urlscan.io logo urlscan.io
SecurityTrails logo

abc.spb.ru Open in urlscan Pro
195.208.1.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clck.ru/MfSJh
Effective URL: http://abc.spb.ru/wp-content/plugins/cyr2lat/lib/help_shipment/profiles.php/nuhf/dvc/?broken=t1x01sg2qcd5
Submission: On April 02 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 4 HTTP transactions. The main IP is 195.208.1.100, located in Russian Federation and belongs to RU-CENTER, RU. The main domain is abc.spb.ru.
This is the only time abc.spb.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:6b8::221 13238 (YANDEX)
1 1 2a02:6b8::232 13238 (YANDEX)
1 1 221.254.33.216 17506 (UCOM ARTE...)
1 195.216.243.155 57724 (DDOS-GUARD)
1 195.208.1.100 48287 (RU-CENTER)
1 2a02:6b8::1:119 13238 (YANDEX)
4 4
1    2a02:6b8::221 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
clck.ru
1    2a02:6b8::232 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
sba.yandex.net
1    221.254.33.216 (Koto, Japan)

ASN17506 (UCOM ARTERIA Networks Corporation, JP)
PTR: 221x254x33x216.ap221.ftth.ucom.ne.jp
sinfo.utamap.com
1    195.216.243.155 (Moscow, Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: s5.unet.com
u.to
1    195.208.1.100 (Russian Federation)

ASN48287 (RU-CENTER, RU)
PTR: std-carp0-http.nic.ru
abc.spb.ru
1    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
Apex Domain
Subdomains		 Transfer
1 yandex.ru
mc.yandex.ru
1 spb.ru
abc.spb.ru
3 KB
1 u.to
u.to
1 KB
1 utamap.com
sinfo.utamap.com
284 B
1 yandex.net
sba.yandex.net
365 B
1 clck.ru
clck.ru
460 B
0 yadro.ru Failed
counter.yadro.ru Failed
4 7
Domain Requested by
1 mc.yandex.ru u.to
1 abc.spb.ru u.to
1 u.to
1 sinfo.utamap.com 1 redirects
1 sba.yandex.net 1 redirects
1 clck.ru 1 redirects
0 counter.yadro.ru Failed
4 7

This site contains no links.

Subject Issuer Validity Valid
u.to
Sectigo RSA Domain Validation Secure Server CA		 2019-08-23 -
2021-08-22		 2 years crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh

This page contains 1 frames:

Primary Page: http://abc.spb.ru/wp-content/plugins/cyr2lat/lib/help_shipment/profiles.php/nuhf/dvc/?broken=t1x01sg2qcd5
Frame ID: B45A7F1F7861832DB9502925D78E888E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clck.ru/MfSJh HTTP 302
    https://sba.yandex.net/redirect?url=http%3A%2F%2Fsinfo.utamap.com%2Fcgi-bin%2Ft_search.cgi%3Fact%3D... HTTP 302
    http://sinfo.utamap.com/cgi-bin/t_search.cgi?act=jump&access=1&url=https://u.to/_FrnFw HTTP 302
    https://u.to/_FrnFw Page URL
  2. http://abc.spb.ru/wp-content/plugins/cyr2lat/lib/help_shipment/profiles.php/nuhf/dvc/?broken=t... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

