webonlibes.ru.com Open in urlscan Pro
38.242.247.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://webonlibes.ru.com/
Submission Tags: @phish_report
Submission: On January 10 via api (January 10th 2024, 4:50:11 pm UTC) from FI — Scanned from FI

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 38.242.247.3, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is webonlibes.ru.com.
TLS certificate: Issued by R3 on January 7th 2024. Valid for: 3 months.

This is the only time webonlibes.ru.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BANPAIS (Banking)

Domain & IP information

	IP Address	AS Autonomous System
8	38.242.247.3 38.242.247.3	51167 (CONTABO) (CONTABO)
1	2606:4700:10:... 2606:4700:10::ac43:2997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
11	3

8 38.242.247.3 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi1442144.contaboserver.net

webonlibes.ru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2997 (United States)

ASN13335 (CLOUDFLARENET, US)

images.bi.com.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	ru.com webonlibes.ru.com	2 MB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	3 KB
1	bi.com.gt images.bi.com.gt	314 B
11	3

	Domain	Requested by
8	webonlibes.ru.com	webonlibes.ru.com
2	fonts.googleapis.com	webonlibes.ru.com
1	images.bi.com.gt	webonlibes.ru.com
11	3

This site contains no links.

Subject Issuer	Validity	Valid
webonlibes.ru.com R3	`2024-01-07` - `2024-04-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://webonlibes.ru.com/
Frame ID: 4019B9D2E9EFCE0FA54FB76C7CCED2F3
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BP en Línea

Page Statistics

11
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2221 kB
Transfer

2246 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
webonlibes.ru.com/ 315 KB
316 KB 400ms
168ms Document
text/html 38.242.247.3
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://webonlibes.ru.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.247.3 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1442144.contaboserver.net
Software: Apache /
Resource Hash: 8c7ccb0ae7337681fd2ea16e77956fd8eb19b87080237197c824d0af1e57b60a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 10 Jan 2024 16:50:04 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK styles.89c1177e3244a69b5759.css
webonlibes.ru.com/online-banking/ 830 KB
830 KB 267ms
94ms Stylesheet
text/css 38.242.247.3
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css
Requested by: Host: webonlibes.ru.com
URL: https://webonlibes.ru.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.247.3 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1442144.contaboserver.net
Software: Apache /
Resource Hash: cd80174a4080cc069b483035a249af558ccc4eb26efe5309549165cb1ea1ac25

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://webonlibes.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 16:50:04 GMT
Last-Modified: Sat, 02 Dec 2023 18:17:08 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 849964

GET
H/1.1 200
OK banpais_logo.png
webonlibes.ru.com/assets/images/ 4 KB
4 KB 108ms
93ms Image
image/png 38.242.247.3
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webonlibes.ru.com/assets/images/banpais_logo.png
Requested by: Host: webonlibes.ru.com
URL: https://webonlibes.ru.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.247.3 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1442144.contaboserver.net
Software: Apache /
Resource Hash: 99ec21212d0aea3370825b56214c6b3d75e99a657d3d4f097384e46a8a6c6632

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://webonlibes.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 16:50:05 GMT
Last-Modified: Sat, 02 Dec 2023 18:22:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4340

