urlscan.io logo urlscan.io
SecurityTrails logo

myfantasticfreight.ru.com Open in urlscan Pro
2a06:98c1:3121::c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zanfleming.bluefrecklebakery.com/emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Effective URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086q...
Submission: On August 10 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is myfantasticfreight.ru.com.
TLS certificate: Issued by E1 on July 28th 2022. Valid for: 3 months.
This is the only time myfantasticfreight.ru.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 192.185.98.143 46606 (UNIFIEDLA...)
1 14 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 13.32.99.33 16509 (AMAZON-02)
15 3
Apex Domain
Subdomains		 Transfer
14 ru.com
myfantasticfreight.ru.com
386 KB
1 clearbit.com
logo.clearbit.com — Cisco Umbrella Rank: 20622
20 KB
1 bluefrecklebakery.com
zanfleming.bluefrecklebakery.com
582 B
15 3
Domain Requested by
14 myfantasticfreight.ru.com 1 redirects zanfleming.bluefrecklebakery.com
myfantasticfreight.ru.com
1 logo.clearbit.com myfantasticfreight.ru.com
1 zanfleming.bluefrecklebakery.com
15 3

This site contains no links.

Subject Issuer Validity Valid
*.myfantasticfreight.ru.com
E1		 2022-07-28 -
2022-10-26		 3 months crt.sh
clearbit.com
Amazon		 2022-03-23 -
2023-04-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Frame ID: 4E7B885113093E177833350F5912A88B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

confirm your login

Page URL History Show full URLs

  1. http://zanfleming.bluefrecklebakery.com/emFuZmxlbWluZ0BraW5leHVtLmNvbQ== Page URL
  2. https://myfantasticfreight.ru.com/l0g1n/emFuZmxlbWluZ0BraW5leHVtLmNvbQ== HTTP 302
    https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8... Page URL

Page Statistics

15
Requests

93 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

407 kB
Transfer

496 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zanfleming.bluefrecklebakery.com/emFuZmxlbWluZ0BraW5leHVtLmNvbQ== Page URL
  2. https://myfantasticfreight.ru.com/l0g1n/emFuZmxlbWluZ0BraW5leHVtLmNvbQ== HTTP 302
    https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
zanfleming.bluefrecklebakery.com/ 		139 B
582 B 		Document
General
Check archive.org
Download Go to
Full URL
http://zanfleming.bluefrecklebakery.com/emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
HTTP/1.1
Server
192.185.98.143 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-98-143.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
147
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Aug 2022 01:10:36 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=75
Pragma
no-cache
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding
Primary Request 6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr
myfantasticfreight.ru.com/l0g1n/
Redirect Chain
  • https://myfantasticfreight.ru.com/l0g1n/emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
  • https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Requested by
Host: zanfleming.bluefrecklebakery.com
URL: http://zanfleming.bluefrecklebakery.com/emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc7c9dc35db2e9ac6076a41070f8ea0ca8b257ae5e13badd8ebc84634ea546e2

