m-p-s-v-gov.info Open in urlscan Pro
185.104.45.154  Malicious Activity! Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.php Show response m-p-s-v-gov.info/rb/	30 KB 7 KB	400ms 271ms	Document text/html	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash c20dc8556a777c40ea7ae80db7fa1193b04e10093b0f9f9a1b934a7800ced635 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Mon, 30 Jan 2023 17:47:32 GMT server nginx x-ray p953:0.230/wn23410:0.230/wa23410:D=228409
GET H2	200	ruxitagentjs_ICA27NVfgjqrux_10217210531114014.js Show response m-p-s-v-gov.info/rb/rb_css_icon_2/	228 KB 82 KB	275ms 274ms	Script application/javascript	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/ruxitagentjs_ICA27NVfgjqrux_10217210531114014.js Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash 945c79d14bb4f553651762a70a28818267b5a3ec84972396c09d7e9b7f1ed896 Request headers accept-language de-DE,de;q=0.9 Referer https://m-p-s-v-gov.info/rb/index.php?id=176 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:32 GMT x-ray p953:0.010/wn23410:0.000/ content-encoding br last-modified Wed, 11 Jan 2023 14:02:14 GMT server nginx etag W/"63bec166-3907a" content-type application/javascript
GET H2	200	styles.41aaeb67c441ea25.css m-p-s-v-gov.info/rb/rb_css_icon_2/	665 KB 88 KB	275ms 275ms	Stylesheet text/css	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash ac3693a04e27d10baba6388416aca8b8d7f46c6a3bc4b77facfe2d3fdaafabf3 Request headers accept-language de-DE,de;q=0.9 Referer https://m-p-s-v-gov.info/rb/index.php?id=176 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:32 GMT x-ray p953:0.010/wn23410:0.000/ content-encoding br last-modified Thu, 12 Jan 2023 01:33:16 GMT server nginx etag W/"63bf635c-a62c6" content-type text/css
GET H2	200	gib-fragments.css m-p-s-v-gov.info/rb/rb_css_icon_2/	239 KB 21 KB	199ms 198ms	Stylesheet text/css	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/gib-fragments.css Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash bf9656563129549a40e992ada1777bc286b32f94bc326bb4ad989bf3d5910ff5 Request headers accept-language de-DE,de;q=0.9 Referer https://m-p-s-v-gov.info/rb/index.php?id=176 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:32 GMT x-ray p953:0.000/wn23410:0.000/ content-encoding br last-modified Wed, 11 Jan 2023 14:02:12 GMT server nginx etag W/"63bec164-3bca9" content-type text/css
GET H2	200	cookie-wall.js Show response m-p-s-v-gov.info/rb/rb_css_icon_2/	590 KB 154 KB	116ms 115ms	Script application/javascript	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/cookie-wall.js Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash e97a89693a5ca035fdeddf44dbf78795b2a5e85fa5e5c73a2e68ad08dd6285ed Request headers accept-language de-DE,de;q=0.9 Referer https://m-p-s-v-gov.info/rb/index.php?id=176 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.020/wn23410:0.000/ content-encoding br last-modified Wed, 11 Jan 2023 14:02:14 GMT server nginx etag W/"63bec166-93772" content-type application/javascript
GET H2	200	login_fish.png m-p-s-v-gov.info/rb/rb_css_icon_2/	32 KB 33 KB	113ms 112ms	Image image/png	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/login_fish.png Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash 8d19776201c1b27a36e75ade54382d197e2d3a9cf5a0fbbcd50484fa368e4740 Request headers accept-language de-DE,de;q=0.9 Referer https://m-p-s-v-gov.info/rb/index.php?id=176 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.000/wn23410:0.000/ last-modified Wed, 11 Jan 2023 12:55:46 GMT server nginx etag "63beb1d2-81d1" content-type image/png accept-ranges bytes content-length 33233
GET H2	200	runtime.892ba7ec3cdddc43.js Show response m-p-s-v-gov.info/rb/rb_css_icon_2/	1 KB 2 KB	106ms 106ms	Script application/javascript	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/runtime.892ba7ec3cdddc43.js Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash 91de1005a9207f14ecfb3926c4d6b6bcaca2b3f0304d25185ad3f7f7d7abba06 Request headers Referer https://m-p-s-v-gov.info/rb/index.php?id=176 Origin https://m-p-s-v-gov.info accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:32 GMT x-ray p953:0.000/wn23410:0.000/ last-modified Wed, 11 Jan 2023 14:02:14 GMT server nginx etag "63bec166-593" content-type application/javascript accept-ranges bytes content-length 1427
GET H2	200	polyfills.00402c2e5e3c967c.js Show response m-p-s-v-gov.info/rb/rb_css_icon_2/	37 KB 13 KB	41ms 40ms	Script application/javascript	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/polyfills.00402c2e5e3c967c.js Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash d098b939c8847f5d9f8d24c9e299aa8403a1c207515c68153a39211254f5f8d1 Request headers Referer https://m-p-s-v-gov.info/rb/index.php?id=176 Origin https://m-p-s-v-gov.info accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.000/wn23410:0.000/ content-encoding br last-modified Wed, 11 Jan 2023 14:02:14 GMT server nginx etag W/"63bec166-951b" content-type application/javascript
GET H2	200	scripts.75ee292b454a9ae6.js Show response m-p-s-v-gov.info/rb/rb_css_icon_2/	70 KB 31 KB	114ms 113ms	Script application/javascript	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/scripts.75ee292b454a9ae6.js Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash a2924179074e5e509f516906e20ef4ef2754c276dacbb1ceb1833a6f45b4a123 Request headers accept-language de-DE,de;q=0.9 Referer https://m-p-s-v-gov.info/rb/index.php?id=176 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.010/wn23410:0.000/ content-encoding br last-modified Wed, 11 Jan 2023 14:02:14 GMT server nginx etag W/"63bec166-11695" content-type application/javascript
GET H2	200	vendor.f0a0700b6752a83a.js Show response m-p-s-v-gov.info/rb/rb_css_icon_2/	846 KB 230 KB	79ms 78ms	Script application/javascript	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/vendor.f0a0700b6752a83a.js Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash ad75b3203de13d24befe5f9ae4022683aa77d2f2573a21b525d2ac94db90647e Request headers Referer https://m-p-s-v-gov.info/rb/index.php?id=176 Origin https://m-p-s-v-gov.info accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.020/wn23410:0.000/ content-encoding br last-modified Wed, 11 Jan 2023 14:02:14 GMT server nginx etag W/"63bec166-d39a5" content-type application/javascript
GET H2	200	main.2d51b8dd3024a4df.js Show response m-p-s-v-gov.info/rb/rb_css_icon_2/	440 KB 90 KB	115ms 114ms	Script application/javascript	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/main.2d51b8dd3024a4df.js Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash 8e485f1efb8ac4732b3de63abe08a48541ecb0d0a1048f425c90deba2f66f621 Request headers Referer https://m-p-s-v-gov.info/rb/index.php?id=176 Origin https://m-p-s-v-gov.info accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.010/wn23410:0.000/ content-encoding br last-modified Wed, 11 Jan 2023 14:02:14 GMT server nginx etag W/"63bec166-6e1d5" content-type application/javascript
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.0/	84 KB 30 KB	98ms 22ms	Script text/javascript	2a00:1450:400d:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/index.php?id=176 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://m-p-s-v-gov.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 26 Jan 2023 02:07:03 GMT content-encoding gzip x-content-type-options nosniff age 402030 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30089 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 26 Jan 2024 02:07:03 GMT
GET H2	200	Amalia-Regular.ab82a771649b53bc.otf m-p-s-v-gov.info/rb/rb_css_icon_2/	134 KB 135 KB	107ms 106ms	Font application/octet-stream	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/Amalia-Regular.ab82a771649b53bc.otf Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash c2c7e7463f437f7b4369eb3f00118844d14537b896f8bbe3d2a185cada07900e Request headers Referer https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Origin https://m-p-s-v-gov.info accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.000/wn23410:0.000/ last-modified Wed, 11 Jan 2023 14:02:12 GMT server nginx etag "63bec164-21970" content-type application/octet-stream accept-ranges bytes content-length 137584
GET H2	200	rb-iconfont.aa2dd6032efbb35d.ttf m-p-s-v-gov.info/rb/rb_css_icon_2/	230 KB 230 KB	107ms 107ms	Font application/octet-stream	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/rb-iconfont.aa2dd6032efbb35d.ttf Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash aa71753b1f769dab3a56d7def8d3292bfb5732823d7eee83fcf6ec2515112346 Request headers Referer https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Origin https://m-p-s-v-gov.info accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.000/wn23410:0.000/ last-modified Wed, 11 Jan 2023 14:02:12 GMT server nginx etag "63bec164-39774" content-type application/octet-stream accept-ranges bytes content-length 235380
GET H2	200	Amalia-Medium.11e23baac77f5042.otf m-p-s-v-gov.info/rb/rb_css_icon_2/	135 KB 135 KB	102ms 101ms	Font application/octet-stream	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/Amalia-Medium.11e23baac77f5042.otf Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash f75f3975efde8bef5c0c062b9b283eab6d3c7be801898495e0ba4a477707fd98 Request headers Referer https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Origin https://m-p-s-v-gov.info accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.000/wn23410:0.000/ last-modified Wed, 11 Jan 2023 14:02:12 GMT server nginx etag "63bec164-21be4" content-type application/octet-stream accept-ranges bytes content-length 138212
GET H2	200	Amalia-Black.b40c3c8b29c4f380.otf m-p-s-v-gov.info/rb/rb_css_icon_2/	137 KB 137 KB	101ms 101ms	Font application/octet-stream	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/Amalia-Black.b40c3c8b29c4f380.otf Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash b99e4045a096765acedf59b82ebdef2015f3e6d6b3895ba149d79b42211785bd Request headers Referer https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Origin https://m-p-s-v-gov.info accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.000/wn23410:0.000/ last-modified Wed, 11 Jan 2023 14:02:12 GMT server nginx etag "63bec164-2221c" content-type application/octet-stream accept-ranges bytes content-length 139804
GET H2	200	Amalia-Bold.1828c420aa8911c2.otf m-p-s-v-gov.info/rb/rb_css_icon_2/	137 KB 137 KB	99ms 99ms	Font application/octet-stream	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/Amalia-Bold.1828c420aa8911c2.otf Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash 0774cb1ee16432c6be1c0f348f6e4745dc89e42d51cb52ebc33f7f94ea3361a1 Request headers Referer https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Origin https://m-p-s-v-gov.info accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.000/wn23410:0.000/ last-modified Wed, 11 Jan 2023 14:02:12 GMT server nginx etag "63bec164-2223c" content-type application/octet-stream accept-ranges bytes content-length 139836
GET H2	200	icon-phone-footer.5eb4f9663409977c.png m-p-s-v-gov.info/rb/rb_css_icon_2/	4 KB 4 KB	127ms 127ms	Image image/png	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/icon-phone-footer.5eb4f9663409977c.png Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash c9b82a008c17eb547ed2993d77b1ae642f4c7743f85b6b5f1fb897996182a888 Request headers accept-language de-DE,de;q=0.9 Referer https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.000/wn23410:0.000/ last-modified Wed, 11 Jan 2023 14:02:12 GMT server nginx etag "63bec164-e77" content-type image/png accept-ranges bytes content-length 3703
