mukhtalifventures.com Open in urlscan Pro
192.185.41.246 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vz-tkani.ru/libraries/fof/disable.php?email=info@rscomponents.cz
Effective URL:
https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01
Submission: On June 03 via manual (June 3rd 2020, 7:36:57 am UTC) from GB

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 4 domains to perform 11 HTTP transactions. The main IP is 192.185.41.246, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is mukhtalifventures.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 12th 2020. Valid for: 3 months.

This is the only time mukhtalifventures.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	78.110.50.123 78.110.50.123	31240 (HT-SYSTEM...) (HT-SYSTEMS-AS Uplinks:)
9	192.185.41.246 192.185.41.246	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 1	80.169.5.117 80.169.5.117	8220 (COLT) (COLT)
1	23.8.12.187 23.8.12.187	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	3

1 78.110.50.123 (Moscow, Russian Federation)

ASN31240 (HT-SYSTEMS-AS Uplinks:, RU)
PTR: cl7-w.ht-systems.ru

vz-tkani.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.185.41.246 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-41-246.unifiedlayer.com

mukhtalifventures.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.169.5.117 (United Kingdom) 1 redirects

ASN8220 (COLT, GB)

rscomponents.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.8.12.187 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-12-187.deploy.static.akamaitechnologies.com

cz.rs-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mukhtalifventures.com mukhtalifventures.com	14 KB
1	rs-online.com cz.rs-online.com	617 B
1	rscomponents.cz 1 redirects rscomponents.cz	220 B
1	vz-tkani.ru vz-tkani.ru	642 B
11	4

	Domain	Requested by
9	mukhtalifventures.com	vz-tkani.ru mukhtalifventures.com
1	cz.rs-online.com	mukhtalifventures.com
1	rscomponents.cz	1 redirects
1	vz-tkani.ru
11	4

This site contains no links.

Subject Issuer	Validity	Valid
mail.jwf-group.com Let's Encrypt Authority X3	`2020-05-12` - `2020-08-10`	3 months	crt.sh
www.rs-online.com DigiCert ECC Extended Validation Server CA	`2020-03-31` - `2022-06-29`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01
Frame ID: 1C3B0AEE7ECEFAFD300D1FB69B46E37D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://vz-tkani.ru/libraries/fof/disable.php?email=info@rscomponents.cz Page URL
https://mukhtalifventures.com/failure/?email=info@rscomponents.cz Page URL
https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8b... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
headers server /php\/?([\d.]+)?/i

Red Hat (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Red Hat/i

mod_dav (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

15 kB
Transfer

38 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vz-tkani.ru/libraries/fof/disable.php?email=info@rscomponents.cz Page URL
https://mukhtalifventures.com/failure/?email=info@rscomponents.cz Page URL
https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://rscomponents.cz/favicon.ico HTTP 301
https://cz.rs-online.com/favicon.ico

