srv88980.ht-test.ru - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main IP is 78.110.50.131, located in Moscow, Russian Federation and belongs to HT-SYSTEMS-AS Uplinks:, RU. The main domain is srv88980.ht-test.ru.

This is the only time srv88980.ht-test.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.54 167.89.115.54	11377 (SENDGRID) (SENDGRID)
1 1	148.72.201.88 148.72.201.88	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 6	78.110.50.131 78.110.50.131	31240 (HT-SYSTEM...) (HT-SYSTEMS-AS Uplinks:)
1 2	2620:12a:8000::1 2620:12a:8000::1	54113 (FASTLY) (FASTLY)
6	2

1 167.89.115.54 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net

u5868380.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.72.201.88 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-148-72-201-88.ip.secureserver.net

of3.gamingakhada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.110.50.131 (Moscow, Russian Federation) 1 redirects

ASN31240 (HT-SYSTEMS-AS Uplinks:, RU)
PTR: cl33-w.ht-systems.ru

srv88980.ht-test.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:12a:8000::1 (United States) 1 redirects

ASN54113 (FASTLY, US)

spscommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ht-test.ru 1 redirects srv88980.ht-test.ru	1 MB
2	spscommerce.com 1 redirects spscommerce.com	5 KB
1	gamingakhada.com 1 redirects of3.gamingakhada.com	348 B
1	sendgrid.net 1 redirects u5868380.ct.sendgrid.net	274 B
6	4

	Domain	Requested by
6	srv88980.ht-test.ru	1 redirects srv88980.ht-test.ru
2	spscommerce.com	1 redirects srv88980.ht-test.ru
1	of3.gamingakhada.com	1 redirects
1	u5868380.ct.sendgrid.net	1 redirects
6	4

This site contains no links.

Subject Issuer	Validity	Valid
spscommerce.com Let's Encrypt Authority X3	`2020-07-31` - `2020-10-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://srv88980.ht-test.ru/js/ll6qjxpsu12htwcygimewk0vzt.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&loginID=&.
Frame ID: 759E8DA41871723ED8D82E201F872371
Requests: 2 HTTP requests in this frame

Frame: http://srv88980.ht-test.ru/js/ova.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&i=0&c=
Frame ID: C161DDD593A2E6A9A799D57096F35EB7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://u5868380.ct.sendgrid.net/ls/click?upn=I-2B-2FNJdd07HuejN6-2BOxubPJiAqaHTDBCDFEosQUXowi0ClTJO4UdE7czrm... HTTP 302
http://of3.gamingakhada.com/redir.php?email=vanservices@spscommerce.com HTTP 302
http://srv88980.ht-test.ru/js/index.php?x=x&a=vanservices@spscommerce.com HTTP 302
http://srv88980.ht-test.ru/js/ll6qjxpsu12htwcygimewk0vzt.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&.ve... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

Red Hat (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Red Hat/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

6
Requests

17 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

1140 kB
Transfer

1138 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://u5868380.ct.sendgrid.net/ls/click?upn=I-2B-2FNJdd07HuejN6-2BOxubPJiAqaHTDBCDFEosQUXowi0ClTJO4UdE7czrmOt2iM-2FhSEYgSGTc8Nb0EnBZEfNtB3FE-2FOecmOiTCpJmvuihT-2Fc-3DG1S7_vUkcFtZkAbSNsk45XxblRSOh6-2BfTbH684D2pxPDAYshQg1jeLfIExZazApTL8CW9JO5cl399yqMSaNNqmwrgyWwT35eP-2BZCs5sit2rLab0OodqV01RKWzRywtKzrHjLg6Qt-2B259P63uJenKbtFSekENE1UndV7pzvdiBoqux7WNX36JrNaLj-2Bn5KJpsR7Uo2chVmwJphjnjk2FutRe-2FygOmsyh-2FnAT7Rl6ByCVK9WBQ-3D HTTP 302
http://of3.gamingakhada.com/redir.php?email=vanservices@spscommerce.com HTTP 302
http://srv88980.ht-test.ru/js/index.php?x=x&a=vanservices@spscommerce.com HTTP 302
http://srv88980.ht-test.ru/js/ll6qjxpsu12htwcygimewk0vzt.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&loginID=&. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://spscommerce.com/favicon.ico HTTP 301
https://spscommerce.com/favicon.ico

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request ll6qjxpsu12htwcygimewk0vzt.php Show response
srv88980.ht-test.ru/js/
Redirect Chain

http://u5868380.ct.sendgrid.net/ls/click?upn=I-2B-2FNJdd07HuejN6-2BOxubPJiAqaHTDBCDFEosQUXowi0ClTJO4UdE7czrmOt2iM-2FhSEYgSGTc8Nb0EnBZEfNtB3FE-2FOecmOiTCpJmvuihT-2Fc-3DG1S7_vUkcFtZkAbSNsk45XxblRSOh6...
http://of3.gamingakhada.com/redir.php?email=vanservices@spscommerce.com
http://srv88980.ht-test.ru/js/index.php?x=x&a=vanservices@spscommerce.com
http://srv88980.ht-test.ru/js/ll6qjxpsu12htwcygimewk0vzt.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dmFu...

941 B
1 KB

231ms
230ms

Document
text/html

78.110.50.131
HT-SYSTEMS-AS Upl...

General

Check archive.org

Show headers Download Go to

Full URL: http://srv88980.ht-test.ru/js/ll6qjxpsu12htwcygimewk0vzt.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&loginID=&.
Protocol: HTTP/1.1
Server: 78.110.50.131 Moscow, Russian Federation, ASN31240 (HT-SYSTEMS-AS Uplinks:, RU),
Reverse DNS: cl33-w.ht-systems.ru
Software: Apache/2.2.24 (Red Hat) mod_rpaf/0.6 PHP/5.6.40 / PHP/5.6.40
Resource Hash: 14f17f7b19fd0bcd0142408b8a07275b0d79f96358d2bdd92430561b4db93d22

Request headers

Host: srv88980.ht-test.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: PHPSESSID=638q63866dig66jsglm12v3ur7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 13:54:05 GMT
Server: Apache/2.2.24 (Red Hat) mod_rpaf/0.6 PHP/5.6.40
X-Powered-By: PHP/5.6.40
Content-Length: 941
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 10 Aug 2020 13:54:05 GMT
Server: Apache/2.2.24 (Red Hat) mod_rpaf/0.6 PHP/5.6.40
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID=638q63866dig66jsglm12v3ur7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: ll6qjxpsu12htwcygimewk0vzt.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&loginID=&.#n=12528&c=&99642&fid=1&fav=1
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ova.php Show response
srv88980.ht-test.ru/js/ Frame C161 3 KB
3 KB 225ms
224ms Document
text/html 78.110.50.131
HT-SYSTEMS-AS Upl...

General

Check archive.org

Show headers Download Go to

Full URL: http://srv88980.ht-test.ru/js/ova.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&i=0&c=
Requested by: Host: srv88980.ht-test.ru
URL: http://srv88980.ht-test.ru/js/ll6qjxpsu12htwcygimewk0vzt.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&loginID=&.
Protocol: HTTP/1.1
Server: 78.110.50.131 Moscow, Russian Federation, ASN31240 (HT-SYSTEMS-AS Uplinks:, RU),
Reverse DNS: cl33-w.ht-systems.ru
Software: Apache/2.2.24 (Red Hat) mod_rpaf/0.6 PHP/5.6.40 / PHP/5.6.40
Resource Hash: 9ac3a4e25e2772b4782032552fe6ac222e6a2219d66b18b4e8ace48922452634

Request headers

Host: srv88980.ht-test.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://srv88980.ht-test.ru/js/ll6qjxpsu12htwcygimewk0vzt.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&loginID=&.
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: PHPSESSID=638q63866dig66jsglm12v3ur7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://srv88980.ht-test.ru/js/ll6qjxpsu12htwcygimewk0vzt.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&loginID=&.

Response headers

Date: Mon, 10 Aug 2020 13:54:05 GMT
Server: Apache/2.2.24 (Red Hat) mod_rpaf/0.6 PHP/5.6.40
X-Powered-By: PHP/5.6.40
Content-Length: 3379
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK default.jpg
srv88980.ht-test.ru/js/ico/bg/ 1 MB
1 MB 119ms
84ms Image
image/jpeg 78.110.50.131
HT-SYSTEMS-AS Upl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://srv88980.ht-test.ru/js/ico/bg/default.jpg
Requested by: Host: srv88980.ht-test.ru
URL: http://srv88980.ht-test.ru/js/ll6qjxpsu12htwcygimewk0vzt.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&loginID=&.
Protocol: HTTP/1.1
Server: 78.110.50.131 Moscow, Russian Federation, ASN31240 (HT-SYSTEMS-AS Uplinks:, RU),
Reverse DNS: cl33-w.ht-systems.ru
Software: Apache/2.2.24 (Red Hat) mod_rpaf/0.6 PHP/5.6.40 /
Resource Hash: a6baa596c961ffab09d260ba7d7c743114ff7016e13e853b9b0f25bceac17255

Request headers

Referer: http://srv88980.ht-test.ru/js/ll6qjxpsu12htwcygimewk0vzt.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&loginID=&.
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 13:54:05 GMT
X-Cache-Lookup: MISS from hc1.hts.ru:80
Last-Modified: Mon, 20 Aug 2018 21:42:38 GMT
Server: Apache/2.2.24 (Red Hat) mod_rpaf/0.6 PHP/5.6.40
ETag: "2bbfe0a-119084-573e4c9be8f80"
X-Cache: MISS from hc1.hts.ru
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1151108

GET
H/1.1 404
Not Found style.css
srv88980.ht-test.ru/js/css/ Frame C161 0
0 64ms
63ms Stylesheet
text/html 78.110.50.131
HT-SYSTEMS-AS Upl...

General

Check archive.org

Show headers Download Go to

Full URL: http://srv88980.ht-test.ru/js/css/style.css
Requested by: Host: srv88980.ht-test.ru
URL: http://srv88980.ht-test.ru/js/ova.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&i=0&c=
Protocol: HTTP/1.1
Server: 78.110.50.131 Moscow, Russian Federation, ASN31240 (HT-SYSTEMS-AS Uplinks:, RU),
Reverse DNS: cl33-w.ht-systems.ru
Software: Apache/2.2.24 (Red Hat) mod_rpaf/0.6 PHP/5.6.40 /
Resource Hash

Request headers

Referer: http://srv88980.ht-test.ru/js/ova.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&i=0&c=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 13:54:05 GMT
X-Cache-Lookup: MISS from hc2.hts.ru:80
Server: Apache/2.2.24 (Red Hat) mod_rpaf/0.6 PHP/5.6.40
Content-Length: 324
X-Cache: MISS from hc2.hts.ru
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK js.js Show response
srv88980.ht-test.ru/js/ico/ Frame C161 6 KB
6 KB 112ms
78ms Script
text/javascript 78.110.50.131
HT-SYSTEMS-AS Upl...