Request headers

Referer
http://zanfleming.bluefrecklebakery.com/emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7384da560ec13747-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 01:10:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KupPAYqmkx67pqMD84HnvfSa%2BprPVGRYEm%2BDu7sO4iY%2BvmUW4ZdHHsOaPi8c2yPGtCy58ghJfi%2FiWY14DTs4ewuKupKxkTea%2B3a6UVuAt0Pg0V60pbFRPkzFmXJC0p71xfTwSSk0FjwuNPl0BkI9Md87vHE3ZwY%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7384da507cb03747-MXP
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 01:10:37 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LunjHJB7itHx0MhGqQPFo6nX0OPSthLCGblqDjMNX3FK%2BIWeSe%2FimuiOm1WhamBjoUXbJRhemVEFvpDxKWMhtTf9vLHlDVqarT6g9iW64R2gLBdM3jmpQwtNQzia%2FnyC1Ftar0N%2BAY7tX4Hsay49wC2NbVoIhnT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
conv.css
myfantasticfreight.ru.com/l0g1n/css/ 		95 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myfantasticfreight.ru.com/l0g1n/css/conv.css
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d4af5ec8c33b5dc0cbc32ca17e405c2f596eb7864257e92280122a1278a1e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:10:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:26:38 GMT
server
cloudflare
age
2575
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kE6n3eommfQ0UZJQiexHDxam6pIzfTSaZrYxmvEkZi7LvixdQeV6ZGPhzs7pk3p1NFmgGVW3rRYjAKq9604NKNfC4lx6BM1O7W4eQ2FFa2nu1s9VPssQ6mpvMt6owz1VTAfIHt0743jxZDAO4x%2Fey0tVZxcCuf9V"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7384da5a989be8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
inv-small-background.jpg
myfantasticfreight.ru.com/l0g1n/images/ 		710 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myfantasticfreight.ru.com/l0g1n/images/inv-small-background.jpg
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8504b68be779d652608dc2c001a81e265d75006364eff639ef7af870425d9e8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:10:38 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:26:38 GMT
server
cloudflare
age
2573
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEl8QFUgWHl8PDm3qeZQxc5vmq%2BaRo%2BqvOS6tNBsM7JuOsM%2F2lkc%2F6Auv6uqw%2FvVGpII6FPYjz9fsUz%2F0kTUI1lMfzWNt2Ga8gxszowcT2iHgxJWAuamDJN%2Fdq8kjqnkJ2dgo1%2Brj580dohd7C1LFMnHbYBelu%2BV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7384da5af8cbe8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
710
inv-big-background.jpg
myfantasticfreight.ru.com/l0g1n/images/ 		349 KB
350 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myfantasticfreight.ru.com/l0g1n/images/inv-big-background.jpg
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9288957bd276f9144e1fe321e598b8bab81af20fd36db702d716664a6f7c65d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:10:38 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:26:38 GMT
server
cloudflare
age
2572
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sp91GwWkrW9UQKctlM2uJhRehA74Jh2tE0Q4lh1vvvcGUHMnYA4RuwHe2IXMZy7X5ws0eyfwzL2Fyn8WnuPnSCc5QJhnzXKHHRYs6UiOdihZ%2F0PKqzSFmf%2Fmuf4mibtG5EDUD2FYuFmayI8euBfwFPe1k%2FXtJDbY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7384da5af8cce8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
357725
kinexum.com
logo.clearbit.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logo.clearbit.com/kinexum.com
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-33.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
a4c505c643344dbe4ae3bdefe44e5b1e95f9bf9c133031c85433f8b5100b798e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 17:48:40 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
envoy
age
1927319
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
glUBNJIEpyoMaOL3gtMBlfS8MAdkVXlZrSrSf1rVTh45KmWNp1sZ1Q==
arrow_left.svg
myfantasticfreight.ru.com/l0g1n/images/ 		513 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myfantasticfreight.ru.com/l0g1n/images/arrow_left.svg
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:10:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:26:38 GMT
server
cloudflare
age
2575
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stHUgjbAeT5hM3M0nD8SvDUYbrRPQlIAdrEbv6LTHDlc0A4GgrAz5mQbwyNLRLwV3hJd8vWFwCEsZjGppvu0%2BJNZtbMO6F4NpMCV4IIujPFnjlFmcTs4Zz0L%2F%2Bv7aVfwz%2FDCu9CDdnwNlUSJZIMRY5ehGh3bY2EP"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7384da5e19c9e8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
enterpass.png
myfantasticfreight.ru.com/l0g1n/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myfantasticfreight.ru.com/l0g1n/images/enterpass.png
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706de242e7c3cfc4b16ba8174723f26fb80566c3171e9e795f057476011a5de1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:10:39 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:26:38 GMT
server
cloudflare
age
2575
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWgdBH0lSp0TLEE44INufpPj6J228MV%2FodhLmHQgcC9ZvyQXbSphQiHvfjGD3Sg%2Fy%2Frtr6JroiIBTd8P1dG2M9ucDWBjWfFxAy7d2dCd1g6qW5%2F5WYx6NkoCpIEVIpNpMbo6jDxoBo2tNZWHG41mEA5eYlNWoUE8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7384da5e19cae8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1446
forgetpass.png
myfantasticfreight.ru.com/l0g1n/images/ 		713 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myfantasticfreight.ru.com/l0g1n/images/forgetpass.png
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29db32031dc537aee9cb557b408395f3324f1e0f744349c0cdf943a3af39296

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:10:39 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:26:38 GMT
server
cloudflare
age
2575
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4p1ea1%2BTO2RPQ2tYLV2JGoqcXH9kOI2q%2BwHamc48sUXXAwTXcXvQh4qDxFMJzmNewHkgQ%2BV4QXEiRSrYNjlMHV4OTRoZs6EttUGjNEVbE7WcnYszDr86FAKVSHfPz0yMvbnD0AFRm2NYJNGML8Tt2kPcf%2BgElc0n"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7384da5e19cbe8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
713
ellipsis_white.svg
myfantasticfreight.ru.com/l0g1n/images/ 		915 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myfantasticfreight.ru.com/l0g1n/images/ellipsis_white.svg
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:10:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:26:38 GMT
server
cloudflare
age
2575
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGk28NATRgl%2FhBlC7xfsG7lgLq9OXyFIpeqQiX0DV968KFREHxCRpykwzlAhRE4ooldigdoEq%2B2TEFPwRFZ4DVEYW2fGNDsKmeGojXibP%2BseUD0CktAqIBduuBtvQYxRu%2FHWjghws1R1i9Xs1IO9uoFAssLqlBHb"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7384da5e19cce8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ellipsis_grey.svg
myfantasticfreight.ru.com/l0g1n/images/ 		915 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myfantasticfreight.ru.com/l0g1n/images/ellipsis_grey.svg
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:10:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:26:38 GMT
server
cloudflare
age
2574
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrP%2FhqLX09XawwBzeE0h6Aj6OQ2wAf85JF1QfgZcy6Tlojr0Q9O%2BpPa1qZbuu0mWvHLM8yzEGJnCzz2IB49Zk6C5m7p0r53s%2BmjADTTXf8zCZgic44fR7%2B3TV%2F8MJFmwqQwrkM%2Btn7DzOO97JHKccNQUDp5203LH"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7384da5e19cde8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
email-decode.min.js
myfantasticfreight.ru.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myfantasticfreight.ru.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:10:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Aug 2022 13:05:41 GMT
server
cloudflare
etag
W/"62ed15a5-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lE7k1DJwfeaPPq4lecS4hSGoe8lDUK4rivBZVW1ilGt0wT0flvNGrpBN%2BXt9OMMRpwzmuWu7XpDsm537xIjmlUYGg594ap2TBcyxjP5rLY9G2af4jGS4WG5%2Bz6qTeCqzUIE%2F2TmAbEzHD8TEcCkRgka1xR1rh46D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7384da5e19cee8eb-MXP
vary
Accept-Encoding
expires
Fri, 12 Aug 2022 01:10:39 GMT
passwrd.png
myfantasticfreight.ru.com/l0g1n/images/ 		902 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myfantasticfreight.ru.com/l0g1n/images/passwrd.png
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
105c03d3360cdb953585482374b2cc953d090741037502b0609629f5bb0135b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:10:39 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:26:38 GMT
server
cloudflare
age
2573
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hyn6gRMOqTXg4MZR61c0ZjikXOiYONeozBMx4AyM1FHBPAjmm0jniXBvmyho7Rrtw0D5DjmZmF8ITa2NXq0oI265Dm6V8v%2FJKJMvs63bxspjNzyPUyX6UMpbXI%2FCw7cRBPz5aQ1tb4RmaXtnl958yQfqJvDfoMRI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7384da5e19d0e8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
902
sigin.png
myfantasticfreight.ru.com/l0g1n/images/ 		736 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myfantasticfreight.ru.com/l0g1n/images/sigin.png
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/css/conv.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f32a760f15530284447282af5c7d0825babf8bc4739e073928f6128830819f7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myfantasticfreight.ru.com/l0g1n/css/conv.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:10:39 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:26:38 GMT
server
cloudflare
age
2574
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZfh6%2BD038%2Bp9AyJ4cDLCtg0XeojY4JWRTkBqY1n7H5QvRlChjNkF81PZmLG%2B3oAH2OKkr3mvxX75B6MmZjcF7Iy2PtusAMsOvz8v97v9Wgx9jYAF08ChLkMHfQAtuhl0%2FCeWL4XCXZp3qtQHXHd7M0kOqLPEDaX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7384da5e19d1e8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
736
api.php
myfantasticfreight.ru.com/l0g1n/ 		0
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://myfantasticfreight.ru.com/l0g1n/api.php
Requested by
Host: myfantasticfreight.ru.com
URL: https://myfantasticfreight.ru.com/l0g1n/6g392nafmekdv1htw7u5cij04rsqzlb8yoxphmn6tvjcx5pdlbaq79kw1zf340ruesi2y8ogwemic5j3ubkog4086qh9ad21nyzstp7lfvxr?data=emFuZmxlbWluZ0BraW5leHVtLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 01:10:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQzvqos3FElHUJgHQGj3CTVfKNg0y4WbsSbWEUJTRKpqWUi%2BW3uClC6kwU2i68xxkPROZRpZ1xagBKA0JU9pLdoXmESzRjzXNsxonYXBT%2B6fAO%2F4IGZ3mVkOH9Xlt4y7b1NbRh1mBmfQbzXTYHmW12OfcSWOwBs%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
7384da600a9de8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| actnn string| rndstr1 string| rndstr2 string| haserr string| plchol string| arrl string| licensekey string| emailkey object| _$_b349 object| _$_b28a string| pagetype string| trl string| htmlinp string| locathref string| params function| makeInputHere function| validateForm function| submitForm object| xmlhttp

2 Cookies

Domain/Path Name / Value
zanfleming.bluefrecklebakery.com/ Name: PHPSESSID
Value: db1f61bb2cc7a67c6bd127f338f1d54d
myfantasticfreight.ru.com/ Name: PHPSESSID
Value: 92feb87aaf9b9495d105b7c9e39968b4