www.u31890.s2.radisol.org Open in urlscan Pro
82.202.204.197 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.u31890.s2.radisol.org/portail/index.html#login%2F
Effective URL:
http://www.u31890.s2.radisol.org/portail/index.html
Submission: On March 09 via manual (March 9th 2021, 10:51:50 am UTC) from RU

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 23 HTTP transactions. The main IP is 82.202.204.197, located in Russian Federation and belongs to SELECTEL-MSK, RU. The main domain is www.u31890.s2.radisol.org.

This is the only time www.u31890.s2.radisol.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Hydro Quebec (Utility)

Domain & IP information

	IP Address	AS Autonomous System
18	82.202.204.197 82.202.204.197	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
23	5

18 82.202.204.197 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: orangemail.site

www.u31890.s2.radisol.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	radisol.org www.u31890.s2.radisol.org	3 MB
2	google-analytics.com www.google-analytics.com	19 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	googleapis.com fonts.googleapis.com	645 B
1	googletagmanager.com www.googletagmanager.com	36 KB
23	5

	Domain	Requested by
18	www.u31890.s2.radisol.org	www.u31890.s2.radisol.org
2	www.google-analytics.com	www.googletagmanager.com www.u31890.s2.radisol.org
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.u31890.s2.radisol.org
1	www.googletagmanager.com	www.u31890.s2.radisol.org
23	5

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.u31890.s2.radisol.org/portail/index.html
Frame ID: 1018765E2C1E2E794E72B56834911171
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

23
Requests

22 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

2823 kB
Transfer

2921 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://www.google-analytics.com/r/collect?v=1&_v=j79&a=469588850&t=pageview&_s=1&dl=http%3A%2F%2Fwww.u31890.s2.radisol.org%2Fportail%2Findex.html&dp=%2Fportail%2Findex.html%3F&ul=en-us&de=UTF-8&dt=Acc%C3%A9der%20%C3%A0%20mon%20Espace%20client%20%7C%20Hydro-Qu%C3%A9bec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABE~&jid=637539163&gjid=1473739988&cid=1055564960.1615287093&tid=UA-41911837-22&_gid=469841320.1615287093&_r=1&gtm=2wg2o0M8KMBZS&z=317961868 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=469588850&t=pageview&_s=1&dl=http%3A%2F%2Fwww.u31890.s2.radisol.org%2Fportail%2Findex.html&dp=%2Fportail%2Findex.html%3F&ul=en-us&de=UTF-8&dt=Acc%C3%A9der%20%C3%A0%20mon%20Espace%20client%20%7C%20Hydro-Qu%C3%A9bec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABE~&jid=637539163&gjid=1473739988&cid=1055564960.1615287093&tid=UA-41911837-22&_gid=469841320.1615287093&_r=1&gtm=2wg2o0M8KMBZS&z=317961868

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.html Show response
www.u31890.s2.radisol.org/portail/ 14 KB
4 KB 340ms
144ms Document
text/html 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 605c507bba94fce2605d7998713498ab62a144035d899dfbacf4b53110eef415

Request headers

Host: www.u31890.s2.radisol.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.19.0
Date: Tue, 09 Mar 2021 10:51:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 06 Mar 2021 14:27:13 GMT
ETag: W/"389f-5bcdeff3038b6"
Content-Encoding: gzip

GET
H/1.1 200
OK analytics.js Show response
www.u31890.s2.radisol.org/portail/AtmaCa/ 43 KB
44 KB 122ms
121ms Script
application/javascript 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/analytics.js
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 10:51:32 GMT
Last-Modified: Sat, 06 Mar 2021 14:27:20 GMT
Server: nginx/1.19.0
ETag: "adb6-5bcdeff996e3f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44470

GET
H/1.1 200
OK gtm.js Show response
www.u31890.s2.radisol.org/portail/AtmaCa/ 76 KB
77 KB 288ms
115ms Script
application/javascript 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/gtm.js
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: cf13b51faeadafff6da68615a6fd56c1802f1428c7091578cdf0a43edd79ea38

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 10:51:32 GMT
Last-Modified: Sat, 06 Mar 2021 14:27:24 GMT
Server: nginx/1.19.0
ETag: "13152-5bcdeffd59c76"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78162

GET
H/1.1 200
OK jquery-1.js Show response
www.u31890.s2.radisol.org/portail/AtmaCa/ 95 KB
95 KB 195ms
180ms Script
application/javascript 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/jquery-1.js
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 10:51:32 GMT
Last-Modified: Sat, 06 Mar 2021 14:27:28 GMT
Server: nginx/1.19.0
ETag: "17c52-5bcdf000b98be"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97362

