cr14326.tw1.ru
Open in
urlscan Pro
2a03:6f00:6:1::b972:f7e8
Public Scan
Effective URL: https://cr14326.tw1.ru/
Submission: On April 04 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 11th 2024. Valid for: a year.
This is the only time cr14326.tw1.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2a03:6f00:6:1... 2a03:6f00:6:1::b972:f7e8 | 9123 (TIMEWEB-AS) (TIMEWEB-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2603:1063:200... 2603:1063:2000:1::12 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::200e | 15169 (GOOGLE) (GOOGLE) | |
9 | 5 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
view.officeapps.live.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
tw1.ru
cr14326.tw1.ru |
603 KB |
1 |
google.com
docs.google.com — Cisco Umbrella Rank: 161 |
|
1 |
live.com
view.officeapps.live.com — Cisco Umbrella Rank: 21399 |
|
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 372 |
30 KB |
9 | 4 |
Domain | Requested by | |
---|---|---|
6 | cr14326.tw1.ru |
cr14326.tw1.ru
|
1 | docs.google.com |
cr14326.tw1.ru
|
1 | view.officeapps.live.com |
cr14326.tw1.ru
|
1 | ajax.googleapis.com |
cr14326.tw1.ru
|
9 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.mail.ru |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.tw1.ru GlobalSign GCC R3 DV TLS CA 2020 |
2024-01-11 - 2025-02-11 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
officeapps.live.com Microsoft Azure RSA TLS Issuing CA 07 |
2024-01-24 - 2025-01-18 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://cr14326.tw1.ru/
Frame ID: DA681BA65269B0A71B92E01B6E5E08F4
Requests: 9 HTTP requests in this frame
Frame:
https://view.officeapps.live.com/op/view.aspx?src=https://cr14326.tw1.ru/%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%E2%84%96321.docx
Frame ID: 4888E82B2E3C9537459FE20591386BD6
Requests: 1 HTTP requests in this frame
Frame:
https://docs.google.com/viewer?url=https://cr14326.tw1.ru/%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%E2%84%96321.docx&embedded=true
Frame ID: 60E2F8AEA0ACB68192158DD1733A3DC1
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://cr14326.tw1.ru/
HTTP 307
https://cr14326.tw1.ru/ Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Подробнее
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://cr14326.tw1.ru/
HTTP 307
https://cr14326.tw1.ru/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
cr14326.tw1.ru/ Redirect Chain
|
1 MB 535 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
cr14326.tw1.ru/ |
52 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react.bundle.js
cr14326.tw1.ru/ |
862 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
195 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr.png
cr14326.tw1.ru/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr_big.png
cr14326.tw1.ru/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view.aspx
view.officeapps.live.com/op/ Frame 4888 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
viewer
docs.google.com/ Frame 60E2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
cr14326.tw1.ru/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| $ function| jQuery function| readCookie function| Timeout function| show1 function| show8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.view.officeapps.live.com/ | Name: PNL1-ARRAffinity Value: 92f4aabffd6ebc91c98aa64ff8b352247003f2f673efad7e0d3f1f2442a3d63e |
|
pnl1-word-view.officeapps.live.com/ | Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 |
|
.google.com/ | Name: NID Value: 513=ikoT929R5Ki2szr1ATcaFph-BRmQ91BcjX2GwR5bd1QnzpfKzHwjEnEAyIiSERjix3bgw15Dqs7fn9iQbAqcBUkcXBPWjDwGXJgOrs-8UgcPwz_8hwcH4_o80TyWi0Z5CATO2CkLSYbAYQgLE3iCw8zYfz6Jp4uzU-4z2BoWu_w |
|
.login.live.com/ | Name: uaid Value: 046b1b797f6d4dc3a61b7df6df90ed61 |
|
.login.live.com/ | Name: MSPRequ Value: id=63539<=1712193249&co=1 |
|
.login.live.com/ | Name: MSCC Value: 81.95.5.40-DE |
|
.login.live.com/ | Name: MSPOK Value: $uuid-b311eac3-6038-498a-9065-bddfb9f35eec |
|
.login.live.com/ | Name: OParams Value: 11O.DnIlf!pfqB97F5H0YXEn!tqPrlMczcAyAiWUahwQvYDvBMLU*8WbuxMJHbDZ!gMzMs6OtIkbDXAmLso3ecy1x35xrBKfSHWt8jd49siglc3vZB!UZCqMdm3UJTUPVN1sNOLhVZKgjl3G6gHZ1itSt3MtG6jZDlVwAUO1ECe!s6mQ4W3t292vlCAm7kVuAWHrg32CSK97vkvNDKV6gtf8CoxPwUuR*11Y1h0CeOOTn!ueJoSMDldLmmOkXFO3Pa8w4pq4TPw9WTz0cPebg2ixBQCNVF27drstN2UeEECYQYo9AZVSFUiuG7wPaE4h0oanKXuNpFcsNQP0n!qkYwddzg4urli5k18K1FazNjwJbzxxcHfiwNBDOf5pdW5W04!u11gs5XEl3iCtdY*bnGNrmphh7JdQoqVGFu3HdyTDT7qB |
36 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cr14326.tw1.ru
docs.google.com
view.officeapps.live.com
2603:1063:2000:1::12
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::200e
2a03:6f00:6:1::b972:f7e8
2162410d805f1af40c0dfc090a2d4056b11e621647deea54d2176075484f782b
40fee707219190c61ebc6639b6e80bd7d0073fe753fe1708f8b2063476029659
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b36bab4757f7faa290851362a3f994c909194137dc1d91bbfaf5cd58a4ab042
b79582fd519325f947a37adcf98db0b9476c66b998f6d2fbefc6c3b53f8b66ea
be379e3981f216c83375450b251f9788c5c834b1fcbbf899d1e3981f7f74c9d0
d4327890b9b1ae5e23aab06cf9b275ea0c58bbdfd2ca913bf24236ab78a7bc1b
fdb649f13bacfa21b47ec7481b775379e58137a52a5532f00678f8efbd70fbbb