GET
H2 200 logo.png
images.bi.com.gt/files/0/77494c6738517a44557268734149446e326e776a306f7334464b6175577137315133567a4d6b6e4631336e6468414e776c7252432b7a2f374b3239724a417a7677654e484b4f787771636b354a52746c757565716e6b... 70 B
314 B 348ms
208ms Image
image/png 2606:4700:10::ac43:2997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.bi.com.gt/files/0/77494c6738517a44557268734149446e326e776a306f7334464b6175577137315133567a4d6b6e4631336e6468414e776c7252432b7a2f374b3239724a417a7677654e484b4f787771636b354a52746c757565716e6b6b79656746565249304c34734b384c4e7371476d7679622f613844363747544b34634a47423375502b2b2f447a694238706b686d386f595762744a7547653755304943547333727a6c565370723575352f4f3057413d7c4776455a35354c6334544c3458576c4a374b726e506e424c536c62656b4c745a5676344a672b746e4969686746644e775450356b33694e795953427a57483774394a5a6558637570374b7a71684b73707842547a7733773977524474434d47516c676f62485856797a2f6e334e4b454959777641376e494c645831623261594d2b78797874353135672f6245617257306e416a5068654b6959325a776c4149767a566b793465676a5151733d7c50734d5843426166664e4c6b4677585775337177624546314c576467686d4238544843566a3262596d55664c7735316b5733484b7a3038526c4c352b4a4e656a38724d36474976676c327a542f71332b4932455055684a71347a7a74724b654e2f6a5a71424c6143334d6850565476703343733937562b6e396578693733707463737758576c3562615142797330427557624f335959484a352b39627247752b3472544473644a694455733d7c413068444d61377a532b5251415166656b4c7a5948537179323430534b546d4c2b4d585669456a3759776e5150764c6d615a4551476e4142506e6c67797636795043322f4f733262415452524b496c684d305747592b59536d6e51536f5766302b4d71436e7337442b704a2f2f7864522b6c714f724971743236556474307550586e726c464c79444a656c67556533742b476669725a716f3831556943566a414e33486e79356a4e64596b3d7c664a305753355833356e497a7a4c4c53587539636b394569547948696c77594f6c31355a523236305739776941597832797a324166587570533775386e6c4348622b614f4c6a2f5564376e67484a45374e3254467a70387176436c46583344565a4a677961746543474455625655726d59306b622f6b53386c4d536a4237364f66656e744573772b395366663137634d66734e4479426f7350327149565871554959612b6848434b376b633d/logo.png

Requested by

Host: webonlibes.ru.com
URL: https://webonlibes.ru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2997 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b3d067407dcb4a68c8c04d64fe21d01f8eb8cc7710b78a0096adc96c0b658a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://webonlibes.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 16:50:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: EXPIRED
last-modified: Tue, 08 Jun 2021 18:14:32 GMT
server: cloudflare
x-powered-by: Express
etag: W/"46-179ecd54b40"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84366abe9e780b06-OSL
content-length: 70

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 258ms
89ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: webonlibes.ru.com
URL: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://webonlibes.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 16:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 15:30:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 16:50:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
823 B 260ms
91ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,500,700

Requested by

Host: webonlibes.ru.com
URL: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://webonlibes.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 16:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 16:17:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 16:50:05 GMT

GET
H/1.1 200
OK banpais_bg.e5ca6aaf77b65e1df90d.png
webonlibes.ru.com/online-banking/ 965 KB
966 KB 93ms
93ms Image
image/png 38.242.247.3
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webonlibes.ru.com/online-banking/banpais_bg.e5ca6aaf77b65e1df90d.png
Requested by: Host: webonlibes.ru.com
URL: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.247.3 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1442144.contaboserver.net
Software: Apache /
Resource Hash: db5ce228533c885bafb72245fe89b9d945b0fba8865a6b7e8c37ae714d9bed9d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 16:50:05 GMT
Last-Modified: Sat, 02 Dec 2023 18:17:44 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 988512

GET
H/1.1 200
OK Lato-normal-700.a354bb0b0b0f22de7bef.woff
webonlibes.ru.com/online-banking/ 27 KB
28 KB 98ms
97ms Font
font/woff 38.242.247.3
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://webonlibes.ru.com/online-banking/Lato-normal-700.a354bb0b0b0f22de7bef.woff
Requested by: Host: webonlibes.ru.com
URL: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.247.3 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1442144.contaboserver.net
Software: Apache /
Resource Hash: 9f5a6fb49257579436c7bd8d42fa5d052336132b6f9f8972a7c9c00d93ed18b4

Request headers

Referer: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css
Origin: https://webonlibes.ru.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 16:50:05 GMT
Last-Modified: Sat, 02 Dec 2023 18:17:22 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 28052

GET
H/1.1 200
OK banca-regional.b3302831d6ce31b2bece.woff
webonlibes.ru.com/online-banking/ 16 KB
16 KB 94ms
94ms Font
font/woff 38.242.247.3
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://webonlibes.ru.com/online-banking/banca-regional.b3302831d6ce31b2bece.woff
Requested by: Host: webonlibes.ru.com
URL: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.247.3 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1442144.contaboserver.net
Software: Apache /
Resource Hash: 74d29b5ddfb71cd4d1c2e8d0d38ffb9dc28a6cf41ba0d7f3bd72a7d145c4151d

Request headers

Referer: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css
Origin: https://webonlibes.ru.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 16:50:05 GMT
Last-Modified: Sat, 02 Dec 2023 18:17:24 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 16400

GET
H/1.1 200
OK Lato-normal-400.319df0f5492062b546b0.woff
webonlibes.ru.com/online-banking/ 28 KB
28 KB 197ms
99ms Font
font/woff 38.242.247.3
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://webonlibes.ru.com/online-banking/Lato-normal-400.319df0f5492062b546b0.woff
Requested by: Host: webonlibes.ru.com
URL: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.247.3 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1442144.contaboserver.net
Software: Apache /
Resource Hash: 04050bae4cc3b9ccd20d3c7f57f5b1ba249d4a54d6eff75a1e4df504362e8c00

Request headers

Referer: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css
Origin: https://webonlibes.ru.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 16:50:05 GMT
Last-Modified: Sat, 02 Dec 2023 18:17:22 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 28660

GET
H/1.1 200
OK Lato-italic-400.17e7244f4b78c6b2c7e1.woff
webonlibes.ru.com/online-banking/ 29 KB
29 KB 265ms
85ms Font
font/woff 38.242.247.3
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://webonlibes.ru.com/online-banking/Lato-italic-400.17e7244f4b78c6b2c7e1.woff
Requested by: Host: webonlibes.ru.com
URL: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.247.3 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1442144.contaboserver.net
Software: Apache /
Resource Hash: d98792e1f2eaa92968f94c35f08da7b23db7333c79cdb657dca3a819d8e6d0d9

Request headers

Referer: https://webonlibes.ru.com/online-banking/styles.89c1177e3244a69b5759.css
Origin: https://webonlibes.ru.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 16:50:05 GMT
Last-Modified: Sat, 02 Dec 2023 18:17:18 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 29836

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BANPAIS (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
images.bi.com.gt
webonlibes.ru.com
2606:4700:10::ac43:2997
2a00:1450:4001:806::200a
38.242.247.3
04050bae4cc3b9ccd20d3c7f57f5b1ba249d4a54d6eff75a1e4df504362e8c00
33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc
74d29b5ddfb71cd4d1c2e8d0d38ffb9dc28a6cf41ba0d7f3bd72a7d145c4151d
8c7ccb0ae7337681fd2ea16e77956fd8eb19b87080237197c824d0af1e57b60a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99ec21212d0aea3370825b56214c6b3d75e99a657d3d4f097384e46a8a6c6632
9f5a6fb49257579436c7bd8d42fa5d052336132b6f9f8972a7c9c00d93ed18b4
b3d067407dcb4a68c8c04d64fe21d01f8eb8cc7710b78a0096adc96c0b658a69
cd80174a4080cc069b483035a249af558ccc4eb26efe5309549165cb1ea1ac25
d98792e1f2eaa92968f94c35f08da7b23db7333c79cdb657dca3a819d8e6d0d9
db5ce228533c885bafb72245fe89b9d945b0fba8865a6b7e8c37ae714d9bed9d

webonlibes.ru.com Open in urlscan Pro 38.242.247.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

2221 kBTransfer

2246 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

webonlibes.ru.com Open in urlscan Pro
38.242.247.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2221 kB
Transfer

2246 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!