wash-email.ru
Open in
urlscan Pro
31.31.196.138
Malicious Activity!
Public Scan
Effective URL: https://wash-email.ru/?_subid=3r7h5de480dprv3mrnu&_token=uuid_3r7h5de480dprv3mrnu_3r7h5de480dprv3mrnu5b46f054a131d1.47...
Submission: On July 12 via manual from RU
Summary
TLS certificate: Issued by GlobalSign Domain Validation CA - SHA... on July 4th 2018. Valid for: a year.
This is the only time wash-email.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 5.196.196.232 5.196.196.232 | 16276 (OVH) (OVH) | |
1 1 | 5.79.70.8 5.79.70.8 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 1 | 190.115.26.78 190.115.26.78 | 262254 (DANCOM LTD) (DANCOM LTD) | |
1 1 | 190.115.26.130 190.115.26.130 | 262254 (DANCOM LTD) (DANCOM LTD) | |
31 | 31.31.196.138 31.31.196.138 | 197695 (AS-REG) (AS-REG) | |
31 | 1 |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: lw1746.ua-hosting.company
5.79.70.8 |
ASN197695 (AS-REG, RU)
PTR: server151.hosting.reg.ru
wash-email.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
wash-email.ru
wash-email.ru |
1 MB |
1 |
settclicks.net
1 redirects
settclicks.net |
686 B |
1 |
fittclicks.icu
1 redirects
fittclicks.icu |
330 B |
1 |
in.net
1 redirects
hunvc.mailer.in.net |
192 B |
31 | 4 |
Domain | Requested by | |
---|---|---|
31 | wash-email.ru |
wash-email.ru
|
1 | settclicks.net | 1 redirects |
1 | fittclicks.icu | 1 redirects |
1 | hunvc.mailer.in.net | 1 redirects |
31 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.wash-email.ru GlobalSign Domain Validation CA - SHA256 - G2 |
2018-07-04 - 2019-07-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://wash-email.ru/?_subid=3r7h5de480dprv3mrnu&_token=uuid_3r7h5de480dprv3mrnu_3r7h5de480dprv3mrnu5b46f054a131d1.47755402
Frame ID: E1011996E9E73C3B61ACC33E9625C391
Requests: 31 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://hunvc.mailer.in.net/user/0000/follow/aHR0cDovLzUuNzkuNzAuOC9xN1dMVjQ=:62023212c3fd62af4fa1bad6fe...
HTTP 301
http://5.79.70.8/q7WLV4 HTTP 302
http://fittclicks.icu/public/4854853531593122?_subid=3r7h5de480dprv3mrnu&_token=uuid_3r7h5de480dpr... HTTP 302
https://settclicks.net/public/4854853531593122?_subid=3r7h5de480dprv3mrnu&_token=uuid_3r7h5de480dpr... HTTP 302
https://wash-email.ru/?_subid=3r7h5de480dprv3mrnu&_token=uuid_3r7h5de480dprv3mrnu_3r7h5de480dprv3m... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://hunvc.mailer.in.net/user/0000/follow/aHR0cDovLzUuNzkuNzAuOC9xN1dMVjQ=:62023212c3fd62af4fa1bad6fe250ecb
HTTP 301
http://5.79.70.8/q7WLV4 HTTP 302
http://fittclicks.icu/public/4854853531593122?_subid=3r7h5de480dprv3mrnu&_token=uuid_3r7h5de480dprv3mrnu_3r7h5de480dprv3mrnu5b46f054a131d1.47755402 HTTP 302
https://settclicks.net/public/4854853531593122?_subid=3r7h5de480dprv3mrnu&_token=uuid_3r7h5de480dprv3mrnu_3r7h5de480dprv3mrnu5b46f054a131d1.47755402 HTTP 302
https://wash-email.ru/?_subid=3r7h5de480dprv3mrnu&_token=uuid_3r7h5de480dprv3mrnu_3r7h5de480dprv3mrnu5b46f054a131d1.47755402 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
wash-email.ru/ Redirect Chain
|
26 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%D0%91%D0%B5%D0%B7%D1%8B%D0%BC%D1%8F%D0%BD%D0%BD%D1%8B%D0%B91.css
wash-email.ru/ |
2 KB 528 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
wash-email.ru/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.1.3.min.js
wash-email.ru/libs/jquery/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect.js
wash-email.ru/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top.png
wash-email.ru/images/ |
424 KB 425 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0001.png
wash-email.ru/images/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-1403475.jpg
wash-email.ru/images/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shake2.gif
wash-email.ru/images/ |
397 KB 397 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0003.png
wash-email.ru/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-marketing-5.jpg
wash-email.ru/images/ |
