![](/screenshots/b9ea3438-bae8-4ab1-a622-19cb40247574.png)
u655503dsr.ha004.t.justns.ru
Open in
urlscan Pro
2a00:b700::12
Malicious Activity!
Public Scan
Effective URL: http://u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0/
Submission: On April 27 via automatic, source openphish
Summary
This is the only time u655503dsr.ha004.t.justns.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Societe Generale (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 192.210.213.120 192.210.213.120 | 36352 (AS-COLOCR...) (AS-COLOCROSSING) | |
3 9 | 2a00:b700::12 2a00:b700::12 | 51659 (ASBAXET) (ASBAXET) | |
6 | 1 |
ASN36352 (AS-COLOCROSSING, US)
PTR: 192-210-213-120-host.colocrossing.com
www.gamedeveloperunion.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
justns.ru
3 redirects
u655503dsr.ha004.t.justns.ru |
530 KB |
1 |
gamedeveloperunion.com
1 redirects
www.gamedeveloperunion.com |
271 B |
6 | 2 |
Domain | Requested by | |
---|---|---|
9 | u655503dsr.ha004.t.justns.ru |
3 redirects
u655503dsr.ha004.t.justns.ru
|
1 | www.gamedeveloperunion.com | 1 redirects |
6 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0/
Frame ID: A74E8B36D2D472D9F50926E80F54FE90
Requests: 6 HTTP requests in this frame
Screenshot
![](/screenshots/b9ea3438-bae8-4ab1-a622-19cb40247574.png)
Page URL History Show full URLs
-
http://www.gamedeveloperunion.com/
HTTP 301
http://u655503dsr.ha004.t.justns.ru/sgbaonline.com HTTP 301
http://u655503dsr.ha004.t.justns.ru/sgbaonline.com/ HTTP 302
http://u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0 HTTP 301
http://u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0/ Page URL
Detected technologies
Detected patterns
- headers server /^LiteSpeed$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.gamedeveloperunion.com/
HTTP 301
http://u655503dsr.ha004.t.justns.ru/sgbaonline.com HTTP 301
http://u655503dsr.ha004.t.justns.ru/sgbaonline.com/ HTTP 302
http://u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0 HTTP 301
http://u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rules.js
u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0/ |
600 B 746 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Calque0.png
u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0/images/ |
496 KB 496 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nb.png
u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0/images/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_Button1_bkgrnd.png
u655503dsr.ha004.t.justns.ru/sgbaonline.com/6c5c0/images/ |
393 B 393 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Societe Generale (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| vide1 function| addCode0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
u655503dsr.ha004.t.justns.ru
www.gamedeveloperunion.com
192.210.213.120
2a00:b700::12
600b42b51a3a0ecb121e710e814428f907f6b120fb3b0e30ea18c740f2f81f15
66922f44f8203695af66d08118a3259ed5bdc072169ddd2a641c998ef133e2be
6add86b7892a1dc7812a805d8a6a7dda6812cab926c34ae6736b38b906199369
853f7ccbfc6e49745afe885dadfb0d01522eac59449a12a11be7aadf91cc5505
9d8ee6c4ab82a90f9d583826eab568446e49767dca51b484f39e36fa736b18fd
b78801ed2d3e871e4666ccf564cbc8d84f7a759a8b4d90c81122cc9d49b906c7