urlscan.io logo urlscan.io
SecurityTrails logo

sborofilt.ru Open in urlscan Pro
2a00:f940:2:2:1:1:0:3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://sborofilt.ru/
Submission: On June 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2a00:f940:2:2:1:1:0:3, located in Russian Federation and belongs to AS-REG, RU. The main domain is sborofilt.ru.
TLS certificate: Issued by R11 on June 24th 2024. Valid for: 3 months.
This is the only time sborofilt.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OP Financial Group (Banking)

Domain & IP information

IP Address AS Autonomous System
16 2a00:f940:2:2... 197695 (AS-REG)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 157.124.1.11 1738 (OKOBANK-AS)
18 4
Apex Domain
Subdomains		 Transfer
16 sborofilt.ru
sborofilt.ru
581 KB
1 op.fi
www.op.fi
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
5 KB
18 3
Domain Requested by
16 sborofilt.ru sborofilt.ru
1 www.op.fi sborofilt.ru
1 cdnjs.cloudflare.com sborofilt.ru
18 3

This site contains no links.

Subject Issuer Validity Valid
sborofilt.ru
R11		 2024-06-24 -
2024-09-22		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
op.fi
Entrust Certification Authority - L1M		 2024-05-23 -
2025-06-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sborofilt.ru/
Frame ID: 391E608A6AE575E51156AB00C26AC030
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OP-verkkopalvelu, op.fi, osuuspankkien verkkopankki | OP

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

589 kB
Transfer

832 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sborofilt.ru/ 		98 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sborofilt.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx / PHP/7.2.34
Resource Hash
c168b36e8886c35c8df6d1ae4d33fc8146cb8d9f96558e338a0d7402ea36cf7d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 00:16:23 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
style.css
sborofilt.ru/assets/css/ 		84 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sborofilt.ru/assets/css/style.css
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
9b507fdeff9360cbb61bc3540301bbc07457ecd1501094744559bd453e1578ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
content-encoding
gzip
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
etag
W/"65f28536-15017"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3888000
expires
Sun, 11 Aug 2024 00:16:23 GMT
jquery-3.6.0.min.js
sborofilt.ru/assets/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sborofilt.ru/assets/js/jquery-3.6.0.min.js
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
content-encoding
gzip
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
etag
W/"65f28536-15d9d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
expires
Sun, 11 Aug 2024 00:16:23 GMT
jquery.mask.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
540691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4517
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-4e98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RC0jOr6JrNB%2F8pUzPsImgQ8kCpdinpBnrgXDvQS3Bk503xOTNR2Tg9GrXBPoS%2FFnFtrO3HzVSGb4p8Vwe01p5WTfucIgLHDyfOMxRwNainY4Vi39fnEHYb1JH0N0Sbvha5xIj%2BeD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89a13f82cf2437f6-FRA
expires
Tue, 17 Jun 2025 00:16:23 GMT
OP_Tilinpaatosaineistoviestinta_opfi_1600x900_V1.jpg
sborofilt.ru/assets/img/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sborofilt.ru/assets/img/OP_Tilinpaatosaineistoviestinta_opfi_1600x900_V1.jpg
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
4ac3b1dc5a360410c504e23b74e57bc73c121ea0e4cef55e8e4e40d98887c329

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
etag
"65f28536-19660"
content-type
image/jpeg
cache-control
max-age=3888000
accept-ranges
bytes
content-length
104032
expires
Sun, 11 Aug 2024 00:16:23 GMT
1_Elaman_kaannekohdat_Asuntolainat.jpg
sborofilt.ru/assets/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sborofilt.ru/assets/img/1_Elaman_kaannekohdat_Asuntolainat.jpg
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
59eef9c6808791b187253a673b302424cf789dc29d81c0795125f2c780c067bd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
etag
"65f28536-343e"
content-type
image/jpeg
cache-control
max-age=3888000
accept-ranges
bytes
content-length
13374
expires
Sun, 11 Aug 2024 00:16:23 GMT
1_OP_omistaja-asiakkuus_kevat_2021_final_hires.jpg
sborofilt.ru/assets/img/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sborofilt.ru/assets/img/1_OP_omistaja-asiakkuus_kevat_2021_final_hires.jpg
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
5f1345a40658b2e14d6345f5b897da97124605dafe03b4fb0376f23fdefda9c8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
etag
"65f28536-64c2"
content-type
image/jpeg
cache-control
max-age=3888000
accept-ranges
bytes
content-length
25794
expires
Sun, 11 Aug 2024 00:16:23 GMT
1AdobeStock_272757887.jpg
sborofilt.ru/assets/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sborofilt.ru/assets/img/1AdobeStock_272757887.jpg
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
2ecd81e0e4ceb9176514259418ac30abe93ee1db90c5770c2c9af4dd5ffb233b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
etag
"65f28536-2f83"
content-type
image/jpeg
cache-control
max-age=3888000
accept-ranges
bytes
content-length
12163
expires
Sun, 11 Aug 2024 00:16:23 GMT
Ev%C3%A4steartikkelinkuva2.jpg
sborofilt.ru/assets/img/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sborofilt.ru/assets/img/Ev%C3%A4steartikkelinkuva2.jpg
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
2b66f0c9f77c4a7d6075631e39f80ad7919c3918a2af91e1aac8ad0d16aec8c6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
truncated
/ 		276 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a0de42d2c57a62eac22d19eb7196b00d271ae61eaad40b497125daaa074c286

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
social_media_icon_sprite.svg
www.op.fi/static/@op/opux-classic/v2/img/ 		21 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.op.fi/static/@op/opux-classic/v2/img/social_media_icon_sprite.svg
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/assets/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.124.1.11 , Finland, ASN1738 (OKOBANK-AS, FI),
Reverse DNS
Software
/
Resource Hash
12f66d0c31618e2fc7af382ba027cc8068929804667edac23b0c3c8c786540ed
Security Headers
Name Value
Strict-Transport-Security max-age=31540000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:03:12 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
strict-transport-security
max-age=31540000; includeSubDomains;
Age
791
traceresponse
00-f8410496aabce4e83c0cafacee5b9900-417d41cd274c9f5f-01
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
content-length
2183
x-request-path
/static/@op/opux-classic/v2/img/social_media_icon_sprite.svg, /static/@op/opux-classic/v2/img/social_media_icon_sprite.svg
X-XSS-Protection
1; mode=block
last-modified
Wed, 29 May 2024 12:15:40 GMT
x-dt-tracestate
4c30b284-567fd5f1@dt
etag
"529c-61996b56ef300-gzip"
vary
mtlsrplc,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
Origin-Agent-Cluster
?0
Cache-Control
private, max-age=3600, must-revalidate
Accept-Ranges
bytes
chevin-medium.woff2
sborofilt.ru/assets/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sborofilt.ru/assets/fonts/chevin-medium.woff2
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
0550f5cf4b0bdaaa71cda2eda8cd5a2090e70887a2eeded9fd6f70c49488c68c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/assets/css/style.css
Origin
https://sborofilt.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
accept-ranges
bytes
etag
"d7ac-61397d1233980"
content-length
55212
chevin-light.woff2
sborofilt.ru/assets/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sborofilt.ru/assets/fonts/chevin-light.woff2
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
9d7e18175b01a2d29a7f6d74b3cf2c84e5e7370cf0e551e6b68a77a41f0e6aef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/assets/css/style.css
Origin
https://sborofilt.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
accept-ranges
bytes
etag
"d6d4-61397d1233980"
content-length
54996
chevin-thin.woff2
sborofilt.ru/assets/fonts/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sborofilt.ru/assets/fonts/chevin-thin.woff2
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
98d73206b87453ddbe2fbb60e3e943c0babe5fc5660e7ead12628b20a24efe6d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/assets/css/style.css
Origin
https://sborofilt.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
accept-ranges
bytes
etag
"cbfc-61397d1233980"
content-length
52220
opuxicons.woff2
sborofilt.ru/assets/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sborofilt.ru/assets/fonts/opuxicons.woff2?8084beed988047cf4b3188d3005de70f
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
703897b9da7e1f47c45be92c5d1b049c41b6fa98c4a48d95c22ff255fe2cc0cb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/assets/css/style.css
Origin
https://sborofilt.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
accept-ranges
bytes
etag
"b65c-61397d1233980"
content-length
46684
opuxicons-circled.woff2
sborofilt.ru/assets/fonts/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sborofilt.ru/assets/fonts/opuxicons-circled.woff2?268eb1635c94d7c4fef8f458374baa62
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
27c9688cffabf31be16689153964a1599ab7cf179f59d0fbf1881da1b965e994

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/assets/css/style.css
Origin
https://sborofilt.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
accept-ranges
bytes
etag
"bc08-61397d1233980"
content-length
48136
chevin-demibold.woff2
sborofilt.ru/assets/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sborofilt.ru/assets/fonts/chevin-demibold.woff2
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
f335d6a9719f3c6e393df5fa4c2e0e9765d2124819bb694fc6761c81cae02e9c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/assets/css/style.css
Origin
https://sborofilt.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:23 GMT
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
accept-ranges
bytes
etag
"d7e4-61397d1233980"
content-length
55268
action.php
sborofilt.ru/api/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sborofilt.ru/api/action.php
Requested by
Host: sborofilt.ru
URL: https://sborofilt.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx / PHP/7.2.34
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://sborofilt.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 00:16:24 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
sborofilt.ru/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sborofilt.ru/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:3 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
86eb78f63ac7391a6d99b9f3069074bba1bf6e81aff99a066b18c448eaacc3af

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sborofilt.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 00:16:24 GMT
last-modified
Thu, 14 Mar 2024 05:03:50 GMT
server
nginx
accept-ranges
bytes
etag
"47e-61397d1233980"
content-length
1150
content-type
image/vnd.microsoft.icon

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OP Financial Group (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
sborofilt.ru/ Name: PHPSESSID
Value: ba41468981f422d35a839c800e70a9cb

1 Console Messages

Source Level URL
Text
network error URL: https://sborofilt.ru/assets/img/Ev%C3%A4steartikkelinkuva2.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
sborofilt.ru
www.op.fi
104.17.25.14
157.124.1.11
2a00:f940:2:2:1:1:0:3
0550f5cf4b0bdaaa71cda2eda8cd5a2090e70887a2eeded9fd6f70c49488c68c
12f66d0c31618e2fc7af382ba027cc8068929804667edac23b0c3c8c786540ed
27c9688cffabf31be16689153964a1599ab7cf179f59d0fbf1881da1b965e994
2b66f0c9f77c4a7d6075631e39f80ad7919c3918a2af91e1aac8ad0d16aec8c6
2ecd81e0e4ceb9176514259418ac30abe93ee1db90c5770c2c9af4dd5ffb233b
4a0de42d2c57a62eac22d19eb7196b00d271ae61eaad40b497125daaa074c286
4ac3b1dc5a360410c504e23b74e57bc73c121ea0e4cef55e8e4e40d98887c329
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59eef9c6808791b187253a673b302424cf789dc29d81c0795125f2c780c067bd
5f1345a40658b2e14d6345f5b897da97124605dafe03b4fb0376f23fdefda9c8
703897b9da7e1f47c45be92c5d1b049c41b6fa98c4a48d95c22ff255fe2cc0cb
86eb78f63ac7391a6d99b9f3069074bba1bf6e81aff99a066b18c448eaacc3af
98d73206b87453ddbe2fbb60e3e943c0babe5fc5660e7ead12628b20a24efe6d
9b507fdeff9360cbb61bc3540301bbc07457ecd1501094744559bd453e1578ba
9d7e18175b01a2d29a7f6d74b3cf2c84e5e7370cf0e551e6b68a77a41f0e6aef
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c168b36e8886c35c8df6d1ae4d33fc8146cb8d9f96558e338a0d7402ea36cf7d
f335d6a9719f3c6e393df5fa4c2e0e9765d2124819bb694fc6761c81cae02e9c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e