dkswz.com.ru
Open in
urlscan Pro
91.234.99.83
Malicious Activity!
Public Scan
Submission: On March 20 via api from CA
Summary
This is the only time dkswz.com.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online) Orange (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 91.234.99.83 91.234.99.83 | 48666 (AS-MAROSN...) (AS-MAROSNET Moscow) | |
6 18 | 151.101.12.193 151.101.12.193 | 54113 (FASTLY) (FASTLY) | |
1 | 2a01:c9c0:c3:... 2a01:c9c0:c3:229::13 | 8891 (FT/BGP/DM) (FT/BGP/DM) | |
29 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
imgur.com
6 redirects
i.imgur.com |
41 KB |
16 |
com.ru
dkswz.com.ru |
527 KB |
1 |
orange.fr
c.orange.fr |
4 KB |
29 | 3 |
Domain | Requested by | |
---|---|---|
18 | i.imgur.com |
6 redirects
dkswz.com.ru
|
16 | dkswz.com.ru |
dkswz.com.ru
|
1 | c.orange.fr |
dkswz.com.ru
|
29 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.imgur.com DigiCert SHA2 Secure Server CA |
2020-01-15 - 2022-03-16 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://dkswz.com.ru/pp/germanyamazon/email/
Frame ID: FC01C1306253FDD5D353F6F41D08CE11
Requests: 29 HTTP requests in this frame
Screenshot
Detected technologies
AngularJS (JavaScript Frameworks) ExpandDetected patterns
- script /angular.*\.js/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://i.imgur.com/z2WvIE7.png HTTP 302
- https://i.imgur.com/removed.png
- https://i.imgur.com/CycZMTm.png HTTP 302
- https://i.imgur.com/removed.png
- https://i.imgur.com/MC2EGZM.png HTTP 302
- https://i.imgur.com/removed.png
- http://i.imgur.com/q8iNW0q.png HTTP 302
- http://i.imgur.com/removed.png
- http://i.imgur.com/pD1iKHa.png HTTP 302
- http://i.imgur.com/removed.png
- http://i.imgur.com/taRQKdY.png HTTP 302
- http://i.imgur.com/removed.png
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
dkswz.com.ru/pp/germanyamazon/email/ |
47 KB 48 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
dkswz.com.ru/pp/germanyamazon/bower_components/jquery/dist/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ua-parser.min.js
dkswz.com.ru/pp/germanyamazon/bower_components/ua-parser-js/dist/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
dkswz.com.ru/pp/germanyamazon/bower_components/font-awesome/css/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular.min.js
dkswz.com.ru/pp/germanyamazon/bower_components/angular/ |
165 KB 165 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.maskedinput.min.js
dkswz.com.ru/pp/germanyamazon/bower_components/jquery.maskedinput/dist/ |
16 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
dkswz.com.ru/pp/germanyamazon/email/form/ |
0 238 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email.css
dkswz.com.ru/pp/germanyamazon/email/email/ |
15 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
dkswz.com.ru/pp/germanyamazon/email/ |
67 KB 68 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image_item43.png
dkswz.com.ru/pp/germanyamazon/email/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 698 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 696 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 572 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-orange.png
c.orange.fr/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aJn5E2Q.jpg
i.imgur.com/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Q4KJhEw.png
i.imgur.com/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CA0k0WZ.png
i.imgur.com/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
B93m465.png
i.imgur.com/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TggJUg3.png
i.imgur.com/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SVpV7L1.png
i.imgur.com/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form.js
dkswz.com.ru/pp/germanyamazon/email/form/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ng.js
dkswz.com.ru/pp/germanyamazon/email/ng/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email.js
dkswz.com.ru/pp/germanyamazon/email/email/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image_item44.png
dkswz.com.ru/pp/germanyamazon/email/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amazonuibasecss-amazonember_rg-cc7ebaa05a2cd3b02c0929ac0475a44ab30b7efa._v2_.woff2
dkswz.com.ru/pp/germanyamazon/email/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amazonuibasecss-amazonember_bd-46b91bda68161c14e554a779643ef4957431987b._v2_.woff2
dkswz.com.ru/pp/germanyamazon/email/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online) Orange (Telecommunication)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| UAParser object| angular string| bid object| php_js string| el function| next__ function| email_proxy function| finish__ object| cookies function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q object| loader_ function| send1 object| app function| email_pass__ function| email_send1 object| VTO object| VTOM object| sc_0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.orange.fr
dkswz.com.ru
i.imgur.com
151.101.12.193
2a01:c9c0:c3:229::13
91.234.99.83
0160115a307e524c5af0b610ae9893c8dbd6c53bdacc980d3d7ddb69fb1e0568
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1013bbcddcc3a6046562eef173051bb7e227d84e1300fb4f039ebfa267d7e3ad
158708efaceac2289079608eefbf8dea52fb2323ec431d9a9be9dd297d713978
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
4065b43ba3db8da5390ba0708555889f78e86483fe0226ef79ea22d07c306b89
67f59b62a5beb25004dfcf34d11aebe8f10344d2b38b149f609c681910146898
6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a1b73fd81ee0ad86e14bac2457c9165d16647e038ddb1d23c38d179389f34ec
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87d8dd95402f215fa000d547ccd06248ed3c1ea2c4d636540fefbee140c8fed9
880e669026a33426694d82c589f8038526d1e83239cbd7a92b6902c53f7bf0c5
88327ce2b64a7c8e9e2c6fa1fe5e666d06fc62b87a1a81afa742ed306822bb11
888fe90b32ac950c57caa89fb1eda2c946e5c54d2aec1b8f96b9b87f1f68704c
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
a751cdffefa09354e2816b53b232cb533a84d76381019d78169338a5e915a275
b36e8ca10880ffc8a3903cd991589fbbe8aa75cbff6315f475be1ed0e9bda472
b45ce478fb24bf01c530b62c560abf931812f9834ab6d2724d5c4c09842b0fc7
c3654bcddb6bdf4884c4e3b6ac4c0542fc6a995afefb358024287361843119b3
cbd36139f16679a4576d0305c643954cc58aec6e186016f41c0b398029348c43
cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821
d52ad5ee64ad0950efd7e5696522c5eda1ce2ab04339a8fbdb9f4b6bd399e23f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855