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	disable.php vz-tkani.ru/libraries/fof/	436 B 642 B	248ms 102ms	Document text/html	78.110.50.123 HT-SYSTEMS-AS Upl...
General Check archive.org Show headers Download Go to Full URL http://vz-tkani.ru/libraries/fof/disable.php?email=info@rscomponents.cz Protocol HTTP/1.1 Server 78.110.50.123 Moscow, Russian Federation, ASN31240 (HT-SYSTEMS-AS Uplinks:, RU), Reverse DNS cl7-w.ht-systems.ru Software Apache/2.2.15 (Red Hat) mod_rpaf/0.6 DAV/2 PHP/5.3.27 / PHP/5.3.27 Resource Hash Request headers Host vz-tkani.ru Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 03 Jun 2020 07:36:19 GMT Server Apache/2.2.15 (Red Hat) mod_rpaf/0.6 DAV/2 PHP/5.3.27 X-Powered-By PHP/5.3.27 Content-Length 436 Content-Type text/html; charset=UTF-8
GET H2	200	/ Show response mukhtalifventures.com/failure/	10 KB 3 KB	882ms 473ms	Document text/html	192.185.41.246 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://mukhtalifventures.com/failure/?email=info@rscomponents.cz Requested by Host: vz-tkani.ru URL: http://vz-tkani.ru/libraries/fof/disable.php?email=info@rscomponents.cz Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.41.246 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-41-246.unifiedlayer.com Software Apache / Resource Hash `1d7487275952362c9fa7db39ee86daefda8d1aa2f304c94ac6313c8904e4cd25` Request headers :method GET :authority mukhtalifventures.com :scheme https :path /failure/?email=info@rscomponents.cz pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer http://vz-tkani.ru/libraries/fof/disable.php?email=info@rscomponents.cz accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://vz-tkani.ru/libraries/fof/disable.php?email=info@rscomponents.cz Response headers status 200 date Wed, 03 Jun 2020 07:36:20 GMT server Apache vary Accept-Encoding,User-Agent content-encoding gzip content-length 2987 content-type text/html
POST H2	200	Primary Request index1.php Show response mukhtalifventures.com/failure/	7 KB 3 KB	481ms 480ms	Document text/html	192.185.41.246 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 Requested by Host: mukhtalifventures.com URL: https://mukhtalifventures.com/failure/?email=info@rscomponents.cz Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.41.246 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-41-246.unifiedlayer.com Software Apache / Resource Hash `0a08b7006e07517c933f6a62b0440213af1ab5fb8c1d02989efb855d21265c5f` Request headers :method POST :authority mukhtalifventures.com :scheme https :path /failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 content-length 124 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 origin https://mukhtalifventures.com content-type application/x-www-form-urlencoded user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://mukhtalifventures.com/failure/?email=info@rscomponents.cz accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 Origin https://mukhtalifventures.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://mukhtalifventures.com/failure/?email=info@rscomponents.cz Response headers status 200 date Wed, 03 Jun 2020 07:36:24 GMT server Apache vary Accept-Encoding,User-Agent content-encoding gzip content-length 2526 content-type text/html
GET H2	200	style.css mukhtalifventures.com/failure/shared/	17 KB 6 KB	163ms 163ms	Stylesheet text/css	192.185.41.246 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://mukhtalifventures.com/failure/shared/style.css Requested by Host: mukhtalifventures.com URL: https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.41.246 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-41-246.unifiedlayer.com Software Apache / Resource Hash `e9438621e869a1ffc48a84161566995706471c950c50a8afe847dcfc1b05f194` Request headers Referer https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 03 Jun 2020 07:36:25 GMT content-encoding gzip last-modified Tue, 02 Jun 2020 07:25:12 GMT server Apache vary Accept-Encoding,User-Agent content-type text/css status 200 accept-ranges bytes content-length 5738
GET H2	404	modernizr.js mukhtalifventures.com/failure/	0 0	149ms 149ms	Script text/html	192.185.41.246 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://mukhtalifventures.com/failure/modernizr.js Requested by Host: mukhtalifventures.com URL: https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.41.246 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-41-246.unifiedlayer.com Software Apache / Resource Hash Request headers Referer https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 03 Jun 2020 07:36:25 GMT content-encoding gzip last-modified Tue, 23 Apr 2019 06:48:57 GMT server Apache vary Accept-Encoding content-type text/html status 404 accept-ranges bytes content-length 462
GET H2	200	favicon.ico cz.rs-online.com/ Redirect Chain http://rscomponents.cz/favicon.ico https://cz.rs-online.com/favicon.ico	318 B 617 B	185ms 87ms	Image image/vnd.microsoft.icon	23.8.12.187 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cz.rs-online.com/favicon.ico Requested by Host: mukhtalifventures.com URL: https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.8.12.187 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a23-8-12-187.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `68590f9a253d542431bcc5b3e2bba7b9e9123cc38af87f335c6d85de14572de8` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-cnection close date Wed, 03 Jun 2020 07:36:25 GMT last-modified Wed, 08 Nov 2017 15:34:42 GMT server Apache etag "13e-55d7a6d30ac3a" vary Accept-Encoding p3p CP=OUR status 200 cache-control public, max-age=2419200 server-timing cdn-cache; desc=MISS, edge; dur=35, origin; dur=27 accept-ranges bytes content-type image/vnd.microsoft.icon content-length 318 expires Wed, 01 Jul 2020 07:36:25 GMT Redirect headers Location https://cz.rs-online.com/favicon.ico Date Wed, 03 Jun 2020 07:36:25 GMT X-Cnection close Server Apache Content-Length 244 Content-Type text/html; charset=iso-8859-1