General

Check archive.org

Show headers Download Go to

Full URL: http://srv88980.ht-test.ru/js/ico/js.js
Requested by: Host: srv88980.ht-test.ru
URL: http://srv88980.ht-test.ru/js/ova.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&i=0&c=
Protocol: HTTP/1.1
Server: 78.110.50.131 Moscow, Russian Federation, ASN31240 (HT-SYSTEMS-AS Uplinks:, RU),
Reverse DNS: cl33-w.ht-systems.ru
Software: Apache/2.2.24 (Red Hat) mod_rpaf/0.6 PHP/5.6.40 /
Resource Hash: 1bcbd711541fce74fc4c58fce450956c507db9e1e9d83af8f13ed448e114f9a0

Request headers

Referer: http://srv88980.ht-test.ru/js/ova.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&i=0&c=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 13:54:05 GMT
X-Cache-Lookup: MISS from hc2.hts.ru:80
Last-Modified: Fri, 17 Aug 2018 21:46:32 GMT
Server: Apache/2.2.24 (Red Hat) mod_rpaf/0.6 PHP/5.6.40
ETag: "c0b43626-1648-573a87e2afe00"
X-Cache: MISS from hc2.hts.ru
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 5704

GET
H2

200

favicon.ico
spscommerce.com/ Frame C161
Redirect Chain

http://spscommerce.com/favicon.ico
https://spscommerce.com/favicon.ico

4 KB
5 KB

29ms
7ms

Image
image/x-icon

2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spscommerce.com/favicon.ico

Requested by

Host: srv88980.ht-test.ru
URL: http://srv88980.ht-test.ru/js/ova.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&i=0&c=

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

20477b74e2f8b4c7d0a04b5ca90bbe06931767981af734c36cb41796e912e43f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://srv88980.ht-test.ru/js/ova.php?a=dmFuc2VydmljZXNAc3BzY29tbWVyY2UuY29t&i=0&c=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
etag: "5f22ea8e-116a"
age: 937434
x-pantheon-styx-hostname: styx-fe1-a-66dfddc5bf-wm6ls
x-cache: HIT, HIT
status: 200
content-length: 4481
x-served-by: cache-mdw17360-MDW, cache-fra19129-FRA
last-modified: Thu, 30 Jul 2020 15:43:10 GMT
server: nginx
x-timer: S1597067646.442322,VS0,VE1
date: Mon, 10 Aug 2020 13:54:06 GMT
vary: Accept-Encoding
content-type: image/x-icon
via: 1.1 varnish
expires: Sat, 31 Jul 2021 17:30:12 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 52bfd0e1-d28a-11ea-af35-f61506f8e2db
x-cache-hits: 1, 1

Redirect headers

Date: Mon, 10 Aug 2020 13:54:06 GMT
Via: 1.1 varnish
Age: 10562
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
Connection: keep-alive
Content-Length: 162
X-Served-By: cache-mdw17320-MDW, cache-fra19140-FRA
Server: nginx
X-Timer: S1597067646.983956,VS0,VE105
Vary: Cookie, Cookie
Content-Type: text/html
Location: https://spscommerce.com/favicon.ico
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
X-Styx-Req-Id: 5d6e22ba-daf8-11ea-b094-2e07e1869e7e
X-Pantheon-Styx-Hostname: styx-fe1-b-66dd4ccd69-dhlts

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			srv88980.ht-test.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 638q63866dig66jsglm12v3ur7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

of3.gamingakhada.com
spscommerce.com
srv88980.ht-test.ru
u5868380.ct.sendgrid.net
148.72.201.88
167.89.115.54
2620:12a:8000::1
78.110.50.131
14f17f7b19fd0bcd0142408b8a07275b0d79f96358d2bdd92430561b4db93d22
1bcbd711541fce74fc4c58fce450956c507db9e1e9d83af8f13ed448e114f9a0
20477b74e2f8b4c7d0a04b5ca90bbe06931767981af734c36cb41796e912e43f
9ac3a4e25e2772b4782032552fe6ac222e6a2219d66b18b4e8ace48922452634
a6baa596c961ffab09d260ba7d7c743114ff7016e13e853b9b0f25bceac17255

srv88980.ht-test.ru Open in urlscan Pro 78.110.50.131 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

17 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

2 IPs

2 Countries

1140 kBTransfer

1138 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

srv88980.ht-test.ru Open in urlscan Pro
78.110.50.131 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

17 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

1140 kB
Transfer

1138 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!