kilka-na-kone.ru
Open in
urlscan Pro
92.53.96.184
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On May 21 via api from GB
Summary
This is the only time kilka-na-kone.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ABSA (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 92.53.96.184 92.53.96.184 | 9123 (TIMEWEB-AS) (TIMEWEB-AS) | |
16 | 1 |
ASN9123 (TIMEWEB-AS, RU)
PTR: vh118.timeweb.ru
kilka-na-kone.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
kilka-na-kone.ru
kilka-na-kone.ru |
156 KB |
16 | 1 |
Domain | Requested by | |
---|---|---|
16 | kilka-na-kone.ru |
kilka-na-kone.ru
|
16 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.absa.co.za |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://kilka-na-kone.ru/rmic/asrn.html
Frame ID: 56340435C57A08D33BFC12A8B2E45535
Requests: 16 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Absa home page
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
asrn.html
kilka-na-kone.ru/rmic/ |
20 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
absa.css
kilka-na-kone.ru/rmic/provea/ |
153 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
kilka-na-kone.ru/rmic/provea/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jcaptcha.css
kilka-na-kone.ru/rmic/provea/ |
1 KB 876 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax-loader-2.gif
kilka-na-kone.ru/rmic/provea/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-red.png
kilka-na-kone.ru/rmic/provea/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keypad.jpg
kilka-na-kone.ru/rmic/provea/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
locale_en.gif
kilka-na-kone.ru/rmic/provea/ |
70 B 378 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
campaigne_1_ENG.png
kilka-na-kone.ru/rmic/provea/ |
45 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
covid19_en.jpg
kilka-na-kone.ru/rmic/provea/ |
25 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DebiCheck_ATM_Eng.jpg
kilka-na-kone.ru/rmic/provea/ |
24 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
campaigne_3b_post_golive_EN.jpg
kilka-na-kone.ru/rmic/provea/ |
0 307 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-questionmark-grey_2019.png
kilka-na-kone.ru/rmic/static/style/resources/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite-corners-rounded.png
kilka-na-kone.ru/rmic/provea/resources/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keypad-bg.gif
kilka-na-kone.ru/rmic/provea/www.absa.co.za.2009.ui/keypad/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite-icons-bar-status_2019.png
kilka-na-kone.ru/rmic/provea/resources/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ABSA (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
kilka-na-kone.ru
92.53.96.184
062db08a8434447c9e87a62c6e7c07c96186ad481aeae1c62171044d2111dd4f
154f4e26dbf152b01fe97d7989d931f5dc6567df3f2415296edbeea765f1a1f6
19cb62082ac0a8db712222ca0ba62e4c0f5186cd8bb78ad1320b22d158937aca
2475e5a8484d34ecc67df87f2098bb33604db075833a5179eb164bd5c64ec03f
2b67da14e2725a72a8cccb22bb4913bcfca77c3f68caa39b912bf2567990cd94
3c243a2d63452b7a8392cdf93e637ec423b3241149831b2082283063d1e34413
6de7e0fbfa97a6f107816f83dc7ff68246c4b27804279d1319e39dbeaeac3863
86c3ec119fc6352ca80ccc5b6e2e8fa76c924adecaf33de65da1b892e7b1aa3e
a0bea01376317891721ab98aefda0c14b331fffaed604afff00ea803f0d8e69d
b6b693de4c17c014dad29abe5294359606104283674d45ee8348e9dc731ff540
cb45d428c00e88ea0e73eca797ebb0222173c4bb22a86935a4d94137695a42ef
cfc8d1cac57c28080424e0352c91061277f42b819ac9280ec163095e9ed5d61b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855