GET H2	404	modernizr.js mukhtalifventures.com/failure/	0 0	174ms 167ms	Script text/html	192.185.41.246 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://mukhtalifventures.com/failure/modernizr.js Requested by Host: mukhtalifventures.com URL: https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.41.246 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-41-246.unifiedlayer.com Software Apache / Resource Hash Request headers Referer https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 03 Jun 2020 07:36:25 GMT content-encoding gzip last-modified Tue, 23 Apr 2019 06:48:57 GMT server Apache vary Accept-Encoding content-type text/html status 404 accept-ranges bytes content-length 462
GET H2	404	bg_header_shadow.png mukhtalifventures.com/brand/br/US_HSBC_EN/rv/6b644/resources/common/	746 B 746 B	138ms 137ms	Image text/html	192.185.41.246 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://mukhtalifventures.com/brand/br/US_HSBC_EN/rv/6b644/resources/common/bg_header_shadow.png Requested by Host: mukhtalifventures.com URL: https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.41.246 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-41-246.unifiedlayer.com Software Apache / Resource Hash `63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666` Request headers Referer https://mukhtalifventures.com/failure/shared/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 03 Jun 2020 07:36:25 GMT content-encoding gzip last-modified Tue, 23 Apr 2019 06:48:57 GMT server Apache vary Accept-Encoding content-type text/html status 404 accept-ranges bytes content-length 462
GET H2	404	white15.png mukhtalifventures.com/brand/br/US_HSBC_EN/rv/6b644/resources/common/	746 B 746 B	142ms 141ms	Image text/html	192.185.41.246 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://mukhtalifventures.com/brand/br/US_HSBC_EN/rv/6b644/resources/common/white15.png Requested by Host: mukhtalifventures.com URL: https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.41.246 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-41-246.unifiedlayer.com Software Apache / Resource Hash `63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666` Request headers Referer https://mukhtalifventures.com/failure/shared/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 03 Jun 2020 07:36:25 GMT content-encoding gzip last-modified Tue, 23 Apr 2019 06:48:57 GMT server Apache vary Accept-Encoding content-type text/html status 404 accept-ranges bytes content-length 462
GET H2	404	help2.gif mukhtalifventures.com/brand/br/US_HSBC_EN/rv/6b644/resources/common/	746 B 746 B	137ms 137ms	Image text/html	192.185.41.246 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://mukhtalifventures.com/brand/br/US_HSBC_EN/rv/6b644/resources/common/help2.gif Requested by Host: mukhtalifventures.com URL: https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.41.246 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-41-246.unifiedlayer.com Software Apache / Resource Hash `63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666` Request headers Referer https://mukhtalifventures.com/failure/shared/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 03 Jun 2020 07:36:25 GMT content-encoding gzip last-modified Tue, 23 Apr 2019 06:48:57 GMT server Apache vary Accept-Encoding content-type text/html status 404 accept-ranges bytes content-length 462
GET H2	404	icon_encrypted.png mukhtalifventures.com/brand/br/US_HSBC_EN/rv/6b644/resources/common/	746 B 746 B	137ms 136ms	Image text/html	192.185.41.246 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://mukhtalifventures.com/brand/br/US_HSBC_EN/rv/6b644/resources/common/icon_encrypted.png Requested by Host: mukhtalifventures.com URL: https://mukhtalifventures.com/failure/index1.php?email=info@rscomponents.cz&dlrfax64q23jpcokugimnv5ytzwh8bs97e01 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.41.246 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-41-246.unifiedlayer.com Software Apache / Resource Hash `63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666` Request headers Referer https://mukhtalifventures.com/failure/shared/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 03 Jun 2020 07:36:25 GMT content-encoding gzip last-modified Tue, 23 Apr 2019 06:48:57 GMT server Apache vary Accept-Encoding content-type text/html status 404 accept-ranges bytes content-length 462

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cz.rs-online.com
mukhtalifventures.com
rscomponents.cz
vz-tkani.ru
192.185.41.246
23.8.12.187
78.110.50.123
80.169.5.117
0a08b7006e07517c933f6a62b0440213af1ab5fb8c1d02989efb855d21265c5f
1d7487275952362c9fa7db39ee86daefda8d1aa2f304c94ac6313c8904e4cd25
63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
68590f9a253d542431bcc5b3e2bba7b9e9123cc38af87f335c6d85de14572de8
e9438621e869a1ffc48a84161566995706471c950c50a8afe847dcfc1b05f194

mukhtalifventures.com Open in urlscan Pro 192.185.41.246 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

4 Countries

15 kBTransfer

38 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

Indicators

mukhtalifventures.com Open in urlscan Pro
192.185.41.246 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

15 kB
Transfer

38 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!