access.in-diba.de.controll-session.ru Open in urlscan Pro
141.98.233.145 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mylink.cf/8Xigp
Effective URL:
https://access.in-diba.de.controll-session.ru/session/new
Submission: On August 23 via manual (August 23rd 2023, 11:58:30 am UTC) from DE — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 141.98.233.145, located in Russian Federation and belongs to ADMAN-AS, RU. The main domain is access.in-diba.de.controll-session.ru.
TLS certificate: Issued by R3 on August 23rd 2023. Valid for: 3 months.

This is the only time access.in-diba.de.controll-session.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:d797	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	141.98.233.145 141.98.233.145	57494 (ADMAN-AS) (ADMAN-AS)
12	2

1 2606:4700:3035::ac43:d797 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mylink.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

elquartorino.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 141.98.233.145 (Russian Federation)

ASN57494 (ADMAN-AS, RU)

access.in-diba.de.controll-session.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	controll-session.ru access.in-diba.de.controll-session.ru	474 KB
1	elquartorino.xyz 1 redirects elquartorino.xyz	788 B
1	mylink.cf 1 redirects mylink.cf	663 B
12	3

	Domain	Requested by
12	access.in-diba.de.controll-session.ru	access.in-diba.de.controll-session.ru
1	elquartorino.xyz	1 redirects
1	mylink.cf	1 redirects
12	3

This site contains no links.

Subject Issuer	Validity	Valid
access.in-diba.de.controll-session.ru R3	`2023-08-23` - `2023-11-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://access.in-diba.de.controll-session.ru/session/new
Frame ID: 3FDF006053A0663922125697D683303B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ING Login

Page URL History Show full URLs

https://mylink.cf/8Xigp HTTP 301
https://elquartorino.xyz/Znf5Wj HTTP 302
https://access.in-diba.de.controll-session.ru/session/new Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

