vf.yim7.ru.com
Open in
urlscan Pro
158.220.105.195
Malicious Activity!
Public Scan
Submission: On July 09 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R10 on July 6th 2024. Valid for: 3 months.
This is the only time vf.yim7.ru.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 158.220.105.195 158.220.105.195 | 51167 (CONTABO) (CONTABO) | |
1 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
1 | 162.19.88.68 162.19.88.68 | 16276 (OVH) (OVH) | |
1 | 172.67.74.152 172.67.74.152 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 4 |
ASN51167 (CONTABO, DE)
PTR: vmi1899681.contaboserver.net
vf.yim7.ru.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
ru.com
vf.yim7.ru.com |
271 KB |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2521 |
155 B |
1 |
postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 18784 |
1 KB |
1 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 2214 |
1 KB |
8 | 4 |
Domain | Requested by | |
---|---|---|
5 | vf.yim7.ru.com |
vf.yim7.ru.com
|
1 | api.ipify.org |
vf.yim7.ru.com
|
1 | i.postimg.cc |
vf.yim7.ru.com
|
1 | aadcdn.msftauth.net |
vf.yim7.ru.com
|
8 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
vf.yim7.ru.com R10 |
2024-07-06 - 2024-10-04 |
3 months | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2024-05-25 - 2025-05-25 |
a year | crt.sh |
postimg.cc R11 |
2024-06-21 - 2024-09-19 |
3 months | crt.sh |
ipify.org GTS CA 1P5 |
2024-05-19 - 2024-08-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://vf.yim7.ru.com/
Frame ID: B560D8995E2EFD6951D40F3EC0151402
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
vf.yim7.ru.com/ |
646 B 888 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.b700ba90.js
vf.yim7.ru.com/static/js/ |
239 KB 239 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.ab849390.css
vf.yim7.ru.com/static/css/ |
9 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.564db913a7fa0ca42727161c6d031bef.svg
vf.yim7.ru.com/static/media/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swipe.png
i.postimg.cc/x1qR9tzv/ |
884 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
22 B 155 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
vf.yim7.ru.com/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
api.ipify.org
i.postimg.cc
vf.yim7.ru.com
158.220.105.195
162.19.88.68
172.67.74.152
2606:2800:233:1cb7:261b:1f9c:2074:3c
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
08dc74d2797c739e4b1b8a3477572d1265637448bb503a4c015aaaf9d0002b57
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
71e4d5411f25f4c3c9df70efc455dfa431a20a2d904ee20e35f3b9913f7c7943
8dc9d7f2be71e0f35b358e763545085d4d35476570b64dd10f38e5884d5f3698
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a04ec3b2d9529b7776095594dd263610b8d78b8428075ee9b1a561a342367541
fc87e3f1930a326e499b8e09e2d49e3e9e6c1ab771cb7c083555dabf8b829c13