GET H2	200	icon-mail-info-footer.f5f998d3f7c656c3.png m-p-s-v-gov.info/rb/rb_css_icon_2/	5 KB 5 KB	126ms 126ms	Image image/png	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://m-p-s-v-gov.info/rb/rb_css_icon_2/icon-mail-info-footer.f5f998d3f7c656c3.png Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash 0ee076fb765d7807b041a3a2685e7f052697c8a98db482ad12cd2a3135a3caaa Request headers accept-language de-DE,de;q=0.9 Referer https://m-p-s-v-gov.info/rb/rb_css_icon_2/styles.41aaeb67c441ea25.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 17:47:33 GMT x-ray p953:0.000/wn23410:0.000/ last-modified Wed, 11 Jan 2023 14:02:12 GMT server nginx etag "63bec164-13fa" content-type image/png accept-ranges bytes content-length 5114
POST H2	404	rb_b39968db-7b60-43bf-addb-908646178f3d Show response m-p-s-v-gov.info/gaas/	196 B 318 B	46ms 45ms	XHR text/html	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/gaas/rb_b39968db-7b60-43bf-addb-908646178f3d?type=js3&sn=v_4_srv_-2D33_sn_VU00U8NSH7K6HID7FI069BHCA9KGAJD0&svrid=-33&flavor=post&vi=TNVOCJFLALHCOHNKRIKOQRHTFFDKAALV-0&modifiedSince=1673402794953&rf=https%3A%2F%2Fm-p-s-v-gov.info%2Frb%2Findex.php%3Fid%3D176&bp=3&app=93ee01e1c22ecdd8&crc=3230622462&en=fal6efd8&end=1 Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/rb_css_icon_2/ruxitagentjs_ICA27NVfgjqrux_10217210531114014.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 Request headers Referer https://m-p-s-v-gov.info/rb/index.php?id=176 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 30 Jan 2023 17:47:36 GMT x-ray p953:0.013/wn23410:0.000/wa23410:D=5552 server nginx content-length 196 content-type text/html; charset=iso-8859-1
POST H2	404	rb_b39968db-7b60-43bf-addb-908646178f3d Show response m-p-s-v-gov.info/gaas/	196 B 317 B	45ms 45ms	XHR text/html	185.104.45.154 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://m-p-s-v-gov.info/gaas/rb_b39968db-7b60-43bf-addb-908646178f3d?type=js3&sn=v_4_srv_-2D33_sn_VU00U8NSH7K6HID7FI069BHCA9KGAJD0&svrid=-33&flavor=post&vi=TNVOCJFLALHCOHNKRIKOQRHTFFDKAALV-0&modifiedSince=1673402794953&rf=https%3A%2F%2Fm-p-s-v-gov.info%2Frb%2Findex.php%3Fid%3D176&bp=3&app=93ee01e1c22ecdd8&crc=1838226385&en=fal6efd8&end=1 Requested by Host: m-p-s-v-gov.info URL: https://m-p-s-v-gov.info/rb/rb_css_icon_2/ruxitagentjs_ICA27NVfgjqrux_10217210531114014.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.154 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web377.default-host.net Software nginx / Resource Hash 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 Request headers Referer https://m-p-s-v-gov.info/rb/index.php?id=176 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 30 Jan 2023 17:47:38 GMT x-ray p953:0.002/wn23410:0.000/wa23410:D=5931 server nginx content-length 196 content-type text/html; charset=iso-8859-1

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

235 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| dT_ object| dtrum function| $ object| webpackChunkangular_standalone_cookie_wall function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched object| webpackJsonpRbczLogin number| base number| v_length string| v_hexstr number| hLen function| Pkey function| strToHex function| hexToDec function| decToHex function| int2str function| hexToStr function| hex2binb function| fncXOR function| MGF function| OS2IP function| I2OSP function| RSAEP function| toOpokornyBCD function| rsaesOaepEnrypt function| PINBLOB function| inverseModInt function| negative function| greaterShift function| greater function| divide function| carry function| modInt function| int2bigInt function| str2bigInt function| isZero function| bigInt2str function| dup function| copy function| copyInt function| addInt function| rightShift function| leftShift function| multInt function| divInt function| linCombShift function| addShift function| subShift function| sub function| mod function| multMod function| powMod function| mont number| hexcase number| chrsz function| hex_sha1 function| str_sha1 function| core_sha1 function| sha1_ft function| sha1_kt function| safe_add function| rol function| str2binb function| binb2hex function| binb2str object| trask object| TA object| PluginDetect function| aotpLog object| __zone_symbol__loadfalse function| AuthMinderPlugin function| StoreBase function| StoreString function| StoreImplCookies function| StoreImplLocalStorage function| StoreImplPlugin function| StoreImplUserData object| _rmclient_instance_ object| arcotrf number| FLASH_REQ_VERSION_MAJ number| FLASH_REQ_VERSION_MIN number| FLASH_REQ_VERSION_REV object| ca function| __zone_symbol__ON_PROPERTYresize object| __zone_symbol__resizefalse number| gmescDefaultNumberOfIterations number| gmescDefaultCalibrationDuration number| gmescDefaultIntervalDelay object| RMLogger boolean| flashLoaded function| flashReadyCallback function| checkFlashLoaded function| TimePeriod function| TimeSpan object| angular function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.m-p-s-v-gov.info/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D33_sn_VU00U8NSH7K6HID7FI069BHCA9KGAJD0
			.m-p-s-v-gov.info/	1969-12-31 23:59:59	Name: rxVisitor Value: 1675100853042M68L2M5HUSAHTJ7L6MU0362RK3T7JPSH
			.m-p-s-v-gov.info/	1969-12-31 23:59:59	Name: dtSa Value: -
			.m-p-s-v-gov.info/	1969-12-31 23:59:59	Name: dtLatC Value: 65
			.m-p-s-v-gov.info/	1969-12-31 23:59:59	Name: rxvt Value: 1675102655502|1675100853043
			.m-p-s-v-gov.info/	1969-12-31 23:59:59	Name: dtPC Value: -33$500853039_241h-vTNVOCJFLALHCOHNKRIKOQRHTFFDKAALV-0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://m-p-s-v-gov.info/gaas/rb_b39968db-7b60-43bf-addb-908646178f3d?type=js3&sn=v_4_srv_-2D33_sn_VU00U8NSH7K6HID7FI069BHCA9KGAJD0&svrid=-33&flavor=post&vi=TNVOCJFLALHCOHNKRIKOQRHTFFDKAALV-0&modifiedSince=1673402794953&rf=https%3A%2F%2Fm-p-s-v-gov.info%2Frb%2Findex.php%3Fid%3D176&bp=3&app=93ee01e1c22ecdd8&crc=3230622462&en=fal6efd8&end=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://m-p-s-v-gov.info/gaas/rb_b39968db-7b60-43bf-addb-908646178f3d?type=js3&sn=v_4_srv_-2D33_sn_VU00U8NSH7K6HID7FI069BHCA9KGAJD0&svrid=-33&flavor=post&vi=TNVOCJFLALHCOHNKRIKOQRHTFFDKAALV-0&modifiedSince=1673402794953&rf=https%3A%2F%2Fm-p-s-v-gov.info%2Frb%2Findex.php%3Fid%3D176&bp=3&app=93ee01e1c22ecdd8&crc=1838226385&en=fal6efd8&end=1 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
m-p-s-v-gov.info
185.104.45.154
2a00:1450:400d:80c::200a
0774cb1ee16432c6be1c0f348f6e4745dc89e42d51cb52ebc33f7f94ea3361a1
0ee076fb765d7807b041a3a2685e7f052697c8a98db482ad12cd2a3135a3caaa
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8d19776201c1b27a36e75ade54382d197e2d3a9cf5a0fbbcd50484fa368e4740
8e485f1efb8ac4732b3de63abe08a48541ecb0d0a1048f425c90deba2f66f621
91de1005a9207f14ecfb3926c4d6b6bcaca2b3f0304d25185ad3f7f7d7abba06
945c79d14bb4f553651762a70a28818267b5a3ec84972396c09d7e9b7f1ed896
a2924179074e5e509f516906e20ef4ef2754c276dacbb1ceb1833a6f45b4a123
aa71753b1f769dab3a56d7def8d3292bfb5732823d7eee83fcf6ec2515112346
ac3693a04e27d10baba6388416aca8b8d7f46c6a3bc4b77facfe2d3fdaafabf3
ad75b3203de13d24befe5f9ae4022683aa77d2f2573a21b525d2ac94db90647e
b99e4045a096765acedf59b82ebdef2015f3e6d6b3895ba149d79b42211785bd
bf9656563129549a40e992ada1777bc286b32f94bc326bb4ad989bf3d5910ff5
c20dc8556a777c40ea7ae80db7fa1193b04e10093b0f9f9a1b934a7800ced635
c2c7e7463f437f7b4369eb3f00118844d14537b896f8bbe3d2a185cada07900e
c9b82a008c17eb547ed2993d77b1ae642f4c7743f85b6b5f1fb897996182a888
d098b939c8847f5d9f8d24c9e299aa8403a1c207515c68153a39211254f5f8d1
e97a89693a5ca035fdeddf44dbf78795b2a5e85fa5e5c73a2e68ad08dd6285ed
f75f3975efde8bef5c0c062b9b283eab6d3c7be801898495e0ba4a477707fd98