lk.taxi-agent.ru Open in urlscan Pro
89.108.74.167 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lk.taxi-agent.ru/gb/index.html
Effective URL:
https://lk.taxi-agent.ru/gb/index.html
Submission: On August 05 via api (August 5th 2024, 9:00:48 am UTC) from US — Scanned from CA

Summary HTTP 18 Redirects Links 54 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 89.108.74.167, located in Russian Federation and belongs to AS-REG, RU. The main domain is lk.taxi-agent.ru.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on October 23rd 2023. Valid for: a year.

This is the only time lk.taxi-agent.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UPS (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
14	89.108.74.167 89.108.74.167	197695 (AS-REG) (AS-REG)
3	13.107.246.40 13.107.246.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.177.241.160 52.177.241.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18	3

14 89.108.74.167 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d53344.azlk.regrucolo.ru

lk.taxi-agent.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media-us1.digital.nuance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.177.241.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ups.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	taxi-agent.ru lk.taxi-agent.ru	182 KB
3	nuance.com media-us1.digital.nuance.com — Cisco Umbrella Rank: 19705	330 KB
1	inq.com ups.inq.com — Cisco Umbrella Rank: 29413	594 B
18	3

	Domain	Requested by
14	lk.taxi-agent.ru	lk.taxi-agent.ru
3	media-us1.digital.nuance.com	lk.taxi-agent.ru
1	ups.inq.com	lk.taxi-agent.ru
18	3

This site contains links to these domains. Also see Links.

Domain
www.ups.com
wwwapps.ups.com
www.pressroom.ups.com
www.investors.ups.com
www.jobs-ups.com
sustainability.ups.com
www.theupsstore.ca
upscapital.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
*.taxi-agent.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-10-23` - `2024-11-23`	a year	crt.sh
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-10-11`	a year	crt.sh
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-10-11`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://lk.taxi-agent.ru/gb/index.html
Frame ID: 72AD648221B2872914BB6C8232C4D500
Requests: 14 HTTP requests in this frame

Frame: https://lk.taxi-agent.ru/gb/index_1.html
Frame ID: D95A96BFA2228B201BDD07493C172908
Requests: 1 HTTP requests in this frame

Frame: https://lk.taxi-agent.ru/gb/index_2.html
Frame ID: 9992EC1BFB80C1E9369C218CBD35AE1E
Requests: 1 HTTP requests in this frame

Frame: https://lk.taxi-agent.ru/gb/index_4.html
Frame ID: 716EA84F47631E58EC16608224958608
Requests: 1 HTTP requests in this frame

Frame: https://lk.taxi-agent.ru/gb/index_3.html
Frame ID: 46D0965AFB4C8EB9DB88FB9BA034BBB6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tracking | UPS - Canada

Page URL History Show full URLs

http://lk.taxi-agent.ru/gb/index.html HTTP 307
https://lk.taxi-agent.ru/gb/index.html Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

513 kB
Transfer

1165 kB
Size

0
Cookies

54 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ups.com/ca/en/service-alerts.page?id=alert1
Title: ... More

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/Home.page
Title: //<![CDATA[ (function(){for(var g="function"==typeof Object.defineProperties?Object.defineProperty:function(b,c,a){if(a.get||a.set)throw new TypeError("ES3 does not support getters and setters.");b!=Array.prototype&&b!=Object.prototype&&(b[c]=a.value)},h="undefined"!=typeof window&&window===this?this:"undefined"!=typeof global&&null!=global?global:this,k=["String","prototype","repeat"],l=0;l<k.length-1;l++){var m=k[l];m in h||(h[m]={});h=h[m]}var n=k[k.length-1],p=h[n],q=p?p:function(b){var c;if(null==this)throw new TypeError("The 'this' value for String.prototype.repeat must not be null or undefined");c=this+"";if(0>b||1342177279<b)throw new RangeError("Invalid count value");b|=0;for(var a="";b;)if(b&1&&(a+=c),b>>>=1)c+=c;return a};q!=p&&null!=q&&g(h,n,{configurable:!0,writable:!0,value:q});var t=this;function u(b,c){var a=b.split("."),d=t;a[0]in d||!d.execScript||d.execScript("var "+a[0]);for(var e;a.length&&(e=a.shift());)a.length||void 0===c?d[e]?d=d[e]:d=d[e]={}:d[e]=c};function v

