xn--80aanufcfzcs6l.xn--p1ai Open in urlscan Pro Puny
рекламаплюс.рф IDN
37.140.195.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice
Effective URL:
http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm
Submission: On August 01 via api (August 1st 2019, 6:43:14 pm UTC) from US

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 37.140.195.86, located in Russian Federation and belongs to AS-REG, RU. The main domain is xn--80aanufcfzcs6l.xn--p1ai.

This is the only time xn--80aanufcfzcs6l.xn--p1ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	82.200.247.241 82.200.247.241	9198 (KAZTELECO...) (KAZTELECOM-AS)
5	37.140.195.86 37.140.195.86	197695 (AS-REG) (AS-REG)
26	3

2 82.200.247.241 (Kazakhstan) 1 redirects

ASN9198 (KAZTELECOM-AS, KZ)

rntb.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.140.195.86 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: meddigest.info

xn--80aanufcfzcs6l.xn--p1ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	function sub() { [native code] }.	46 KB
2	rntb.kz 1 redirects rntb.kz	694 B
0	banreservas.com.do Failed www.banreservas.com.do Failed
26	3

	Domain	Requested by
5	xn--80aanufcfzcs6l.xn--p1ai	rntb.kz xn--80aanufcfzcs6l.xn--p1ai
2	rntb.kz	1 redirects
0	www.banreservas.com.do Failed	xn--80aanufcfzcs6l.xn--p1ai
26	3

This site contains no links.

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh

This page contains 1 frames:

Primary Page: http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm
Frame ID: F3664437D9FFB865A1E0641628ACEB34
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice HTTP 301
http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice/ Page URL
http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

26
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

46 kB
Transfer

46 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice HTTP 301
http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice/ Page URL
http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice HTTP 301
http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice/

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice/ Redirect Chain http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice/	135 B 388 B	1293ms 1292ms	Document text/html	82.200.247.241 KAZTELECOM-AS
General Check archive.org Show headers Download Go to Full URL http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice/ Protocol HTTP/1.1 Server 82.200.247.241 , Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ), Reverse DNS Software Apache / PHP/5.6.36 Resource Hash `937da0aef5a66898c69ca432839ec0709ad58033396920073c4066c33df34fb0` Request headers Host rntb.kz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 01 Aug 2019 18:42:49 GMT Server Apache X-Powered-By PHP/5.6.36 X-SERVER 2537 Keep-Alive timeout=5, max=99 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Date Thu, 01 Aug 2019 18:42:49 GMT Server Apache X-SERVER 2537 Location http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice/ Content-Length 277 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	Primary Request Login.htm Show response xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/	46 KB 46 KB	15702ms 56ms	Document text/html	37.140.195.86 AS-REG
General Check archive.org Show headers Download Go to Full URL http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm Requested by Host: rntb.kz URL: http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice/ Protocol HTTP/1.1 Server 37.140.195.86 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS meddigest.info Software nginx/0.8.54 / Resource Hash `0885933eeeabd01e35bcd9d01960181409186a9b0c3239c2cb389d3f8983f89b` Request headers Host xn--80aanufcfzcs6l.xn--p1ai Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://rntb.kz/templates/fxdesign-yoursite/images/slide_bg-big-slice/ Response headers Server nginx/0.8.54 Date Thu, 01 Aug 2019 18:43:05 GMT Content-Type text/html; charset=UTF-8 Connection keep-alive Last-Modified Thu, 17 Nov 2016 11:59:58 GMT ETag "10c42a2a-b673-5417dedafeb80" Accept-Ranges bytes Content-Length 46707
GET		jquery-ui-1.8.9.custom.css www.banreservas.com.do/NetBankingPersonas/App_Themes/Login/css/custom-theme/	0 0

GET		dropkickddl.css www.banreservas.com.do/NetBankingPersonas/App_Themes/Default/	0 0

