URL: https://discoordination.ru/
Submission Tags: phishingrod
Submission: On May 31 via api from DE — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 12 HTTP transactions. The main IP is 92.53.71.52, located in St Petersburg, Russian Federation and belongs to SELECTEL, RU. The main domain is discoordination.ru.
TLS certificate: Issued by R3 on May 31st 2023. Valid for: 3 months.
This is the only time discoordination.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 92.53.71.52 49505 (SELECTEL)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 88.212.201.198 39134 (UNITEDNET)
1 2001:4860:480... 15169 (GOOGLE)
12 4
Apex Domain
Subdomains
Transfer
9 discoordination.ru
discoordination.ru
1 MB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 10747
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2230
255 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
79 KB
12 4
Domain Requested by
9 discoordination.ru discoordination.ru
2 counter.yadro.ru 1 redirects discoordination.ru
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com discoordination.ru
12 4

This site contains no links.

Subject Issuer Validity Valid
discoordination.ru
R3
2023-05-31 -
2023-08-29
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh

This page contains 1 frames:

Primary Page: https://discoordination.ru/
Frame ID: 863CBD283345554A0CD43CF4FF706BD7
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Discoordination's Laboratories

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

12
Requests

92 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1343 kB
Transfer

1490 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//discoordination.ru/;h;0.6078624866324716 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//discoordination.ru/;h;0.6078624866324716

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
discoordination.ru/
8 KB
3 KB
Document
General
Full URL
https://discoordination.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.53.71.52 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
98c244784e1eab899eff986df1fad0cc9c12c3b3ba82de88be2edd223ca217a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 31 May 2023 07:01:40 GMT
etag
W/"6409889b-20a9"
last-modified
Thu, 09 Mar 2023 07:19:55 GMT
server
nginx/1.22.0
strict-transport-security
max-age=31536000;
vary
Accept-Encoding
mainstyle.css
discoordination.ru/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://discoordination.ru/css/mainstyle.css
Requested by
Host: discoordination.ru
URL: https://discoordination.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.53.71.52 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
6b27dadc6f3ca652cee5afa18b55718278283532f750329da65d106cbe9e2c34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discoordination.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 07:01:40 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 15 Mar 2023 07:57:23 GMT
server
nginx/1.22.0
etag
W/"64117a63-f2e"
vary
Accept-Encoding
content-type
text/css
js
www.googletagmanager.com/gtag/
222 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KG2RE8GDCW
Requested by
Host: discoordination.ru
URL: https://discoordination.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fad0dcd1f71d94ebc83e55e8aeceb281fed5d70b85893c04a6d84cb948d7d98d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discoordination.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 07:01:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80113
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 May 2023 07:01:40 GMT
logo.jpg
discoordination.ru/images/
25 KB
25 KB
Image
General
Full URL
https://discoordination.ru/images/logo.jpg
Requested by
Host: discoordination.ru
URL: https://discoordination.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.53.71.52 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
fad69f849d64ddf4dc2ceeb2653f04de51ec395a0d6e51e53ccbabf291628ff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discoordination.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 07:01:40 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 02 Oct 2022 13:07:28 GMT
server
nginx/1.22.0
etag
"63398d10-647d"
content-type
image/jpeg
accept-ranges
bytes
content-length
25725
lomo.jpg
discoordination.ru/images/cool-pics/
249 KB
249 KB
Image
General
Full URL
https://discoordination.ru/images/cool-pics/lomo.jpg
Requested by
Host: discoordination.ru
URL: https://discoordination.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.53.71.52 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
8f4833ef101421acd0ac13fe58d3cc265507a8c4fddb420a1408bbc22c1986ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discoordination.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 07:01:40 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 26 Oct 2022 18:02:54 GMT
server
nginx/1.22.0
etag
"6359764e-3e32e"
content-type
image/jpeg
accept-ranges
bytes
content-length
254766
591.jpg
discoordination.ru/images/cool-pics/
205 KB
206 KB
Image
General
Full URL
https://discoordination.ru/images/cool-pics/591.jpg
Requested by
Host: discoordination.ru
URL: https://discoordination.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.53.71.52 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
3ce474eff1d5b9d3cbbf0b9684c9736b48802eb18858e2a334a1ecd51671d806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discoordination.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 07:01:40 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 26 Oct 2022 18:02:54 GMT
server
nginx/1.22.0
etag
"6359764e-334ae"
content-type
image/jpeg
accept-ranges
bytes
content-length
210094
monoscope.jpg
discoordination.ru/images/cool-pics/
120 KB
120 KB
Image
General
Full URL
https://discoordination.ru/images/cool-pics/monoscope.jpg
Requested by
Host: discoordination.ru
URL: https://discoordination.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.53.71.52 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
78ed44c702b9a44c6e50579c0824bd350db8530d01a912e5c37b51ac05e79c6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discoordination.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 07:01:40 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 26 Oct 2022 18:02:54 GMT
server
nginx/1.22.0
etag
"6359764e-1de45"
content-type
image/jpeg
accept-ranges
bytes
content-length
122437
nixie.jpg
discoordination.ru/images/cool-pics/
119 KB
119 KB
Image
General
Full URL
https://discoordination.ru/images/cool-pics/nixie.jpg
Requested by
Host: discoordination.ru
URL: https://discoordination.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.53.71.52 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
393e999755dd50c2e82da9a59476c521a598a233f425758da76243a4575a94b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discoordination.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 07:01:40 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 26 Oct 2022 18:02:54 GMT
server
nginx/1.22.0
etag
"6359764e-1db6b"
content-type
image/jpeg
accept-ranges
bytes
content-length
121707
PCM_coder.jpg
discoordination.ru/images/cool-pics/
350 KB
351 KB
Image
General
Full URL
https://discoordination.ru/images/cool-pics/PCM_coder.jpg
Requested by
Host: discoordination.ru
URL: https://discoordination.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.53.71.52 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
d6a689930c2a10502c8baa9a3486af34598d5672bce01313f487ed030172bbb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discoordination.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 07:01:40 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 26 Oct 2022 18:02:54 GMT
server
nginx/1.22.0
etag
"6359764e-57811"
content-type
image/jpeg
accept-ranges
bytes
content-length
358417
%D1%818-2.jpg
discoordination.ru/images/cool-pics/
189 KB
190 KB
Image
General
Full URL
https://discoordination.ru/images/cool-pics/%D1%818-2.jpg
Requested by
Host: discoordination.ru
URL: https://discoordination.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.53.71.52 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
112cf3fed73b228c7763e8e2cf1cb2a6ea63f749c70817dd932d551e68821df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discoordination.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 07:01:40 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 26 Oct 2022 18:02:54 GMT
server
nginx/1.22.0
etag
"6359764e-2f4e4"
content-type
image/jpeg
accept-ranges
bytes
content-length
193764
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//discoordination.ru/;h;0.6078624866324716
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//discoordination.ru/;h;0.6078624866324716
43 B
528 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//discoordination.ru/;h;0.6078624866324716
Requested by
Host: discoordination.ru
URL: https://discoordination.ru/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discoordination.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 May 2023 07:01:40 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 30 May 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 May 2023 07:01:40 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//discoordination.ru/;h;0.6078624866324716
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Mon, 30 May 2022 21:00:00 GMT
collect
region1.google-analytics.com/g/
0
255 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KG2RE8GDCW&gtm=45je35o0&_p=1711111398&cid=1479756302.1685516500&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685516500&sct=1&seg=0&dl=https%3A%2F%2Fdiscoordination.ru%2F&dt=Discoordination%27s%20Laboratories&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KG2RE8GDCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discoordination.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 07:01:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://discoordination.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| gtag object| dataLayer object| slides number| currentSlide number| slideInterval function| nextSlide object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
.discoordination.ru/ Name: _ga_KG2RE8GDCW
Value: GS1.1.1685516500.1.0.1685516500.0.0.0
.discoordination.ru/ Name: _ga
Value: GA1.1.1479756302.1685516500
.yadro.ru/ Name: FTID
Value: 1aTl3K2_G88Z1aTl3K001L4V
.yadro.ru/ Name: VID
Value: 1NPGE_1cgNuZ1aTl3K001L5J

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;