50 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

4
IPs

2
Countries

4 kB
Transfer

324 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clck.ru/MfSJh HTTP 302
    https://sba.yandex.net/redirect?url=http%3A%2F%2Fsinfo.utamap.com%2Fcgi-bin%2Ft_search.cgi%3Fact%3Djump%26access%3D1%26url%3Dhttps%3A%2F%2Fu.to%2F_FrnFw%23hakzgcterhudmnyuqffu&client=clck&sign=e45438190bcfd85b1c7abd61d218260f HTTP 302
    http://sinfo.utamap.com/cgi-bin/t_search.cgi?act=jump&access=1&url=https://u.to/_FrnFw HTTP 302
    https://u.to/_FrnFw Page URL
  2. http://abc.spb.ru/wp-content/plugins/cyr2lat/lib/help_shipment/profiles.php/nuhf/dvc/?broken=t1x01sg2qcd5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://clck.ru/MfSJh HTTP 302
  • https://sba.yandex.net/redirect?url=http%3A%2F%2Fsinfo.utamap.com%2Fcgi-bin%2Ft_search.cgi%3Fact%3Djump%26access%3D1%26url%3Dhttps%3A%2F%2Fu.to%2F_FrnFw%23hakzgcterhudmnyuqffu&client=clck&sign=e45438190bcfd85b1c7abd61d218260f HTTP 302
  • http://sinfo.utamap.com/cgi-bin/t_search.cgi?act=jump&access=1&url=https://u.to/_FrnFw HTTP 302
  • https://u.to/_FrnFw
Request Chain 2
  • https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/_FrnFw%23hakzgcterhudmnyuqffu;1585838072309 HTTP 302
  • https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/_FrnFw%23hakzgcterhudmnyuqffu;1585838072309

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set _FrnFw
u.to/
Redirect Chain
  • https://clck.ru/MfSJh
  • https://sba.yandex.net/redirect?url=http%3A%2F%2Fsinfo.utamap.com%2Fcgi-bin%2Ft_search.cgi%3Fact%3Djump%26access%3D1%26url%3Dhttps%3A%2F%2Fu.to%2F_FrnFw%23hakzgcterhudmnyuqffu&client=clck&sign=e454...
  • http://sinfo.utamap.com/cgi-bin/t_search.cgi?act=jump&access=1&url=https://u.to/_FrnFw
  • https://u.to/_FrnFw
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u.to/_FrnFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash
103f2608247482a078e626465f1e05810f07afd977cf705b7013b6836ee01c97

Request headers

Host
u.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx/1.8.0
Date
Thu, 02 Apr 2020 14:34:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Set-Cookie
lng=en; path=/; expires=Fri, 02-Apr-2021 14:34:32 GMT; domain=.u.to;
Cache-Control
no-cache no-store
Pragma
no-cache
Vary
host
Content-Encoding
gzip

Redirect headers

Date
Thu, 02 Apr 2020 14:34:31 GMT
Server
Apache/2.2.14 (Unix)
Set-Cookie
visited=https://u.to/_FrnFw<>; expires = Thr, 2-Apr-2020 23:59:59
Location
https://u.to/_FrnFw
Content-Length
283
Connection
close
Content-Type
text/html; charset=iso-8859-1
Primary Request /
abc.spb.ru/wp-content/plugins/cyr2lat/lib/help_shipment/profiles.php/nuhf/dvc/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://abc.spb.ru/wp-content/plugins/cyr2lat/lib/help_shipment/profiles.php/nuhf/dvc/?broken=t1x01sg2qcd5
Requested by
Host: u.to
URL: https://u.to/_FrnFw
Protocol
HTTP/1.1
Server
195.208.1.100 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
std-carp0-http.nic.ru
Software
openresty/1.13.6.2 /
Resource Hash
d538e125d936dbc08f128cd38bec4d29015cb4d2d2c3dc791370095e54d9caf4

Request headers

Host
abc.spb.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
openresty/1.13.6.2
Date
Thu, 02 Apr 2020 14:34:32 GMT
Content-Type
text/html
Content-Length
2684
Connection
keep-alive
ETag
"5c0e754f-a7c"
tag.js
mc.yandex.ru/metrika/ 		320 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: u.to
URL: https://u.to/_FrnFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://u.to/_FrnFw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 02 Apr 2020 14:34:32 GMT
Content-Encoding
br
Last-Modified
Tue, 31 Mar 2020 08:20:27 GMT
Server
nginx/1.14.2
ETag
"5e82fd4b-16fbf"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
94143
Expires
Thu, 02 Apr 2020 15:34:32 GMT
hit;utostat
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/_FrnFw%23hakzgcterhudmnyuqffu;1585838072309
  • https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/_FrnFw%23hakzgcterhudmnyuqffu;1585838072309
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
counter.yadro.ru
URL
https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/_FrnFw%23hakzgcterhudmnyuqffu;1585838072309

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies