ibank2.ru Open in urlscan Pro
109.232.254.192 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ibank.creditural.ru/
Effective URL:
https://ibank2.ru/
Submission: On May 23 via automatic, source certstream-suspicious (May 23rd 2022, 3:33:22 pm UTC) — Scanned from DE

Summary HTTP 36 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 36 HTTP transactions. The main IP is 109.232.254.192, located in Russian Federation and belongs to IBANK2, RU. The main domain is ibank2.ru.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 1st 2021. Valid for: a year.

This is the only time ibank2.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.71.67.224 185.71.67.224	56552 (STORMWALL...) (STORMWALL-RUS)
11	109.232.254.192 109.232.254.192	51464 (IBANK2) (IBANK2)
36	2

1 185.71.67.224 (Russian Federation) 1 redirects

ASN56552 (STORMWALL-RUS, RU)

ibank.creditural.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 109.232.254.192 (Russian Federation)

ASN51464 (IBANK2, RU)

ibank2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ibank2.ru ibank2.ru	332 KB
1	creditural.ru 1 redirects ibank.creditural.ru	81 B
0	bifit.com Failed signer.bifit.com Failed
36	3

	Domain	Requested by
11	ibank2.ru	ibank2.ru
1	ibank.creditural.ru	1 redirects
0	signer.bifit.com Failed	ibank2.ru
36	3

This site contains links to these domains. Also see Links.

Domain
windows.microsoft.com
www.microsoft.com
www.apple.com
www.google.com
www.mozilla.org
www.opera.com
play.google.com
itunes.apple.com

Subject Issuer	Validity	Valid
ibank2.ru Sectigo RSA Domain Validation Secure Server CA	`2021-10-01` - `2022-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ibank2.ru/
Frame ID: DBD689B4B1CC59C1EB671C6CAB0828C3
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

iBank2.ru

Page URL History Show full URLs

https://ibank.creditural.ru/ HTTP 308
https://ibank2.ru/ Page URL

Page Statistics

36
Requests

31 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

332 kB
Transfer

325 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://windows.microsoft.com/ru-ru/internet-explorer/download-ie
Title: Internet Explorer

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/ru-ru/edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: http://www.apple.com/ru/safari/
Title: Safari

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/all/?q=Russian
Title: Mozilla Firefox

Search URL Search Domain Scan URL

URL: http://www.opera.com/ru/computer
Title: Opera

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.bifit.mobile.vestochka

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ru/app/%D0%B2%D0%B5%D1%81%D1%82%D0%BE%D1%87%D0%BA%D0%B0/id1349870212?mt=8

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ibank.creditural.ru/ HTTP 308
https://ibank2.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ibank2.ru/
Redirect Chain

https://ibank.creditural.ru/
https://ibank2.ru/

9 KB
9 KB

318ms
52ms

Document
text/html

109.232.254.192
IBANK2

General

Check archive.org

Show headers Download Go to

Full URL

https://ibank2.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.232.254.192 , Russian Federation, ASN51464 (IBANK2, RU),

Reverse DNS

Software

nginx /

Resource Hash

f3361cc2a1f904d634e98aea7452670c8a0faac8dfb1fecf5ee78c629b1eea39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 8892
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Content-Type: text/html
Date: Mon, 23 May 2022 15:32:45 GMT
ETag: "609421ff-22bc"
Last-Modified: Thu, 06 May 2021 17:06:07 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

Redirect headers

content-length: 164
content-type: text/html
date: Mon, 23 May 2022 15:32:50 GMT
location: https://ibank2.ru
server: nginx

GET
H/1.1 200
OK desktop.css
ibank2.ru/css/ 19 KB
20 KB 51ms
51ms Stylesheet
text/css 109.232.254.192
IBANK2

General

Check archive.org

Show headers Download Go to

Full URL

https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z

Requested by

Host: ibank2.ru
URL: https://ibank2.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.232.254.192 , Russian Federation, ASN51464 (IBANK2, RU),

Reverse DNS

Software

nginx /

Resource Hash

18037158b2030707d949157551de82972e16a5c62f87aa340892593e1328fb22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibank2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 15:32:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 17:06:07 GMT
Server: nginx
ETag: "609421ff-4c69"
X-Frame-Options: DENY
Content-Type: text/css
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security: max-age=63072000
Accept-Ranges: bytes
Content-Length: 19561
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:

GET
H/1.1 200
OK ibank2ru-logo.svg
ibank2.ru/img/ 3 KB
4 KB 102ms
50ms Image
image/svg+xml 109.232.254.192
IBANK2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank2.ru/img/ibank2ru-logo.svg

Requested by

Host: ibank2.ru
URL: https://ibank2.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.232.254.192 , Russian Federation, ASN51464 (IBANK2, RU),

Reverse DNS

Software

nginx /

Resource Hash

d8940625a1b19750cdbe7bc24d5f0857abc32750e36106740406fca5502032e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibank2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 15:32:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 17:06:07 GMT
Server: nginx
ETag: "609421ff-bb4"
X-Frame-Options: DENY
Content-Type: image/svg+xml
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security: max-age=63072000
Accept-Ranges: bytes
Content-Length: 2996
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:

GET
H/1.1 200
OK application.js Show response
ibank2.ru/ 176 KB
177 KB 194ms
96ms Script
application/javascript 109.232.254.192
IBANK2

General

Check archive.org

Show headers Download Go to

Full URL

https://ibank2.ru/application.js?version=master-SNAPSHOT-2021-05-04T13:26:22Z

Requested by

Host: ibank2.ru
URL: https://ibank2.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.232.254.192 , Russian Federation, ASN51464 (IBANK2, RU),

Reverse DNS

Software

nginx /

Resource Hash

b5cf36484ae6d5b3fda5dce3416c141ede24a9b9c9c7570afa9d27de3276bc25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibank2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 15:32:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 17:06:06 GMT
Server: nginx
ETag: "609421fe-2c0fa"
X-Frame-Options: DENY
Content-Type: application/javascript
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security: max-age=63072000
Accept-Ranges: bytes
Content-Length: 180474
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:

GET
H/1.1 200
OK sprite-settings.svg
ibank2.ru/img/ 5 KB
6 KB 149ms
50ms Image
image/svg+xml 109.232.254.192
IBANK2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank2.ru/img/sprite-settings.svg

Requested by

Host: ibank2.ru
URL: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.232.254.192 , Russian Federation, ASN51464 (IBANK2, RU),

Reverse DNS

Software

nginx /

Resource Hash

7e08cb1f419640879f14005dfad5d4849ec62c2f3a65edcbbe0ae0528c05c22a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 15:32:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 17:06:07 GMT
Server: nginx
ETag: "609421ff-1400"
X-Frame-Options: DENY
Content-Type: image/svg+xml
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security: max-age=63072000
Accept-Ranges: bytes
Content-Length: 5120
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:

GET
H/1.1 200
OK protect.svg
ibank2.ru/img/ 14 KB
15 KB 196ms
98ms Image
image/svg+xml 109.232.254.192
IBANK2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank2.ru/img/protect.svg

Requested by

Host: ibank2.ru
URL: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.232.254.192 , Russian Federation, ASN51464 (IBANK2, RU),

Reverse DNS

Software

nginx /

Resource Hash

cab3cf056a3eedcb18916a20521b3fe10f4288388a56db4743d035ec2480d23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 15:32:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 17:06:07 GMT
Server: nginx
ETag: "609421ff-39d2"
X-Frame-Options: DENY
Content-Type: image/svg+xml
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security: max-age=63072000
Accept-Ranges: bytes
Content-Length: 14802
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:

GET
H/1.1 200
OK signer-solving.svg
ibank2.ru/img/ 4 KB
5 KB 151ms
50ms Image
image/svg+xml 109.232.254.192
IBANK2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank2.ru/img/signer-solving.svg

Requested by

Host: ibank2.ru
URL: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.232.254.192 , Russian Federation, ASN51464 (IBANK2, RU),

Reverse DNS

Software

nginx /

Resource Hash

17e60fdb11fcdd83d4cc13e8fb79a3d8990ab45fcdf88cf3490a69e54cf94c15

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 15:32:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 17:06:07 GMT
Server: nginx
ETag: "609421ff-1082"
X-Frame-Options: DENY
Content-Type: image/svg+xml
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security: max-age=63072000
Accept-Ranges: bytes
Content-Length: 4226
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:

GET
H/1.1 200
OK banner-edo-bg.png
ibank2.ru/img/ 8 KB
9 KB 150ms
50ms Image
image/png 109.232.254.192
IBANK2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank2.ru/img/banner-edo-bg.png

Requested by

Host: ibank2.ru
URL: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.232.254.192 , Russian Federation, ASN51464 (IBANK2, RU),

Reverse DNS

Software

nginx /

Resource Hash

f5049bf291bd176cc1769b289b13d5702a68cf40a75952e30d21540458c47127

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 15:32:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 17:06:07 GMT
Server: nginx
ETag: "609421ff-218d"
X-Frame-Options: DENY
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security: max-age=63072000
Accept-Ranges: bytes
Content-Length: 8589
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:

GET
H/1.1 200
OK banner-edo.png
ibank2.ru/img/ 66 KB
67 KB 110ms
47ms Image
image/png 109.232.254.192
IBANK2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank2.ru/img/banner-edo.png

Requested by

Host: ibank2.ru
URL: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.232.254.192 , Russian Federation, ASN51464 (IBANK2, RU),

Reverse DNS

Software

nginx /

Resource Hash

8b1a1f63b3e6a7bd76926ff5cd8577492f6733953d0c3b5852a7f90cdda08b67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 15:32:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 17:06:07 GMT
Server: nginx
ETag: "609421ff-10793"
X-Frame-Options: DENY
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security: max-age=63072000
Accept-Ranges: bytes
Content-Length: 67475
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:

GET
H/1.1 200
OK sprite-services.svg
ibank2.ru/img/ 11 KB
11 KB 63ms
47ms Image
image/svg+xml 109.232.254.192
IBANK2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank2.ru/img/sprite-services.svg

Requested by

Host: ibank2.ru
URL: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.232.254.192 , Russian Federation, ASN51464 (IBANK2, RU),

Reverse DNS

Software

nginx /

Resource Hash

6e8737bbdc92ed67d8e15211abffa5c8427ac7c6c5a7f183e6ee03c7593a8893

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 15:32:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 17:06:07 GMT
Server: nginx
ETag: "609421ff-2ac3"
X-Frame-Options: DENY
Content-Type: image/svg+xml
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security: max-age=63072000
Accept-Ranges: bytes
Content-Length: 10947
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:

GET
H/1.1 200
OK sprite-markets.svg
ibank2.ru/img/ 10 KB
10 KB 75ms
50ms Image
image/svg+xml 109.232.254.192
IBANK2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank2.ru/img/sprite-markets.svg

Requested by

Host: ibank2.ru
URL: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.232.254.192 , Russian Federation, ASN51464 (IBANK2, RU),

Reverse DNS

Software

nginx /

Resource Hash

c6714155334830b399a282b1e79df0add3d74eabc1e20d3ea93dd6b9764a1e88

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibank2.ru/css/desktop.css?version=master-SNAPSHOT-2021-05-04T13:26:22Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 15:32:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 17:06:07 GMT
Server: nginx
ETag: "609421ff-26f2"
X-Frame-Options: DENY
Content-Type: image/svg+xml
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security: max-age=63072000
Accept-Ranges: bytes
Content-Length: 9970
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:

GET info
signer.bifit.com/v1/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: signer.bifit.com
URL: https://signer.bifit.com:1111/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1112/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1113/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1114/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1115/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1116/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1117/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1118/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1119/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1120/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1121/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1122/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1123/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1124/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1125/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1126/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1127/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1128/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1129/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1130/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1131/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1132/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1133/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1134/v1/info

Domain: signer.bifit.com
URL: https://signer.bifit.com:1135/v1/info

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
Strict-Transport-Security	max-age=63072000
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: wss:;img-src 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ibank.creditural.ru
ibank2.ru
signer.bifit.com
signer.bifit.com
109.232.254.192
185.71.67.224
17e60fdb11fcdd83d4cc13e8fb79a3d8990ab45fcdf88cf3490a69e54cf94c15
18037158b2030707d949157551de82972e16a5c62f87aa340892593e1328fb22
6e8737bbdc92ed67d8e15211abffa5c8427ac7c6c5a7f183e6ee03c7593a8893
7e08cb1f419640879f14005dfad5d4849ec62c2f3a65edcbbe0ae0528c05c22a
8b1a1f63b3e6a7bd76926ff5cd8577492f6733953d0c3b5852a7f90cdda08b67
b5cf36484ae6d5b3fda5dce3416c141ede24a9b9c9c7570afa9d27de3276bc25
c6714155334830b399a282b1e79df0add3d74eabc1e20d3ea93dd6b9764a1e88
cab3cf056a3eedcb18916a20521b3fe10f4288388a56db4743d035ec2480d23a
d8940625a1b19750cdbe7bc24d5f0857abc32750e36106740406fca5502032e5
f3361cc2a1f904d634e98aea7452670c8a0faac8dfb1fecf5ee78c629b1eea39
f5049bf291bd176cc1769b289b13d5702a68cf40a75952e30d21540458c47127

ibank2.ru Open in urlscan Pro 109.232.254.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

36 Requests

31 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

332 kBTransfer

325 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

ibank2.ru Open in urlscan Pro
109.232.254.192 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

31 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

332 kB
Transfer

325 kB
Size

0
Cookies

36 HTTP transactions
0 data transactions