GET
H/1.1 200
OK ThemeConfiguration.js Show response
www.u31890.s2.radisol.org/portail/AtmaCa/ 15 KB
15 KB 172ms
157ms Script
application/javascript 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/ThemeConfiguration.js
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 0d0b0b91f3c7ab55706832e15dabfff020f7a2a6c10a63a28f2daf2c8b9e5eed

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 10:51:32 GMT
Last-Modified: Sat, 06 Mar 2021 14:27:35 GMT
Server: nginx/1.19.0
ETag: "3af7-5bcdf007ba82d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15095

GET
H/1.1 200
OK bootstrap.css
www.u31890.s2.radisol.org/portail/AtmaCa/ 144 KB
144 KB 190ms
176ms Stylesheet
text/css 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/bootstrap.css
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 26ea006c5b4845ccbdb550bbe677e6be6e0b9ab4bc7a05a84ba64fb4e9b25913

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 10:51:32 GMT
Last-Modified: Sat, 06 Mar 2021 14:27:22 GMT
Server: nginx/1.19.0
ETag: "23f32-5bcdeffbdc6e9"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 147250

GET
H/1.1 200
OK structure.css
www.u31890.s2.radisol.org/portail/AtmaCa/ 70 KB
70 KB 185ms
171ms Stylesheet
text/css 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/structure.css
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 6be6d858c17568d15adae2d6aa57bb02dfe69d65ce28bcbeee2605a7e09ddd6d

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 10:51:32 GMT
Last-Modified: Sat, 06 Mar 2021 14:27:32 GMT
Server: nginx/1.19.0
ETag: "116e8-5bcdf005192c3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71400

GET
H/1.1 200
OK theme-hq.css
www.u31890.s2.radisol.org/portail/AtmaCa/ 8 KB
8 KB 171ms
158ms Stylesheet
text/css 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/theme-hq.css
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 30617021b354ac7ba30df2c8eefbd72a7d0ed4fa89c037d51f64240cb486dbb0

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 10:51:32 GMT
Last-Modified: Sat, 06 Mar 2021 14:27:33 GMT
Server: nginx/1.19.0
ETag: "1fe0-5bcdf0065d640"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8160

GET
H/1.1 200
OK logo-hydro-quebec-couleur.svg
www.u31890.s2.radisol.org/portail/AtmaCa/ 4 KB
4 KB 94ms
93ms Image
image/svg+xml 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/logo-hydro-quebec-couleur.svg
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 9f8614685fb4316a9d7f1afa3ecbb9a55a44d392ec2f1e736627d9f8e6d7dd93

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 10:51:32 GMT
Last-Modified: Sat, 06 Mar 2021 14:27:27 GMT
Server: nginx/1.19.0
ETag: "e37-5bcdf0009e726"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639

GET
H/1.1 200
OK logo-hydro-quebec-coupe.png
www.u31890.s2.radisol.org/portail/AtmaCa/ 4 KB
5 KB 93ms
92ms Image
image/png 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/logo-hydro-quebec-coupe.png
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 0e977c56b77cdc4ca1e90a282ae292d68324794594d3f4dbee98e468858af8c0

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 10:51:32 GMT
Last-Modified: Sat, 06 Mar 2021 14:27:30 GMT
Server: nginx/1.19.0
ETag: "11d9-5bcdf002dedc9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4569

GET
H/1.1 200
OK main.js Show response
www.u31890.s2.radisol.org/portail/AtmaCa/ 2 MB
2 MB 126ms
124ms Script
application/javascript 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/main.js
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 3d81461f2fbea4b935667b055e9033eb1ae6786661dde2588d6333003f1926c6

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 10:51:32 GMT
Last-Modified: Sat, 06 Mar 2021 14:27:33 GMT
Server: nginx/1.19.0
ETag: "1ffed7-5bcdf0062c131"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2096855

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
36 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M8KMBZS

Requested by

Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11136925a8aa2fdf277232fd55bf107d74b086dd096ceaaff803d364328f87bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.u31890.s2.radisol.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 10:51:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36979
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Mar 2021 10:51:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
645 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/bootstrap.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.u31890.s2.radisol.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 09:24:53 GMT
server: ESF
date: Tue, 09 Mar 2021 10:51:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Mar 2021 10:51:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8KMBZS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.u31890.s2.radisol.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2936
date: Tue, 09 Mar 2021 10:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 09 Mar 2021 12:02:36 GMT

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j79&a=469588850&t=pageview&_s=1&dl=http%3A%2F%2Fwww.u31890.s2.radisol.org%2Fportail%2Findex.html&dp=%2Fportail%2Findex.html%3F&ul=en-us&de=UTF-8&dt=...
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=469588850&t=pageview&_s=1&dl=http%3A%2F%2Fwww.u31890.s2.radisol.org%2Fportail%2Findex.html&dp=%2Fportail%2Findex.html%3F&ul=en-us&de=UTF-8&dt...