379 KB 380 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0004.png
wash-email.ru/images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0006.png
wash-email.ru/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
red.png
wash-email.ru/images/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2018-06-12_16-02-39.png
wash-email.ru/images/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0005.png
wash-email.ru/images/ |
865 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0007.png
wash-email.ru/images/ |
868 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0008.png
wash-email.ru/images/ |
862 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0009.png
wash-email.ru/images/ |
871 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0010.png
wash-email.ru/images/ |
879 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0011.png
wash-email.ru/images/ |
865 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0012.png
wash-email.ru/images/ |
885 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0013.png
wash-email.ru/images/ |
871 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0014.png
wash-email.ru/images/ |
862 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0015.png
wash-email.ru/images/ |
879 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ring.gif
wash-email.ru/images/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0016.png
wash-email.ru/images/ |
548 B 753 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0017.png
wash-email.ru/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0018.png
wash-email.ru/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0333.png
wash-email.ru/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img0334.png
wash-email.ru/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| page_id function| $ function| jQuery string| cookee_page_id object| pages function| setCookie function| readCookie function| redirectPage function| load function| init1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wash-email.ru/ | Name: page_id Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fittclicks.icu
hunvc.mailer.in.net
settclicks.net
wash-email.ru
190.115.26.130
190.115.26.78
31.31.196.138
5.196.196.232
5.79.70.8
0d8aec018da6044a54bf88ecbb0806e5bc64a61dbe3efc6b21ce5192dab1d26a
11c9d34b46ada1d1ee637bc3fde25e863fd4cb3807bb27ca1eb412284208d223
25b1c6f65b8898a606673197a7490c5f8a7fffede396f65633cc1bfda073b4a6
342ccb6de2a13cbdd1203aaafb2f82b37bfaf909be15cc0033ef49505edaaf24
34a74b12917dd6b3541c728c902dcb6e4f74c3475ddc30d4c703b634ce0b2b58
3f8f074a7ed591db8b273c424a6cc6809380654d51eb5652c62349b9616f976b
4dfd211d21b8bbb324c67a259f0f96016cd82dabfef14b018920998751c91014
4ed9faecaebe33e90b4e40f9fdad3dd7f7f56c97238529d2db7629264dd8226e
60dd5631d10232824c33a60c985c48519cbad42ef99d5b40c0dfdbe4dc89db48
64062ebb8dcd51b9133f68bcaaf6024cfd6671c2fa840abb87f750c7ca6ae1b6
69bf8cb8467f11226a07eda5a74541f747a9f31e27fd8d94da436634a88cc63e
6f600e39a6016e4840cefdd6417941da4f461ba80d0d717084b09748e2f1ac5e
7058feaa14b2e65c283395e3d349f10c4d7e9d8f360403a2242d4bd35dd1580a
72ea84a34fd37751a253118c67b474628092976a597a4728f700a98d33321b6e
7845b47224ed958c98bd3faed50cff6f789bdcd7ea2efbad13010720de18e18c
794977563b301347722197da829626afb391a0d73f473dc588e15182b26c5c11
8a5a0a4ae6fa3dfb0d03b1f5d22904c32b9576a3066e1cd33ac05337c81fdaaa
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8b9abe00e2107f20685b930319025a7e0e26f7deeccb072e269af5caaddba066
a3f6f613be41ba401c5bd3fe344b9d4cad5e3c579c4e6a855e3cc60d8c7c760a
ba804698337b82c07d3baa8e45d55d50dcc30c2e56f74bb952ce038d7da0651b
bb13330128447f67c42f58d3922b30c9853bb77bb8c7240d847f28ed61e3d81c
beda2b281c0722730fbe8f2e517e6ac55cf7a00c3b744dfc409a2598805e894d
e8d90bfca4c10e2310637c8b3025e5eaf9e6f441abe33480328ae26312d39196
ecce8890fb132e645eb931fff5e9f8975c75dfad905ce8e6d25e555dab467da3
fb3d02de7b9112ab5dc6c0685cd7b3725f1efec5b286073bb9c7a76e05005e1b
fe6f5a9b1f8db6727c5c54d53f20ebd4848f196cb1c0e437e8cfaf9d9887797d