Search URL Search Domain Scan URL

URL: https://www.ups.com/doapp/SignUp?loc=en_CA&ClientId=18&returnto=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_CA%26Requester%3Dlasso
Title: Sign up / Log in

Search URL Search Domain Scan URL

URL: https://www.ups.com/
Title: Alerts (1)

Search URL Search Domain Scan URL

URL: https://www.ups.com/dropoff?loc=en_CA
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/Home.page?loc=en_CA
Title: Canada - English

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/fr/Home.page?loc=fr_CA
Title: Canada - Français

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/global.page
Title: Select Another Country or Territory

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/get-started-with-ups.page
Title: Get Started with UPS

Search URL Search Domain Scan URL

URL: https://www.ups.com/ship?loc=en_CA
Title: Ship

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/ctc/request?loc=en_CA
Title: Quote

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/w1-location-finder-page.page?quickStart=true&widget=locationFinder
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/billing-payment.page
Title: View & Pay Bill

Search URL Search Domain Scan URL

URL: https://www.ups.com/track?loc=en_CA
Title: Track & Track History

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/tracking/quantum-view.page
Title: Manage Inbound/Outbound Deliveries:Quantum View - for Large Enterprise Businesses

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/tracking.page
Title: Explore All Tracking

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/tracking/mychoice.page
Title: Explore Managing Home Deliveries

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/tracking/my-choice-for-business.page
Title: Explore Managing Business Deliveries

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/pickup/schedule?loc=en_CA
Title: Schedule a Pickup

Search URL Search Domain Scan URL

URL: https://www.ups.com/marketplaceshipping/order?loc=en_CA
Title: Manage Online Orders: Marketplace Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/uis/create?ActionOriginPair=CreateAReturn___StartSession&loc=en_CA
Title: Create a Return

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/shipping.page
Title: Explore All Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/ship/history?loc=en_CA
Title: View Shipping History

Search URL Search Domain Scan URL

URL: https://www.ups.com/uis/create?ActionOriginPair=BatchImportPage___StartSession&loc=en_CA&WT.svl=SubNav
Title: Batch File Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/uis/create?ActionOriginPair=CreateAnImport___StartSession&loc=en_CA
Title: Create Import:UPS Import Control

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/tradeability?loc=en_CA
Title: International Toolset:UPS TradeAbility

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/shipping/international/services.page
Title: Service Guide

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/packaging-and-supplies.page
Title: Order Supplies

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services.page
Title: Discover UPS Services

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/shipping.page
Title: Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/billing.page
Title: Billing

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/international-shipping.page
Title: International Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/contract-logistics.page
Title: Contract Logistics

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/technology-integration.page
Title: Integrating UPS Technology

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/individual-shipper.page
Title: Individual Shipper

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/small-business.page
Title: Small Business

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-support-center.page
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/get-started-with-ups.page
Title: Get Started with UPS

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/sri/tracking/change-delivery.page
Title: Change Delivery

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/claims-support.page
Title: Claims Support

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/ppc/ppc.html?loc=en_CA#/profilePage
Title: My Profile

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/about.page
Title: About UPS

Search URL Search Domain Scan URL

URL: https://www.pressroom.ups.com/
Title: Media RelationsOpen the link in a new window

Search URL Search Domain Scan URL

URL: http://www.investors.ups.com/
Title: Investor RelationsOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://www.jobs-ups.com/location
Title: CareersOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://sustainability.ups.com/
Title: Sustainability & Community InvolvementOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://www.theupsstore.ca/
Title: The UPS StoreOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://upscapital.com/ca-en/
Title: UPS CapitalOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://www.instagram.com/UPS_Canada
Title: InstagramOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://twitter.com/UPS_Canada
Title: Twitter Open the link in a new window

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/fight-fraud.page
Title: Protect Against Fraud

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/service.page
Title: Service Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/website.page
Title: Website Terms of Use

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/privacy-notice.page
Title: Privacy NoticeOpen the link in a new window

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lk.taxi-agent.ru/gb/index.html HTTP 307
https://lk.taxi-agent.ru/gb/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.html Show response
lk.taxi-agent.ru/gb/
Redirect Chain

http://lk.taxi-agent.ru/gb/index.html
https://lk.taxi-agent.ru/gb/index.html

68 KB
14 KB

2677ms
295ms

Document
text/html

89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://lk.taxi-agent.ru/gb/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d53344.azlk.regrucolo.ru
Software: Apache/2.4.25 (Debian) /
Resource Hash: da0a9e7b5c25715848575d4c4a4464b32a99f72a6478baafcc245850fcccaeb7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 13630
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 09:00:39 GMT
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
x-mod-pagespeed: 1.13.35.2-0

Redirect headers

Location: https://lk.taxi-agent.ru/gb/index.html
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK ups.vendor.54f3c2d83b58.css+ups.styles.bf03bcac6bc2.css+ups.modules.0cca12c805a5.css+ups.widgets.6611168e8d14.css.pagespeed.cc.Y-noHEXYHX.css
lk.taxi-agent.ru/gb/ 985 KB
116 KB 153ms
152ms Stylesheet
text/css 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://lk.taxi-agent.ru/gb/ups.vendor.54f3c2d83b58.css+ups.styles.bf03bcac6bc2.css+ups.modules.0cca12c805a5.css+ups.widgets.6611168e8d14.css.pagespeed.cc.Y-noHEXYHX.css
Requested by: Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d53344.azlk.regrucolo.ru
Software: Apache/2.4.25 (Debian) /
Resource Hash: 3fcd816336872e8c029bc19a2b69876eedd3eba04e42a3943f832a0d73c8bf01

Request headers

Referer: https://lk.taxi-agent.ru/gb/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:39 GMT
content-encoding: gzip
last-modified: Mon, 05 Aug 2024 08:32:43 GMT
server: Apache/2.4.25 (Debian)
x-original-content-length: 1008348
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 118861
expires: Tue, 05 Aug 2025 08:32:43 GMT

GET
H/1.1 200
OK ups.apps-utrk.5ebbdd.css
lk.taxi-agent.ru/gb/ 74 KB
11 KB 603ms
149ms Stylesheet
text/css 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://lk.taxi-agent.ru/gb/ups.apps-utrk.5ebbdd.css

Requested by

Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

d53344.azlk.regrucolo.ru

Software

Apache/2.4.25 (Debian) /

Resource Hash

f94d2ab358987555c99e0be52f450293ed78850f6c78f305b22f8327c4bc617f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lk.taxi-agent.ru/gb/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 75579
last-modified: Tue, 25 Jun 2024 20:33:40 GMT
server: Apache/2.4.25 (Debian)
etag: "1273b-61bbcd022b100"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 10695
expires: Mon, 05 Aug 2024 09:05:39 GMT

GET
H/1.1 200
OK UPS_logo.svg
lk.taxi-agent.ru/gb/ 2 KB
2 KB 1079ms
153ms Image
image/svg+xml 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lk.taxi-agent.ru/gb/UPS_logo.svg
Requested by: Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d53344.azlk.regrucolo.ru
Software: Apache/2.4.25 (Debian) /
Resource Hash: b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00

Request headers

Referer: https://lk.taxi-agent.ru/gb/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:40 GMT
last-modified: Tue, 25 Jun 2024 20:33:40 GMT
server: Apache/2.4.25 (Debian)
accept-ranges: bytes
etag: "870-61bbcd022b100"
content-length: 2160
content-type: image/svg+xml

GET
H/1.1 200
OK xicp.gif.pagespeed.ic.KOcNEF1ce4.webp
lk.taxi-agent.ru/gb/ 34 B
414 B 1228ms
148ms Image
image/webp 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lk.taxi-agent.ru/gb/xicp.gif.pagespeed.ic.KOcNEF1ce4.webp
Requested by: Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d53344.azlk.regrucolo.ru
Software: Apache/2.4.25 (Debian) /
Resource Hash: e5a2f0af4dfb54bb6b7cc3cdc67e7478466a9323f1bcb57438ee47a2b763312b

Request headers

Referer: https://lk.taxi-agent.ru/gb/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:40 GMT
last-modified: Mon, 05 Aug 2024 04:03:56 GMT
server: Apache/2.4.25 (Debian)
x-original-content-length: 43
etag: W/"0"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
link: <http://lk.taxi-agent.ru/gb/icp.gif>; rel="canonical"
content-length: 34
expires: Tue, 05 Aug 2025 04:03:56 GMT

GET
H/1.1 200
OK styles.7d4255341a2c49ba8357.bundle.css
lk.taxi-agent.ru/gb/ 259 B
602 B 1351ms
149ms Stylesheet
text/css 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://lk.taxi-agent.ru/gb/styles.7d4255341a2c49ba8357.bundle.css

Requested by

Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

d53344.azlk.regrucolo.ru

Software

Apache/2.4.25 (Debian) /

Resource Hash

0130f0f5a7d2a1791fa84865db5b7f9cdcac4b0a4fbe90fef182164b65c00343

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lk.taxi-agent.ru/gb/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 259
last-modified: Tue, 25 Jun 2024 20:33:40 GMT
server: Apache/2.4.25 (Debian)
etag: "103-61bbcd022b100"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 181
expires: Mon, 05 Aug 2024 09:05:39 GMT

GET
H/1.1 200
OK index_1.html Show response
lk.taxi-agent.ru/gb/ Frame D95A 167 B
436 B 738ms
155ms Document
text/html 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://lk.taxi-agent.ru/gb/index_1.html
Requested by: Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d53344.azlk.regrucolo.ru
Software: Apache/2.4.25 (Debian) /
Resource Hash: eab4d56ac0ee5cd6a9981c73fb48e653839c1bf33169656e0137224c4c54ffaa

Request headers

Referer: https://lk.taxi-agent.ru/gb/index.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 154
content-type: text/html
date: Mon, 05 Aug 2024 09:00:40 GMT
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
x-mod-pagespeed: 1.13.35.2-0

GET
H2 200 InqFramework.js
media-us1.digital.nuance.com/media/launch/ci/ 0
210 KB 3565ms
119ms Other
application/javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/ci/InqFramework.js?codeVersion=1607582044799

Requested by

Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lk.taxi-agent.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:43 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Jul 2024 22:48:50 GMT
content-encoding: gzip
etag: W/"1202666-1720824530000"
vary: accept-encoding
x-azure-ref: 20240805T090043Z-17fd6bb7c96mwmhwcbx1m7cqx80000000gp0000000001vdk
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=3600
x-fd-int-roxy-purgeid: 73117829
x-xss-protection: 1; mode=block
expires: Thu, 25 Jul 2024 10:05:38 GMT

GET
H2 200 pre-acif.js
ups.inq.com/tagserver/acif/ 0
594 B 652ms
43ms Other
application/javascript 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.inq.com/tagserver/acif/pre-acif.js

Requested by

Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nuance Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lk.taxi-agent.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:40 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 19 Jul 2024 03:22:56 GMT
server: Nuance Server
etag: W/"195-1721359376000"
p3p: policyref="http://ups.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND PHY DEM ONL STA NAV UNI LOC COM CNT"
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 195
x-xss-protection: 1; mode=block

GET
H2 200 acif.js
media-us1.digital.nuance.com/media/launch/acif/ 0
112 KB 3566ms
120ms Other
application/javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/acif/acif.js

Requested by

Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lk.taxi-agent.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:43 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Jul 2024 22:49:00 GMT
content-encoding: gzip
etag: W/"383954-1720824540000"
vary: accept-encoding
x-azure-ref: 20240805T090043Z-17fd6bb7c96mwmhwcbx1m7cqx80000000gp0000000001vdm
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=3600
x-fd-int-roxy-purgeid: 73117829
x-xss-protection: 1; mode=block
expires: Thu, 18 Jul 2024 16:41:20 GMT

GET
H2 200 acif-configs.js
media-us1.digital.nuance.com/media/sites/10005649/assets/automatons/ 0
9 KB 3566ms
121ms Other
application/javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/sites/10005649/assets/automatons/acif-configs.js

Requested by

Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lk.taxi-agent.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:43 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 13 Jul 2023 19:20:19 GMT
content-encoding: gzip
etag: W/"76533-1689276019361"
vary: accept-encoding
x-azure-ref: 20240805T090043Z-17fd6bb7c96mwmhwcbx1m7cqx80000000gp0000000001vdn
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=3600
x-fd-int-roxy-purgeid: 73117829
x-xss-protection: 1; mode=block
expires: Thu, 25 Jul 2024 10:12:56 GMT

GET
H/1.1 200
OK social.jpg
lk.taxi-agent.ru/gb/ 882 B
1 KB 903ms
148ms Image
image/jpeg 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lk.taxi-agent.ru/gb/social.jpg

Requested by

Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/ups.vendor.54f3c2d83b58.css+ups.styles.bf03bcac6bc2.css+ups.modules.0cca12c805a5.css+ups.widgets.6611168e8d14.css.pagespeed.cc.Y-noHEXYHX.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

d53344.azlk.regrucolo.ru

Software

Apache/2.4.25 (Debian) /

Resource Hash

a95cccb9b4b1b5b2d1d5a599c70662117e629c9525f2e9d9b9f1cd6a73052e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lk.taxi-agent.ru/gb/ups.vendor.54f3c2d83b58.css+ups.styles.bf03bcac6bc2.css+ups.modules.0cca12c805a5.css+ups.widgets.6611168e8d14.css.pagespeed.cc.Y-noHEXYHX.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Jun 2024 20:33:40 GMT
server: Apache/2.4.25 (Debian)
etag: "372-61bbcd022b100"
content-type: image/jpeg
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 882
expires: Mon, 05 Aug 2024 09:05:39 GMT

GET
H/1.1 200
OK 055096b75efc91eabeb7fa0fb14e24cd44ba71f4
lk.taxi-agent.ru/gb/ 34 KB
34 KB 247ms
151ms Font
application/octet-stream 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://lk.taxi-agent.ru/gb/055096b75efc91eabeb7fa0fb14e24cd44ba71f4
Requested by: Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/ups.vendor.54f3c2d83b58.css+ups.styles.bf03bcac6bc2.css+ups.modules.0cca12c805a5.css+ups.widgets.6611168e8d14.css.pagespeed.cc.Y-noHEXYHX.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d53344.azlk.regrucolo.ru
Software: Apache/2.4.25 (Debian) /
Resource Hash: e94f926fe32bb1db75044f07af73ade28a728efe7b16fefdd59a064514cb1316

Request headers

Referer: https://lk.taxi-agent.ru/gb/ups.vendor.54f3c2d83b58.css+ups.styles.bf03bcac6bc2.css+ups.modules.0cca12c805a5.css+ups.widgets.6611168e8d14.css.pagespeed.cc.Y-noHEXYHX.css
Origin: https://lk.taxi-agent.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:40 GMT
cache-control: s-maxage=10
last-modified: Tue, 25 Jun 2024 20:33:40 GMT
server: Apache/2.4.25 (Debian)
accept-ranges: bytes
etag: "8794-61bbcd022b100"
content-length: 34708

GET
H/1.1 200
OK index_2.html Show response
lk.taxi-agent.ru/gb/ Frame 9992 701 B
661 B 292ms
149ms Document
text/html 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://lk.taxi-agent.ru/gb/index_2.html
Requested by: Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d53344.azlk.regrucolo.ru
Software: Apache/2.4.25 (Debian) /
Resource Hash: 9653cc7c737d874e74d4529bf9da4f5906e068cfe7994aa2ae64e7fb537ed989

Request headers

Referer: https://lk.taxi-agent.ru/gb/index.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 364
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 09:00:41 GMT
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
x-mod-pagespeed: 1.13.35.2-0

GET
H/1.1 200
OK index_4.html Show response
lk.taxi-agent.ru/gb/ Frame 716E 241 B
484 B 149ms
149ms Document
text/html 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://lk.taxi-agent.ru/gb/index_4.html
Requested by: Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d53344.azlk.regrucolo.ru
Software: Apache/2.4.25 (Debian) /
Resource Hash: c694ec1f7a48dd18d33f0750a9de65ae44859aa54a9db8e25e98d7bbb1ff14cf

Request headers

Referer: https://lk.taxi-agent.ru/gb/index_2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 202
content-type: text/html
date: Mon, 05 Aug 2024 09:00:41 GMT
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
x-mod-pagespeed: 1.13.35.2-0

GET
H/1.1 200
OK index_3.html Show response
lk.taxi-agent.ru/gb/ Frame 46D0 327 B
541 B 298ms
150ms Document
text/html 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://lk.taxi-agent.ru/gb/index_3.html
Requested by: Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d53344.azlk.regrucolo.ru
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2d9668f6f97ac0527e0635f052d73111bf1119d4671b22f99076d504bd195779

Request headers

Referer: https://lk.taxi-agent.ru/gb/index_2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 244
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 09:00:41 GMT
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
x-mod-pagespeed: 1.13.35.2-0

POST
H/1.1 204
No Content mod_pagespeed_beacon Show response
lk.taxi-agent.ru/ 0
132 B 151ms
149ms XHR
text/plain 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://lk.taxi-agent.ru/mod_pagespeed_beacon?url=http%3A%2F%2Flk.taxi-agent.ru%2Fgb%2Findex.html
Requested by: Host: lk.taxi-agent.ru
URL: https://lk.taxi-agent.ru/gb/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d53344.azlk.regrucolo.ru
Software: Apache/2.4.25 (Debian) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lk.taxi-agent.ru/gb/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 05 Aug 2024 09:00:41 GMT
cache-control: max-age=0, no-cache
server: Apache/2.4.25 (Debian)

GET
H/1.1 200
OK favicon.ico
lk.taxi-agent.ru/ 0
268 B 149ms
148ms Other
image/vnd.microsoft.icon 89.108.74.167
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://lk.taxi-agent.ru/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.74.167 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d53344.azlk.regrucolo.ru
Software: Apache/2.4.25 (Debian) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lk.taxi-agent.ru/gb/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:00:41 GMT
last-modified: Mon, 12 Oct 2020 10:23:06 GMT
server: Apache/2.4.25 (Debian)
etag: "0-5b176af213680"
content-type: image/vnd.microsoft.icon
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UPS (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| pagespeed

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lk.taxi-agent.ru
media-us1.digital.nuance.com
ups.inq.com
13.107.246.40
52.177.241.160
89.108.74.167
0130f0f5a7d2a1791fa84865db5b7f9cdcac4b0a4fbe90fef182164b65c00343
2d9668f6f97ac0527e0635f052d73111bf1119d4671b22f99076d504bd195779
3fcd816336872e8c029bc19a2b69876eedd3eba04e42a3943f832a0d73c8bf01
9653cc7c737d874e74d4529bf9da4f5906e068cfe7994aa2ae64e7fb537ed989
a95cccb9b4b1b5b2d1d5a599c70662117e629c9525f2e9d9b9f1cd6a73052e5a
b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00
c694ec1f7a48dd18d33f0750a9de65ae44859aa54a9db8e25e98d7bbb1ff14cf
da0a9e7b5c25715848575d4c4a4464b32a99f72a6478baafcc245850fcccaeb7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a2f0af4dfb54bb6b7cc3cdc67e7478466a9323f1bcb57438ee47a2b763312b
e94f926fe32bb1db75044f07af73ade28a728efe7b16fefdd59a064514cb1316
eab4d56ac0ee5cd6a9981c73fb48e653839c1bf33169656e0137224c4c54ffaa
f94d2ab358987555c99e0be52f450293ed78850f6c78f305b22f8327c4bc617f

lk.taxi-agent.ru Open in urlscan Pro 89.108.74.167 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

513 kBTransfer

1165 kBSize

0 Cookies

54 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

lk.taxi-agent.ru Open in urlscan Pro
89.108.74.167 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

513 kB
Transfer

1165 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!