477 kB
Transfer

476 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mylink.cf/8Xigp HTTP 301
https://elquartorino.xyz/Znf5Wj HTTP 302
https://access.in-diba.de.controll-session.ru/session/new Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request new Show response access.in-diba.de.controll-session.ru/session/ Redirect Chain https://mylink.cf/8Xigp https://elquartorino.xyz/Znf5Wj https://access.in-diba.de.controll-session.ru/session/new	3 KB 1 KB	199ms 102ms	Document text/html	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://access.in-diba.de.controll-session.ru/session/new Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `9ec7ea60bb94a686740158426200f4f863df973418e3cbcedafc396232922648` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Wed, 23 Aug 2023 11:58:25 GMT ETag W/"64e511b1-c89" Last-Modified Tue, 22 Aug 2023 19:51:13 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 7fb32f005f2291ea-FRA content-type text/html; charset=UTF-8 date Wed, 23 Aug 2023 11:58:25 GMT expires 0 location https://access.in-diba.de.controll-session.ru/session/new nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqPXpPOM7Br1m1%2FgQeyTsMMM9YZTTCoA7fUnIQrDrL%2FfenquzieT9zE3P6jD0joYAeEAZ7kwviJQ58iq%2F9F%2FJBddiSLrQZZ7C8E1x%2FOUqaTjbnCMs7B0iJylPjUAZidfb3XJ7MTyh2uSCf8fOArf"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	chunk-vendors.8cfb969b.js Show response access.in-diba.de.controll-session.ru/js/	182 KB 182 KB	172ms 171ms	Script application/javascript	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://access.in-diba.de.controll-session.ru/js/chunk-vendors.8cfb969b.js Requested by Host: access.in-diba.de.controll-session.ru URL: https://access.in-diba.de.controll-session.ru/session/new Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `4d7247dd42666253c4aeed47a24b5b7fe1d230e91220956742ee7f4c5480676f` Request headers accept-language de-DE,de;q=0.9 Referer https://access.in-diba.de.controll-session.ru/session/new User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 11:58:25 GMT Last-Modified Tue, 22 Aug 2023 19:51:17 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e511b5-2d645" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 185925
GET H/1.1	200 OK	app.e6731f01.js Show response access.in-diba.de.controll-session.ru/js/	62 KB 62 KB	232ms 168ms	Script application/javascript	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://access.in-diba.de.controll-session.ru/js/app.e6731f01.js Requested by Host: access.in-diba.de.controll-session.ru URL: https://access.in-diba.de.controll-session.ru/session/new Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `8c07d6610fe71ee949259a89b94ef7fdc768e4e269647c617e2d788884f734b9` Request headers accept-language de-DE,de;q=0.9 Referer https://access.in-diba.de.controll-session.ru/session/new User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 11:58:25 GMT Last-Modified Tue, 22 Aug 2023 19:51:16 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e511b4-f88a" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 63626
GET H/1.1	200 OK	app.ee47c5e8.css access.in-diba.de.controll-session.ru/css/	74 KB 74 KB	222ms 158ms	Stylesheet text/css	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://access.in-diba.de.controll-session.ru/css/app.ee47c5e8.css Requested by Host: access.in-diba.de.controll-session.ru URL: https://access.in-diba.de.controll-session.ru/session/new Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `6132294688bf744c77723ffe0b0649e044ca38bed2651750e13d7ece55e02f71` Request headers accept-language de-DE,de;q=0.9 Referer https://access.in-diba.de.controll-session.ru/session/new User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 11:58:25 GMT Last-Modified Tue, 22 Aug 2023 19:50:57 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e511a1-1289b" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 75931
GET H/1.1	200 OK	INGMeWeb-Regular.a71cf962.woff2 access.in-diba.de.controll-session.ru/fonts/	29 KB 29 KB	152ms 152ms	Font application/octet-stream	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://access.in-diba.de.controll-session.ru/fonts/INGMeWeb-Regular.a71cf962.woff2 Requested by Host: access.in-diba.de.controll-session.ru URL: https://access.in-diba.de.controll-session.ru/css/app.ee47c5e8.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155` Request headers Referer https://access.in-diba.de.controll-session.ru/css/app.ee47c5e8.css Origin https://access.in-diba.de.controll-session.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 11:58:26 GMT Last-Modified Tue, 22 Aug 2023 19:51:05 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e511a9-73b0" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 29616
GET H/1.1	200 OK	runtime-configuration.json Show response access.in-diba.de.controll-session.ru/	127 B 380 B	1120ms 1119ms	Fetch application/json	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://access.in-diba.de.controll-session.ru/runtime-configuration.json Requested by Host: access.in-diba.de.controll-session.ru URL: https://access.in-diba.de.controll-session.ru/js/app.e6731f01.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `073c66e4bcd7b927c826f604975062d940816b14c494861b61046d3b0eb126f5` Request headers accept-language de-DE,de;q=0.9 Referer https://access.in-diba.de.controll-session.ru/session/new User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 11:58:27 GMT Last-Modified Tue, 22 Aug 2023 19:51:27 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e511bf-7f" Content-Type application/json Connection keep-alive Accept-Ranges bytes Content-Length 127
GET H/1.1	200 OK	runtime-configuration.json Show response access.in-diba.de.controll-session.ru/	127 B 380 B	100ms 100ms	Fetch application/json	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://access.in-diba.de.controll-session.ru/runtime-configuration.json Requested by Host: access.in-diba.de.controll-session.ru URL: https://access.in-diba.de.controll-session.ru/js/app.e6731f01.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `073c66e4bcd7b927c826f604975062d940816b14c494861b61046d3b0eb126f5` Request headers accept-language de-DE,de;q=0.9 Referer https://access.in-diba.de.controll-session.ru/session/new User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 11:58:26 GMT Last-Modified Tue, 22 Aug 2023 19:51:27 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e511bf-7f" Content-Type application/json Connection keep-alive Accept-Ranges bytes Content-Length 127
GET H/1.1	200 OK	ING_Deutschland_NoClaim.c2119de1.svg access.in-diba.de.controll-session.ru/img/	16 KB 16 KB	234ms 144ms	Image image/svg+xml	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://access.in-diba.de.controll-session.ru/img/ING_Deutschland_NoClaim.c2119de1.svg Requested by Host: access.in-diba.de.controll-session.ru URL: https://access.in-diba.de.controll-session.ru/css/app.ee47c5e8.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf` Request headers accept-language de-DE,de;q=0.9 Referer https://access.in-diba.de.controll-session.ru/css/app.ee47c5e8.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 11:58:26 GMT Last-Modified Tue, 22 Aug 2023 19:51:08 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e511ac-3f1d" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 16157
GET H/1.1	200 OK	INGMeWeb-Bold.7b2bc5c6.woff2 access.in-diba.de.controll-session.ru/fonts/	30 KB 30 KB	224ms 163ms	Font application/octet-stream	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://access.in-diba.de.controll-session.ru/fonts/INGMeWeb-Bold.7b2bc5c6.woff2 Requested by Host: access.in-diba.de.controll-session.ru URL: https://access.in-diba.de.controll-session.ru/css/app.ee47c5e8.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e` Request headers Referer https://access.in-diba.de.controll-session.ru/css/app.ee47c5e8.css Origin https://access.in-diba.de.controll-session.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 11:58:26 GMT Last-Modified Tue, 22 Aug 2023 19:51:02 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e511a6-76f8" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 30456
GET H/1.1	200 OK	icons.0c487ce8.woff access.in-diba.de.controll-session.ru/fonts/	32 KB 32 KB	233ms 171ms	Font application/font-woff	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://access.in-diba.de.controll-session.ru/fonts/icons.0c487ce8.woff Requested by Host: access.in-diba.de.controll-session.ru URL: https://access.in-diba.de.controll-session.ru/css/app.ee47c5e8.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8` Request headers Referer https://access.in-diba.de.controll-session.ru/css/app.ee47c5e8.css Origin https://access.in-diba.de.controll-session.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 11:58:26 GMT Last-Modified Tue, 22 Aug 2023 19:51:00 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e511a4-7e28" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 32296
GET H/1.1	200 OK	qrl-ver-F28B541D99A1764E2AA842CB219CB826.aadf3bc7.svg access.in-diba.de.controll-session.ru/img/	2 KB 2 KB	144ms 103ms	Image image/svg+xml	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://access.in-diba.de.controll-session.ru/img/qrl-ver-F28B541D99A1764E2AA842CB219CB826.aadf3bc7.svg Requested by Host: access.in-diba.de.controll-session.ru URL: https://access.in-diba.de.controll-session.ru/session/34e01c33-0b1c-4ef8-85f1-160e3a4fbd14/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `1470546a5f8d7a68deb045a9f3be48c3fa818c53c0b4f8c854d6acdec64aa225` Request headers accept-language de-DE,de;q=0.9 Referer https://access.in-diba.de.controll-session.ru/session/34e01c33-0b1c-4ef8-85f1-160e3a4fbd14/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 11:58:26 GMT Last-Modified Tue, 22 Aug 2023 19:51:09 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e511ad-7b5" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 1973
GET H/1.1	200 OK	qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.c2c2acf9.png access.in-diba.de.controll-session.ru/img/	44 KB 44 KB	174ms 136ms	Image image/png	141.98.233.145 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://access.in-diba.de.controll-session.ru/img/qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.c2c2acf9.png Requested by Host: access.in-diba.de.controll-session.ru URL: https://access.in-diba.de.controll-session.ru/session/34e01c33-0b1c-4ef8-85f1-160e3a4fbd14/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.98.233.145 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e` Request headers accept-language de-DE,de;q=0.9 Referer https://access.in-diba.de.controll-session.ru/session/34e01c33-0b1c-4ef8-85f1-160e3a4fbd14/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 11:58:26 GMT Last-Modified Tue, 22 Aug 2023 19:51:09 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e511ad-af26" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 44838
GET DATA	200 OK	truncated /	3 KB 3 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `624cd418134a6e7984036e5229a885038c94c67918827d5fd2a1fe999dbe97d1` Request headers Referer Origin https://access.in-diba.de.controll-session.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type font/woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunkfrontend_new boolean| __VUE__

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mylink.cf/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6f1e65bdff5a8015b119140f5e3a1bdd
mylink.cf/	1970-01-20 14:13:13	Name: short_8Xigp Value: 1
elquartorino.xyz/	1970-01-20 14:57:50	Name: _subid Value: 3me5u4e5hn
elquartorino.xyz/	1970-01-20 23:49:11	Name: c3769 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjExXCI6MTY5Mjc5MTkwNX0sXCJjYW1wYWlnbnNcIjp7XCIzXCI6MTY5Mjc5MTkwNX0sXCJ0aW1lXCI6MTY5Mjc5MTkwNX0ifQ.PHHXoDA0a50SYoCq7qcjDVTQtmQV7ekXs6hObNVr-_4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

access.in-diba.de.controll-session.ru
elquartorino.xyz
mylink.cf
141.98.233.145
2606:4700:3035::ac43:d797
2a06:98c1:3120::3
073c66e4bcd7b927c826f604975062d940816b14c494861b61046d3b0eb126f5
1470546a5f8d7a68deb045a9f3be48c3fa818c53c0b4f8c854d6acdec64aa225
305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
4d7247dd42666253c4aeed47a24b5b7fe1d230e91220956742ee7f4c5480676f
6132294688bf744c77723ffe0b0649e044ca38bed2651750e13d7ece55e02f71
624cd418134a6e7984036e5229a885038c94c67918827d5fd2a1fe999dbe97d1
8c07d6610fe71ee949259a89b94ef7fdc768e4e269647c617e2d788884f734b9
9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf
9ec7ea60bb94a686740158426200f4f863df973418e3cbcedafc396232922648
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155
fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e

access.in-diba.de.controll-session.ru Open in urlscan Pro 141.98.233.145 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

477 kBTransfer

476 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

4 Cookies

Indicators

access.in-diba.de.controll-session.ru Open in urlscan Pro
141.98.233.145 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

477 kB
Transfer

476 kB
Size

4
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!