test.my.kodeks.ru Open in urlscan Pro
5.61.15.186 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/
Effective URL:
https://test.my.kodeks.ru/?return_url=https%3A%2F%2Favito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru
Submission: On June 19 via api (June 19th 2024, 10:35:24 am UTC) from JP — Scanned from JP

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 5.61.15.186, located in Russian Federation and belongs to CKR-AS, RU. The main domain is test.my.kodeks.ru.
TLS certificate: Issued by on March 10th 2022. Valid for: 10 years.

This is the only time test.my.kodeks.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	37.46.60.166 37.46.60.166	24739 (SEVEREN-T...) (SEVEREN-TELECOM St.Petersburg)
2	5.61.15.186 5.61.15.186	199072 (CKR-AS) (CKR-AS)
2	1

3 37.46.60.166 (Russian Federation) 3 redirects

ASN24739 (SEVEREN-TELECOM St.Petersburg, Russia, RU)

avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.61.15.186 (Russian Federation)

ASN199072 (CKR-AS, RU)
PTR: ip-5-61-15-186.kodeks.net

test.my.kodeks.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	kodeks.ru 3 redirects avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru test.my.kodeks.ru	2 KB
2	1

	Domain	Requested by
3	avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru	3 redirects
2	test.my.kodeks.ru
2	2

This site contains no links.

Subject Issuer	Validity	Valid
	`2022-03-10` - `2032-03-07`	10 years	crt.sh

This page contains 1 frames:

Primary Page: https://test.my.kodeks.ru/?return_url=https%3A%2F%2Favito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru
Frame ID: 4F9461210F004BCCECAC103B064413F8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

405 Not Allowed

Page URL History Show full URLs

http://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ HTTP 307
https://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ HTTP 307
https://test.auth.kodeks.ru/sso?command=attach&broker=fb468089-cd33-430c-af70-75d7e75229d5&token=9cpvgfd... HTTP 307
http://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ HTTP 302
https://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ HTTP 302
https://test.my.kodeks.ru/?return_url=https%3A%2F%2Favito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.onl... Page URL

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1 kB
Transfer

1 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ HTTP 307
https://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ HTTP 307
https://test.auth.kodeks.ru/sso?command=attach&broker=fb468089-cd33-430c-af70-75d7e75229d5&token=9cpvgfdov5kw4c88g480s8gs8&checksum=19ef7c0c28f65893bd53cf55c90a76852c8e17cc1c7e2f40a74f62caa065ea9f&return_url=https%253A%252F%252Favito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru HTTP 307
http://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ HTTP 302
https://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ HTTP 302
https://test.my.kodeks.ru/?return_url=https%3A%2F%2Favito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	405	Primary Request / Show response test.my.kodeks.ru/ Redirect Chain http://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ https://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ https://test.auth.kodeks.ru/sso?command=attach&broker=fb468089-cd33-430c-af70-75d7e75229d5&token=9cpvgfdov5kw4c88g480s8gs8&checksum=19ef7c0c28f65893bd53cf55c90a76852c8e17cc1c7e2f40a74f62caa065ea9f&... http://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ https://avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/ https://test.my.kodeks.ru/?return_url=https%3A%2F%2Favito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru	552 B 620 B	3207ms 312ms	Document text/html	5.61.15.186 CKR-AS
General Check archive.org Show headers Download Go to Full URL https://test.my.kodeks.ru/?return_url=https%3A%2F%2Favito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.61.15.186 , Russian Federation, ASN199072 (CKR-AS, RU), Reverse DNS ip-5-61-15-186.kodeks.net Software nginx / Resource Hash `ac487dce807e2003d18a896a9c239911b5b1f77dcc15200dd58e7c6647d87b32` Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-length 552 content-type text/html date Wed, 19 Jun 2024 10:35:19 GMT server nginx Redirect headers cache-control no-cache, private content-encoding gzip content-length 264 content-type text/html; charset=UTF-8 date Wed, 19 Jun 2024 10:35:16 GMT location https://test.my.kodeks.ru/?return_url=https%3A%2F%2Favito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru server nginx vary Accept-Encoding x-forwarded-port 443 x-forwarded-proto https x-powered-by PHP/8.0.8
GET H2	405	favicon.ico test.my.kodeks.ru/	552 B 619 B	312ms 312ms	Other text/html	5.61.15.186 CKR-AS
General Check archive.org Show headers Download Go to Full URL https://test.my.kodeks.ru/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.61.15.186 , Russian Federation, ASN199072 (CKR-AS, RU), Reverse DNS ip-5-61-15-186.kodeks.net Software nginx / Resource Hash `ac487dce807e2003d18a896a9c239911b5b1f77dcc15200dd58e7c6647d87b32` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://test.my.kodeks.ru/?return_url=https%3A%2F%2Favito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 10:35:20 GMT server nginx content-length 552 content-type text/html

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru/	1969-12-31 23:59:59	Name: sso_token_fb468089_cd33_430c_af70_75d7e75229d5 Value: 9cpvgfdov5kw4c88g480s8gs8

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://test.my.kodeks.ru/?return_url=https%3A%2F%2Favito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://test.my.kodeks.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 405 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avito.pay.sber.pay.oglulod4w8oji3kh.docs5.test.online.kodeks.ru
test.my.kodeks.ru
37.46.60.166
5.61.15.186
ac487dce807e2003d18a896a9c239911b5b1f77dcc15200dd58e7c6647d87b32

test.my.kodeks.ru Open in urlscan Pro 5.61.15.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

2 Requests

0 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

1 kBTransfer

1 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

test.my.kodeks.ru Open in urlscan Pro
5.61.15.186 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1 kB
Transfer

1 kB
Size

1
Cookies

2 HTTP transactions
0 data transactions