wp1.j1111007.mzdxp.spectrum.myjino.ru Open in urlscan Pro
81.177.165.240 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ananyacapital.co.in/admin/applications/correction/2/2.html
Effective URL:
http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
Submission: On October 13 via manual (October 13th 2020, 12:44:04 am UTC) from ES

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 17 HTTP transactions. The main IP is 81.177.165.240, located in Moscow, Russian Federation and belongs to RTCOMM-AS, RU. The main domain is wp1.j1111007.mzdxp.spectrum.myjino.ru.

This is the only time wp1.j1111007.mzdxp.spectrum.myjino.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	116.206.104.184 116.206.104.184	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
2 12	81.177.165.240 81.177.165.240	8342 (RTCOMM-AS) (RTCOMM-AS)
1	2606:4700::68... 2606:4700::6811:4e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
17	5

1 116.206.104.184 (Seychelles)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: md-in-76.webhostbox.net

ananyacapital.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 81.177.165.240 (Moscow, Russian Federation) 2 redirects

ASN8342 (RTCOMM-AS, RU)
PTR: srv178-sp-st.jino.ru

wp1.j1111007.mzdxp.spectrum.myjino.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	myjino.ru 2 redirects wp1.j1111007.mzdxp.spectrum.myjino.ru	638 KB
4	gstatic.com fonts.gstatic.com	36 KB
1	googleapis.com fonts.googleapis.com	905 B
1	cloudflare.com cdnjs.cloudflare.com	28 KB
1	ananyacapital.co.in ananyacapital.co.in	377 B
17	5

	Domain	Requested by
12	wp1.j1111007.mzdxp.spectrum.myjino.ru	2 redirects wp1.j1111007.mzdxp.spectrum.myjino.ru
4	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	wp1.j1111007.mzdxp.spectrum.myjino.ru
1	cdnjs.cloudflare.com	wp1.j1111007.mzdxp.spectrum.myjino.ru
1	ananyacapital.co.in
17	5

This site contains no links.

Subject Issuer	Validity	Valid
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
Frame ID: 54DE9A065D2A641BC5405BF50E75D705
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ananyacapital.co.in/admin/applications/correction/2/2.html Page URL
http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home HTTP 301
http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/ HTTP 302
http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

17
Requests

35 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

702 kB
Transfer

1636 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ananyacapital.co.in/admin/applications/correction/2/2.html Page URL
http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home HTTP 301
http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/ HTTP 302
http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 2.html Show response
ananyacapital.co.in/admin/applications/correction/2/ 99 B
377 B 530ms
357ms Document
text/html 116.206.104.184
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://ananyacapital.co.in/admin/applications/correction/2/2.html
Protocol: HTTP/1.1
Server: 116.206.104.184 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-in-76.webhostbox.net
Software: nginx/1.17.6 /
Resource Hash: 3945203b1ca6c757905160270ee52c877426b4f5de2d0d029869be373a6730a1

Request headers

Host: ananyacapital.co.in
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 00:43:46 GMT
Server: nginx/1.17.6
Content-Type: text/html
Content-Length: 115
Last-Modified: Mon, 12 Oct 2020 09:42:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false

GET
H/1.1

200
OK

Primary Request particulares.php Show response
wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/
Redirect Chain

http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home
http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/
http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php

6 KB
2 KB

94ms
93ms

Document
text/html

81.177.165.240
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
Protocol: HTTP/1.1
Server: 81.177.165.240 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv178-sp-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: dc9586c2a5e79dd274176a11e9f394bc520d83d73c583b84f346577d3a951663

Request headers

Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://ananyacapital.co.in/admin/applications/correction/2/2.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://ananyacapital.co.in/admin/applications/correction/2/2.html

Response headers

Date: Tue, 13 Oct 2020 00:43:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1631
Connection: keep-alive
Server: Jino.ru/mod_pizza
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Date: Tue, 13 Oct 2020 00:43:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 20
Connection: keep-alive
Server: Jino.ru/mod_pizza
Location: particulares.php
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK bootstrap.min.css
wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/css/ 138 KB
21 KB 99ms
96ms Stylesheet
text/css 81.177.165.240
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/css/bootstrap.min.css
Requested by: Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
Protocol: HTTP/1.1
Server: 81.177.165.240 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv178-sp-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Referer: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 00:43:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2020 09:41:24 GMT
Server: Jino.ru/mod_pizza
ETag: "52c0b0e-22688-5b1761a05026c"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21047

GET
H/1.1 200
OK helpers.css
wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/css/ 41 KB
5 KB 180ms
150ms Stylesheet
text/css 81.177.165.240
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/css/helpers.css
Requested by: Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
Protocol: HTTP/1.1
Server: 81.177.165.240 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv178-sp-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765

Request headers

Referer: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 00:43:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2020 09:41:24 GMT
Server: Jino.ru/mod_pizza
ETag: "52c0b0d-a318-5b1761a04fe84"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4669

GET
H/1.1 200
OK main.css
wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/css/ 4 KB
2 KB 190ms
158ms Stylesheet
text/css 81.177.165.240
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/css/main.css
Requested by: Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
Protocol: HTTP/1.1
Server: 81.177.165.240 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv178-sp-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 8c40738a8a14c517621012689f77ae55f40d2ad035835d264f9a51975029298e

Request headers

Referer: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 00:43:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2020 09:41:24 GMT
Server: Jino.ru/mod_pizza
ETag: "52c0b0c-105b-5b1761a04fe84"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1279

GET
H/1.1 200
OK ss.png
wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/images/ 10 KB
10 KB 90ms
89ms Image
image/png 81.177.165.240
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/images/ss.png
Requested by: Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
Protocol: HTTP/1.1
Server: 81.177.165.240 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv178-sp-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: e189f26061c946bb14b8d9d7532f8562ac35d07d3f972020a1ae6376a22a69ad

Request headers

Referer: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 00:43:47 GMT
Last-Modified: Mon, 12 Oct 2020 09:41:24 GMT
Server: Jino.ru/mod_pizza
ETag: "52c0b1b-26b7-5b1761a052594"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9911

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 16ms
13ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 00:43:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1046036
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27748
cf-request-id: 05c102dec400002bc21183a200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
etag: "5eb03ec4-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602549827"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e1507446c562bc2-FRA
expires: Sun, 03 Oct 2021 00:43:47 GMT

GET
H/1.1 200
OK popper.min.js Show response
wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/js/ 20 KB
7 KB 194ms
163ms Script
application/javascript 81.177.165.240
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/js/popper.min.js
Requested by: Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
Protocol: HTTP/1.1
Server: 81.177.165.240 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv178-sp-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Request headers

Referer: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 00:43:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2020 09:41:24 GMT
Server: Jino.ru/mod_pizza
ETag: "52c0b10-4f74-5b1761a05026c"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7243

GET
H/1.1 200
OK bootstrap.min.js Show response
wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/js/ 51 KB
14 KB 202ms
171ms Script
application/javascript 81.177.165.240
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/js/bootstrap.min.js
Requested by: Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
Protocol: HTTP/1.1
Server: 81.177.165.240 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv178-sp-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 3a28f6cc3a3bafe278bdb0dd07c4c7a4c676e99c18da11cce00f3c735aa12fcf

Request headers

Referer: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 00:43:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2020 09:41:24 GMT
Server: Jino.ru/mod_pizza
ETag: "52c0b12-cde1-5b1761a0519dc"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14016

GET
H/1.1 200
OK fontawesome.min.js Show response
wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/js/ 1 MB
379 KB 207ms
177ms Script
application/javascript 81.177.165.240
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/js/fontawesome.min.js
Requested by: Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
Protocol: HTTP/1.1
Server: 81.177.165.240 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv178-sp-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e

Request headers

Referer: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 00:43:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2020 09:41:24 GMT
Server: Jino.ru/mod_pizza
ETag: "52c0b11-10314e-5b1761a0519dc"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK main.js Show response
wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/js/ 29 B
361 B 93ms
93ms Script
application/javascript 81.177.165.240
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/js/main.js
Requested by: Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
Protocol: HTTP/1.1
Server: 81.177.165.240 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv178-sp-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: f4fdc1abf40fd24896bc44d0753494cfeaf5a40160847ca1b904a28d68a2a726

Request headers

Referer: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/particulares.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 00:43:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2020 09:41:24 GMT
Server: Jino.ru/mod_pizza
ETag: "52c0b14-1d-5b1761a0519dc"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47

GET
H2 200 css
fonts.googleapis.com/ 10 KB
905 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Requested by

Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b564cc8dc9eb3d6e4635dbe0b2e9e045b11368227545e8df5007eb216b161f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Oct 2020 23:58:41 GMT
server: ESF
date: Tue, 13 Oct 2020 00:43:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Oct 2020 00:43:47 GMT

GET
H/1.1 200
OK tardes.jpg
wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/images/ 198 KB
198 KB 96ms
96ms Image
image/jpeg 81.177.165.240
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/images/tardes.jpg
Requested by: Host: wp1.j1111007.mzdxp.spectrum.myjino.ru
URL: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/css/main.css
Protocol: HTTP/1.1
Server: 81.177.165.240 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv178-sp-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 63ea5b2b414b5dde56088dfb9ff74ab3dd424be6e3026ffc1d4c84f18d139fa1

Request headers

Referer: http://wp1.j1111007.mzdxp.spectrum.myjino.ru/Santa/home/assets/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 00:43:47 GMT
Last-Modified: Mon, 12 Oct 2020 09:41:24 GMT
Server: Jino.ru/mod_pizza
ETag: "52c0b1a-3171e-5b1761a052594"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 202526

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://wp1.j1111007.mzdxp.spectrum.myjino.ru
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 09:05:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 56304
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 12 Oct 2021 09:05:23 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://wp1.j1111007.mzdxp.spectrum.myjino.ru
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 09:05:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 56303
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Tue, 12 Oct 2021 09:05:24 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://wp1.j1111007.mzdxp.spectrum.myjino.ru
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 09:05:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 56304
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Tue, 12 Oct 2021 09:05:23 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://wp1.j1111007.mzdxp.spectrum.myjino.ru
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 09:05:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 56304
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Tue, 12 Oct 2021 09:05:23 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ananyacapital.co.in
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
wp1.j1111007.mzdxp.spectrum.myjino.ru
116.206.104.184
2606:4700::6811:4e6b
2a00:1450:4001:816::2003
2a00:1450:4001:825::200a
81.177.165.240
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
3945203b1ca6c757905160270ee52c877426b4f5de2d0d029869be373a6730a1
3a28f6cc3a3bafe278bdb0dd07c4c7a4c676e99c18da11cce00f3c735aa12fcf
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
63ea5b2b414b5dde56088dfb9ff74ab3dd424be6e3026ffc1d4c84f18d139fa1
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7b564cc8dc9eb3d6e4635dbe0b2e9e045b11368227545e8df5007eb216b161f3
8c40738a8a14c517621012689f77ae55f40d2ad035835d264f9a51975029298e
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
dc9586c2a5e79dd274176a11e9f394bc520d83d73c583b84f346577d3a951663
e189f26061c946bb14b8d9d7532f8562ac35d07d3f972020a1ae6376a22a69ad
f4fdc1abf40fd24896bc44d0753494cfeaf5a40160847ca1b904a28d68a2a726
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765

wp1.j1111007.mzdxp.spectrum.myjino.ru Open in urlscan Pro 81.177.165.240 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

35 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

4 Countries

702 kBTransfer

1636 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

Indicators

wp1.j1111007.mzdxp.spectrum.myjino.ru Open in urlscan Pro
81.177.165.240 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

35 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

702 kB
Transfer

1636 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!