35 B
112 B

14ms
13ms

Image
image/gif

2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=469588850&t=pageview&_s=1&dl=http%3A%2F%2Fwww.u31890.s2.radisol.org%2Fportail%2Findex.html&dp=%2Fportail%2Findex.html%3F&ul=en-us&de=UTF-8&dt=Acc%C3%A9der%20%C3%A0%20mon%20Espace%20client%20%7C%20Hydro-Qu%C3%A9bec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABE~&jid=637539163&gjid=1473739988&cid=1055564960.1615287093&tid=UA-41911837-22&_gid=469841320.1615287093&_r=1&gtm=2wg2o0M8KMBZS&z=317961868

Requested by

Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.u31890.s2.radisol.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Mar 2021 10:51:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j79&a=469588850&t=pageview&_s=1&dl=http%3A%2F%2Fwww.u31890.s2.radisol.org%2Fportail%2Findex.html&dp=%2Fportail%2Findex.html%3F&ul=en-us&de=UTF-8&dt=Acc%C3%A9der%20%C3%A0%20mon%20Espace%20client%20%7C%20Hydro-Qu%C3%A9bec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABE~&jid=637539163&gjid=1473739988&cid=1055564960.1615287093&tid=UA-41911837-22&_gid=469841320.1615287093&_r=1&gtm=2wg2o0M8KMBZS&z=317961868
Non-Authoritative-Reason: HSTS

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.u31890.s2.radisol.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 12:56:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 424501
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 04 Mar 2022 12:56:31 GMT

GET
H/1.1 200
OK background.jpg
www.u31890.s2.radisol.org/portail/AtmaCa/ 237 KB
237 KB 124ms
124ms Image
image/jpeg 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/background.jpg?1573394128714
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/index.html
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: ab11261654ebdb1ad6b1c3e0acd763a0f78a756fb963c72e2c111db9101ce8b8

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 10:51:32 GMT
Last-Modified: Sat, 06 Mar 2021 14:27:21 GMT
Server: nginx/1.19.0
ETag: "3b220-5bcdeffae78f4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 242208

GET
H/1.1 404
Not Found * Show response
www.u31890.s2.radisol.org/portail/json/serverinfo/ 223 B
408 B 101ms
101ms XHR
text/html 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/json/serverinfo/*
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/main.js
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: b3cbba539be03e7a78619ce802836e5c89e70ac15cdfc7b90fc01ba2bafb7379

Request headers

Accept-API-Version: protocol=1.0,resource=1.1
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 09 Mar 2021 10:51:33 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found translation.json Show response
www.u31890.s2.radisol.org/portail/locales/en/ 233 B
415 B 91ms
91ms XHR
text/html 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/locales/en/translation.json
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/main.js
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 4ad42a590fb5276f6673bb99211a5de0fc967ef5798e6f7bd325bd137f53e7f8

Request headers

Referer: http://www.u31890.s2.radisol.org/portail/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

Date: Tue, 09 Mar 2021 10:51:33 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

POST
H/1.1 404
Not Found users Show response
www.u31890.s2.radisol.org/portail/json/ 216 B
404 B 100ms
100ms XHR
text/html 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/json/users?_action=idFromSession
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/main.js
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 5c59fd31b99a6a47cb43aded292f3401710732a6faef44017b40632143049c3e

Request headers

Accept-API-Version: protocol=1.0,resource=2.0
Cache-Control: no-cache
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer: http://www.u31890.s2.radisol.org/portail/index.html
X-Requested-With: XMLHttpRequest

Response headers

Date: Tue, 09 Mar 2021 10:51:33 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

POST
H/1.1 404
Not Found sessions Show response
www.u31890.s2.radisol.org/portail/json/ 219 B
406 B 1107ms
1107ms XHR
text/html 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/json/sessions?_action=getSessionInfo
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/main.js
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 7fe5ff2127ca5d23a931ad98f49f79497363a928e3687ad22f9faefebf9451fc

Request headers

Accept-API-Version: protocol=1.0,resource=2.0
Cache-Control: no-cache
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer: http://www.u31890.s2.radisol.org/portail/index.html
X-Requested-With: XMLHttpRequest

Response headers

Date: Tue, 09 Mar 2021 10:51:34 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

POST
H/1.1 404
Not Found sessions Show response
www.u31890.s2.radisol.org/portail/json/ 219 B
406 B 980ms
980ms XHR
text/html 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/json/sessions?_action=getSessionInfo
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/main.js
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 7fe5ff2127ca5d23a931ad98f49f79497363a928e3687ad22f9faefebf9451fc

Request headers

Accept-API-Version: protocol=1.0,resource=2.0
X-Password: anonymous
Accept-Language: en
X-Username: anonymous
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Referer: http://www.u31890.s2.radisol.org/portail/index.html
X-NoSession: true

Response headers

Date: Tue, 09 Mar 2021 10:51:35 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

POST
H/1.1 404
Not Found authenticate Show response
www.u31890.s2.radisol.org/portail/json/ 223 B
409 B 1008ms
1007ms XHR
text/html 82.202.204.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://www.u31890.s2.radisol.org/portail/json/authenticate
Requested by: Host: www.u31890.s2.radisol.org
URL: http://www.u31890.s2.radisol.org/portail/AtmaCa/main.js
Protocol: HTTP/1.1
Server: 82.202.204.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: orangemail.site
Software: nginx/1.19.0 /
Resource Hash: 2c0065f2cb16d956617f5fd5d9ff68d6cfdfec451beb7c30f175c88e5475634c

Request headers

Accept-API-Version: protocol=1.0,resource=2.1
X-Password: anonymous
Accept-Language: en
X-Username: anonymous
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Referer: http://www.u31890.s2.radisol.org/portail/index.html
X-NoSession: true

Response headers

Date: Tue, 09 Mar 2021 10:51:36 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Hydro Quebec (Utility)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.u31890.s2.radisol.org/	1970-01-19 16:41:27	Name: _gat_UA-41911837-22 Value: 1
.u31890.s2.radisol.org/	1970-01-19 16:42:53	Name: _gid Value: GA1.4.469841320.1615287093
.u31890.s2.radisol.org/	1970-01-20 10:12:39	Name: _ga Value: GA1.4.1055564960.1615287093

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
www.googletagmanager.com
www.u31890.s2.radisol.org
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
82.202.204.197
0d0b0b91f3c7ab55706832e15dabfff020f7a2a6c10a63a28f2daf2c8b9e5eed
0e977c56b77cdc4ca1e90a282ae292d68324794594d3f4dbee98e468858af8c0
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
11136925a8aa2fdf277232fd55bf107d74b086dd096ceaaff803d364328f87bd
26ea006c5b4845ccbdb550bbe677e6be6e0b9ab4bc7a05a84ba64fb4e9b25913
2c0065f2cb16d956617f5fd5d9ff68d6cfdfec451beb7c30f175c88e5475634c
30617021b354ac7ba30df2c8eefbd72a7d0ed4fa89c037d51f64240cb486dbb0
3d81461f2fbea4b935667b055e9033eb1ae6786661dde2588d6333003f1926c6
4ad42a590fb5276f6673bb99211a5de0fc967ef5798e6f7bd325bd137f53e7f8
5c59fd31b99a6a47cb43aded292f3401710732a6faef44017b40632143049c3e
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
605c507bba94fce2605d7998713498ab62a144035d899dfbacf4b53110eef415
6be6d858c17568d15adae2d6aa57bb02dfe69d65ce28bcbeee2605a7e09ddd6d
7fe5ff2127ca5d23a931ad98f49f79497363a928e3687ad22f9faefebf9451fc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9f8614685fb4316a9d7f1afa3ecbb9a55a44d392ec2f1e736627d9f8e6d7dd93
ab11261654ebdb1ad6b1c3e0acd763a0f78a756fb963c72e2c111db9101ce8b8
b3cbba539be03e7a78619ce802836e5c89e70ac15cdfc7b90fc01ba2bafb7379
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
cf13b51faeadafff6da68615a6fd56c1802f1428c7091578cdf0a43edd79ea38
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

www.u31890.s2.radisol.org Open in urlscan Pro 82.202.204.197 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

23 Requests

22 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

2823 kBTransfer

2921 kBSize

3 Cookies

0 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

41 JavaScript Global Variables

3 Cookies

Indicators

www.u31890.s2.radisol.org Open in urlscan Pro
82.202.204.197 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

22 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

2823 kB
Transfer

2921 kB
Size

3
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!