![](/screenshots/ed5f4fec-bda9-475e-b35c-8311490fb898.png)
cp69019.tw1.ru
Open in
urlscan Pro
92.53.96.121
Malicious Activity!
Public Scan
Submission: On July 11 via automatic, source phishtank — Scanned from CA
Summary
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 11th 2024. Valid for: a year.
This is the only time cp69019.tw1.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 92.53.96.121 92.53.96.121 | 9123 (TIMEWEB-AS) (TIMEWEB-AS) | |
1 | 94.100.180.102 94.100.180.102 | 47764 (VK-AS) (VK-AS) | |
8 | 3 |
ASN9123 (TIMEWEB-AS, RU)
PTR: vh432.timeweb.ru
cp69019.tw1.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
tw1.ru
cp69019.tw1.ru |
52 KB |
1 |
imgsmail.ru
img.imgsmail.ru — Cisco Umbrella Rank: 28751 Failed |
17 KB |
8 | 2 |
Domain | Requested by | |
---|---|---|
5 | cp69019.tw1.ru |
cp69019.tw1.ru
|
1 | img.imgsmail.ru |
cp69019.tw1.ru
|
8 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
r.mail.ru |
account.mail.ru |
mail.ru |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.tw1.ru GlobalSign GCC R3 DV TLS CA 2020 |
2024-01-11 - 2025-02-11 |
a year | crt.sh |
*.imgsmail.ru GlobalSign RSA OV SSL CA 2018 |
2024-02-12 - 2025-03-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cp69019.tw1.ru/
Frame ID: DD9290E19646F8C0996AA757AD3DEC34
Requests: 8 HTTP requests in this frame
61 Outgoing links
These are links going to different origins than the main page.
Title: Mail.ru
Search URL Search Domain Scan URL
Title: Почта0
Search URL Search Domain Scan URL
Title: Мой Мир0
Search URL Search Domain Scan URL
Title: Одноклассники
Search URL Search Domain Scan URL
Title: Игры0
Search URL Search Domain Scan URL
Title: Знакомства
Search URL Search Domain Scan URL
Title: Новости
Search URL Search Domain Scan URL
Title: Поиск
Search URL Search Domain Scan URL
Title: Смотри
Search URL Search Domain Scan URL
Title: Combo
Search URL Search Domain Scan URL
Title: Все проекты
Search URL Search Domain Scan URL
Title: Все проекты
Search URL Search Domain Scan URL
Title: Авто
Search URL Search Domain Scan URL
Title: Бонус
Search URL Search Domain Scan URL
Title: Гороскопы
Search URL Search Domain Scan URL
Title: Дети
Search URL Search Domain Scan URL
Title: Добро
Search URL Search Domain Scan URL
Title: Дом
Search URL Search Domain Scan URL
Title: Задачи
Search URL Search Domain Scan URL
Title: Звонки
Search URL Search Domain Scan URL
Title: Здоровье
Search URL Search Domain Scan URL
Title: Календарь
Search URL Search Domain Scan URL
Title: Кино
Search URL Search Domain Scan URL
Title: Леди
Search URL Search Domain Scan URL
Title: Мой Мир
Search URL Search Domain Scan URL
Title: Недвижимость
Search URL Search Domain Scan URL
Title: Облако
Search URL Search Domain Scan URL
Title: Ответы
Search URL Search Domain Scan URL
Title: Питомцы
Search URL Search Domain Scan URL
Title: Погода
Search URL Search Domain Scan URL
Title: Спорт
Search URL Search Domain Scan URL
Title: ТВ программа
Search URL Search Domain Scan URL
Title: Центр оплат
Search URL Search Domain Scan URL
Title: Штрафы
Search URL Search Domain Scan URL
Title: Hi-Tech
Search URL Search Domain Scan URL
Title: Облако для бизнеса
Search URL Search Domain Scan URL
Title: Облако для рабочих групп
Search URL Search Domain Scan URL
Title: Почта для бизнеса
Search URL Search Domain Scan URL
Title: Почта для образования
Search URL Search Domain Scan URL
Title: Рейтинг сайтов
Search URL Search Domain Scan URL
Title: myTarget
Search URL Search Domain Scan URL
Title: Myteam
Search URL Search Domain Scan URL
Title: myWidget
Search URL Search Domain Scan URL
Title: Агент Mail.Ru
Search URL Search Domain Scan URL
Title: Браузер Atom
Search URL Search Domain Scan URL
Title: ТамТам
Search URL Search Domain Scan URL
Title: Все аптеки
Search URL Search Domain Scan URL
Title: Юла
Search URL Search Domain Scan URL
Title: Combo
Search URL Search Domain Scan URL
Title: Delivery Club
Search URL Search Domain Scan URL
Title: Hi-chef
Search URL Search Domain Scan URL
Title: ICQ New
Search URL Search Domain Scan URL
Title: Maps.Me
Search URL Search Domain Scan URL
Title: Мобильные приложения
Search URL Search Domain Scan URL
Title: Список всех проектов
Search URL Search Domain Scan URL
Title: Вы можете одновременно работатьс несколькими почтовыми ящиками. Узнать больше
Search URL Search Domain Scan URL
Title: Добавить почтовый ящик
Search URL Search Domain Scan URL
Title: выход
Search URL Search Domain Scan URL
Title: Регистрация
Search URL Search Domain Scan URL
Title: Вход
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
cp69019.tw1.ru/ |
22 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
cp69019.tw1.ru/data/ |
57 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
cp69019.tw1.ru/data/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cp69019.tw1.ru/data/ |
94 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
cp69019.tw1.ru/data/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
MailSansMedium.woff2
img.imgsmail.ru/hb/e.mail.ru/static/fonts/MailSans/WOFF2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
MailSansMedium.woff
img.imgsmail.ru/hb/e.mail.ru/static/fonts/MailSans/WOFF/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
img.imgsmail.ru/r/favicon/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- img.imgsmail.ru
- URL
- https://img.imgsmail.ru/hb/e.mail.ru/static/fonts/MailSans/WOFF2/MailSansMedium.woff2
- Domain
- img.imgsmail.ru
- URL
- https://img.imgsmail.ru/hb/e.mail.ru/static/fonts/MailSans/WOFF/MailSansMedium.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cp69019.tw1.ru
img.imgsmail.ru
img.imgsmail.ru
92.53.96.121
94.100.180.102
02b8e278e745c8e0bde90aeacab91d7c9c3e9765df9c0811099f2f790daf9204
49f26099c5eb176104853dbbb0bbd44b6fba5b4d5f65b9f534c1959767c65234
a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec
cc6e96c757d09ba9833172d987913e6ee70342f53a6da79ac3e17a6ca2375a29
f0e0c1ed29697f429936f31075f77a44088ca6bb4ac835d2acb2fd32ebb870ee
fdb649f13bacfa21b47ec7481b775379e58137a52a5532f00678f8efbd70fbbb