GET		Login.css www.banreservas.com.do/NetBankingPersonas/App_Themes/Login/	0 0

GET H/1.1	502 Bad Gateway	WebResource.axd xn--80aanufcfzcs6l.xn--p1ai/NetBankingPersonas/	0 0	483ms 379ms	Script text/html	37.140.195.86 AS-REG
General Check archive.org Show headers Download Go to Full URL http://xn--80aanufcfzcs6l.xn--p1ai/NetBankingPersonas/WebResource.axd?d=6Kx9UkXpTvFQR9_Tm1sv-GJER1ndiIY24NE7AzVNfmxZZox4lqZ-WabsYNXgWqsod6F8k45_lhV2OvdwSOjfj2X3IsY1&t=635294951132453548 Requested by Host: xn--80aanufcfzcs6l.xn--p1ai URL: http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm Protocol HTTP/1.1 Security , , Server 37.140.195.86 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS meddigest.info Software nginx/0.8.54 / Resource Hash Request headers Referer http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 01 Aug 2019 18:43:06 GMT Server nginx/0.8.54 Connection keep-alive Content-Length 575 Content-Type text/html
GET H/1.1	502 Bad Gateway	DataEntry.js xn--80aanufcfzcs6l.xn--p1ai/NetBankingPersonas/Scripts/	0 0	852ms 367ms	Script text/html	37.140.195.86 AS-REG
General Check archive.org Show headers Download Go to Full URL http://xn--80aanufcfzcs6l.xn--p1ai/NetBankingPersonas/Scripts/DataEntry.js Requested by Host: xn--80aanufcfzcs6l.xn--p1ai URL: http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm Protocol HTTP/1.1 Security , , Server 37.140.195.86 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS meddigest.info Software nginx/0.8.54 / Resource Hash Request headers Referer http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 01 Aug 2019 18:43:06 GMT Server nginx/0.8.54 Connection keep-alive Content-Length 575 Content-Type text/html
GET H/1.1	502 Bad Gateway	ScriptResource.axd xn--80aanufcfzcs6l.xn--p1ai/NetBankingPersonas/	0 0	1245ms 393ms	Script text/html	37.140.195.86 AS-REG
General Check archive.org Show headers Download Go to Full URL http://xn--80aanufcfzcs6l.xn--p1ai/NetBankingPersonas/ScriptResource.axd?d=9JhcnlN0RE11rn1PvcGZWp11ZLGjgwv_aVIxLlJZjhCaEW-BdYEDqCRSJySLoFeyoMJMpid_srY4u1vO_c3NDA4CJAhQfpwSHrIZHQ7-h4vBXbs40kxV7y7mbr_oBFyuGBC5oR5Mrf2z7px4eA-ng4lRhq81&t=34747d22 Requested by Host: xn--80aanufcfzcs6l.xn--p1ai URL: http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm Protocol HTTP/1.1 Security , , Server 37.140.195.86 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS meddigest.info Software nginx/0.8.54 / Resource Hash Request headers Referer http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 01 Aug 2019 18:43:06 GMT Server nginx/0.8.54 Connection keep-alive Content-Length 575 Content-Type text/html
GET H/1.1	404 Not Found	ScriptResource.axd xn--80aanufcfzcs6l.xn--p1ai/NetBankingPersonas/	0 0	2096ms 850ms	Script text/html	37.140.195.86 AS-REG
General Check archive.org Show headers Download Go to Full URL http://xn--80aanufcfzcs6l.xn--p1ai/NetBankingPersonas/ScriptResource.axd?d=Ez01FseQBhuZ3BmRjT3Uswe7BRVTIoSR-zVOCWoqTrtyQcR_IF8aGoY1XFzsU1gbYAEA3zqvIjz-ZP3fcxgStLfK6xlxyZCICQNgkgHvAj9vbkMI2lzDk189RklC63_tY4tApImyKnSmH_eBWT0FJh2x8a-eN-o8jGmW-wAd4lH2jXBe0&t=ffffffffb868b5f4 Requested by Host: xn--80aanufcfzcs6l.xn--p1ai URL: http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm Protocol HTTP/1.1 Security , , Server 37.140.195.86 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS meddigest.info Software nginx/0.8.54 / PHP/5.3.3 Resource Hash Request headers Referer http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Login.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 01 Aug 2019 18:43:07 GMT Server nginx/0.8.54 X-Powered-By PHP/5.3.3 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection keep-alive Link <http://xn--80aanufcfzcs6l.xn--p1ai/wp-json/>; rel="https://api.w.org/" Expires Wed, 11 Jan 1984 05:00:00 GMT
GET		ScriptResource.axd xn--80aanufcfzcs6l.xn--p1ai/https://www.banreservas.com.do/	0 0

GET		jquery-1.10.2.min.js www.banreservas.com.do/Scripts/	0 0

GET		jquery.dropkickddl.js www.banreservas.com.do/Scripts/	0 0

GET		VirtualKeyboard.js www.banreservas.com.do/Scripts/	0 0

GET		dimmingdiv.js www.banreservas.com.do/Scripts/	0 0

GET		jquery-ui-1.8.9.custom.min.js www.banreservas.com.do/Scripts/	0 0

GET		ui-load.js www.banreservas.com.do/Scripts/	0 0

GET		jquery.maskedinput-1.3.min.js www.banreservas.com.do/Scripts/	0 0

GET		WebResource.axd xn--80aanufcfzcs6l.xn--p1ai/NetBankingPersonas/	0 0

GET		jquery.placeholder.js xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Scripts/	0 0

GET		img-close.gif xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/App_Themes/Login/Images/	0 0

GET		teclado_login_minusculas.png xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/App_Themes/Login/Images/	0 0

GET		teclado_virtual_chico_ac.gif xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/App_Themes/Login/Images/	0 0

GET		teclado_virtual_chico_bc.gif xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/App_Themes/Login/Images/	0 0

GET		logo_banreservas.png www.banreservas.com.do/NetBankingPersonas/App_Themes/Login/Images/	0 0

GET		boton.jpg xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/	0 0

GET		teclado_virtual_chico_ac.gif www.banreservas.com.do/NetBankingPersonas/App_Themes/Login/Images/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/NetBankingPersonas/App_Themes/Login/css/custom-theme/jquery-ui-1.8.9.custom.css

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/NetBankingPersonas/App_Themes/Default/dropkickddl.css

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/NetBankingPersonas/App_Themes/Login/Login.css

Domain: xn--80aanufcfzcs6l.xn--p1ai
URL: http://xn--80aanufcfzcs6l.xn--p1ai/https://www.banreservas.com.do/ScriptResource.axd?d=Zs-zgOY9Q_7Jrfu8dTuDa7Yen84I6FaRtdDrYFXgOMtTP1jIYxORhXjggVYx-REgaO1NAYdXgteJ7OkZNFz8g6JpCHJrsPedCp42iAThY6zchN6NPvNsRBPyFaBSM7ezDbZ8Xy0KECXVMmwh8Dx4sY39_o-eg0lIkdH2vIefLPkaLj5MWBcJIdI0lLQzbbuiF7l9Kg2&t=ffffffffb868b5f4

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/Scripts/jquery-1.10.2.min.js

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/Scripts/jquery.dropkickddl.js

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/Scripts/VirtualKeyboard.js

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/Scripts/dimmingdiv.js

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/Scripts/jquery-ui-1.8.9.custom.min.js

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/Scripts/ui-load.js

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/Scripts/jquery.maskedinput-1.3.min.js

Domain: xn--80aanufcfzcs6l.xn--p1ai
URL: http://xn--80aanufcfzcs6l.xn--p1ai/NetBankingPersonas/WebResource.axd?d=dIJs_C2IuI42X45Nj9V7mzjLxTrUgrmrobaSNFLcuoEf7qBCsTU3yPL3JztN1vBTNpvKk-xX6riBcxh-GwlHenzI_tw1&t=635294951132453548

Domain: xn--80aanufcfzcs6l.xn--p1ai
URL: http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/Scripts/jquery.placeholder.js

Domain: xn--80aanufcfzcs6l.xn--p1ai
URL: http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/App_Themes/Login/Images/img-close.gif

Domain: xn--80aanufcfzcs6l.xn--p1ai
URL: http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/App_Themes/Login/Images/teclado_login_minusculas.png

Domain: xn--80aanufcfzcs6l.xn--p1ai
URL: http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/App_Themes/Login/Images/teclado_virtual_chico_ac.gif

Domain: xn--80aanufcfzcs6l.xn--p1ai
URL: http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/App_Themes/Login/Images/teclado_virtual_chico_bc.gif

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/NetBankingPersonas/App_Themes/Login/Images/logo_banreservas.png

Domain: xn--80aanufcfzcs6l.xn--p1ai
URL: http://xn--80aanufcfzcs6l.xn--p1ai/wp-content/uploads/NetBanking/boton.jpg

Domain: www.banreservas.com.do
URL: https://www.banreservas.com.do/NetBankingPersonas/App_Themes/Login/Images/teclado_virtual_chico_ac.gif

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rntb.kz
www.banreservas.com.do
xn--80aanufcfzcs6l.xn--p1ai
www.banreservas.com.do
xn--80aanufcfzcs6l.xn--p1ai
37.140.195.86
82.200.247.241
0885933eeeabd01e35bcd9d01960181409186a9b0c3239c2cb389d3f8983f89b
937da0aef5a66898c69ca432839ec0709ad58033396920073c4066c33df34fb0

xn--80aanufcfzcs6l.xn--p1ai Open in urlscan Pro Puny рекламаплюс.рф IDN 37.140.195.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

46 kBTransfer

46 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

xn--80aanufcfzcs6l.xn--p1ai Open in urlscan Pro Puny
рекламаплюс.рф IDN
37.140.195.86 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

46 kB
Transfer

46 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions