urlscan.io logo urlscan.io
SecurityTrails logo

vk.com Open in urlscan Pro
87.240.139.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://jhoffa.com/CitiBank
Effective URL: https://vk.com/messenger
Submission: On January 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 87.240.139.194, located in Russian Federation and belongs to VKONTAKTE-SPB-AS vk.com, RU. The main domain is vk.com. The Cisco Umbrella rank of the primary domain is 5015.
TLS certificate: Issued by GlobalSign Organization Validation CA... on June 9th 2020. Valid for: 2 years.
This is the only time vk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.179.232.53 46606 (UNIFIEDLA...)
1 192.185.39.73 46606 (UNIFIEDLA...)
3 87.240.139.194 47541 (VKONTAKTE...)
5 95.213.18.82 47541 (VKONTAKTE...)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
2 217.69.133.145 47764 (MAILRU-AS...)
12 6
1    108.179.232.53 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: gator4242.hostgator.com
jhoffa.com
1    192.185.39.73 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: mail.priceplant.com
militaryvehiclerepair.com
3    87.240.139.194 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv194-139-240-87.vk.com
vk.com
5    95.213.18.82 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv82-18-213-95.vk.com
desktop-messenger.vklanding.com
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
2    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
Apex Domain
Subdomains		 Transfer
5 vklanding.com
desktop-messenger.vklanding.com
731 KB
3 vk.com
vk.com — Cisco Umbrella Rank: 5015
661 KB
2 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 10227
12 KB
2 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 10571
735 B
1 militaryvehiclerepair.com
militaryvehiclerepair.com
271 B
1 jhoffa.com
jhoffa.com
167 B
12 6
Domain Requested by
5 desktop-messenger.vklanding.com vk.com
desktop-messenger.vklanding.com
3 vk.com militaryvehiclerepair.com
vk.com
desktop-messenger.vklanding.com
2 top-fwz1.mail.ru vk.com
top-fwz1.mail.ru
2 www.tns-counter.ru 1 redirects vk.com
1 militaryvehiclerepair.com
1 jhoffa.com 1 redirects
12 6

This site contains no links.

Subject Issuer Validity Valid
*.q2c.com
R3		 2022-01-18 -
2022-04-18		 3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
desktop-messenger.vklanding.com
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://vk.com/messenger
Frame ID: 89E7F90A204650C35AC379341A063F23
Requests: 6 HTTP requests in this frame

Frame: https://desktop-messenger.vklanding.com/?landing_id=desktop-messenger&language=6&parent_language=3&user_id=0&lang=&viewportWidth=1600&viewportHeight=1200&iframeScrollAllowed=0
Frame ID: 37844BB4E43F3EA267D62E8FCBFC907D
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VK Messenger

Page URL History Show full URLs

  1. https://jhoffa.com/CitiBank HTTP 301
    https://militaryvehiclerepair.com/support.php?online= Page URL
  2. https://vk.com/messenger Page URL

Page Statistics

12
Requests

92 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1492 kB
Transfer

4389 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jhoffa.com/CitiBank HTTP 301
    https://militaryvehiclerepair.com/support.php?online= Page URL
  2. https://vk.com/messenger Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://jhoffa.com/CitiBank HTTP 301
  • https://militaryvehiclerepair.com/support.php?online=
Request Chain 3
  • https://www.tns-counter.ru/V13a**clid:undefined*https://militaryvehiclerepair.com/*vk_com/ru/UTF-8/tmsec=vksite_total/195973419 HTTP 302
  • https://www.tns-counter.ru/V13b**clid:undefined*https://militaryvehiclerepair.com/*vk_com/ru/UTF-8/tmsec=vksite_total/195973419

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
support.php
militaryvehiclerepair.com/
Redirect Chain
  • https://jhoffa.com/CitiBank
  • https://militaryvehiclerepair.com/support.php?online=
94 B
271 B 		Document
General
Check archive.org
Download Go to
Full URL
https://militaryvehiclerepair.com/support.php?online=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.39.73 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.priceplant.com
Software
Apache /
Resource Hash
270b3be7bfcb5719cfe12e54b2c9416bbc27348304a34e8f20b179681444e4f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 27 Jan 2022 16:34:25 GMT
server
Apache
content-type
text/html; charset=UTF-8
content-length
103
cache-control
max-age=300
expires
Thu, 27 Jan 2022 16:39:25 GMT
vary
Accept-Encoding
content-encoding
gzip
x-endurance-cache-level
2
x-server-cache
false

Redirect headers

date
Thu, 27 Jan 2022 16:34:25 GMT
server
Apache
content-type
text/html; charset=iso-8859-1
content-length
261
location
https://militaryvehiclerepair.com/support.php?online=
cache-control
max-age=300
expires
Thu, 27 Jan 2022 16:39:25 GMT
x-server-cache
false
Primary Request messenger
vk.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vk.com/messenger
Requested by
Host: militaryvehiclerepair.com
URL: https://militaryvehiclerepair.com/support.php?online=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv194-139-240-87.vk.com
Software
kittenx / KPHP/7.4.110036
Resource Hash
84719de350278a66b394aef30d1a8317f7f1fb8dee9be40e5a4c732fa6550ea0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://militaryvehiclerepair.com/

Response headers

server
kittenx
date
Thu, 27 Jan 2022 16:34:27 GMT
content-type
text/html; charset=windows-1251
content-length
1015
x-powered-by
KPHP/7.4.110036
cache-control
no-store
x-frame-options
sameorigin
x-content-type-options
nosniff
content-encoding
gzip
x-frontend
front609304
strict-transport-security
max-age=15768000
access-control-expose-headers
X-Frontend
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
landings_host.js
vk.com/dist/landings/ 		3 MB
637 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/dist/landings/landings_host.js
Requested by
Host: vk.com
URL: https://vk.com/messenger
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv194-139-240-87.vk.com
Software
kittenx /
Resource Hash
0874789cf51be0e0cd0cec17c7b1a90abc76dd554be603d63d857acbb0a1dc7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/messenger
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:34:28 GMT
content-encoding
br
x-frontend
front609304
last-modified
Sun, 23 Jan 2022 01:16:30 GMT
server
kittenx
etag
"61ecac6e-9ef82"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
651138
expires
Mon, 31 Jan 2022 16:34:28 GMT
/
desktop-messenger.vklanding.com/ Frame 3784 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://desktop-messenger.vklanding.com/?landing_id=desktop-messenger&language=6&parent_language=3&user_id=0&lang=&viewportWidth=1600&viewportHeight=1200&iframeScrollAllowed=0
Requested by
Host: vk.com
URL: https://vk.com/dist/landings/landings_host.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.213.18.82 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv82-18-213-95.vk.com
Software
nginx/1.16.1 /
Resource Hash
ee68d1d737a0863381354927c6c97c33d0eb807e3b77bd3011089e5cf71a48ce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/

Response headers

Server
nginx/1.16.1
Date
Thu, 27 Jan 2022 16:34:29 GMT
Content-Type
text/html
Last-Modified
Wed, 26 Feb 2020 11:58:12 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5e565d54-9ef"
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers
Content-Length,Content-Range
Content-Encoding
gzip
195973419
www.tns-counter.ru/V13b**clid:undefined*https://militaryvehiclerepair.com/*vk_com/ru/UTF-8/tmsec=vksite_total/
Redirect Chain
  • https://www.tns-counter.ru/V13a**clid:undefined*https://militaryvehiclerepair.com/*vk_com/ru/UTF-8/tmsec=vksite_total/195973419
  • https://www.tns-counter.ru/V13b**clid:undefined*https://militaryvehiclerepair.com/*vk_com/ru/UTF-8/tmsec=vksite_total/195973419
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b**clid:undefined*https://militaryvehiclerepair.com/*vk_com/ru/UTF-8/tmsec=vksite_total/195973419
Requested by
Host: vk.com
URL: https://vk.com/messenger
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.15/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 16:34:28 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.15/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 16:34:28 GMT
server
ms-counter-3.2.15/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b**clid:undefined*https://militaryvehiclerepair.com/*vk_com/ru/UTF-8/tmsec=vksite_total/195973419
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
code.js
top-fwz1.mail.ru/js/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: vk.com
URL: https://vk.com/messenger
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:34:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Wed, 22 Dec 2021 12:22:53 GMT
server
nginx
etag
W/"61c3189d-6a23"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Thu, 27 Jan 2022 17:34:28 GMT
counter
top-fwz1.mail.ru/ 		43 B
989 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=2579437;u=https%3A//vk.com/messenger;r=https%3A//militaryvehiclerepair.com/;st=1643301267904;pid=0;userid=0;title=VK%20Messenger;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=7696baee8d26a267;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1643301268108%3A1643301268129%3A1%3A1213ded9e9e0d3197abf776c40872dc7;visible=true;_=0.3048608575346192
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Jan 2022 16:34:28 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://vk.com
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://vk.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://vk.com
access-control-allow-headers
*
landings_api.js
vk.com/js/cmodules/landings/ Frame 3784 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/cmodules/landings/landings_api.js
Requested by
Host: desktop-messenger.vklanding.com
URL: https://desktop-messenger.vklanding.com/?landing_id=desktop-messenger&language=6&parent_language=3&user_id=0&lang=&viewportWidth=1600&viewportHeight=1200&iframeScrollAllowed=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv194-139-240-87.vk.com
Software
kittenx /
Resource Hash
872a636b7a84813c21d85809309682588d14d361352fddf0435f8dd784df2844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop-messenger.vklanding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:34:29 GMT
content-encoding
br
x-frontend
front609304
last-modified
Sun, 23 Jan 2022 01:16:30 GMT
server
kittenx
etag
"61ecac6e-5808"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
22536
expires
Mon, 31 Jan 2022 16:34:29 GMT
main.123fb310.chunk.css
desktop-messenger.vklanding.com/static/css/ Frame 3784 		134 KB
94 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://desktop-messenger.vklanding.com/static/css/main.123fb310.chunk.css
Requested by
Host: desktop-messenger.vklanding.com
URL: https://desktop-messenger.vklanding.com/?landing_id=desktop-messenger&language=6&parent_language=3&user_id=0&lang=&viewportWidth=1600&viewportHeight=1200&iframeScrollAllowed=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.213.18.82 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv82-18-213-95.vk.com
Software
nginx/1.16.1 /
Resource Hash
3fd4a78a3580e11e31e268aa87a6e5c14777d990f97f264c131a2cff53e850a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop-messenger.vklanding.com/?landing_id=desktop-messenger&language=6&parent_language=3&user_id=0&lang=&viewportWidth=1600&viewportHeight=1200&iframeScrollAllowed=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 16:34:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Feb 2020 11:58:12 GMT
Server
nginx/1.16.1
ETag
W/"5e565d54-219dc"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Fri, 27 Jan 2023 16:34:29 GMT
2.77439c23.chunk.js
desktop-messenger.vklanding.com/static/js/ Frame 3784 		185 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desktop-messenger.vklanding.com/static/js/2.77439c23.chunk.js
Requested by
Host: desktop-messenger.vklanding.com
URL: https://desktop-messenger.vklanding.com/?landing_id=desktop-messenger&language=6&parent_language=3&user_id=0&lang=&viewportWidth=1600&viewportHeight=1200&iframeScrollAllowed=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.213.18.82 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv82-18-213-95.vk.com
Software
nginx/1.16.1 /
Resource Hash
eedd4081c6e37e4979a7ba552922129de48a65d7aae240aa9fd131ee0fc2064e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop-messenger.vklanding.com/?landing_id=desktop-messenger&language=6&parent_language=3&user_id=0&lang=&viewportWidth=1600&viewportHeight=1200&iframeScrollAllowed=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 16:34:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Feb 2020 11:58:12 GMT
Server
nginx/1.16.1
ETag
W/"5e565d54-2e326"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Fri, 27 Jan 2023 16:34:29 GMT
main.565af994.chunk.js
desktop-messenger.vklanding.com/static/js/ Frame 3784 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desktop-messenger.vklanding.com/static/js/main.565af994.chunk.js
Requested by
Host: desktop-messenger.vklanding.com
URL: https://desktop-messenger.vklanding.com/?landing_id=desktop-messenger&language=6&parent_language=3&user_id=0&lang=&viewportWidth=1600&viewportHeight=1200&iframeScrollAllowed=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.213.18.82 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv82-18-213-95.vk.com
Software
nginx/1.16.1 /
Resource Hash
698d094c9242fe378c3ccd8a065f65a977c9a6a3b9df49372974de26bf747854

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop-messenger.vklanding.com/?landing_id=desktop-messenger&language=6&parent_language=3&user_id=0&lang=&viewportWidth=1600&viewportHeight=1200&iframeScrollAllowed=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 16:34:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Feb 2020 11:58:12 GMT
Server
nginx/1.16.1
ETag
W/"5e565d54-5af9"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Fri, 27 Jan 2023 16:34:29 GMT
truncated
/ Frame 3784 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
565f544600339533682d51a4657cfb827cc30582a3febbbdc6b1f61b8b389229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 3784 		335 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6f3b2535d17dd84434517b23b690fd1faa10536298a8f101a63e487b3b9cb98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 3784 		465 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34c80bdceb202c15eea1e2ec1fee0081975e0373750409819b5258cfdd312593

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 3784 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3c461a1e6ff328ba26ef905a19c7d0da2597bf547656afcbaab7d218d98dddc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 3784 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbb542ce42c974138a4927eaef1c5cf8e8886eb159e529d4db5e6ef5d0d10a7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 3784 		825 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c3733ee644d9ec22c94a01cef9d2aa59b2659e038fbd60ae7df025c6d541de6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
screen_win_en.57270473.png
desktop-messenger.vklanding.com/static/media/ Frame 3784 		575 KB
573 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://desktop-messenger.vklanding.com/static/media/screen_win_en.57270473.png
Requested by
Host: desktop-messenger.vklanding.com
URL: https://desktop-messenger.vklanding.com/static/css/main.123fb310.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.213.18.82 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv82-18-213-95.vk.com
Software
nginx/1.16.1 /
Resource Hash
fa82ccc2a84b03ca4ac0d18d2e1c30384cc98f9815fc15c3fb8de3914b347247

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop-messenger.vklanding.com/static/css/main.123fb310.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 16:34:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Feb 2020 11:58:13 GMT
Server
nginx/1.16.1
ETag
W/"5e565d55-8fa84"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Fri, 27 Jan 2023 16:34:29 GMT
truncated
/ Frame 3784 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a0cc3cdab0e2da357f0cabee2d9fa3ed4cd5c968207bb6102c011d879b03bee

Request headers

Referer
Origin
https://desktop-messenger.vklanding.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ Frame 3784 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
094c690eea007de73b8075f37ad765670154feaacf1db4548b893649f084fb7b

Request headers

Referer
Origin
https://desktop-messenger.vklanding.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| dataURLtoBlob object| __core-js_shared__ object| core object| regeneratorRuntime object| applicationInitFunctions object| reactInitQueue function| initReactApplication object| host object| _tmr object| _cookies object| _tns

9 Cookies

Domain/Path Name / Value
.vk.com/ Name: remixlang
Value: 6
.vk.com/ Name: remixstid
Value: 0_3mnZmDXyiM7vdVeERZugIbPfi1fl0DrWyvyhuS7zZXH
vk.com/ Name: remixsts
Value: %7B%22data%22%3A%5B%5B1643301268%2C%22counters_check%22%2C1%5D%5D%2C%22uniqueId%22%3A457564894%7D
.tns-counter.ru/ Name: guid
Value: 6CEB693561F2C994X1643301268
.vk.com/ Name: tmr_lvid
Value: 1213ded9e9e0d3197abf776c40872dc7
.vk.com/ Name: tmr_lvidTS
Value: 1643301268108
.vk.com/ Name: tmr_reqNum
Value: 1
.mail.ru/ Name: VID
Value: 1qLxOQ0_VbI700000a18H4Y7:::0-0-0-70d2254:CAASEI0Zbnfd6hz1-CsQ8e_RIVoaYCpIi1AIaBtqhKQVDTa0Dzk_8lvfZlSf1_icwCfa39jV3IUb6tirz-JxZK0p39NwuGOykqIDNjL5Ct543IMi9bGZ1GiTZJj3qaOZdJo-i37RRZRTUxOM6q5PgGYeRGun3g
vk.com/ Name: tmr_detect
Value: 0%7C1643301270383

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

desktop-messenger.vklanding.com
jhoffa.com
militaryvehiclerepair.com
top-fwz1.mail.ru
vk.com
www.tns-counter.ru
108.179.232.53
192.185.39.73
2001:6d0:4001::226
217.69.133.145
87.240.139.194
95.213.18.82
0874789cf51be0e0cd0cec17c7b1a90abc76dd554be603d63d857acbb0a1dc7e
094c690eea007de73b8075f37ad765670154feaacf1db4548b893649f084fb7b
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
270b3be7bfcb5719cfe12e54b2c9416bbc27348304a34e8f20b179681444e4f2
34c80bdceb202c15eea1e2ec1fee0081975e0373750409819b5258cfdd312593
3fd4a78a3580e11e31e268aa87a6e5c14777d990f97f264c131a2cff53e850a3
4a0cc3cdab0e2da357f0cabee2d9fa3ed4cd5c968207bb6102c011d879b03bee
565f544600339533682d51a4657cfb827cc30582a3febbbdc6b1f61b8b389229
698d094c9242fe378c3ccd8a065f65a977c9a6a3b9df49372974de26bf747854
84719de350278a66b394aef30d1a8317f7f1fb8dee9be40e5a4c732fa6550ea0
872a636b7a84813c21d85809309682588d14d361352fddf0435f8dd784df2844
8c3733ee644d9ec22c94a01cef9d2aa59b2659e038fbd60ae7df025c6d541de6
cbb542ce42c974138a4927eaef1c5cf8e8886eb159e529d4db5e6ef5d0d10a7b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3c461a1e6ff328ba26ef905a19c7d0da2597bf547656afcbaab7d218d98dddc
e6f3b2535d17dd84434517b23b690fd1faa10536298a8f101a63e487b3b9cb98
ee68d1d737a0863381354927c6c97c33d0eb807e3b77bd3011089e5cf71a48ce
eedd4081c6e37e4979a7ba552922129de48a65d7aae240aa9fd131ee0fc2064e
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
fa82ccc2a84b03ca4ac0d18d2e1c30384cc98f9815fc15c3fb8de3914b347247