f931207dcdc1088ad4b57240a4fcff6caec99912bdfb495364454f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:45:56 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 20 Oct 2020 12:18:54 GMT
Server: nginx/1.18.0
ETag: "5f8ed5ae-1d5315"
Front-End-Https: on
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1921813

GET
H/1.1 200
OK Lato-Regular.ttf
ics214.ymk89.ru/ 618 KB
618 KB 140ms
140ms Font
application/octet-stream 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/Lato-Regular.ttf

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

56d6ac1edfb2e32a8f506eab100d52f36f19a359842e1336597b2c9febdaab6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Origin: https://ics214.ymk89.ru
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:45:57 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 20 Oct 2020 12:18:54 GMT
Server: nginx/1.18.0
ETag: "5f8ed5ae-9a738"
Front-End-Https: on
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 632632

GET
H/1.1 200
OK settings
ics214.ymk89.ru/scalaboom/ui/ 84 KB
0 4390ms
4390ms XHR
text/plain 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/scalaboom/ui/settings?_=1718462756627

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/jquery-3.1.1.min.js?ver=7.2.1.2010201508

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ics214.ymk89.ru/
X-Requested-With: XMLHttpRequest
X-Socket-Connect: null
X-Request-Id: 1718462757332
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 15 Jun 2024 14:46:01 GMT
Strict-Transport-Security: max-age=31536000;
Server: nginx/1.18.0
Transfer-Encoding: chunked
Front-End-Https: on
Content-Type: text/plain;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK info Show response
ics214.ymk89.ru/sock/ 79 B
457 B 133ms
133ms XHR
application/json 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/sock/info?t=1718462757381

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/sockjs-1.1.5.min.js?ver=7.2.1.2010201508

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

4607bb492a6762b6f06c2a62c8558acac8027c3899e497eb8db03da6236d200a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:45:57 GMT
Strict-Transport-Security: max-age=31536000;
Server: nginx/1.18.0
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, no-transform, must-revalidate, max-age=0
Front-End-Https: on
Connection: keep-alive

GET
H/1.1 200
OK ics.png
ics214.ymk89.ru/images/16/ 735 B
1 KB 130ms
130ms Other
image/png 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/images/16/ics.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

fa50fefa24b96c3d0613edd64e1279219b61c5886c5b0c0b766f56ac9d61984a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:45:57 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 20 Oct 2020 12:18:54 GMT
Server: nginx/1.18.0
ETag: "5f8ed5ae-2df"
Front-End-Https: on
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 735

POST xhr_streaming
ics214.ymk89.ru/sock/055/jvqjdys5/ 0
0

GET eventsource
ics214.ymk89.ru/sock/055/xledulv4/ 0
0

GET
H/1.1 200
OK iframe.html Show response
ics214.ymk89.ru/sock/ Frame 6E97 428 B
702 B 134ms
133ms Document
text/html 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/sock/iframe.html

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/sockjs-1.1.5.min.js?ver=7.2.1.2010201508

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

fdd237afd00d3ca1657edd32f4ed5e8e4a91b6e9c62d1571bca313f5ff14a2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ics214.ymk89.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: public, max-age=31536000
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Jun 2024 14:45:59 GMT
ETag: W/"b4c5dc084582cd4cb7d6b8a04cdf0588"
Expires: Sun, 15 Jun 2025 14:45:59 GMT
Front-End-Https: on
Server: nginx/1.18.0
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked

GET
H/1.1 404
Not Found sockjs-1.1.5.min.js
ics214.ymk89.ru/sock/ Frame 6E97 0
0 134ms
134ms Script
text/plain 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ics214.ymk89.ru/sock/sockjs-1.1.5.min.js
Requested by: Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/sock/iframe.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/sock/iframe.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:45:59 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8

GET htmlfile
ics214.ymk89.ru/sock/055/sjrxqr42/ Frame CF05 0
0

GET
H/1.1 200
OK iframe.html Show response
ics214.ymk89.ru/sock/ Frame 8289 428 B
0 0ms
0ms Document
text/html 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ics214.ymk89.ru/sock/iframe.html
Requested by: Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/sockjs-1.1.5.min.js?ver=7.2.1.2010201508
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: fdd237afd00d3ca1657edd32f4ed5e8e4a91b6e9c62d1571bca313f5ff14a2db

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ics214.ymk89.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Jun 2024 14:45:59 GMT
ETag: W/"b4c5dc084582cd4cb7d6b8a04cdf0588"
Expires: Sun, 15 Jun 2025 14:45:59 GMT
Front-End-Https: on
Server: nginx/1.18.0

GET sockjs-1.1.5.min.js
ics214.ymk89.ru/sock/ Frame 8289 0
0

POST
H/1.1 200
OK xhr Show response
ics214.ymk89.ru/sock/055/dzihrcpt/ 2 B
447 B 129ms
129ms XHR
application/javascript 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/sock/055/dzihrcpt/xhr?t=1718462760758

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/sockjs-1.1.5.min.js?ver=7.2.1.2010201508

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

7427d152005f9ed0fa31c76ef9963cf4bb47dce6e2768111d9eb0edbfe59c704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:46:00 GMT
Strict-Transport-Security: max-age=31536000;
Server: nginx/1.18.0
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://ics214.ymk89.ru
Cache-Control: no-store, no-cache, no-transform, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Front-End-Https: on
Connection: keep-alive

POST
H/1.1 200
OK xhr Show response
ics214.ymk89.ru/sock/055/dzihrcpt/ 81 B
527 B 134ms
134ms XHR
application/javascript 194.247.184.175
CONNECT-LLC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ics214.ymk89.ru/sock/055/dzihrcpt/xhr?t=1718462760888

Requested by

Host: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/sockjs-1.1.5.min.js?ver=7.2.1.2010201508

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.247.184.175 , Russian Federation, ASN50158 (CONNECT-LLC-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

d54d28aba3bd6339d37e70ac9dc90889b7137f68035f1395310347847b124721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ics214.ymk89.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 14:46:00 GMT
Strict-Transport-Security: max-age=31536000;
Server: nginx/1.18.0
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://ics214.ymk89.ru
Cache-Control: no-store, no-cache, no-transform, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Front-End-Https: on
Connection: keep-alive

POST xhr
ics214.ymk89.ru/sock/055/dzihrcpt/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/sock/055/jvqjdys5/xhr_streaming?t=1718462757917

Domain: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/sock/055/xledulv4/eventsource

Domain: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/sock/055/sjrxqr42/htmlfile?c=_jp.ajihepk

Domain: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/sock/sockjs-1.1.5.min.js

Domain: ics214.ymk89.ru
URL: https://ics214.ymk89.ru/sock/055/dzihrcpt/xhr?t=1718462761027

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ics214.ymk89.ru/sockjs-1.1.5.min.js?ver=7.2.1.2010201508(Line 1) Message: WebSocket connection to 'wss://ics214.ymk89.ru/sock/055/yuahikvr/websocket' failed: Error during WebSocket handshake: Unexpected response code: 400
network	error	URL: https://ics214.ymk89.ru/sock/sockjs-1.1.5.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	URL: https://ics214.ymk89.ru/sock/iframe.html(Line 7) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ics214.ymk89.ru
ics214.ymk89.ru
194.247.184.175
10a33121f931207dcdc1088ad4b57240a4fcff6caec99912bdfb495364454f33
3ad08d18a2c6f48e8b08fa398bfefdc0c4c477375806f2c9bfa73cabc216e499
4607bb492a6762b6f06c2a62c8558acac8027c3899e497eb8db03da6236d200a
56d6ac1edfb2e32a8f506eab100d52f36f19a359842e1336597b2c9febdaab6b
7427d152005f9ed0fa31c76ef9963cf4bb47dce6e2768111d9eb0edbfe59c704
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
91fcdd03d3f79d5085a35fba60294ca6495dc17c6bdc6e79aae824171996d1f1
93d472661bcc8f66e0d1f77c2f7204e35b741e94d79e2bcca1e3cdfcab2adb9d
ad4581e1c4b60813387ba30373e8bbb86f7d441b73ecc1679d24964bb58759c7
b7c19ea67c8f9b0f6df9fa0c87798a36f728aea3476a648ab4a471c695048052
bac66c608c4e41e4f679322f80b08779ce028599dc2ac44695793f047af17ff4
d54d28aba3bd6339d37e70ac9dc90889b7137f68035f1395310347847b124721
fa50fefa24b96c3d0613edd64e1279219b61c5886c5b0c0b766f56ac9d61984a
fdd237afd00d3ca1657edd32f4ed5e8e4a91b6e9c62d1571bca313f5ff14a2db

ics214.ymk89.ru Open in urlscan Pro 194.247.184.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

77 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

3766 kBTransfer

3846 kBSize

0 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

ics214.ymk89.ru Open in urlscan Pro
194.247.184.175 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

77 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

3766 kB
Transfer

3846 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions